环境和集群说明
系统:Centos 6.5
# VIP虚拟IP(向外公开的公网IP)
172.20.17.200
# Director 服务器(调度器)
172.20.17.218
172.20.17.219
Real 真实服务器(后端服务器)
172.20.17.210
172.20.17.211Director 服务器配置
安装依赖包:ipvsadm + keepalived
# 依赖包安装
yum install popt-static kernel-devel make gcc openssl-devel lftp libnl* popt* -y
# 安装lvs
ln -s /usr/src/kernels/2.6.32-642.1.1.el6.x86_64/ /usr/src/linux
wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz
tar -zxvf ipvsadm-1.26.tar.gz
cd ipvsadm-1.26
make
make install
# 安装Keepalived
wget http://www.keepalived.org/software/keepalived-1.2.21.tar.gz
wget http://www.keepalived.org/software/keepalived-1.2.4.tar.gz
tar zxvf keepalived-1.2.4.tar.gz
cd keepalived-1.2.4
./configure \
--prefix=/usr/local/keepalived \
--sysconf=/etc/ \
--with-kernet-dir=/usr/src/kernels/2.6.32-642.1.1.el6.x86_64/ \
make
make install
# 将keepalived做成启动服务,方便管理
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
chkconfig --add keepalived
chkconfig --level 2345 keepalived on
service keepalived start | stop
# 开启路由转发
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p编辑配置文件Keepalived.conf
文件路径:/etc/keepalived/keepalived.conf
# 编辑配置文件
! Configuration File for keepalived
global_defs {
# 下面都是邮箱配置
notification_email {
418250505@qq.com
1513942442@qq.com
}
notification_email_from 418250505@qq.com
smtp_server smtp.qq.com
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER # 备份服务器上将MASTER改为BACKUP
interface eth0 # HA监测网络接口
virtual_router_id 51 # 主、备机的virtual_router_id必须相同
priority 100 # 主、备机取不同的优先级,主机值较大,备份机值较小
advert_int 1 # VRRP Multicast广播周期秒数
authentication {
auth_type PASS # VRRP认证方式
auth_pass 1111 # VRRP口令字
}
virtual_ipaddress {
172.20.17.200 # 如果有多个VIP,继续换行填写
}
}
# VIP设置
virtual_server 172.20.17.200 80 {
delay_loop 6 # 每隔2秒查询realserver状态
# 调度算法(一共10种)
# [静态] rr [Round Robin] 轮询调度,权重无意义
# [静态] wrr [Weighted Round Robin] 加权轮询,权重有意义
# [静态] DH [Destination Hashing] 目标地址散列,一个用户一直访问一个服务器,可以缓存一些数据,权重有意义
# [静态] SH [Source Hashing] 源地址散列
# [动态] lc [Least Connections] 最少链接
# [动态] wlc [Weighted Least Connections] 加权最少链接
# [动态] sed [Shortest Expected Delay Scheduling SED] 最短的期望延迟,不考虑非活动链接,只考虑活动链接数
# [动态] LBLC [Locality-Based Least Connections] 基于局部性的最少链接
# [动态] LBLCR [Locality-Based Least Connections with Replication] 带复制的基于局部性最少链接
# [动态] NQ [Never Queue Scheduling NQ] 最少队列调度
lb_algo wlc
# 调度模式定义
# NAT:进出都通过调度器,效率低
# DR:直接路由模式(进调度器,出真是主机直接回复)
# TUN:隧道模式(类似CDN模式)
lb_kind DR
# persistence_timeout 60 # 同一IP的连接60秒内被分配到同一台realserver
protocol TCP # 用TCP协议检查realserver状态
# 真实主机1配置
real_server 172.20.17.210 80 {
weight 3 # 权重
TCP_CHECK { # TCP协议检查(HTTP_GET, TCP_CHECK)
connect_timeout 3 # 连接超时时间
nb_get_retry 3 # 重试次数
delay_before_retry 3 # 每次重试前等待延迟时间
connect_port 80 # 链接端口
}
}
# 真实主机2配置
real_server 172.20.17.211 80 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
# 保存退出启动
# 防火墙设置
vim /etc/sysconfig/iptables
# 增加一条防火墙规则
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
# 重启防火墙
/etc/init.d/iptables restart
# 重启keepalived
/etc/init.d/keepalived start
ipvsadm -L -nReal 真实服务器配置
脚本名称:lvs_real_server_dr.sh
脚本路劲:/etc/init.d/lvs_real_server_dr.sh
脚本权限:chmod a+x /etc/init.d/lvs_real_server_dr.sh
#!/bin/bash
# chkconfig: - 55 45
#DR
VIPLIST=("172.20.17.200");
VIPLENG=${#VIPLIST[*]};
VIPI=0;
. /etc/rc.d/init.d/functions
case "$1" in
start)
while [ $VIPI -lt $VIPLENG ]; do
ifconfig lo:${VIPI} ${VIPLIST[$VIPI]} broadcast ${VIPLIST[$VIPI]} netmask 255.255.255.255
/sbin/route add -host ${VIPLIST[$VIPI]} dev lo:${VIPI}
let VIPI++
done
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
while [ $VIPI -lt $VIPLENG ]; do
ifconfig lo:${VIPI} down
/sbin/route del ${VIPLIST[$VIPI]} >/dev/null 2>&1
let VIPI++
done
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
/sbin/sysctl -p >/dev/null 2>&1
echo "RealServer Stoped"
;;
status)
while [ $VIPI -lt $VIPLENG ]; do
islothere=`/sbin/ifconfig lo:${VIPI} | grep ${VIPLIST[$VIPI]}`
isrothere=`netstat -rn | grep "lo:${VIPI}" | grep ${VIPLIST[$VIPI]}`
if [ ! "$islothere" -o ! "isrothere" ];then
echo "LVS RealServer Stopped ${VIPLIST[$VIPI]}."
else
echo "LVS RealServer Running ${VIPLIST[$VIPI]}."
fi
let VIPI++
done
;;
*)
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
exit 0
# 添加开机启动服务器
chkconfig --add lvs_real_server_dr.sh
chkconfig --level 2345 lvs_real_server_dr.sh on
# 启动lvs_real_server_dr.sh脚本
/etc/init.d/lvs_real_server_dr.sh startlvs集群结果验证
验证前必须保证后端的两台真实服务器可以正常访问,有lnmp环境
# 在master负载均衡器上查看
ipvsadm -L -n
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。