lvs+keepalived+windwos2008(realserver) 环境测试
LVS :192.168.1.165 真实IP
LVS :192.168.1.164 真实IP (backup)
VIP :192.168.1.170 虚拟IP(访问地址)
RIP1 :192.168.1.173 负载WEB
RIP2 :192.168.1.174 负载WEB
本测试未开启iptables
一、在两台LVS上安装软件:keepalived-1.1.15.tar.gz和ipvsadm-1.24.tar.gz
并执行以下操作
mkdir /usr/local/src/lvs
mv keepalived-1.1.15.tar.gz /usr/local/src/lvs/
mv ipvsadm-1.24.tar.gz /usr/local/src/lvs/
cd /usr/local/src/lvs/
lsmod | grep ip_vs
#查看是否有ip_lvs模块
uname –r
#查看版本号
ln -s /usr/src/kernels/2.6.18-348.3.1.el5-i686/ /usr/src/linux
#否则提示一个错误
cd /usr/local/src/lvs/
tar –zxvf ipvsadm-1.24.tar.gz
cd ipvsadm-1.24
make
make install
高版本可能会出现错误
find -name ipvsadm
find / -name ipvsadm
cd ..
tar -zxvf keepalived-1.1.15.tar.gz
cd keepalived-1.1.15
./configure
#进行编译
make
make install
cp /usr/local/etc/rc.d/init.d/ /etc/rc.d/init.d/
cp /usr/local/etc/rc.d/init.d/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
service keepalived start
service keepalived stop
chkconfig --add keepalived
chkconfig keepalived on
创建ipvsadm的启动文件(两台LVS上都创建)
vi /usr/local/sbin/lvsdr.sh
#[root@lvs-02 ~]# vi /usr/local/sbin/lvs-dr.sh
#================lvsdr配置脚本============
-
#!/bin/bash
-
# description: start LVS of DirectorServer
-
#Written by :NetSeek
-
#
-
#GW=192.168.1.1
-
-
# website director vip.
-
VIP=192.168.1.170
-
RIP1=192.168.1.173
-
RIP2=192.168.1.174
-
/etc/rc.d/init.d/functions
-
-
case "$1" in
-
-
start)
-
echo "stat LVS of DirectorServer"
-
/sbin/ipvsadm --set 900 120 300
-
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
-
/sbin/route add -host $VIP dev eth0:0
-
/sbin/ipvsadm -C
-
/sbin/ipvsadm -A -t $VIP:80 -s rr
-
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
-
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
-
/sbin/ipvsadm
-
;;
-
stop)
-
echo "Close LVS Directorserver"
-
/sbin/ifconfig eth0:0 down
-
/sbin/ipvsadm -C
-
;;
-
*)
-
echo "usage:$0 {start|stop}"
-
exit 1
-
esac
=====================================================================
chmod 755 /usr/local/sbin/lvsdr.sh
#更改权限
/usr/local/sbin/lvsdr.sh start
#启动服务
#反馈如上采用Route路由直连
Ifconfig
#显示网卡信息
会看到一个eth0:0 ip是刚刚在脚本中出现的192.168.1.170
ipvsadm -L –c
#查看当前进行TCP连接的用户
在linux上使用ipvsadm -Ln 查看,可以看到Inactconn在增长。
===============================================================
==================================================================
启动脚本 /usr/local/sbin/lvsadm.sh
Keepalived使用
一、使用Keepalived
/etc/rc.d/init.d/keepalived start
#主LVS为MASTER 备为BACKUP
#===============keepalived配置脚本==========================================
[root@lvs-02 ~]# vi /etc/keepalived/keepalived.conf
-
! Configuration File for keepalived
-
-
global_defs {
-
notification_email {
-
acassen@firewall.loc
-
failover@firewall.loc
-
sysadmin@firewall.loc
-
}
-
notification_email_from Alexandre.Cassen@firewall.loc
-
smtp_server 127.0.0.1
-
smtp_connect_timeout 30
-
router_id LVS_DEVEL
-
}
-
vrrp_instance VI_1 {
-
state BACKUP
-
interface eth0
-
virtual_router_id 51
-
priority 99
-
advert_int 1
-
authentication {
-
auth_type PASS
-
auth_pass 1111
-
}
-
virtual_ipaddress {
-
192.168.1.170
-
}
-
}
-
virtual_server 192.168.1.170 80 {
-
delay_loop 6
-
lb_algoa wrr
-
lb_kind DR
-
# nat_mask 255.255.255.0
-
persistence_timeout 50
-
protocol TCP
-
-
real_server 192.168.1.173 80 {
-
weight 3
-
TCP_CHECK {
-
connect_timeout 10
