keepalive+LVS - 秒客网

一、keepalive+LVS（DR）

最少需要4台服务器

两台LVS调度器、两台真实服务器

两台LVS调度器上安装keepalive，形成热备份

（一）配置LVS调度器

1.安装相关依赖包和编译环境

yum -y install gcc gcc-c++

yum -y install kernel-devel openssl-devel popt-devel ipvsadm*

2.安装keepalive

（1）查看内核版本

[[email protected] ~]# uname -a

Linux sutang 2.6.32-431.el6.x86_64 #1 SMP Fri Nov 22 03:15:09 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

（2）解压

[[email protected] ~]# tar zxf keepalived-2.0.15.tar.gz

（3）编译安装

[[email protected] keepalived-2.0.15]# ./configure --prefix=/usr/local/keepalived --with-dir=/usr/src/kernels/2.6.32-431.el6.x86_64/

此处内核目录的名和uname参看的参数。

make && make install

（4）拷贝配置文件

mkdir /etc/keepalived

cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

（5）加入启动项

拷贝安装目录中的相关文件

cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

拷贝执行相关文件

cp /usr/local/keepalived/sbin/* /usr/sbin/

解压目录中复制启动脚本文件

[[email protected] keepalived-2.0.15]# cp keepalived/etc/init.d/keepalived /etc/init.d/

