(十六)企业部分之lvs
增加两台纯净的虚拟机server3和server4,共4台虚拟机两台虚拟机最好1G内存
【server1/server2】
/etc/init.d/heartbeat stop
chkconfig heartbeat off
/etc/init.d/iptables stop
【server2】
ip addr add 172.25.45.100/24 dev eth0
ip addr show http://s3.运维网.com/wyfs02/M01/84/E6/wKioL1eW9pehGYzoAABIDkPU-EI037.png
ipvsadm -lhttp://s3.运维网.com/wyfs02/M01/84/E6/wKiom1eW9paSTBYEAAAp4hEmbgU169.png
ipvsadm -C
ipvsadm -A -t 172.25.45.100:80 -s rr
ipvsadm -a -t 172.25.45.100:80 -r 172.25.45.3:80 -g
ipvsadm -a -t 172.25.45.100:80 -r 172.25.45.4:80 -g
/etc/init.d/ipvsadm saveipvsadm -l http://s2.运维网.com/wyfs02/M02/84/E6/wKiom1eW9rrCWqL7AABEl3dZLX4660.png
【server3/server4】
yum install -y httpd
/etc/init.d/httpd start
echo server3.example.com > /var/www/html/index.html ##server4改为4ip addr add 172.25.45.100/32 dev eth0
ip addr showhttp://s1.运维网.com/wyfs02/M00/84/E6/wKioL1eW9tHgBOTnAABEAJLcD8A354.png
yum install -y arptables_jf
arptables -Lhttp://s2.运维网.com/wyfs02/M01/84/E6/wKiom1eW9tOyHytXAABLDx-NFnI306.png
arptables -A IN -d 172.25.45.100 -j DROP
arptables -A OUT -s 172.25.45.100 -j mangle --mangle-ip-s 172.25.45.3##server4改为4
/etc/init.d/arptables_jf savearptables -Lhttp://s5.运维网.com/wyfs02/M02/84/E6/wKioL1eW9unRd8ugAABoeYaueDA750.png
http://s5.运维网.com/wyfs02/M02/84/E6/wKioL1eW9umT854TAABoe9l1ueQ359.png
http://172.25.45.100 ##server3和server4可以切换
【物理机】
arp -an ##可以看到虚拟IP在哪http://s4.运维网.com/wyfs02/M00/84/E6/wKiom1eW9wuzVSjIAACP5wDQP80199.png
【server2】
ipvsadm -lhttp://s1.运维网.com/wyfs02/M01/84/E6/wKiom1eW9yXDh91ZAABFrzVqRVE366.png
2.
【server2】
cd /usr/share/doc/ldirectord-3.9.5/
cp ldirectord.cf /etc/ha.d/
vim /etc/ha.d/ldirectord.c 修改25到39行内容为以下:
virtual=172.25.45.100:80
real=172.25.45.3:80 gate
real=172.25.45.4:80 gate
fallback=127.0.0.1:80 gate
service=http
scheduler=rr
#persistent=600
#netmask=255.255.255.255
protocol=tcp
checktype=negotiate
checkport=80
request="index.html"
# receive="Test Page"
# virtualhost=www.x.y.z
http://s1.运维网.com/wyfs02/M02/84/E6/wKiom1eW9zHxP8bYAABfVQVVwSA435.png
ipvsadm -l
ipvsadm -C
ipvsadm -lhttp://s2.运维网.com/wyfs02/M01/84/E6/wKioL1eW9z7g16YpAAAz8yVJsiU046.png
/etc/init.d/ldirectord start
ipvsadm -lhttp://s2.运维网.com/wyfs02/M02/84/E6/wKioL1eW90vRrDiiAABYG5syeH4714.png
/etc/init.d/ldirectord stop
ipvsadm -lhttp://s2.运维网.com/wyfs02/M02/84/E6/wKioL1eW90vATXuEAAA9h4aanLo869.png
/etc/init.d/ldirectord start
/etc/init.d/httpd startecho server2.example.com > /var/www/html/index.html http://172.25.45.100 ##server3和server4可以切换
测试:
关闭server3和server4其中一个的http服务,显示的会是对方的首页;若是全部关闭,则显示server2的首页,但只要server3\server4有一个服务存在,就会回切,就不会在server2上
关闭server4的http服务
网页显示server3.example.comhttp://s4.运维网.com/wyfs02/M00/84/E6/wKioL1eW93ui9lA9AAA7r8Jh8II494.png
再关闭server3的http服务
网页显示本地首页,server2.example.comhttp://s3.运维网.com/wyfs02/M00/84/E6/wKiom1eW93DgtpzpAAA5U3vbUDE078.png
开启server3的http服务
网页显示server3.example.com
开启server4的http服务
网页在server3和server4切换
http://s2.运维网.com/wyfs02/M01/84/E6/wKiom1eW94WRiD5bAABFay0cUo4203.png
【server2】
scp ldirectord.cf 172.25.45.1:/etc/ha.d//etc/init.d/ldirectord stop
/etc/init.d/httpd stop
ipvsadm -lhttp://s5.运维网.com/wyfs02/M01/84/E6/wKiom1eW95CRTHSFAAAq2LR41g0425.png
ip addr del 172.25.45.100/24 dev eth0
【server1】
yum install -y httpdvim /etc/ha.d/haresources 将最后一行修改为以下:
server1.example.com IPaddr::172.25.45.100/24/eth0 httpd ldirectord
