開始安裝LVSlinux
1)下載相關軟件包bash
2)安裝LVS命令app
| lsmod |grep ip_vs
cat /etc/redhat-release
uname -r
ln -s /usr/src/kernels/2.6.18- /usr/src/linux
特別注意:
1)此ln命令的路徑要和uname -r 輸出結果內核版本對應。
2)若是沒有/usr/src/kernels/2.6,是由於缺乏kernel-devel-2.6.18軟件包。可經過yum install kernel-devel -y 安裝。
3)ln這個命令也能夠不執行,直接指定內核參數編譯。
tar zxvf ipvsadm-1.26.tar.gz
make
make install
lsmod |grep ip_vs
提示:
1.此時ipvs模塊沒有被加載,能夠執行ipvsadm命令就會吧ip_vs加載到系統內核或執行命令modprobe ip_vs也能夠把ip_vs模塊加載到內核。而後再執行lsmod -l |grep ip_vs 應該看見ip_vs模塊被列出。
須要安裝依賴包
yum install libnl* popt* -y.負載均衡 |
-----curl
負載均衡器配置tcp
配置別名網卡url
| ifconfig eth0:1 192.168.1.181 netmask 255.255.255.0 up #<=別名的方式rest |
④ 手工執行配置添加LVS服務器並增長兩臺RSserver
| ipvsadm -C
ipvsadm --set 30 5 60
ipvsadm -A -t 192.168.1.181:80 -s wrr -p 20
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.178:80 -g -w 1
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.179:80 -g -w 1 |
[刪除方法]
| ipvsadm -D -t 192.168.1.181:80 -s wrr
ipvsadm -d -t 192.168.1.181:80 -r 192.168.1.178:80 |
[相關參數說明]
| ipvsadm -help
--clear -C clear the whole table
--add-service -A add virtual service with options
--tcp-service -t service-address service-address is host[:port]
--scheduler -s scheduler one of rr|wrr|lc|wlc|lblc|lblcr|dh|sh|sed|nq
--add-server -a add real server with options
--real-server -r server-address server-addres s is host(and port)
--masquerading -m masquerading (NAT)
--gatewaying -g gatewaying(direct routing)(default)
--delete-server -d delete real server
--persistent -p [timeout] persistent server(會話保持功能)
--set tcp tcpfin udp set connection timeout values
--weight -w weight capacity of real server
提示:更多參數請ipvsadm -help自行查看 |
⑤命令執行過程及檢查配置的執行結果
| ipvsadm -C
ipvsadm --set 30 5 60
ipvsadm -A -t 192.168.1.181:80 -s wrr -p 20
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.178:80 -g -w 1
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.179:80 -g -w 1
ipvsadm -L -n --sort
ipvsadm -d -t 192.168.1.181:80 -r 192.168.1.178:80
ipvsadm -L -n --sort
ipvsadm -a -t 192.168.1.181:80 -r 192.168.1.178:80
ipvsadm -L -n --sort |
手工在RS端綁定VIP
| ifconfig lo:181.168.1.181 netmask 255.255.255.255 up
route add -host 192.168.1.181 dev lo |
每一個集羣節點的迴環接口(lo)設備上被綁定VIP地址(其廣播地址是其自己,子網掩碼255.255.255.255,採起可變掩碼方式把網段劃分紅只含一個主機地址的目的是避免ip地址衝突)容許LVS-DR集羣中的集羣節點接收發向該VIP地址的數據包,這會有一個很是嚴重的問題發生,集羣內部的真實服務器將嘗試回覆來自正在請求VIP客戶端的ARP廣播,這樣全部的真實服務器都將聲稱本身擁有該VIP地址,這時客戶端將直接發送請求數據包到真實服務器上,從而破壞DR集羣的方法。所以,必需要抑制真實服務器的ARP廣播。
手工在RS端抑制ARP響應
⑦抑制ARP響應方法以下:
| echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce |
以RS179爲例演示執行過程以下:
| ifconfig lo:181 192.168.1.181 netmask 255.255.255.255 up
route add -host 192.168.1.181 dev lo
cat /proc/sys/net/ipv4/conf/lo/arp_ignore
cat /proc/sys/net/ipv4/conf/all/arp_ignore
cat /proc/sys/net/ipv4/conf/all/arp_ignore
cat /proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce |
arp音質技術參數說明
arp_ignore- INTEGER
0 默認值:
檢查手工配置成果
使用http://192.168.1.178{179}(181)
使用腳本配置LVS負載均衡服務器端
| #!/bin/bash
. /etc/init.d/functions
VIP=192.168.1.181
SUBNET=eth0:`echo $VIP|cut -d. -f4`
PORT=80
GW=192.168.1.1
#w=3
RIP1=(
192.168.1.178
)
#w=1
RIP2=(
192.168.1.179
)
IFCONFIG=/sbin/ifconfig
ROUTE=/sbin/route
IPVSADM=/sbin/ipvsadm
ARPING=/sbin/arping
#functions
function usage (){
local script_name
script_name=$1
echo "Usgae : $script_name [ start | stop | restart ]"
echo ""
return 1
}
function checkCmd (){
if [ ! -f $1 ]; then
echo "Can't find "$1
return 1
fi
}
function checkSubnet (){
$IFCONFIG |grep "$1"|wc -l
}
function ipvsStart (){
#judge if $SUBNET is exist.
