一、环境规划
1.1、服务器环境规划
负载服务器master及WEB服务器1真实IP 192.168.221.131
负载服务器backup及WEB服务器2真实IP 192.168.221.132
负载服务器虚拟IP 192.168.221.100
1.2、软件安装规划
操作系统:CentOS Linux 5.11 X86-64,内核版本:2.6.18-398.el5
需要安装GCC编译器及openssl等包
--192.168.221.131及192.168.221.132
安装JDK及Tomcat环境
JDK版本:jdk-6u45-linux-x64-rpm.bin
Tomcat版本:apache-tomcat-7.0.56.tar.gz
JDK安装:
chmod +x jdk-6u45-linux-x64-rpm.bin
./jdk-6u45-linux-x64-rpm.bin
vim /etc/profile
添加如下内容:
########sun jdk#######
JAVA_HOME=/usr/java/jdk1.6.0_45
JRE_HOME=/usr/java/jdk1.6.0_45/jre
PATH=$PATH:$JAVA_HOME/bin:$JRE_HOME/bin
CLASSPATH=.:$JAVA_HOME/lib/dt.jar:$JAVA_HOME/lib/tools.jar:$JRE_HOME/lib
export JAVA_HOME JRE_HOME PATH CLASSPATH
Tomcat安装:
tar -zxvf apache-tomcat-7.0.56.tar.gz -C /usr/local/
cd /usr/local/apache-tomcat-7.0.56/webapps/ROOT/
echo "192.168.221.131" > ip.html
/usr/local/apache-tomcat-7.0.56/bin/startup.sh
root@DR1 ROOT]# netstat -anptul|grep 8080
tcp 0 0 :::8080 :::* LISTEN 16312/java
iptables开启8080端口
iptables -I RH-Firwall-1-INPUT 12 -m state --state NEW -p tcp --dport 8080 -j ACCEPT
iptables-save > /etc/sysconfig/iptables
测试:
[root@DR2 ROOT]# elinks --dump http://192.168.221.131:8080/ip.html
192.168.221.131
二、LVS和Keepalived的部署
2.1、LVS的安装
yum install ipvsadm
这里安装的版本是:ipvsadm-1.24-13.el5.x86_64
2.2、Keepalived的安装
tar -zxvf keepalived-1.2.12.tar.gz -C /usr/local/src/
cd /usr/local/src/keepalived-1.2.12/
./configure --with-kernel-dir=/usr/src/kernels/2.6.18-398.el5-x86_64/
make && make install
ln -s /usr/local/sbin/keepalived /sbin/
ln -s /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
ll /etc/init.d/keepalived
chkconfig --add keepalived
chkconfig --level 35 keepalived on
service keepalived status
ln -s /usr/local/etc/keepalived/ /etc/
ll /etc/keepalived/
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
lijianmin@pancou.com #设置报警接收邮件地址,可以有多个邮件,每行一个。
#如果要开启邮件报警,需要开启本机的sendmail服务。
}
notification_email_from Alexandre.Cassen@firewall.loc #设置邮件的发送地址
smtp_server 192.168.1.1 #设置smtp_server服务器的地址
smtp_connect_timeout 30 #设置连接smtp服务器超时时间
router_id LVS_DEVEL #标识keepalived服务的ID号,两边lvs_server服务都一致
}
vrrp_instance VI_1 {
state MASTER #指定keepalived的角色,MASTER表示主服务器,BACKUP表示备用服务器。
interface eth0 #指定HA的检测网络接口
virtual_router_id 51 #虚拟路由标识,这个标识是一个数字,同一个vrrp实例使用唯一的标识,
#即同一个vrrp_instance下,MASTER和BACKUP必须是一致的。
priority 100 #定义优先级,数字越大优先级越高。在一个vrrp_instance下,
#BACKUP的优先级必须小于MASTER的优先级。
advert_int 1 #设置MASTER与BACKUP的负载均衡器之间的同步检查的时间间隔,单位是秒。
authentication {
auth_type PASS #设置验证类型,主要有PASS和AH
auth_pass 1111 #设置验证密码,在一个vrrp_instace下,MASTER与BACKUP必须使用相同的密码才能通信。
}
virtual_ipaddress {
192.168.221.100 #虚拟IP地址,可以设置多个虚拟IP
}
}
virtual_server 192.168.221.100 8080 {
delay_loop 6 #(每隔6秒查询real_server状态)
lb_algo wrr #(负载均衡调度算法,常用wlc,rr,此处为加权轮询)
lb_kind DR #(负载均衡转发规则,一般包括DR,NAT,TUN)
nat_mask 255.255.255.0
persistence_timeout 50 #会话保持时间,单位是秒,这个选项对动态网网页是非常重要的,为集群系统中断
#session共享提供了一个很好的解决方案,有了这个会话保持功能,用户的会话请求会被
#一直分发到同一个服务节点,直到超过这个会话保持的时间。需要注意的是,这个会话保
#持时间是最大无响应超时时间,也就是说,用户在操作动态页面时,如果在50秒内用户没
#有执行任何操作,那么接下来的操作会被分发到另外的节点,如果用户一执照在操作动态
#页面则不受50秒的时间限制。
protocol TCP #指定协议有TCP和UDP两种
real_server 192.168.221.131 8080 {
weight 1 #权重值
TCP_CHECK {
connect_timeout 3 #连接超时时间
nb_get_retry 3 #重试次数
delay_before_retry 3 #重试间隔
connect_port 8080
}
}
real_server 192.168.221.132 8080 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 8080
}
}
}
三、配置Real Server节点
vim real_lvs.sh
#!/bin/bash
VIP=192.168.221.100
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "Start LVS of Real Server......"