scp haresources 172.25.45.2:/etc/ha.d/
/etc/init.d/heartbeat start
tail -f /var/log/messages ##无报错将server2的heartbeat服务打开ip addr show ##有虚拟IPhttp://s4.运维网.com/wyfs02/M02/84/E6/wKiom1eW-IuCa0wfAABFEEskE_M943.png
netstat -antlpe ##httpd端口打开http://s5.运维网.com/wyfs02/M02/84/E6/wKioL1eW-JXT-YgcAAAXeYj5xQI190.png
ipvsadm -l ##规则出现http://s1.运维网.com/wyfs02/M02/84/E6/wKioL1eW-J7wbtscAABE-VqJfRM745.png
网页上server3和server4可以切换
测试:
【server1】
/etc/init.d/heartbeat stop 虚拟IP会切换到server2上
/etc/init.d/heartbeat start 虚拟IP会切回到server1上
关闭server3的http服务,网页显示server4.example.com
再关闭server4的http服务,网页显示本地首页,server1.example.com
开启server3的http服务,网页显示server3.example.com
开启server4的http服务,网页在server3和server4切换
后端调度
健康检查
所需软件包:keepalived-1.2.20.tar.gz libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm
【server1】
/etc/init.d/heartbeat stop
tar zxf keepalived-1.2.20.tar.gzcd keepalived-1.2.20/
./configure --prefix=/usr/local/keepalived 需要解决的依赖性:openssl-devel libnl-devel
rpm -ivh libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm
yum install -y net-snmp-devel
yum install -y libiptcdata.x86_64
make & make installscp -r /usr/local/keepalived/ root@172.25.45.2:/usr/local/
【server1/server2】
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived/ /etc/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/
ln -s /usr/local/keepalived/bin/genhash /bin/
【server1】
cd /etc/keepalived/
vim keepalived.conf 修改内容为以下;
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalive@server1.example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.45.100
}
}
virtual_server 172.25.45.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# persistence_timeout 50
protocol TCP
real_server 172.25.45.3 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.45.4 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
scp keepalived.conf 172.25.45.2:/etc/keepalived/
【server2】
cd /etc/keepalived/
vim keepalived.conf 将第7行的sverver1.example.com改为server2.example.com
将第16行的MASTER改为BACKUP
将第45行的100改为50
【server1】
/etc/init.d/keepalived start
tail -f /var/log/messages
【server2】
/etc/init.d/keepalived start
【server1】
ip addr showhttp://s2.运维网.com/wyfs02/M00/84/E7/wKiom1eW-ODBgsbSAABDFiS1DB8275.png
ipvsadm -lhttp://s1.运维网.com/wyfs02/M02/84/E7/wKiom1eW-PWzKc8nAABG7oWXMVM539.png
网页在server3和server4切换
/etc/init.d/keepalived stop ##虚拟IP会切换到server2上,网页依然在server3和server4切换 http://s1.运维网.com/wyfs02/M00/84/E7/wKiom1eW-Wni1fT8AABF6Carn3Q903.png
关闭server3的http服务,网页显示server4.example.com
再关闭server4的http服务,网页显示本地首页,server1.example.com
开启server3的http服务,网页显示server3.example.com
开启server4的http服务,网页在server3和server4切换
【server1】
arp -a http://s5.运维网.com/wyfs02/M00/84/E7/wKioL1eW-XahVEiBAAA-b6M0Kk8267.png
【server3/server4】
yum install -y vsftpd
/etc/init.d/vsftpd start
cd /var/ftp/
touch server3 ##server4主机touch server4vim /etc/sysconfig/arptables 添加以下内容:
-A IN -d 172.25.45.101 -j DROP
-A OUT -s 172.25.45.101 -j mangle --mangle-ip-s 172.25.45.3##server4为172.25.45.4
http://s3.运维网.com/wyfs02/M01/84/E7/wKiom1eW-YazctSxAABBzFseEW0614.png
ip addr add 172.25.45.101/32 dev eth0
/etc/init.d/arptables_jf restartarptables -nLhttp://s1.运维网.com/wyfs02/M01/84/E7/wKioL1eW-ZGAaS6nAACEh2BQjak459.png
【server1】
vimkeepalived.conf 在virtual_ipaddress下面添加一个虚拟IP:172.25.45.101
在最后添加以下内容:
