LVS+Keepalived实现负载均衡试验笔记

试验环境

192.168.40.130    Master-LVS-Director

192.168.40.131    Backup-LVS-Director

192.168.40.200     VIP

192.168.40.128    RealServer1

192.168.40.129    RealServer2

 

拓扑图--------^

 

master-lvs-director backup-lvs-directory 安装:keepalived,并配置keepalived.conf

 

Realserver1Realserver2中配置lvsRealServer.sh启动脚本

 

安装ipvsadm

# yum install -yipvsadm

安装keepalived

确认当前运行的内核

# uname -r

2.6.18-128.4.1.el5xen

# ls -1/usr/src/kernels

2.6.18-128.4.1.el5-x86_64

2.6.18-128.el5-x86_64

# wget http://www.keepalived.org/software/keepalived-1.1.17.tar.gz

# tar -xvzfkeepalived-1.1.17.tar.gz

# cdkeepalived-1.1.17

# ./configure--sysconfdir=/etc/ --sbindir=/usr/sbin/--with-kernel-dir=/usr/src/kernels/2.6.18-128.4.1.el5-x86_64

Keepalived configuration

------------------------

Keepalived version:1.1.17

Compiler: gcc

Compiler flags: -g-O2

Extra Lib : -lpopt-lssl -lcrypto

Use IPVS Framework :Yes

IPVS sync daemonsupport : Yes

Use VRRP Framework :Yes

Use LinkWatch: No

Use Debug flags: No

 

# make &&make install

 

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 [root@KEEP ~]# /etc/init.d/network restart

 

[root@KEEP ~]# cd/data/keepalived/

[root@KEEP keepalived]#tar zxvf keepalived-1.2.12.tar.gz

[root@KEEP keepalived]#cd keepalived-1.2.12/

[root@KEEPkeepalived-1.2.12]# ./configure --prefix=/usr/local/keepalived

[root@KEEPkeepalived-1.2.12]# make

[root@KEEPkeepalived-1.2.12]# make install

[root@KEEPkeepalived-1.2.2]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/

[root@KEEPkeepalived-1.2.2]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived/etc/init.d/

[root@KEEPkeepalived-1.2.2]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived/etc/sysconfig/

[root@KEEPkeepalived-1.2.2]# ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/

[root@KEEPkeepalived-1.2.12]# cd

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

 

配置keepalived 

# vi/etc/keepalived/keepalived.conf

下载 keepalived.conf

 

! Configuration Filefor keepalived

 

# 全局定义

global_defs {

notification_email {

13810955300@139.com

}

notification_email_fromroot@experiment.jobkoo.com

 

#smtp主机地址

smtp_server 127.0.0.1

smtp_connect_timeout30

 

#运行Keepalived服务器的一个标识。发邮件时显示在邮件标题中的信息

router_id LVS_MASTER

}

 

#VIP

vrrp_instance VI_1 {

 

#指定实例的初始状态(角色)。在两台router都启动时马上会根据priority的高低开始竞选

#priorityMaster

state MASTER

 

#VT_1 实例绑定的网卡

interface eth0

 

#VRID 标记(0-255)

virtual_router_id 51

 

#优先级,BACKUP的值一定要低于MASTER

priority 100

 

#检查间隔

advert_int 1

 

#设置认证

authentication {

#认证类型

auth_type PASS

#认证密码

auth_pass 1111

}

 

#VIP 这个IP在发生MASTER BACKUP切换时会随之adddel,所以每台服务器上可以不绑定

#虚拟地址,而都放入virtual_ipaddress块中(可以多个)keepalived会自动使用ip地址进

#行绑定(不需要依赖ifcfg-eth0),利用ip add show eth0可以看到加入的VIP

virtual_ipaddress {

192.168.40.200

}

}

 

#定义virtual_server (HTTP |80)

virtual_server192.168.40.200 80 {

delay_loop 6            # service pollingdelay时间

lb_algo wlc             # 调度算法

lb_kind DR              # LVS工作方式

persistence_timeout50  # 会话保持时间

protocol TCP            # 协议类型(TCP|UDP)

