RHEL5.5上搭建LVS+keepalived负载均衡
搭建lvs集群,需要安装两个软件:lvs,即为Linux Virtual Server,意即Linux虚拟服务器,常见的软件负载均衡器。
keepalived,这里用作realserver健康检查以及负载均衡器的故障转移。
架构拓扑图如下:
http://blog.运维网.com/attachment/201209/115033255.jpg
这里两台机器做负载均衡器
master:192.168.0.201
backup:192.168.0.202
一共有两台真实的Apache服务器
apache01:192.168.0.203
apache02:192.168.0.204
虚拟访问ip为:192.168.0.10
下面开始LVS/DR负载均衡安装部署
1、安装软件
在lvs_master,lvs_backup机器上,都按照lvs和keepalived软件
安装lvs
tar zxvf ipvsadm-1.24.tar.gz
cd ipvsadm-1.24
ln -s /usr/src/kernels/2.6.18-194.el5-i686/usr/src/linux
这里需要把系统内核库文件链接到/usr/src/linux,否则下面编译lvs会找不到库文件
make
make install
安装keepalived
tar zxvf keepalived-1.1.17.tar.gz
cd keepalived-1.1.17
./configure
make
make install
安装完成后将keepalived做成系统启动服务
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/etc/sysconfig/keepalived/etc/sysconfig/
mkdir /etc/keepalived/
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
到处,lvs和keepalived安装完成。
2、配置keepalived
lvs_master配置如下:
cat /etc/keepalived/keepalived.conf
[*]! Configuration File for keepalived
[*]
[*]global_defs {
[*] notification_email {
[*] acassen@firewall.loc
[*] failover@firewall.loc
[*] sysadmin@firewall.loc
[*] }
[*] notification_email_from Alexandre.Cassen@firewall.loc
[*] smtp_server 192.168.200.1
[*] smtp_connect_timeout 30
[*] router_id LVS_DEVEL
[*]}
[*]
[*]vrrp_instance VI_1 {
[*] state MASTER ##这里为主,即MASTER,如果在backup机器上配置,则为BACKUP
[*] interface eth0 ##HA监视的网络接口,这里为eth0
[*] virtual_router_id 51
[*] priority 100##定义优先级,数字越大,优先级越高,MASTER必须比BACKUP高,BACKUP设置为90.
[*] advert_int 1
[*] authentication {
[*] auth_type PASS##设置验证类型,主要有PASS和AH两种,这里为PASS
[*] auth_pass 1111##设置密码,主从必须一致
[*] }
[*] virtual_ipaddress {
[*] 192.168.0.10 ##vip的地址
[*] }
[*]}
[*]
[*]virtual_server 192.168.0.10 80 {##虚拟服务器和端口
[*] delay_loop 6
[*] lb_algo rr##负载均衡算法,这里为rr轮询机制
[*] lb_kind DR ##负载均衡实现机制,这里为DR模式
[*] nat_mask 255.255.255.0
[*] persistence_timeout 50
[*] protocol TCP##转发协议为tcp
[*]
[*] real_server 192.168.0.203 80 {##第一个真实节点
[*] weight 1 ##设置权重,值越大,权值越高
[*]
[*] TCP_CHECK {
[*] connect_timeout 10
[*] nb_get_retry 3
[*] delay_before_retry 3
[*] connect_port 80
[*] }
[*] }
[*]
[*] real_server 192.168.0.204 80 {##第二台真实节点
[*] weight 1
[*]
[*] TCP_CHECK {
[*] connect_timeout 10
[*] nb_get_retry 3
[*] delay_before_retry 3
[*] connect_port 80
[*] }
[*] }
[*]}
backup的机器配置参照master,只需把主从模式设为BACKUP,优先级比100小即可
下面绑定web服务器的虚拟回环接口ip,抑制arp广播,这里用脚本实现:
[*]#!/bin/bash
[*]# description: Config realserver
[*]
[*]VIP=192.168.0.10
[*]
[*]/etc/rc.d/init.d/functions
[*]
[*]case "$1" in
[*]start)
[*] /sbin/ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
[*] /sbin/route add -host $VIP dev lo:0
[*] echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
[*] echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
[*] echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
[*] echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
[*] sysctl -p >/dev/null 2>&1
[*] echo "RealServer Start OK"
[*]
[*] ;;
[*]stop)
[*] /sbin/ifconfig lo:0 down
[*] /sbin/route del $VIP >/dev/null 2>&1
[*] echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
[*] echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
[*] echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
[*] echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
[*] echo "RealServer Stoped"
[*] ;;
[*]*)
[*] echo "Usage: $0 {start|stop}"
[*] exit 1
[*]esac
[*]
[*]exit 0
分别在两台真实web服务器上执行该脚本,然后启动httpd服务。
chmod +x lvs_real.sh
./lvs_real.sh
/etc/init.d/httpd start
最后在两台lvs服务器上启动keepalived服务,即可
/etc/init.d/keepalived start
在lvs服务器上观察realserver运行状态
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.0.10:http rr persistent 50
-> 192.168.0.203:http Route 1 0 0
-> 192.168.0.204:http Route 1 0 10
浏览器访问http://192.168.0.10即可访问web服务
关闭其中一台web服务器:192.168.0.203,仍然可以访问web服务,另一台web服务照常工作。
关闭master机器的keepalived服务,这时候backup机器会立刻变为master角色接管虚拟ip资源,web服务器照常访问。
页:
[1]