测试环境
系统:centos6.5_x86_64
主DR IP:192.168.1.216
备DR IP:192.168.1.218
VIP:192.168.1.253/254
real_server1:192.168.1.220
real_server2:192.168.1.219
一、安装ipvsadm
1.1 安装依赖包
yum -y install libnl-devel libnl popt popt-static
1.2 下载并安装ipvsadm
wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz
tar zxf ipvsadm-1.26.tar.gz && cd ipvsadm-1.26 && make && make install
1.3调整hash表大小
echo "options ip_vs conn_tab_bits=20" > /etc/modprobe.conf
验证是否生效
ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=1048576)
1.4 关闭gro和lro
ethtool -K em1 gro off
ethtool -K em1 lro off
ethtool -K em2 gro off
ethtool -K em2 lro off
验证看是否关闭
ethtool -k em1|grep generic-receive-offload
generic-receive-offload: off
ethtool -k em1|grep large-receive-offload
large-receive-offload: off [fixed]
1.5 用四个参数来关闭arp查询响应请求:
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
二、keepalived安装
2.1 创建目录并下载安装包
mkdir -p /data/ops/{packages,app} && cd /data/ops/packages
wget http://www.keepalived.org/software/keepalived-1.2.12.tar.gz
2.2 解压并安装keepalived
tar zxf keepalived-1.2.12.tar.gz && cd keepalived-1.2.12 && ./configure --prefix=/data/ops/app/keepalived && make && make install
2.3 配置keepalived配置文件路径,启动路径
拷贝启动文件到/etc/init.d目录下
cp -p /data/ops/app/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp -p /data/ops/app/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
创建配置文件存放目录
mkdir /etc/keepalived
cp -p /data/ops/app/keepalived/sbin/keepalived /usr/sbin/
配置开启自启动级别
chkconfig --level 2345 keepalived on
三、keepalived配置
说明:备keepalived的配置文件只需去掉nopreempt,修改优先级(priority)的值改为:100(没有设置nopreempt的keepalived优先级必须低于设置nopreempt的keepalived,不然设置非抢占不生效),修改LVS_Nginx_1为LVS_Nginx_2
3.1 keepalived配置
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {#全局配置
router_id LVS_Nginx_1 #运行 keepalive 机器的标示,注意每个机器需要唯一的标示
}
vrrp_instance Tenginx_1 {
state BACKUP#定义为backup
nopreempt#启用非抢占模式
interface bond0 #实例绑定的网卡
virtual_router_id 61 # 0-255 在同一个 instance 中一致 在整个 vrrp 中唯一
priority 150#优先级,优先级最大的会成为 master
advert_int 1
authentication {
auth_type PASS#设置验证类型,主要有PASS和AH两种
auth_pass 1111#设置验证密码
}
virtual_ipaddress {
192.168.1.254 #设置主DR的虚拟IP地址(virtual IP),可多设,但必须每行1个
}
}
########Virtual Server########
virtual_server 192.168.1.254 80 {#注意IP地址与端口号之间用空格隔开
delay_loop 6#设置健康检查时间,单位是秒
lb_algo rr#设置负载调度算法,默认为rr,即轮询算法,最优秀是wlc算法
lb_kind DR#设置LVS实现LB机制,有NAT、TUNN和DR三个模式可选
persistence_timeout 50#会话保持时间,单位为秒
protocol TCP#指定转发协议类型,有TCP和UDP两种
real_server 192.168.1.220 80 {
weight 3#配置节点权值,数字越大权值越高
TCP_CHECK {
connect_timeout 3#表示3秒无响应,则超时
nb_get_retry 3#表示重试次数
delay_before_retry 3#表示重试间隔
}
}
real_server 192.168.1.225 80 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
vrrp_instance Tenginx_2 {
state BACKUP
nopreempt
interface bond0
virtual_router_id 62
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.253
}
}
virtual_server 192.168.1.253 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.1.220 80 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.1.225 80 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
值得注意的是, keepalived 的启动过程并不会对配置文件进行语法检查,就算没有配置文件,keepalived 的守护进程照样能够被运行起来。在默认状态下-- 即不指定配置文件的位置—keepalived 先查找文件 /etc/keepalived/keepalived.conf ,如果为了省事,可以手动创建这个文件,然后在这个文件里书写规则,来达到控制 keepalived 运行的目的。
三、两台real server 配置
3.1 配置脚本
cat /etc/init.d/realserver
#!/bin/bash
#add for chkconfig
#chkconfig: 2345 70 30 #234都是文本界面,5就是图形界面X,70启动顺序号,30系统关闭,脚本
#止顺序号
#description: RealServer‘s script #关于脚本的简短描述
#processname: realserver #第一个进程名,后边设置自动时会用到
VIP=192.168.1.254
VIP2=192.168.1.253
source /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
ifconfig lo:1 $VIP2 netmask 255.255.255.255 broadcast $VIP2
/sbin/route add -host $VIP2 dev lo:1
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $VIP >/dev/null 2>&1
ifconfig lo:1 down
route del $VIP2 >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
3.2 添加执行权限
chmod a+x /etc/init.d/realserver
3.3 加入开机自启动
chkconfig realserver on