Centos5.6構建LVS+keepalived

系統環境：

centos64位系統

lvs-master：10.20.189.240
lvs-backup：10.20.189.241
vip：10.20.189.239
web1：10.20.189.242
web2：10.20.189.243

 

首先在lvs-master：10.20.189.240

[root@master ~]# cd /usr/local/src
[root@master ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz

[root@master ~]# wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
[root@master ~]# tar -zxvf ipvsadm-1.24.tar.gz

[root@master ~]# cd ipvsadm-1.24

[root@master ~]# ln -s /usr/src/kernels/2.6.18-238.el5-x86_64/ /usr/src/linux

（32位系統用：ln -s /usr/src/kernels/2.6.18-194.el5-i686/ /usr/src/linux）

不加這個軟鏈接的話，在執行make的時候會出現相似以下的錯誤編譯信息：

libipvs.h:14:23: error: net/ip_vs.h: No such file or directory

查找下此文件 find / -name ip_vs.h 發現64位系統在這個目錄下/usr/src/kernels/2.6.18-238.el5-x86_64，因此就有了前面的軟鏈接
/usr/src/kernels/2.6.18-238.el5-x86_64/include/net/ip_vs.h

[root@master ~]# make && make install

[root@master ~]# cd ..

[root@master ~]# tar -zxvf keepalived-1.2.7.tar.gz

[root@master ~]# cd keepalived-1.2.7

[root@master ~]# ./configure --sysconf=/etc  （指定配置文件的安裝路徑）

configure: error:
  !!! OpenSSL is not properly installed on your system. !!!
  !!! Can not include OpenSSL headers files.
解決：

[root@master ~]# yum -y install openssl-devel

版本1.2.7的編譯信息以下：

------------------------
Keepalived version       : 1.2.7
Compiler                 : gcc
Compiler flags           : -g -O2 -DETHERTYPE_IPV6=0x86dd
Extra Lib                : -lpopt -lssl -lcrypto
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
IPVS use libnl           : No
Use VRRP Framework       : Yes
Use VRRP VMAC            : No
SNMP support             : No
Use Debug flags          : No

版本1.1.17的編譯信息以下：

Keepalived configuration
------------------------
Keepalived version       : 1.1.17
Compiler                 : gcc
Compiler flags           : -g -O2
Extra Lib                : -lpopt -lssl -lcrypto
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
Use VRRP Framework       : Yes
Use LinkWatch            : No
Use Debug flags          : No

 

[root@master ~]# make

[root@master ~]# make install

[root@master ~]# ln -s /usr/local/sbin/keepalived /sbin/

[root@master ~]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
      zhangrenfang8738@163.com
   }
   notification_email_from zhangrenfang8738@163.com
   smtp_server smtp.163.com
   # smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_instance VI_1 {
    state MASTER       #備份服務器上將MASTER改成BACKUP   
    interface eth0
    virtual_router_id 51
    priority 100      # 備份服務器上將100改成90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.20.189.239
    }
}

virtual_server 10.20.189.239 80 {
    delay_loop 6                  #(每隔10秒查詢realserver狀態)
    lb_algo rr                  #(lvs 算法)
    lb_kind DR                  #(Direct Route)
    persistence_timeout 60        #(同一IP的鏈接60秒內被分配到同一臺realserver)
    protocol TCP                #(用TCP協議檢查realserver狀態)
 
    real_server 10.20.189.242 80 {
        weight 3               #(權重)
        TCP_CHECK {
        connect_timeout 5       #(10秒無響應超時)
        nb_get_retry 3
        delay_before_retry 3
        }
    }
    real_server 10.20.189.243 80 {
        weight 3
        TCP_CHECK {
        connect_timeout 5
        nb_get_retry 3
        delay_before_retry 3
        }
     }
}
[root@master ~]#  service keepalived start

[root@master ~]# chkconfig --level 2345 keepalived on

lvs-backup對照lvs-master安裝相應軟件，注意keepalive.conf有細微區別

 

配置realserver  10.20.189.242

[root@web_1 ~]# yum install httpd -y

[root@web_1 ~]# /etc/init.d/httpd start
[root@web_1 ~]# vi /root/lvs_real.sh
#!/bin/bash

SNS_VIP=10.20.189.239
 
/etc/rc.d/init.d/functions
 
case "$1" in
start)
       /sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
       /sbin/route add -host $SNS_VIP dev lo:0
       echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
       sysctl -p >/dev/null 2>&1
       echo "RealServer Start OK"
 
       ;;
stop)
       /sbin/ifconfig lo:0 down
       /sbin/route del $SNS_VIP >/dev/null 2>&1
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
       echo "RealServer Stoped"
       ;;
*)
       echo "Usage: $0 {start|stop}"
       exit 1
esac
 
exit 0
[root@web_1 ~]# chmod +x /root/lvs_real.sh
[root@web_1 ~]# /root/lvs_real.sh start
[root@web_1 ~]# ifconfig

eth0      Link encap:Ethernet  HWaddr 00:0C:29:82:A5:C2 
          inet addr:10.20.189.242  Bcast:10.20.189.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:25257 errors:0 dropped:0 overruns:0 frame:0
          TX packets:7730 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:12159312 (11.5 MiB)  TX bytes:502344 (490.5 KiB)

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:13 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1120 (1.0 KiB)  TX bytes:1120 (1.0 KiB)

lo:0      Link encap:Local Loopback 
          inet addr:10.20.189.239  Mask:255.255.255.255
          UP LOOPBACK RUNNING  MTU:16436  Metric:1

[root@web_1 ~]# echo "/root/lvs_real.sh start" >> /etc/rc.local

 

#LVS_master、LVS_backup上開啓keepalived，LVS_master先綁定VIP
LVS_master：

[root@localhost keepalived]# ip add
1: lo: mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:0c:29:64:7b:9f brd ff:ff:ff:ff:ff:ff
    inet 10.20.189.240/23 brd 10.20.189.255 scope global eth0
    inet 10.20.189.239/32 scope global eth0

LVS_backup：

[root@wpstest-9d9b39c keepalived]# ip add

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000

    link/ether 00:0c:29:92:2d:e8 brd ff:ff:ff:ff:ff:ff

    inet 10.20.189.241/23 brd 10.20.189.255 scope global eth0

#解析域名，測試訪問，LVS轉發

#測試關閉LVS_master，短暫的掉包後，LVS_backup立刻接替工做

/etc/init.d/keepalived stop

LVS_backup接替LVS_master綁定VIP

[root@wpstest-9d9b39c keepalived]# ip add

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000

    link/ether 00:0c:29:92:2d:e8 brd ff:ff:ff:ff:ff:ff

    inet 10.20.189.241/23 brd 10.20.189.255 scope global eth0

    inet 10.20.189.239/32 scope global eth0

LVS_master重啓完成後，就會自動接回控制權，繼續負責轉發

#測試關閉其中一臺realserver  10.20.189.242 /etc/init.d/httpd stop

經過上面測試能夠知道，當realserver故障或者沒法提供服務時，負載均衡器經過健康檢查自動把失效的機器從轉發隊列刪除掉，實現故障隔離，保證用戶的訪問不受影響

#重啓被關閉的realserver

當realserver故障恢復後，負載均衡器經過健康檢查自動把恢復後的機器添加到轉發隊列中