LVS+keepalived+nginx

LVS是Linux Virtual Server的簡寫，基於4層協議不處理，不響應，只轉發，速度更快 

 

wget -c http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz

ln -s /usr/src/kernels/2.6.*  /usr/src/linux  //IPVS模塊編譯進內核裏，須要作軟鏈接

tar xzvf ipvsadm-1.24.tar.gz &&cd ipvsadm-1.24 && make && make install

wget -c  http://www.keepalived.org/software/keepalived-1.1.15.tar.gz 

tar -xzvf keepalived-1.1.15.tar.gz &&cd keepalived-1.1.15

./configure --prefix=/usr/local/keepalived --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86_64/;make&&make install

cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

cp  /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

cp /usr/local/keepalived/sbin/keepalived  /usr/sbin/

cp -r /usr/local/keepalived/etc/keepalived/ /etc

192.168.10.130，192.168.10.128爲均衡的後端機器  ，192.168.10.131 192.168.10.132 爲LVS主備

MASTER配置文件 

! Configuration File for keepalived
global_defs {
notification_email {
liu6630@qq.com
}
notification_email_from liu6630@qq.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 152
priority 100
advert_int 5
nopreempt
authentication {
auth_type PASS
auth_pass 2222
}
virtual_ipaddress {
192.168.10.141
}
}
virtual_server 192.168.10.141 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 60
protocol TCP
real_server 192.168.10.128 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.10.130 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}

BACKUP配置文件 將priority 改小些就行

real_server 真實服務器起執行腳本lvs_realserver.sh

#!/bin/sh
#LVS Client Server
VIP=192.168.10.141
case $i in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
exit 0
;;
stop)
ifconfig lo:0 down
route del $VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped OK"
exit 1
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac

LVS不會檢測你後端502超時錯誤，只關心80端口是否開啓對於應用來講，這樣檢測明顯不足，能夠增長LVS對後端Nginx URL的檢測，能訪問URL則表示服務正常，代碼：real_server 192.168.1.4 80 {

 

        weight 100

 

        HTTP_GET {

 

        url {

 

        path /monitor/warn.jsp

 

        status_code 200

 

        }

        connect_timeout 10

 

        nb_get_retry 3

 

        delay_before_retry 3

 

     }

 

} 

與mysql+keepalived去區別，real_server 不能爲本機 IP

lvs的設置：
查看是ipvsadm --list --timeout, 好比個人機器就會返回以下結果：
# ipvsadm --list --timeout
Timeout (tcp tcpfin udp): 7200 5 60
這就代表個人tcp session的timeout時間是7200秒。
設置timeout：
ipvsadm --set 7200 5 60
這個值若是設置過小，你的client將會收到 connection reset by peer此類的錯誤提示。
keepalived的配置：
就是virtual_server的persistence_timeout，意思就是在這個必定時間內會講來自同一用戶（根據ip來判斷的）route到同一個real
server。對於長鏈接類的應用，配置值最好跟lvs的配置的timeout一致。

排錯 

1.編譯是否加了內核 沒加內核不會啓動檢測 加了

2配置文件是否在 /etc/keepalivde 下  cp -r /usr/local/keepalived/etc/keepalived/ /etc 

3是否加載modprobe ip_vs   未加載虛擬IP模塊 有VIP其餘服務也不能訪問VIP

4是否VIP與真實IP同一網段且無IP衝突 

5VIP是否起來 能夠用 ip addr list 查看 

6 virtual_router_id  同一集羣的keepalived的主、備機的virtual_router_id 必須相同,取值0-255 可是同一內網中不該有相同virtual_router_id的集羣 

7 ipvsadm -ln 察看IPVS規則 是否添加真實服務器

8tcpdump  -nn port 80 and host 192.168.10.141 

9ab -c 100 -n 1000 http://192.168.10.141/  壓測