LVS_DR调度
LVS中文站点:http://zh.linuxvirtualserver.org/
用ipvsadm实现负载均衡
vim /etc/yum.repos.d/rhel-source.repo
yum install -y ipvsadm
添加虚拟IP(VIP)
[server1]
ip addr add 172.25.20.100/24 dev eth0
ip addr
ipvsadm -A -t 172.25.0.100:80 -s rr
ipvsadm -a -t 172.25.0.100:80 -r 172.25.0.2:80 -g
ipvsadm -a -t 172.25.0.100:80 -r 172.25.0.3:80 -g
保存策略:
/etc/init.d/ipvsadm save
查看策略:
cat /etc/sysconfig/ipvsadm
ipvsadm -ln
分别在server2和server3上启动httpd
物理机测试:
ping 172.25.0.100
查看100的机器端口
arp -an | grep 100
可在server2和server3中执行
ip addr add 172.25.0.100/24 dev lo
再用arp -an | grep 100查看
server2和server3中
配置和server1一样的yum源
安装软件yum install arptables_jf.x86_64 -y
查看策略arptables -L
添加策略:
arptables -A IN -d 172.25.0.100 -j DROP
arptables -A OUT -s 172.25.0.100 -j mangle –mangle-ip-s 172.25.0.2
/etc/init.d/arptables_jf save
在物理机中执行
arp -d 172.25.0.100 清理缓存
curl 172.25.20.100
即可完成轮询
PS:
将每台真实服务器配置为忽略每个虚拟IP地址的ARP请求。
arptables -A IN -d 172.25.20.100 -j DROP
arptables -A OUT -s 172.25.20.100 -j mangle --mangle-ip-s 172.25.20.3
这会导致真实服务器忽略所有针对虚拟IP地址的ARP请求,并改变任何向外的ARP回应,把原先包含虚拟IP的ARP回应改为包含真实服务器的IP。唯一应该要回应任何VIP的ARP请求的节点,为目前启用的LVS节点。
但是这样做如果rs坏了,访问坏的rs的人就无法获得页面,所以需要健康检查
[server1]
安装工具ldirectord-3.9.5-3.1.x86_64.rpm
自动检测ipvsadm策略是否正常
yum install ldirectord-3.9.5-3.1.x86_64.rpm -y
复制配置文件模版
cp /usr/share/doc/ldirectord-3.9.5/ldirectord.cf /etc/ha.d/
ipvsadm -D 删除之前写的策略
ipvsadm -l 查看
主配置文件
vim /etc/ha.d/ldirectord.cf
/etc/init.d/ldirectord start
ipvsadm -l 查看 策略生成
并且可以实现健康检查
keepalived
高可用HA介绍网址:http://www.linux-ha.org/wiki/Main_Page
keepalived介绍网址:http://www.keepalived.org/
(1)安装环境软件
openssl-devel
libnl3-devel
ipset-devel
iptables-devel
libnfnetlink-devel
mail
(2)源码安装
解压keepalived:
tar zxf keepalived-1.4.3.tar.gz
cd keepalived-1.4.3
./configure –prefix=/usr/local/keepalived/ –with-init=SYSV
这时会产生一些依赖性,需要自己解决
yum install openssl-devel.x86_64 -y
yum install libnl-devel.x86_64 libnl.x86_64 -y
yum install -y gcc
yum install libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm -y
./configure --prefix=/usr/local/keepalived/ --with-init=SYSV
make && make install
建立链接
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived/ /etc/
ln -s /usr/local/keepalived/sbin/keepalived /bin/
chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
[server1]
scp -r keepalived/ server4:/usr/local/
[server4]
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived/ /etc/
ln -s /usr/local/keepalived/sbin/keepalived /bin/
chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
vim /etc/keepalived/keepalived.conf
scp /etc/keepalived/keepalived.conf server4:/etc/keepalived/
ip addr del 172.25.0.100/24 dev eth0
删除策略
/etc/init.d/ldirectord stop
关闭ldirectord,防止冲突
chkconfig ldirectord off
修改配置文件vim /etc/keepalived/keepalived.conf
添加vip
[server4]
yum install -y ipvsadm
修改backup和权限值
/etc/init.d/keepalived start
[server1]
查看ipvsadm策略
已知bug,iptables默认全部人访问
iptables -F
/etc/init.d/iptables save
[server1]
执行
echo c > /proc/sysrq-trigger
使内核崩溃
vip会自动传递到优先级系数较低的server4上
