CentOS中LVS的DR模式的配置

IP规划：

DIRECT SERVER：10.10.54.173

VIP：10.10.54.179

REALSERVER1：10.10.54.175

REALSERVER2: 10.10.54.178

(1).在DIRECT SERVER解压安装ipvsadm-1.26.tar.gz keepalived-1.2.9.tar.gz

yum -y install wget libnl* popt* gcc.x86_64 gcc-c++.x86_64 gcc-objc++.x86_64 kernel-devel.x86_64 make popt-static.x86_64    ---安装依赖包
[root@LVS]# tar -xzvf ipvsadm-1.26.tar.gz
[root@LVS]# tar -xvzf keepalived-1.2.9.tar.gz

*****安装ipvsadm-1.26

//安装ipvsadm

[root@LVS]# cd ipvsadm-1.26
[root@LVS ipvsadm-1.26]# make && make install

//确认lvs模块

[root@LVS ipvsadm-1.26]# modprobe -l|grep ipvs
kernel/net/netfilter/ipvs/ip_vs.ko
kernel/net/netfilter/ipvs/ip_vs_rr.ko
kernel/net/netfilter/ipvs/ip_vs_wrr.ko
kernel/net/netfilter/ipvs/ip_vs_lc.ko
kernel/net/netfilter/ipvs/ip_vs_wlc.ko
kernel/net/netfilter/ipvs/ip_vs_lblc.ko
kernel/net/netfilter/ipvs/ip_vs_lblcr.ko
kernel/net/netfilter/ipvs/ip_vs_dh.ko
kernel/net/netfilter/ipvs/ip_vs_sh.ko
kernel/net/netfilter/ipvs/ip_vs_sed.ko
kernel/net/netfilter/ipvs/ip_vs_nq.ko
kernel/net/netfilter/ipvs/ip_vs_ftp.ko

*****编译keepalived

//基础软件包
In order to compile Keepalived needs the following libraries :

* OpenSSL, <www.openssl.org>
* popt

[root@LVS-BACKUP ipvsadm-1.26]# yum install openssl*

[root@LVS-BACKUP keepalived-1.2.9]# yum install -y net-snmp.x86_64 net-snmp-devel.x86_64
[root@LVS-BACKUP keepalived-1.2.9]# ./configure --prefix=/usr/local/keepalived --enable-snmp --sysconfdir=/etc&& make && make install

[root@LVS-BACKUP keepalived]# cp /usr/local/keepalived/sbin/keepalived  /sbin/     --用于启动
[root@LVS-BACKUP keepalived]# cp /usr/local/keepalived/bin/genhash /bin/

(2).在DIRECT SERVER 更改配置文件/etc/keepalived/keepalived.conf 更改之前要记得备份，keepalived不检查语法错误，所以很容易出错。

[root@LVS home]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived
global_defs {
notification_email {
banqk@ssr.com
}
notification_email_from banqk@ssr.com
smtp_server mail.shiwei.com
smtp_connect_timeout 30
router_id LVS_MASTER1
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
irtual_ipaddress {
10.10.54.179/24 dev eth0 label eth0:1
}
}
virtual_server 10.10.54.179 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
protocol TCP
real_server 10.10.54.175 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.10.54.178 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}

(3).配置REAL SERVER （每个REAL SERVER 上都要配置） 增加一个启动脚本，并且对ARP进行限制

[root@lnmp-n html]# vim /etc/init.d/realserver

#!/bin/bash
#description:start realserver
#script_name:realserver_config
VIP=10.10.54.168
source /etc/init.d/functions
case "$1" in
start)
echo "start LVS of realserver."
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfig lo:0 down
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac

[root@lnmp-n html]# chmod +x /etc/init.d/realserver

(4).启动并进行测试

DIRECT SERVER：

[root@LVS home]# /etc/init.d/keepalived start

REAL SERVER:

[root@lnmp-n html]# /etc/init.d/realserver start

*****利用telnet进行测试，测试的时候不要在DIRECT SERVER，如果测试的时候不进行跳转，可能原因是由于会话保存时间的设置即persistence_timeout 50，如果只是测试这个参数可以删除。貌似配置文件中不支持#注销

(5).对BACKUP进行支持，完成主从模式

IP：10.10.54.172

//安装ipvsadm，keepalived

//与MASTER 的配置文件只需做少许更改就可以完成。

router_id LVS_SLAVE
state BACKUP
priority 80 ---优先级一定要低于MASTER

(6).加入BACKUP后的测试

(1)停止MASTER
在BACKUP上面查看54.179vip)是否漂移过来 ifconfig 或者ip add list
telnet 10.10.54.179 80
(2)开启MASTER
在MASTER上查看54.233(vip)是否漂移过来 ifconfig或者ip add list

在BACKUP上查看是否还存在54.179(vip)
telnet 10.10.54.179 80