Linux 环境安装IPvsadm+Keepalived 实现故障自动切换及负载均衡
ipvsadm+keepalived是比较常用的故障切换和负载均衡的实施方案,下面讲解下安装过程及排错处理:
一、软件下载
ipvsadm : http://www.linuxvirtualserver.org/software/ipvs.html
keepalived : http://www.keepalived.org/download.html
二、安装
tar -zxf ipvsadm-1.26.tar.gz
tar -zxf keepalived-1.2.19.tar.gz
cd ./ipvsadm-1.26
ln -s /usr/src/kernels/2.6.32-431.el6.x86_64 /usr/src/linux
ipvsadm不需要预编译,直接安装即可 make && make install
然后过程并没有这么顺利,报错一大堆
后来去百度了半天,发现应该是少了一些依赖包,直接通过yum安装
yum install libnl-devel -y
依赖包安装完后再安装ipvsadm,仍然报错
看报错信息应该还是缺少依赖包popt
网上找了下包 http://rpm.pbone.net/index.php3/stat/4/idpl/25441962/dir/scientific_linux_6/com/popt-static-1.13-7.el6.x86_64.rpm.html
通过rpm 安装 rpm -ivh popt-static-1.13-7.el6.x86_64.rpm
再次安装ipvsadm,终于没有报错,可以通过echo $? 的返回值来确认
安装keepalived
cd ./keepalived-1.2.19
./configure --prefix=/usr/local/keepalived
编译通过后应该如图所示
然后执行 make && make install
keepalived 安装后还需要配置下
cp ./keepalived-1.2.19/keepalived/etc/init.d/keepalived.rh.init /etc/init.d/keepalived
cp ./keepalived-1.2.19/keepalived/etc/init.d/keepalived.sysconfig /etc/sysconfig/keepalived
mkdir /etc/keepalived/keepalived.conf
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_2 {
state MASTER /* 主用lvs服务器配置MASTER,备用配置为BACKUP
interface eth0
virtual_router_id 60 /* 每台LVS服务器的router_id 必须一
priority 100 /* 主用优先级大于备用
advert_int 5
authentication {
auth_type PASS
auth_pass sf123456
}
virtual_ipaddress {
10.0.7.170
}
}
virtual_server10.0.7.170 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
persistence_timeout 50
real_server 10.0.7.168 8088 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 8088
}
}
real_server 10.0.7.169 8088 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 8088
}
}
}
要配置LVS负载均衡,两台真实机上还需要配置脚本
vim /etc/init.d/realserver.sh
#!/bin/bash
#chkconfig: 2345 80 90
#description:auto_run
SNS_VIP=10.0.7.170
source /etc/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
chmod +x /etc/init.d/realserver.sh
启动该脚本
/etc/init.d/realserver.sh start
两台真实机可以通过ifconfig命令查看VIP是否绑定成功
最后可以启动keepalived程序,验证是否成功
注意:建议大家LVS服务器与真实机分开,当服务器既是LVS服务器又是真实机时会产生数据回流,造成部分session连接不上
当然如果服务器资源不足,并且业务访问量并不是非常大的话,可以将lvs和realserver放在一台服务器上,但是必须修改
keepalived配置和iptables过滤规则
LVS1
keepalived.conf :
virtual_server fwmark 3 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
persistence_timeout 50
IPTABLES
iptables -t mangle -I PREROUTING -d 10.0.7.170 -p tcp -m tcp --dport 8088 -m mac ! --mac-source 00:0D:29:DC:88:71 -j MARK --set-mark 0x3
/* Mac地址为第二台lvs的网卡物理地址
LVS2
keepalived.conf :
virtual_server fwmark4 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
persistence_timeout 50
IPTABLES
iptables -t mangle -I PREROUTING -d 10.0.7.170 -p tcp -m tcp --dport 8088 -m mac ! --mac-source 00:0C:29:DC:89:73 -j MARK --set-mark 0x4
/* Mac地址为第一台lvs的网卡物理地址
至此,所有的安装步骤完成,如上述内容有任何错误,欢迎大家指出,谢谢。