-
nb_get_retry 3
-
delay_before_retry 3
-
connect_port 80
-
}
-
}
-
real_server 192.168.1.174 80 {
-
weight 3
-
TCP_CHECK {
-
connect_timeout 10
-
nb_get_retry 3
-
delay_before_retry 3
-
connect_port 80
-
}
-
}
-
}
-
================================================================
[root@lvs-02 ~]# vi /etc/rc.d/rc.local
/usr/local/sbin/lvs-dr.sh start
================================================================
linux 完成。
win2008回环网卡设置
环境:2台linux服务器, 用于directory
2台windows服务器,用于realserver
windows服务器配置:
在2008R2上添加了loopback adapter,配置VIP 192.168.1.170,掩码255.255.255.255 。在windows 在两台windows上搭建好IIS,建立站点
输入一下命令:(”更改网卡名“)
netsh interface ipv4 set interface "net" weakhostreceive=enabled
netsh interface ipv4 set interface "net" weakhostsend=enabled
netsh interface ipv4 set interface "loopback" weakhostreceive=enabled
netsh interface ipv4 set interface "loopback" weakhostsend=enabled
=======================测试方法=============================
我们可以通过下面指令来查看相应进程:
#ps aux|grep keepalived
------------------------------
sr/local/keepalived/etc/keepalived/keepalived.conf
root 17670 0.0 0.2 4932 564 ? Ss 19:03 0:00 keepalived -D
root 17671 0.0 0.6 4976 1416 ? S 19:03 0:02 keepalived -D
root 17672 0.0 0.4 4976 928 ? S 19:03 0:00 keepalived -D
....
这里注意keepalived要启动一个主并fork两个子进程,所以这里显示了三个进程。
这里我们可以下面指令检查一下配置是否生效:
#ping 192.168.1.170 -c 4
#telnet 192.168.1.170
#netstat -npl | grep :80 #windows下相应指令为:netstat -an|findstr LISTEN
可以使用下面指令检查LVS进程:
我们可以使用下面指令查看请求的转发情况:
[root@localhost ~]# ipvsadm -lcn|grep
最后再罗列一些常的指令,以便大家查看keepalived运行情况和网络状况:
#tail -f /var/log/messages #查看系统日志
#tcpdump src host 192.168.1.170 and port 80 #抓包
#curl -I #利用URL语法在命令行方式下的文件传输工具
#ip addr #IP地址信息或ip add show eth0 查看虚拟IP绑定情况
#service iptables stop #关闭iptables防火墙
#iptables –nvL #列出防火墙进入数据信息
#ipvsadm -ln #查看lvs服务是否正常,包括活动链接,weight(keepalived配置),内部链接等。
追加一份linux系统下的web服务器配置
ipvsadm -L –c
#查看当前进行TCP连接的用户
二、在两台web上执行以下操作
建立脚本
vi /usr/local/sbin/lvsadm.sh
-
#!/bin/bash
-
VIP=192.168.1.170
-
#设定虚拟IP地址
-
. /etc/rc.d/init.d/functions
-
#调用函数库
-
case "$1" in
-
start)
-
ifconfig lo:0 $ VIP netmask 255.255.255.255 broadcast $ VIP
-
##建立eth0:1网卡设定为虚拟IP地址
-
/sbin/route add -host $ VIP dev lo:0
-
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
-
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
-
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
-
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
-
sysctl -p >/dev/null 2>&1
-
echo "RealServer Start OK"
-
#还没看,应该是和路由表有问题
-
;;
-
stop)
-
ifconfig lo:0 down
-
route del $ VIP >/dev/null 2>&1
-
#清除路由表中的虚拟IP路由信息
-
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
-
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
-
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
-
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
-
echo "RealServer Stoped"
-
;;
-
status)
-
# Status of LVS-DR real server.
-
islothere=`/sbin/ifconfig lo:0 | grep $ VIP`
-
isrothere=`netstat -rn | grep "lo:0" | grep $ VIP`
-
if [ ! "$islothere" -o ! "isrothere" ];then
-
# Either the route or the lo:0 device
-
# not found.
-
echo "LVS-DR real server Stopped."
-
else
-
echo "LVS-DR Running."
-
fi
-
;;
-
*)
-
# Invalid entry.
-
echo "$0: Usage: $0 {start|status|stop}"
-
exit 1
-
;;
-
esac
-
exit 0
阅读(1313) | 评论(0) | 转发(0) |