LVS+Keepalived
一、爲什麼要使 用負載均衡技術?
1、系統高可用性
2、 系統可擴展性
3、 負載均衡能力
LVS+keepalived能很好的實現以上的要求,LVS提 供負載均衡,keepalived提供健康檢查,故障轉移,提高系統的可用性!採用這樣的架構以後 很容易對現有系統進行擴展,只要在後端添加或者減少realserver,只要更改lvs的 配置文件,並能實現無縫配置變更!
二、LVS+Keepalived介紹
1、 LVS
LVS是一個開源的軟件,可以實現LINUX平臺下的簡單負載均衡。LVS是Linux Virtual Server的縮寫,意思是Linux虛擬服務器。目前有三種IP負 載均衡技術(VS/NAT、VS/TUN和VS/DR);八種調度算法(rr,wrr,lc,wlc,lblc,lblcr,dh,sh)。
2、 keepalived
Keepalived 是運行在lvs 之上,它的主要功能是實現真實機的故障隔離及負載均衡器間的失敗 切換,提高系統的可用性
三、LVS+keepalived負載均衡架構圖:
四、LVS+keepalived的安裝和配置
1. 配置環境
System OS:CentOS release 5.6
Software:ipvsadm-1.24.tar.gz, keepalived-1.1.19.tar.gz
2. 信息列表
名稱
|
IP
|
LVS-Master
|
192.168.3.20
|
LVS-BACKUP
|
192.168.3.21
|
LVS-VIP
|
192.168.3.50 / 192.168.3.51
|
Web1
|
192.168.3.45 /192.168.3.47
|
Web2
|
192.168.3.46 / 192.168.3.48
|
注意:CentOS 6.0安裝ipvsadm 1.26
此文檔不適用於在CentOS 5.x安裝ipvsadm 1.26。原因是ipvsadm 1.26適用於kernel 2.6.28及之後的內核版本。
如果你要在CentOS 5.X上編譯安裝ipvsadm,只能下載安裝1.24的
我的系統環境是安裝了開發工具和開發庫的,所以不存在gcc沒安裝的情況。CentOS 5.x也是如此
五、安裝:
1、安裝依賴包及創建:
#yum check-update
#yum -y install ibnl* popt*
2、cenos5.X最開始的內核是2.6.18-238.el5,但是我發現在/usr/src/kernels裏面沒有2.6.18-238.el6的包本;來是準備使用編譯安裝的,發現kernel.org在維護。
#yum -y install kernel-devel
#yum -y update kernel
3、安裝前準備動作:
#modprobe ip_vs //內核加載ip_vs模塊
#lsmod |grep ip_vs //查看是否加載成功。
ip_vs 122113 0
#ln -s /usr/src/kernerls/2.6.18-274.el5-x86_64/ /usr/src/linux //生成一個鏈接文件
#cp /usr/src/kernels/2.6.18-274.el5/include/net/ip_vs.h /usr/inclide/net/ //這個很重要,否則在安裝ipvsadm的時候會提示缺少*.h文件
#yum -y install openssl openssl-devel //安裝keepalived需要
前期準備工作完成,有些安裝軟件的依賴文件請慢慢琢磨着安裝吧。比如gcc gcc-c++之類的。現在準備下載ipvsadm和keepalived了
4、下載ipvsadm 1.24
#cd /usr/src/ipvsadm-1.24/
# make && make install
2、分別下載安裝安裝keepalived
# tar zxvf keepalived-1.1.19.tar.gz -C /usr/src/
# cd /usr/src/keepalived-1.1.19/
# ./configure --prefix=/usr/local/keepalived
正確完成安裝會顯示如下信息:
Keepalived configuration
------------------------
Keepalived version : 1.1.19
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework : Yes
Use Debug flags : No
# make && make install
# mkdir -p /etc/keepalived
# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
3、 配置keepadlived LVS-Master(主)的配置文件如下:
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS1 # 設置lvs的id,在一個網絡內應該是唯一的
}
vrrp_sync_group test { #設置vrrp組
group {
xxoo
}
}
vrrp_instance xxoo {
state MASTER #設置lvs的狀態,MASTER和BACKUP兩種,必須大寫
interface eth0 #設置對外服務的接口
lvs_sync_daemon_inteface eth0 #設置lvs監聽的接口
virtual_router_id 51 #設置虛擬路由表示
priority 150 #設置優先級,數值越大,優先級越高
advert_int 5 #設置同步時間間隔
authentication { #設置驗證類型和密碼
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { #設置lvs vip
192.168.3.50
}
}
virtual_server 192.168.3.50 80 {
delay_loop 6 #健康檢查時間間隔
lb_algo rr #負載均衡調度算法
lb_kind DR #負載均衡轉發規則
nat_mask 255.255.255.0
persistence_timeout 20 #(同一IP的連接60秒內被分配到同一臺realserver) protocol TCP #(用TCP協議檢查realserver狀態)
real_server 192.168.3.45 80 {
weight 3 #設置權重
TCP_CHECK {
connect_timeout 5 #(5秒無響應超時)
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.3.47 80 {
weight 3
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
4、 配置keepadlived LVS-BACKUP(從)的配置文件如下:
# vi /etc/keepalived/keepalived.conf:
! Configuration File for keepalived
global_defs {
notification_email {
}
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS2
}
vrrp_sync_group test {
group {
xxoo
}
}
vrrp_instance xxoo {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 100
advert_int 5
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.50
}
}
virtual_server 192.168.3.50 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 20
protocol TCP
real_server 192.168.3.45 80 {
weight 3
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.3.47 80 {
weight 3
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
5、在webserver 端創建腳本並啓動:
# vi /etc/init.d/lvs_keepd.sh
# chmod a+x /etc/init.d/lvs_keepd.sh
# /etc/init.d/lvs_keepd.sh start
#!/bin/bash
# description: Config realserver lo and apply noarp
SNS_VIP=192.168.3.50
/etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
6、啓動驗證:
# /etc/init.d/keepalived start
# ip add list
#watch ipvsadm –ln 查看lvs服務是否正常
#tail -f /var/log/message 監聽日誌,查看狀態,測試LVS負載均衡及高可用性是否有效
停Master服務器的keepalived服務,查看BAKCUP服務器是否能正常接管服務
主意:多 VIP 多web 配置大概思路樣、配置有點不一樣:
! Configuration File for keepalived
global_defs {
notification_email {
}
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS1
}
vrrp_sync_group test {
group {
xxoo
xxoo1
}
}
vrrp_instance xxoo {
state MASTER
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 150
advert_int 5
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.50
}
}
virtual_server 192.168.3.50 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 20
protocol TCP
real_server 192.168.3.45 80 {
weight 3
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.3.47 80 {
weight 3
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
vrrp_instance xxoo1 {
state MASTER
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 52
priority 150
advert_int 5
authentication {
auth_type PASS
auth_pass 111111
}
virtual_ipaddress {
192.168.3.55
}
}
virtual_server 192.168.3.55 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 20
protocol TCP
real_server 192.168.3.46 80 {
weight 3
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.3.48 80 {
weight 3
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
測試過 但木有成功 希望配置過的博友們能分享下!!