用ipvsadm实现负载均衡
vim /etc/yum.repos.d/rhel-source.repo
yum repolist
yum install -y ipvsadm
添加虚拟IP(VIP)
[server1]
ip addr add 172.25.20.100/24 dev eth0
ip addr
ipvsadm -A -t 172.25.0.100:80 -s rr
ipvsadm -a -t 172.25.0.100:80 -r 172.25.0.2:80 -g
ipvsadm -a -t 172.25.0.100:80 -r 172.25.0.3:80 -g
保存策略:
/etc/init.d/ipvsadm save
查看策略:
cat /etc/sysconfig/ipvsadm
ipvsadm -ln
分别在server2和server3上启动httpd
物理机测试:
ping 172.25.0.100
查看100的机器端口
arp -an | grep 100
可在server2和server3中执行
ip addr add 172.25.0.100/24 dev lo
再用arp -an | grep 100查看
server2和server3中
配置和server1一样的yum源
安装软件yum install arptables_jf.x86_64 -y
查看策略arptables -L
添加策略:
arptables -A IN -d 172.25.0.100 -j DROP
arptables -A OUT -s 172.25.0.100 -j mangle –mangle-ip-s 172.25.0.2
/etc/init.d/arptables_jf save
在物理机中执行
arp -d 172.25.0.100 清理缓存
curl 172.25.20.100
即可完成轮询
PS:
将每台真实服务器配置为忽略每个虚拟IP地址的ARP请求。
arptables -A IN -d 172.25.20.100 -j DROP
arptables -A OUT -s 172.25.20.100 -j mangle --mangle-ip-s 172.25.20.3
这会导致真实服务器忽略所有针对虚拟IP地址的ARP请求,并改变任何向外的ARP回应,把原先包含虚拟IP的ARP回应改为包含真实服务器的IP。唯一应该要回应任何VIP的ARP请求的节点,为目前启用的LVS节点。
但是这样做如果rs坏了,访问坏的rs的人就无法获得页面,所以需要健康检查
[server1]
安装工具ldirectord-3.9.5-3.1.x86_64.rpm
自动检测ipvsadm策略是否正常
yum install ldirectord-3.9.5-3.1.x86_64.rpm -y
复制配置文件模版
cp /usr/share/doc/ldirectord-3.9.5/ldirectord.cf /etc/ha.d/
ipvsadm -D 删除之前写的策略
ipvsadm -l 查看
主配置文件
vim /etc/ha.d/ldirectord.cf
/etc/init.d/ldirectord start
ipvsadm -l 查看 策略生成
并且可以实现健康检查
keepalived
高可用HA介绍网址:http://www.linux-ha.org/wiki/Main_Page
keepalived介绍网址:http://www.keepalived.org/
(1)安装环境软件
openssl-devel
libnl3-devel
ipset-devel
iptables-devel
libnfnetlink-devel
(2)源码安装
解压keepalived:
tar zxf keepalived-1.4.3.tar.gz
cd keepalived-1.4.3
./configure –prefix=/usr/local/keepalived/ –with-init=SYSV
这时会产生一些依赖性,需要自己解决
yum install openssl-devel.x86_64 -y
yum install libnl-devel.x86_64 libnl.x86_64 -y
yum install -y gcc
yum install libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm -y
./configure --prefix=/usr/local/keepalived/ --with-init=SYSV
make && make install
建立链接
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived/ /etc/
ln -s /usr/local/keepalived/sbin/keepalived /bin/
chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
[server1]
scp -r keepalived/ server4:/usr/local/
[server4]
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived/ /etc/
ln -s /usr/local/keepalived/sbin/keepalived /bin/
chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
vim /etc/keepalived/keepalived.conf
/etc/init.d/keepalived start
scp /etc/keepalived/keepalived.conf server4:/etc/keepalived/
ip addr del 172.25.0.100/24 dev eth0
删除策略
/etc/init.d/ldirectord stop
关闭ldirectord,防止冲突
chkconfig ldirectord off
修改配置文件vim /etc/keepalived/keepalived.conf
添加vip
[server4]
yum install -y ipvsadm
修改backup和权限值
/etc/init.d/keepalived start
[server1]
查看ipvsadm策略
已知bug,iptables默认全部人访问
iptables -F
/etc/init.d/iptables save
[server1]
执行
echo c > /proc/sysrq-trigger
使内核崩溃
vip会自动传递到优先级系数较低的server4上