添加执行权限

chmod +x /etc/init.d/keepalived

加入启动项

chkconfig --add keepalived

chkconfig keepalived on

3.修改配置文件

（1）主LVS调度器的配置文件修改

备份：

cd /etc/keepalived/

cp keepalived.conf keepalived.conf.bak

修改配置文件

vim /etc/keepalived/keepalived.conf

修改结果内容如下：

! Configuration File for keepalived

global_defs {

#运行keepalive的机器标识，同一网段唯一

router_id sutang-116

}

vrrp_instance VI_1 {

# 设置为master节点

state MASTER

# 虚拟ip绑定的网卡名称

interface eth0

# 同一个keepalived组，节点的设置必须一样，这样才会被识别

virtual_router_id 116

# 节点的权重，备份节点值要比master节点低

priority 100

advert_int 1

# 认证方式设置

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

# 绑定虚拟ip到网卡

192.168.88.110

}

virtual_server 192.168.88.110 80 {

#设置运行情况检查时间，单位是秒

delay_loop 6

#负载算法，这里是rr表示轮询

lb_algo rr

#定义模式，这里是Direct route

lb_kind DR

#会话保存时长(秒)，0表示不使用stickyness会话

persistence_timeout 0

#设置采用tcp服务

protocol TCP

#以下为真实服务器的相关设置

real_server 192.168.88.113 80 {

weight 1

#以下表示采用http模式检查该服务器监控状态

HTTP_GET {

url {

#检测的网页路径

path /index.html

}

#连接超时时间，秒

connect_timeout 3

#重试次数

nb_get_retry 3

#每次重试前等待延迟时间

delay_before_retry 3

}

#另一台真实服务器的相关设置

real_server 192.168.88.114 80 {

weight 1

HTTP_GET {

url {

path /index.html

}

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

（2）备LVS调度器的配置文件修改

备份：

cd /etc/keepalived/

cp keepalived.conf keepalived.conf.bak

修改配置文件

vim /etc/keepalived/keepalived.conf

修改结果内容如下：

! Configuration File for keepalived

global_defs {

router_id sutang-115

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 116

priority 50

advert_int 1

# 认证方式设置

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

192.168.88.110

}

virtual_server 192.168.88.110 80 {

delay_loop 6

lb_algo rr

lb_kind DR

persistence_timeout 0

protocol TCP

real_server 192.168.88.113 80 {

weight 1

HTTP_GET {

url {

path /index.html

}

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

real_server 192.168.88.114 80 {

weight 1

HTTP_GET {

url {

path /index.html

}

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

（二）配置真实服务器

此处采用httpd当真实服务器

1.安装httpd

yum -y install httpd

2.关闭响应ARP请求

vim /etc/sysctl.conf

在文件末尾添加如下内容：

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.default.arp_ignore = 1

net.ipv4.conf.default.arp_announce = 2

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.lo.arp_announce = 2

修改并生效

sysctl -p

3. 配置群集端口

ifconfig lo:0 192.168.88.110 broadcast 192.168.88.110 netmask 255.255.255.255 up

此为临时配置，重启network失效。

其中的IP为虚拟服务器的IP。

4. 添加群集路由

route add -host 192.168.88.110 lo:0

5.分别在两台真实服务器添加测试页

echo "114" > /var/www/html/index.html

echo "113" > /var/www/html/index.html

6.启动httpd服务

service httpd start

（三）测试

1.测试准备

两台LVS调度器：

开启keepalive（service keepalived start）

两台真实服务器：

开启httpd（service httpd start）

所有主机：

关闭防火墙（service iptables stop）、关闭selinux（setenforce 0）

2.浏览器访问

keepalive+LVS

刷新一下：

keepalive+LVS

3.查看LVS上的记录

（1）主LVS调度器：

漂移IP记录

[[email protected] ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:c1:10:77 brd ff:ff:ff:ff:ff:ff

inet 192.168.88.116/24 brd 192.168.88.255 scope global eth0

inet 192.168.88.110/32 scope global eth0

inet6 fe80::20c:29ff:fec1:1077/64 scope link

valid_lft forever preferred_lft forever

[[email protected] ~]#

查看虚拟服务器列表

[[email protected] ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.88.110:80 rr

-> 192.168.88.113:80 Route 1 0 0

-> 192.168.88.114:80 Route 1 0 0

[[email protected] ~]#

查看连接情况：

[[email protected] ~]# ipvsadm -Lnc

IPVS connection entries

pro expire state source virtual destination

TCP 01:57 FIN_WAIT 192.168.88.8:58120 192.168.88.110:80 192.168.88.113:80

TCP 01:56 FIN_WAIT 192.168.88.8:58119 192.168.88.110:80 192.168.88.114:80

TCP 01:56 FIN_WAIT 192.168.88.8:58118 192.168.88.110:80 192.168.88.113:80

TCP 01:55 FIN_WAIT 192.168.88.8:58117 192.168.88.110:80 192.168.88.114:80

[[email protected] ~]#

（2）备LVS调度器

查看漂移IP记录

[[email protected] ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:dc:ab:70 brd ff:ff:ff:ff:ff:ff

inet 192.168.88.115/24 brd 192.168.88.255 scope global eth0

inet6 fe80::20c:29ff:fedc:ab70/64 scope link

valid_lft forever preferred_lft forever

[[email protected] ~]#

由于是备份所以没有抢到漂移IP。

查看虚拟服务器列表

[[email protected] ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.88.110:80 rr

-> 192.168.88.113:80 Route 1 0 0

-> 192.168.88.114:80 Route 1 0 0

[[email protected] ~]#

查看连接情况

[[email protected] ~]# ipvsadm -Lnc

IPVS connection entries

pro expire state source virtual destination

[[email protected] ~]#

由于该主机是备份所以没有记录。

（3）关闭主LVS

关闭主LVS调度器后查看备份LVS调度器的情况：
查看漂移IP：

[[email protected] ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:dc:ab:70 brd ff:ff:ff:ff:ff:ff

inet 192.168.88.115/24 brd 192.168.88.255 scope global eth0

inet 192.168.88.110/32 scope global eth0

inet6 fe80::20c:29ff:fedc:ab70/64 scope link

valid_lft forever preferred_lft forever

[[email protected] ~]#

刷新几下浏览器页面，然后查看连接记录

[[email protected] ~]# ipvsadm -Lnc

IPVS connection entries

pro expire state source virtual destination

TCP 01:49 FIN_WAIT 192.168.88.8:58148 192.168.88.110:80 192.168.88.114:80

TCP 01:50 FIN_WAIT 192.168.88.8:58150 192.168.88.110:80 192.168.88.114:80

TCP 01:49 FIN_WAIT 192.168.88.8:58149 192.168.88.110:80 192.168.88.113:80

TCP 01:50 FIN_WAIT 192.168.88.8:58151 192.168.88.110:80 192.168.88.113:80

[[email protected] ~]#