lvs 配置笔记lvs+keepalived

接着上篇lvs的笔记后,现在就要真刀实枪的来玩配置了。。 :)

以下为详细过程。。。。

lvs-keepalived-拓扑

lvs 在最前端 ,realserver 层 是两台 haproxy  为后端的app 做服务,比较清晰的结构,用的是lvs 的dr 模式,考虑到 tunnel 和 nat 模式的不适用性,DR 模式才是本次的重点。。。

(好拗口,我在说什么??? 🙁   )

esxi-lvs

自己在家做实验嘛,当然没有那么多实体机,虚拟机的价值就体现出来了,上图为本次的ip分布结构!

LVS:篇

#下载包
wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz

wget http://www.keepalived.org/software/keepalived-1.2.8.tar.gz

#centos
yum groupinstall “Development Libraries” “Development Tools” -y

#最好先同步下 时间 或者直接加入 crontab 定时同步
ntpdate time-a.nist.gov

#查看kernel 版本 手工编译安装的话ipvsadm 对内核版本有要求
uname -r
2.6.18-348.16.1.el5

#centos 5.9 的当前最高版本只能安装 1.24 版  🙁

#ipvsadm-1.24 (for kernel between 2.6.10 and 2.6.27.4

#链接kernel
ln -sv /usr/src/kernels/2.6.18-348.16.1.el5-x86_64/ /usr/src/linux

#编译安装
cd ipvsadm-1.24
make && make install

cd keepalived-1.2.8
make && make install

#配置 keepalived

cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

mkdir /etc/keepalived

cp /usr/local/sbin/keepalived /usr/sbin/

cat >>/etc/keepalived/keepalived.conf<<EOF

! Configuration File for keepalived

global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server smtp.gmail.com
# smtp_connect_timeout 30
router_id LVS_DEVEL
}

# VIP1
vrrp_instance VI_1 {
state MASTER             #备份服务器上将MASTER改为BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 100    # 备份服务上将100改为90
advert_int 5
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
#(如果有多个VIP,继续换行填写.)
}
}

virtual_server 192.168.1.100 80 {
delay_loop 6                  #(每隔10秒查询realserver状态)
lb_algo wlc                  #(lvs 算法)
lb_kind DR                  #(Direct Route)
persistence_timeout 60        #(同一IP的连接60秒内被分配到同一台realserver)
protocol TCP                #(用TCP协议检查realserver状态)

real_server 192.168.1.20 80 {
weight 100               #(权重)
TCP_CHECK {
connect_timeout 10       #(10秒无响应超时)
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.1.21 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}

EOF

#重启keepalived
/etc/init.d/keepalived restart

chkconfig keepalived on

#查看 ipvsadm

ipvsadm -L -n

#查看 keepalived

ip addr

#出现 192.168.1.100 这个vip 就对了!

#同样在 lvs-backup 上配置以上的步骤 ,注意keepalived 的区别即可

#配置 realserver

cat >>/opt/lvs-realserver.sh<<EOF
#!/bin/bash
# description: Config realserver

SNS_VIP=192.168.1.100

/etc/rc.d/init.d/functions

case "$1" in
start)
/sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"

;;
stop)
/sbin/ifconfig lo:0 down
/sbin/route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac

exit 0

EOF

#加入启动项

echo “/opt/lvs-realserver.sh start” >>/etc/rc.local

#两台realserver 都要重复上面的步骤 🙂

#接下去配置 realserver 上的haproxy

#开始编译
tar -xvzf haproxy-1.4.24.tar.gz
cd haproxy-1.4.24/
make TARGET=linux26 PREFIX=/usr/local/haproxy  ##我的系统内核为2.6,所以target=linux26
make install PREFIX=/usr/local/haproxy

#配置
mkdir -p /etc/haproxy/
touch /etc/haproxy/haproxy.cfg

cat >>/etc/haproxy/haproxy.cfg<<EOF
global
daemon
nbproc 1
pidfile /var/run/haproxy.pid
ulimit-n 655350
maxconn 40960

defaults
mode tcp
retries 2
option redispatch
option abortonclose
maxconn 40960
timeout connect 50000ms
timeout client 300000ms
timeout server 300000ms
timeout check 2000
log 127.0.0.1 local0 err

listen admin_stats
bind 0.0.0.0:1080
mode http
option httplog
log 127.0.0.1 local0 err
maxconn 10
stats refresh 30s
stats uri /stats
stats realm XingCloud Haproxy
stats auth admin:admin
stats hide-version

listen test1_nginx
bind 0.0.0.0:80
mode http
# log global
log 127.0.0.1 local0 info
option forwardfor
#balance leastconn
balance roundrobin
maxconn 40000
option http-server-close
option http-pretend-keepalive
# option httpclose
# timeout connect 5000ms
# timeout client 30000ms
# timeout server 30000ms
server s1 192.168.1.30:80
server s2 192.168.1.31:80

EOF

#ok了 只要在 app 上配置好 nginx 或者apache 之类的应用开启80端口即可 看到 成功了。  由于haproxy 是 roundrobin 轮询模式 所以 每次 请求 vip 192.168.1.100 即可看到不同的app 显示

:)

#安装syslog 查看haproxy日志

yum install rsyslog -y

chkconfig rsyslog on  #开启rsyslog

chkconfig syslog off   #关闭syslog 自启动

#centos 的rsyslog 增强日志

cat >>/etc/rsyslog.conf<<EOF
#for haproxy-log
$ModLoad imudp
$UDPServerRun 514
local0.* /var/log/haproxy.log
EOF

#如果安装syslog 需要先关闭 syslog 在开启rsyslog 这两个不一样喔 🙂 rsyslog 是一个增强版的syslog
/etc/init.d/syslog  stop
/etc/init.d/rsyslog restart

#添加haproxy  开机启动

echo “/usr/local/haproxy/sbin/haproxy -f /etc/haproxy/haproxy.cfg” >>/etc/rc.local

 

#小技巧,如果没什么特别要求只是做临时测试下面的简单几句命令即可完成lvs测试

#配置虚拟ip
ifconfig eth0:0 172.27.10.54 netmask 255.255.255.255 broadcast 172.27.10.255
echo “1”>/proc/sys/net/ipv4/ip_forward

#使用ipvsadm安装LVS服务:
ipvsadm -A -t 172.27.10.54:7800 -s rr
#增加真实服务器:
ipvsadm -a -t 172.27.10.54:7800 -r 172.27.10.51 -g -w 1
ipvsadm -a -t 172.27.10.54:7800 -r 172.27.10.52 -g -w 1

#realserver端只要执行上面的realserver脚步即可 :)

cat >>/opt/lvs-realserver.sh<<EOF
#!/bin/bash
# description: Config realserver
SNS_VIP=172.27.10.54
/etc/rc.d/init.d/functions
case "$1" in
start)
/sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"

;;
stop)
/sbin/ifconfig lo:0 down
/sbin/route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac

exit 0

EOF

发表评论

This site uses Akismet to reduce spam. Learn how your comment data is processed.