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
# /sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
echo "Stop LVS of Real Server...."
/sbin/ifconfig lo:0 down
# /sbin/route del -host $VIP dev lo:0
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
chmod +x real_lvs.sh
cp real_lvs.sh /etc/init.d/real_lvs.sh
/etc/init.d/real_lvs.sh start
ifconfig
[root@DR2 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:5D:71:26
inet addr:192.168.221.131 Bcast:192.168.221.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe5d:7126/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:18922202 errors:0 dropped:0 overruns:0 frame:0
TX packets:18904332 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1222870584 (1.1 GiB) TX bytes:1222061563 (1.1 GiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:15931 errors:0 dropped:0 overruns:0 frame:0
TX packets:15931 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:905854 (884.6 KiB) TX bytes:905854 (884.6 KiB)
lo:0 Link encap:Local Loopback
inet addr:192.168.221.100 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
service keepalived start
ip addr show
[root@DR1 ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet 192.168.221.100/32 brd 192.168.221.100 scope global lo:0
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:0c:29:15:20:7e brd ff:ff:ff:ff:ff:ff
inet 192.168.221.132/24 brd 192.168.221.255 scope global eth0
inet 192.168.221.100/32 scope global eth0
inet6 fe80::20c:29ff:fe15:207e/64 scope link
valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
[root@DR1 ~]#
四、测试
4.1 负载均衡
如果多次打开浏览器,通过虚拟IP访问网站,应当会将负载均衡到两台服务器上
第一次打开一个浏览器中输入http://192.168.221.100:8080/ip.html,显示192.168.221.131(或132)
第二次打开浏览器(新开浏览器窗口),输入http://192.168.221.100:8080/ip.html,显示192.168.221.132(或131)
4.2 故障转移
停止192.168.1.16上TOMCAT服务,这时通过虚拟IP就能访问到网站,且是访问的192.168.17服务器
/usr/local/apache-tomcat-7.0.56/bin/startup.sh
第一次打开一个浏览器中输入http://192.168.221.100:8080/ip.html,显示192.168.221.131
第二次打开浏览器(新开浏览器窗口),输入http://192.168.221.100:8080/ip.html,显示192.168.221.132
可以看到网站依然可以访问,且都是访问的192.168.221.131服务器,此时我们再将192.168.221.132服务器的tomcat服务启动,应又能进行负载均衡
/usr/local/apache-tomcat-7.0.56/bin/startup.sh
可以查看tail /var/log/messages
[root@DR1 ~]# tail -50 /var/log/messages
Nov 27 23:40:23 DR1 Keepalived_healthcheckers[16369]: Netlink reflector reports IP fe80::20c:29ff:fe15:207e added
Nov 27 23:40:23 DR1 avahi-daemon[3376]: New relevant interface eth0.IPv6 for mDNS.
Nov 27 23:40:23 DR1 avahi-daemon[3376]: Joining mDNS multicast group on interface eth0.IPv6 with address fe80::20c:29ff:fe15:207e.
Nov 27 23:40:23 DR1 avahi-daemon[3376]: Registering new address record for fe80::20c:29ff:fe15:207e on eth0.
Nov 27 23:40:24 DR1 Keepalived_vrrp[16371]: Kernel is reporting: interface eth0 UP
Nov 27 23:40:24 DR1 Keepalived_vrrp[16371]: VRRP_Instance(VI_1) Transition to MASTER STATE
Nov 27 23:40:24 DR1 Keepalived_vrrp[16371]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election
Nov 27 23:40:25 DR1 Keepalived_vrrp[16371]: VRRP_Instance(VI_1) Entering MASTER STATE
Nov 27 23:40:25 DR1 Keepalived_vrrp[16371]: VRRP_Instance(VI_1) setting protocol VIPs.
Nov 27 23:40:25 DR1 Keepalived_vrrp[16371]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.221.100
Nov 27 23:40:25 DR1 Keepalived_vrrp[16371]: Netlink reflector reports IP 192.168.221.100 added
Nov 27 23:40:25 DR1 Keepalived_healthcheckers[16369]: Netlink reflector reports IP 192.168.221.100 added
Nov 27 23:40:25 DR1 avahi-daemon[3376]: Registering new address record for 192.168.221.100 on eth0.
Nov 27 23:40:30 DR1 Keepalived_vrrp[16371]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.16
5 其它操作 5.1 查看WEB服务器虚拟IP
查看方法:ip add show,因为我们这里是WEB服务器和LVS服务器是同一台机器,所以本处lo及eth0上都有虚拟IP地址,WEB服务器上是看lo这里。
本文出自 “linunx运维专题” 博客,请务必保留此出处http://lijianmin2008.blog.51cto.com/621678/1584959
原文地址:http://lijianmin2008.blog.51cto.com/621678/1584959