 

#定义rs1,每一个rs都需要下面的一个配置段

real_server192.168.40.128 80 {

weight 1            # 权值默认10为失效

#inhibit_on_failure    # 在服务器健康检查失败后不从IPVS中删除而将其权值标记为0

 

# TCP方式的健康检查

TCP_CHECK   {             #注意这里有一个空格,如果不加空格,将无法添加第二台主机

connect_timeout10      # 连接超时时间

nb_get_retry 3          # 重试次数

delay_before_retry3    # 重试间隔

connect_port 80         # 健康检查端口

}

}

 

# 定义rs2

real_server192.168.40.129 80 {

weight 1

TCP_CHECK    {                   #注意这里有一个空格,如果不加空格,将无法添加第二台主机

connect_timeout 10

nb_get_retry 3

delay_before_retry 3

connect_port 80

}

}

}

 

配置真实服务器RealServer  LVS启动脚本

为了方便起见我自己编写了一个启动脚本,如下:

下载 lvsRealServer.sh

 #!/bin/bash

#Description :RealServer Start!

#Write by:Cooper

#LastModefiy:2009.08.21

 

VIP=192.168.40.200

LVS_TYPE=DR

 

startrs()

{

echo "start LVSof REALServer"

 

if ["$LVS_TYPE" == "DR" ];then

/sbin/ifconfig lo:0$VIP broadcast $VIP netmask 255.255.255.255 up

/sbin/route add -host$VIP dev lo:0

else

/sbin/ifconfig tunl0$VIP netmask 255.255.255.255 broadcast $VIP up

/sbin/route add -host$VIP dev tunl0

fi

echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2">/proc/sys/net/ipv4/conf/all/arp_announce

}

 

stoprs()

{

if ["$LVS_TYPE" == "DR" ];then

/sbin/ifconfig lo:0down

echo "close LVSDirectorserver"

else

/sbin/ifconfig tunl0down

echo "close LVSTunnel server"

fi

echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "0">/proc/sys/net/ipv4/conf/lo/arp_announce

echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore

echo "0">/proc/sys/net/ipv4/conf/all/arp_announce

}

 

# ============ Main===========

 

case $1 in

"start")

startrs;;

"stop")

stoprs;;

"*")

echo "Usage $0{start|stop}"

exit 1

esac

 

该脚本默认启动LVS/DR模式,通过修改脚本变量可以实现LVS/Tunnel模式的切换。

 

**服务启动顺序:

启动顺序:

1.RealServer真实服务器上启动:

[root@rs-1]# shlvsRealServer.sh start

[root@rs-1]# servicehttpd start

 

[root@rs-2]# shlvsRealServer.sh start

[root@rs-2]# servicehttpd start

2.LVS上启动:

[root@lvs-master]#servicekeepalived start

[root@lvs-backup]#servicekeepalived start

 

 

查看LVS运行情况

 

[root@Master-LVS]#ipvsadm -ln

IP Virtual Serverversion 1.2.1 (size=4096)

ProtLocalAddress:Port Scheduler Flags

->RemoteAddress:Port           ForwardWeight ActiveConn InActConn

TCP  192.168.40.200:443 wlc persistent 50

->192.168.40.128:443          Route   1     0          0

->192.168.40.129:443          Route   1     0          0

TCP  192.168.40.200:80 wlc persistent 50

->192.168.40.128:80           Route   1     0          0

->192.168.40.129:80           Route   1     0          0

 

故障测试

 

RS故障

 

切换到其中的一台rs上,如192.168.40.128

# service httpd stop

 

这时查看Master/Backup LVS上的的日志输出

[root@Master-LVS]#tail -f /var/log/message

 

?View Code LOG   1

 Sep  311:08:01 experiment Keepalived_healthcheckers: TCP connection to[192.168.40.128:80] failed !!!

Sep  3 11:08:01 experimentKeepalived_healthcheckers: Removing service [192.168.40.128:80] from VS[192.168.40.200:80]

Sep  3 11:08:01 experimentKeepalived_healthcheckers: Remote SMTP server [127.0.0.1:25] connected.