if [ $(checkSubnet $SUBNET) -ne 0 ]; then
$IFCONFIG $SUBNET down
fi
local rs
#$IFCONFIG $SUBNET $VIP broadcast $VIP netmask 255.255.255.255 up
$IFCONFIG $SUBNET $VIP broadcast $VIP netmask 255.255.255.0 up
#$ROUTE add -host $VIP dev $SUBNET
$IPVSADM -C
$IPVSADM -A -t $VIP:$PORT -s wrr -p 60
for ((i=0; i<`echo ${#RIP1[*]}`; i++))
do
$IPVSADM -a -t $VIP:$PORT -r ${RIP1[$i]}:$PORT -g -w 1
done
for ((i=0; i<`echo ${#RIP2[*]}`; i++))
do
$IPVSADM -a -t $VIP:$PORT -r ${RIP2[$i]}:$PORT -g -w 1
done
rs=$?
$IPVSADM >/tmp/oldboy.log
# update MAC
NetIf=$(echo ${SUBNET}|awk -F ":" '{print $1}')
$ARPING -c 1 -I ${NetIf} -s $VIP $GW >>/tmp/oldboy.log
[ $rs -eq 0 ] && action "Ipvsadm start." /bin/true
return $rs
}
function ipvsStop (){
local rs
rs=1
#clean ipvs
$IFCONFIG $SUBNET down
$IPVSADM -C
$IPVSADM -Z
rs=$?
#$ROUTE del $VIP
$ARPING -c 1 -I ${NetIf} -s $VIP $GW >/dev/null 2>&1
[ $rs -eq 0 ] && action "Ipvsadm stoped." /bin/true
return $rs
}
main ()
{
#judge argv num by oldboy
if [ $# -ne 1 ]; then
usage $0
fi
case "$1" in
start)
ipvsStart
;;
stop)
ipvsStop
;;
restart)
ipvsStop
ipvsStart
;;
*)
usage $0
;;
esac
}
#start operating
main $* |
開發腳本配置LVS RS真實服務器處理腳本
| #!/bin/bash
# description: Config realserver lo and apply noarp
VIP=(
192.168.1.181
)
. /etc/rc.d/init.d/functions
case "$1" in
start)
for ((i=0; i<`echo ${#VIP[*]}`; i++))
do
interface="lo:`echo ${VIP[$i]}|awk -F . '{print $4}'`"
/sbin/ifconfig $interface ${VIP[$i]} broadcast ${VIP[$i]} netmask 255.255.255.255 up
done
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
action "Start LVS of RearServer.by old1boy"
;;
stop)
for ((i=0; i<`echo ${#VIP[*]}`; i++))
do
interface="lo:`echo ${VIP[$i]}|awk -F . '{print $4}'`"
/sbin/ifconfig $interface ${VIP[$i]} broadcast ${VIP[$i]} netmask 255.255.255.255 down
done
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
action "Close LVS of RearServer.by old2boy"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac |
一個腳本同時實現自動剔除和加入RS
| CURL方法很不錯
#!/bin/bash PORT="80"VIP=192.168.1.181RIP=( 192.168.1.178 192.168.1.179)function check_url(){for ((i=0; i<`echo ${#RIP[*]}`; i++))dojudge=($(curl -I -s http://${RIP[$i]}|head -1|tr "\r" "\n"))if [[ "${judge[1]}" == '200' && "${judge[2]}"=='OK' ]] then if [ `ipvsadm -L -n|grep "${RIP[$i]}"|wc -l` -ne 1 ] then ipvsadm -a -t $VIP:$PORT -r ${RIP[$i]}:$PORT fielse if [ `ipvsadm -L -n|grep "${RIP[$i]}"|wc -l` -eq 1 ] then ipvsadm -d -t $VIP:$PORT -r ${RIP[$i]}:$PORT fifidone}while truedocheck_urlsleep 5done |