LVS Funnat 編譯安裝使用

參照http://kb.linuxvirtualserver.org/wiki/IPVS_FULLNAT_and_SYNPROXY

準備文件

下載源文件 

ftp://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/os/SRPMS/kernel-2.6.32-220.23.1.el6.src.rpm
下載LVS Tools 

http://kb.linuxvirtualserver.org/p_w_picpaths/a/a5/Lvs-fullnat-synproxy.tar.gz

全部系統使用CentOS release 6.7

安裝編譯內核要的依懶包

yum install rpm-build -y

安裝包
redhat-rpm-config-9.0.3-44.el6.centos.noarch
rpm-build-4.8.0-47.el6.x86_64

yum install gcc -y

安裝包
mpfr-2.4.1-6.el6.x86_64
cpp-4.4.7-16.el6.x86_64
ppl-0.10.2-11.el6.x86_64
cloog-ppl-0.15.7-1.2.el6.x86_64
gcc-4.4.7-16.el6.x86_64

yum install xmlto -y

安裝包
docbook-dtds-1.0-51.el6.noarch
docbook-style-xsl-1.75.2-6.el6.noarch
flex-2.5.35-9.el6.x86_64
xmlto-0.0.23-3.el6.x86_64

yum install newt-devel -y

安裝包

slang-devel-2.2.1-1.el6.x86_64

yum install patchutils asciidoc elfutils-libelf-devel zlib-devel binutils-devel python-devel hmaccalc -y

開始編譯安裝

rpm -ivh kernel-2.6.32-220.23.1.el6.src.rpm

warning: user mockbuild does not exist - using root
warning: group mockbuild does not exist - using root
忽略

cd ~/rpmbuild/SPECS
rpmbuild -bp kernel.spec

出現

###
### Now generating a PGP key pair to be used for signing modules.
###
### If this takes a long time, you might wish to run rngd in the background to
### keep the supply of entropy topped up.  It needs to be run as root, and
### should use a hardware random number generator if one is available, eg:
###
###     rngd -r /dev/hwrandom
###
### If one isn't available, the pseudo-random number generator can be used:
###
###     rngd -r /dev/urandom
###
+ gpg --homedir . --batch --gen-key /root/rpmbuild/SOURCES/genkey
gpg: WARNING: unsafe permissions on homedir `.'
gpg: keyring `./secring.gpg' created
gpg: keyring `./pubring.gpg' created

新開一個終端執行

rngd -r /dev/hwrandom 或者rngd -r /dev/urandom

rpmbuild完成

開始編譯LVS FUNNNAT 內核補丁

cd ~/rpmbuild/BUILD/kernel-2.6.32-220.23.1.el6/linux-2.6.32-220.23.1.el6.x86_64
tar zxf Lvs-fullnat-synproxy.tar.gz
cp ~/lvs-fullnat-synproxy/lvs-2.6.32-220.23.1.el6.patch .
patch -p1<lvs-2.6.32-220.23.1.el6.patch
make -j16               #等待編譯完成
make modules_install
make install

改GRUB   設置剛編譯安裝的內核爲默認啓動項

vim /etc/grub.conf 
default=0

重起服務器

lvs funnat 內核path 完成

real server  patch TOA

cp ~/lvs-fullnat-synproxy/toa-2.6.32-220.23.1.el6.patch .
patch -p1 <toa-2.6.32-220.23.1.el6.patch
make -j16
make modules_install
make install

安裝lvs tool

cd lvs-fullnat-synproxy/
tar zxf lvs-tools.tar.gz

安裝依懶包

yum install openssl-devel popt-devel -y

安裝包

libcom_err-devel-1.41.12-22.el6.x86_64
libsepol-devel-2.0.41-4.el6.x86_64
libselinux-devel-2.0.94-5.8.el6.x86_64
keyutils-libs-devel-1.4-5.el6.x86_64
krb5-devel-1.10.3-42.el6.x86_64
openssl-devel-1.0.1e-42.el6.x86_64
popt-devel-1.13-7.el6.x86_64

lvs funnat管理工具ipvsadm ，必須安裝

cd ~/lvs-fullnat-synproxy/tools/ipvsadm/
make && make install
ipvsadm --save > /etc/sysconfig/ipvsadm

lvs高可用工具keeplived ，若是用不到能夠不安裝

cd ~/lvs-fullnat-synproxy/tools/keepalived
./configure --with-kernel-dir="/lib/modules/`uname -r`/build"
make && make install
cp keepalived/etc/init.d/keepalived.init /etc/init.d/keepalived
mkdir /etc/keepalived/
cp keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
cp keepalived/etc/init.d/keepalived.sysconfig /etc/sysconfig/keepalived

lvs高可用工具quagga，能夠配置OSPF等路由協議，若是用不到能夠不安裝

cd ~/lvs-fullnat-synproxy/tools/quagga
./configure --disable-ripd --disable-ripngd --disable-bgpd --disable-watchquagga --disable-doc  --enable-user=root --enable-vty-group=root --enable-group=root --enable-zebra --localstatedir=/var/run/quagga --sysconfdir=/etc/quagga --prefix=/usr
make && make install

安裝所有完成

配置使用LVS
三臺服務器
    Real server 1:  10.10.10.51
    Real server 2:  10.10.10.52
    LVS Directory:  10.10.10.53
    VIP:            10.10.10.111
所有服務器關閉selinux 和 iptables

Real server 1

yum install httpd -y
echo "Real Server 1" > /var/www/html/index.html 
service httpd start

Real server 2

yum install httpd -y
echo "Real Server 2" > /var/www/html/index.html 
service httpd start

Director

ifconfig eth0:1 10.10.10.111/24
ipvsadm -A -t 10.10.10.111:80 -s rr 
ipvsadm -a -t 10.10.10.111:80 -r 10.10.10.51:80 -b
ipvsadm -a -t 10.10.10.111:80 -r 10.10.10.52:80 -b
ipvsadm -P -t 10.10.10.111:80 -z 10.10.10.111       #添加Local Address(可任意路由能通IP，可添加多個)

瀏覽器打開http://10.10.10.111,按CRTL+F5刷新，查看效果