标签:linux lvs keepalived
Lvs三种模式
NAT
DR
TUN
LVS-NAT:目标地址转换
注意事项:
realserver的网关必须指向DIP,通常都是私有地址
directory位于client和realserver之间,并负责处理进出的所有通信
directory支持端口映射,向外提供服务的端口 和realserver的端口可以不相同
realserver可以使用任意操作系统
较大规模应用场景中,directory易成为系统瓶颈
LVS-DR:直接路由
各集群节点,必须要跟directory在同一物理网络中
RIP可以使用公网地址,实现远程管理(也可以使用私有地址)
directory仅负责处理入站请求,响应报文则有realserver 直接发往客户端
集群节点不能将网关指向DIP
directory不支持端口映射
LVS-TUN:隧道
集群节点可以跨越互联网internet
RIP必须是公网地址
directory仅处理入站请求,响应报文则由realserver直接发往客户端
realserver网关不能指向directory
只有支持隧道功能的OS才能用于realserver
不支持端映射
安装过程
1,配置LVS MASTER & LVS BACKUP
yum -y install gcc gcc-c++ vim* ntpdate xinetd wget make cmake gd gd-devel *openssl* sysstat lrzsz net-snmp net-snmp-devel net-snmp-utils snmp* bc
yum install popt popt-devel popt-static libnl-devel libnl -y
mkdir -p /usr/local/src/lvs
cd /usr/local/src/lvs/
wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz
tar zxvf ipvsadm-1.26.tar.gz
cd ipvsadm-1.26
make && make install &&echo ‘install LVS ok‘
mkdir -p /data/software
cd /data/software/
get http://www.keepalived.org/software/keepalived-1.2.13.tar.gz
wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz
tar zxvf keepalived-1.2.13.tar.gz
cd keepalived-1.2.13
./configure && make && make install && echo "installkeepalived ok" || echo "install keepalived is failed"
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
vim /etc/keepalived/keepalived.conf
具体的keepalived.conf的配置如下:
! Configuration File for keepalived
global_defs {
notification_email {
sns-lvs@gmail.com
}
notification_email_from sns-lvs@gmail.com
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER #从keepalived改成BACKUP
interface eth1 #根据实际网卡填写
virtual_router_id 51 #有日志报错可修改此处数值
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.1.50
}
}
virtual_server 10.0.1.50 7878 {
delay_loop 6
lb_algo wlc
lb_kind DR
# persistence_timeout 1
protocol TCP
real_server 10.0.1.10 7878 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 7878
}
}
real_server 10.0.1.11 7878 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 7878
}
}
}
配置完成后,
配置后端realserver 服务器
具体脚本如下:
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=10.0.1.50
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 >/proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
#sh 脚本名称.sh start
到此keepalived+lvs配置完成。
PS:关闭iptables,selinux等
访问验证:1,任意关闭一台realserver服务,服务都正常访问
2,任意关闭一台lvs,服务都正常访问。
标签:linux lvs keepalived
原文地址:http://lu1234.blog.51cto.com/1249438/1569792