LVS

1. 安裝
   yum install popt popt-devel libnl libnl-devel kernel-headers kernel-devel openssl openssl-devel
   rpm -ivh popt-static-1.13-7.el6.x86_64.rpm
   tar zxvf ipvsadm-1.26.tar.gz
   cd ipvsadm-1.26
   make
   make install

tar zxvf keepalived-1.2.7.tar.gz
cd keepalived-1.2.7
./configure --prefix=/usr/local/keepalived
make
make install

mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/keepalived

2. 配置
   global_defs {
   router_id LVS
   }

vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.1.50
}
}

virtual_server 10.10.1.50 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 7200
protocol TCP

real_server 10.10.1.53 80 {
    weight 3               
    TCP_CHECK {
    connect_timeout 3       
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
}
real_server 10.10.1.54 80 {
    weight 3
    TCP_CHECK {
    connect_timeout 3
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
 }

}

3. real_server上須要執行腳本啓動VIP
   #!/bin/bash
   SNS_VIP=10.10.1.50
   . /etc/rc.d/init.d/functions
   case "$1" in
   start)
   ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP up
   /sbin/route add -host $SNS_VIP dev lo:0
   echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
   echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
   echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
   echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
   sysctl -p >/dev/null 2>&1
   echo "RealServer Start OK"
   ;;
   stop)
   ifconfig lo:0 down
   route del $SNS_VIP >/dev/null 2>&1
   echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
   echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
   echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
   echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
   echo "RealServer Stoped"
   ;;
   *)
   echo "Usage: $0 {start|stop}"
   exit 1
   esac
   exit 0

4. 其餘注意點
   ① real_server上須要開啓IP轉發
   sed -i 's/net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 0/g' /etc/sysctl.conf
   sysctl -p

② vrrp防火牆設置
-A INPUT -d 224.0.0.18 -j ACCEPT

5. lvs長連接的優化
   ① 查看是ipvsadm --list --timeout, 好比個人機器就會返回以下結果：
   Timeout (tcp tcpfin udp): 7200 5 60
   這就代表個人tcp session的timeout時間是7200秒。
   設置timeout：
   ipvsadm --set 7200 5 60
   這個值若是設置過小，你的client將會收到 connection reset by peer此類的錯誤提示。
   ② keepalived的配置：
   就是virtual_server的persistence_timeout ，意思就是在這個必定時間內會講來自同一用戶（根據ip來判斷的）route到同一個real
   server。對於長鏈接類的應用，你確定須要這麼作。配置值最好跟lvs的配置的timeout一致。

6. 命令行模式（不安裝keepalived）添加記錄ipvsadm -A -t 10.66.10.200:80 -s rr -p 60添加真實主機ipvsadm -a -t 10.66.10.200:80 -r 10.66.10.197:80 -gipvsadm -a -t 10.66.10.200:80 -r 10.66.10.198:80 -g刪除真實主機ipvsadm -d -t 10.66.10.200:80 -r 10.66.10.198:80刪除記錄ipvsadm -D -t 10.66.10.200:80