LVS Funnat 编译安装使用

reew · 发表于 2016-4-15 10:21:38

参照http://kb.linuxvirtualserver.org/wiki/IPVS_FULLNAT_and_SYNPROXY

准备文件
下载源文件
ftp://ftp.redhat.com/pub/redhat/ ... 20.23.1.el6.src.rpm
下载LVS Tools
http://kb.linuxvirtualserver.org ... nat-synproxy.tar.gz
所有系统使用CentOS release 6.7

安装编译内核要的依懒包

1	yum install rpm-build -y

安装包
redhat-rpm-config-9.0.3-44.el6.centos.noarch
rpm-build-4.8.0-47.el6.x86_64

1	yum install gcc -y

安装包
mpfr-2.4.1-6.el6.x86_64
cpp-4.4.7-16.el6.x86_64
ppl-0.10.2-11.el6.x86_64
cloog-ppl-0.15.7-1.2.el6.x86_64
gcc-4.4.7-16.el6.x86_64

1	yum install xmlto -y

安装包
docbook-dtds-1.0-51.el6.noarch
docbook-style-xsl-1.75.2-6.el6.noarch
flex-2.5.35-9.el6.x86_64
xmlto-0.0.23-3.el6.x86_64

1	yum install newt-devel -y

安装包
slang-devel-2.2.1-1.el6.x86_64

1	yum install patchutils asciidoc elfutils-libelf-devel zlib-devel binutils-devel python-devel hmaccalc -y

开始编译安装

1	rpm -ivh kernel-2.6.32-220.23.1.el6.src.rpm

warning: user mockbuild does not exist - using root
warning: group mockbuild does not exist - using root
忽略

1 2	cd ~/rpmbuild/SPECS rpmbuild -bp kernel.spec

出现

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

###
### Now generating a PGP key pair to be used for signing modules.
###
### If this takes a long time, you might wish to run rngd in the background to
### keep the supply of entropy topped up.  It needs to be run as root, and
### should use a hardware random number generator if one is available, eg:
###
###    rngd -r /dev/hwrandom
###
### If one isn't available, the pseudo-random number generator can be used:
###
###    rngd -r /dev/urandom
###
+ gpg --homedir . --batch --gen-key /root/rpmbuild/SOURCES/genkey
gpg: WARNING: unsafe permissions on homedir `.'
gpg: keyring `./secring.gpg' created
gpg: keyring `./pubring.gpg' created

新开一个终端执行

1	rngd -r /dev/hwrandom 或者rngd -r /dev/urandom

rpmbuild完成
开始编译LVS FUNNNAT 内核补丁

1
2
3
4
5
6
7

cd ~/rpmbuild/BUILD/kernel-2.6.32-220.23.1.el6/linux-2.6.32-220.23.1.el6.x86_64
tar zxf Lvs-fullnat-synproxy.tar.gz
cp ~/lvs-fullnat-synproxy/lvs-2.6.32-220.23.1.el6.patch .
patch -p1<lvs-2.6.32-220.23.1.el6.patch
make -j16 #等待编译完成
make modules_install
make install

改GRUB 设置刚编译安装的内核为默认启动项

1 2	vim /etc/grub.conf default=0

重起服务器
lvs funnat 内核path 完成

real server patch TOA

1
2
3
4
5

cp ~/lvs-fullnat-synproxy/toa-2.6.32-220.23.1.el6.patch .
patch -p1 <toa-2.6.32-220.23.1.el6.patch
make -j16
make modules_install
make install

安装lvs tool

1 2	cd lvs-fullnat-synproxy/ tar zxf lvs-tools.tar.gz

安装依懒包

1	yum install openssl-devel popt-devel -y

安装包
libcom_err-devel-1.41.12-22.el6.x86_64
libsepol-devel-2.0.41-4.el6.x86_64
libselinux-devel-2.0.94-5.8.el6.x86_64
keyutils-libs-devel-1.4-5.el6.x86_64
krb5-devel-1.10.3-42.el6.x86_64
openssl-devel-1.0.1e-42.el6.x86_64
popt-devel-1.13-7.el6.x86_64

lvs funnat管理工具ipvsadm ，必须安装

1
2
3

cd ~/lvs-fullnat-synproxy/tools/ipvsadm/
make && make install
ipvsadm --save > /etc/sysconfig/ipvsadm

lvs高可用工具keeplived ，如果用不到可以不安装

1
2
3
4
5
6
7

cd ~/lvs-fullnat-synproxy/tools/keepalived
./configure --with-kernel-dir="/lib/modules/`uname -r`/build"
make && make install
cp keepalived/etc/init.d/keepalived.init /etc/init.d/keepalived
mkdir /etc/keepalived/
cp keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
cp keepalived/etc/init.d/keepalived.sysconfig /etc/sysconfig/keepalived

lvs高可用工具quagga，可以配置OSPF等路由协议，如果用不到可以不安装

1
2
3

cd ~/lvs-fullnat-synproxy/tools/quagga
./configure --disable-ripd --disable-ripngd --disable-bgpd --disable-watchquagga --disable-doc --enable-user=root --enable-vty-group=root --enable-group=root --enable-zebra --localstatedir=/var/run/quagga --sysconfdir=/etc/quagga --prefix=/usr
make && make install

安装全部完成

配置使用LVS
三台服务器
Real server 1:  10.10.10.51
Real server 2:  10.10.10.52
LVS Directory:  10.10.10.53
VIP:          10.10.10.111
全部服务器关闭selinux 和 iptables
Real server 1

1
2
3

yum install httpd -y
echo "Real Server 1" > /var/www/html/index.html
service httpd start

Real server 2

1
2
3

yum install httpd -y
echo "Real Server 2" > /var/www/html/index.html
service httpd start

Director

1
2
3
4
5

ifconfig eth0:1 10.10.10.111/24
ipvsadm -A -t 10.10.10.111:80 -s rr
ipvsadm -a -t 10.10.10.111:80 -r 10.10.10.51:80 -b
ipvsadm -a -t 10.10.10.111:80 -r 10.10.10.52:80 -b
ipvsadm -P -t 10.10.10.111:80 -z 10.10.10.111 #添加Local Address(可任意路由能通IP，可添加多个)

浏览器打开http://10.10.10.111,按CRTL+F5刷新，查看效果

账号		自动登录	找回密码
密码			立即注册

Shell从入门到精通（阿良）

wirelessnetview好用的无线分析工具

亿图图示专家(EDraw Max) V7.9 中文破解版

zabbix3.4.1安装部署+微信推送信息+大屏显

Red Hat OpenShift I: Containers & Kubern

2025 年，C++ 还能“硬核”多久？

RH199 RHCSA Rapid Track

[经验分享] LVS Funnat 编译安装使用

浏览过的版块

扫码加入运维网微信交流群