virtual_server 172.25.45.101 21 {
delay_loop 6
lb_algo wlc
lb_kind DR
persistence_timeout 60
protocol TCP
real_server 172.25.45.3 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.45.4 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
【server2】
vimkeepalived.conf 在virtual_ipaddress下面添加一个虚拟IP:172.25.45.101
将virtual_server 172.25.45.100 80 修改为以下:
virtual_server 172.25.45.101 21 {
delay_loop 6
lb_algo wlc
lb_kind DR
persistence_timeout 60
protocol TCP
real_server 172.25.45.3 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.45.4 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
【server1/server2】
/etc/init.d/keepalived reloadipvsadm -lhttp://s1.运维网.com/wyfs02/M02/84/E7/wKioL1eW-gaRDZ9kAABjja4pFe4640.png
http://s1.运维网.com/wyfs02/M00/84/E7/wKioL1eW-gaSKbvdAABJAKIPKDw120.png
【server3】
lftp 172.25.45.101http://s1.运维网.com/wyfs02/M00/84/E7/wKiom1eW-gfB-3YuAAAjbhcOxPE129.png
【server2】
lftp 172.25.45.101http://s2.运维网.com/wyfs02/M00/84/E7/wKioL1eW-geQnTlyAAAkzAewvmY326.png
##fullnat模式##
需要编译内核
所需软件包:kernel-2.6.32-220.23.1.el6.src.rpmasciidoc-8.4.5-4.1.el6.noarch.rpm newt-devel-0.52.11-3.el6.x86_64.rpm slang-devel-2.2.1-1.el6.x86_64.rpm
uname -r http://s1.运维网.com/wyfs02/M00/85/1C/wKioL1eZ8QyAiqHXAAAMVCajqOM884.png
cd rpmbuild/SPECS/
rpmbuild -bp kernel.spec 缺少依赖性
http://s2.运维网.com/wyfs02/M01/85/1D/wKiom1eZ8BiAhTJNAACpeJbtG4s168.png
##所需解决的依赖性##
yum install -y gcc redhat-rpm-config patchutils xmlto asciidoc elfutils-libelf-devel zlib-devel binutils-devel newt-devel python-devel perl-ExtUtils-Embed hmaccalc
cd
yum install asciidoc-8.4.5-4.1.el6.noarch.rpm newt-devel-0.52.11-3.el6.x86_64.rpm slang-devel-2.2.1-1.el6.x86_64.rpm -y
rpmbuild -bp kerbel.spec
##这里会很久,可以通过再开一个窗口,进行rngd -r /dev/urando(此命令可在过程中找到)可以快速结束(没有rngd命令可以安装 rng-tools)
cd /root/rpmbuild/BUILD/kernel-2.6.32-220.23.1.el6/
tar zxf Lvs-fullnat-synproxy.tar.gz
cd lvs-fullnat-synproxy/
cp lvs-2.6.32-220.23.1.el6.patch /root/rpmbuild/BUILD/kernel-2.6.32-220.23.1.el6/linux-2.6.32-220.23.1.el6.x86_64cd ..
cd linux-2.6.32-220.23.1.el6.x86_64/
yum install -y patch
patch -p1 < lvs-2.6.32-220.23.1.el6.patch
vim Makefile
在第四行 EXTRAVERSION 的后面加上 -220.23.1.el6 ##内核的版本号
cd configs/
diff kernel-2.6.32-x86_64.config ../.confighttp://s5.运维网.com/wyfs02/M00/85/1C/wKioL1eZ8HOBqnoKAAAoZOjnYjM052.png
增加一个20G的虚拟硬盘,CPU改为4个
fdisk -cu /dev/vdb
pvcreate /dev/vdb1
vgextend VolGroup /dev/vdb1
lvextend -L +20G /dev/VolGroup/lv_root
lvextend -l +5119 /dev/VolGroup/lv_root
resize2fs/dev/VolGroup/lv_root
df -h
cd /root/rpmbuild/BUILD/kernel-2.6.32-220.23.1.el6/linux-2.6.32-220.23.1.el6.x86_64
make -j4
make modules_install
make installcd /boot/grub/
vim grub.conf 将第10行的default的值改为0
http://s1.运维网.com/wyfs02/M01/85/1C/wKioL1eZ8JHwitAuAADPW4mxI8E163.png
可以看到2.6.32-220.23.1.el6的内核在上面,默认启动这个
reboot
uname -r http://s4.运维网.com/wyfs02/M02/85/1D/wKiom1eZ8UHDBNu9AAALoJ2EL7o570.png
cd rpmbuild/BUILD/kernel-2.6.32-220.23.1.el6/lvs-fullnat-synproxy/
cp lvs-tools.tar.gz~
cd
tar zxf lvs-tools.tar.gz
cd tools/keepalived/
yum install openssl-devel popt-devel -y./configure --with-kernel-dir="/lib/modules/`uname -r`/build"
make
make install
which keepalivedhttp://s2.运维网.com/wyfs02/M00/85/1D/wKiom1eZ8NuDeiW0AAAR_NQm6Vs859.png
cd ..
cd ipvsadm/
yum install -y ipvsadm
make
make install
ipvsadm --help
ipvsadm -l
页:
[1]