Sep  3 11:08:01 experiment Keepalived_healthcheckers:TCP connection to [192.168.40.128:443] failed !!!

Sep  3 11:08:01 experimentKeepalived_healthcheckers: Removing service [192.168.40.128:443] from VS[192.168.40.200:443]

Sep  3 11:08:01 experimentKeepalived_healthcheckers: Remote SMTP server [127.0.0.1:25] connected.

Sep  3 11:08:01 experimentKeepalived_healthcheckers: SMTP alert successfully sent.

 

[root@Backup-LVS]#tail -f /var/log/message

 

 

?View Code LOG   1

 Sep  311:08:02 localhost Keepalived_healthcheckers: TCP connection to [192.168.40.128:443]failed !!!

Sep  3 11:08:02 localhostKeepalived_healthcheckers: Removing service [192.168.40.128:443] from VS[192.168.40.200:443]

Sep  3 11:08:02 localhostKeepalived_healthcheckers: Remote SMTP server [127.0.0.1:25] connected.

Sep  3 11:08:02 localhostKeepalived_healthcheckers: TCP connection to [192.168.40.128:80] failed !!!

Sep  3 11:08:02 localhostKeepalived_healthcheckers: Removing service [192.168.40.128:80] from VS[192.168.40.200:80]

Sep  3 11:08:02 localhost Keepalived_healthcheckers:Remote SMTP server [127.0.0.1:25] connected.

Sep  3 11:08:03 localhostKeepalived_healthcheckers: SMTP alert successfully sent.

 

通过日志可以看出MasterBackup几乎同时感知了RS1服务器已经故障,并且从IPVS中移除故障rs(或者将其权值标记为0也就是不可用)。并且向指定的邮箱发送邮件,MasterBackup都会发送邮件,其邮件标题会根据router_id的值区分出MasterBackup

 

Master LVS-Router故障

 

停止Master-LVSkeepalived服务,人为造成故障

[root@Master-LVS]#service keepalived stop

 

这时查看Backup-LVSlog信息

[root@Backup-LVS]#tail -f /var/log/message

 

?View Code LOG   1

 Sep  311:23:28 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTERSTATE

Sep  3 11:23:29 localhost Keepalived_vrrp:VRRP_Instance(VI_1) Entering MASTER STATE

Sep  3 11:23:29 localhost Keepalived_vrrp:VRRP_Instance(VI_1) setting protocol VIPs.

Sep  3 11:23:29 localhost Keepalived_vrrp:VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.40.200

Sep  3 11:23:29 localhost Keepalived_vrrp: Netlinkreflector reports IP 192.168.40.200 added

Sep  3 11:23:29 localhost Keepalived_healthcheckers:Netlink reflector reports IP 192.168.40.200 added

Sep  3 11:23:34 localhost Keepalived_vrrp:VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.40.200

 

由日志可以看出Backup-LVS监测到Master-LVS故障后立即将自己的身份切换为Master然后将VIP设置到自己的eth0端口上并发送ARP广播。

 

现在我手动将Master-LVSkeepalived的服务起来,然后再查看Backup-LVSlog信息

[root@Master-LVS]#service keepalived start

 

[root@Backup-LVS]#tail -f /var/log/message

 

?View Code LOG   1

 Sep  311:30:44 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prioadvert

Sep  3 11:30:44 localhost Keepalived_vrrp:VRRP_Instance(VI_1) Entering BACKUP STATE

Sep  3 11:30:44 localhost Keepalived_vrrp:VRRP_Instance(VI_1) removing protocol VIPs.

Sep  3 11:30:44 localhost Keepalived_vrrp: Netlinkreflector reports IP 192.168.40.200 removed

Sep  3 11:30:44 localhostKeepalived_healthcheckers: Netlink reflector reports IP 192.168.40.200 removed

 

Backup-LVS的日志可以看到,其检测到比自己优先级高的实例后将自己的身份切换成了Backup,然后将VIPeth0端口移除,并发送心跳给Master-LVS

 

piranhakeepalived比较

经过比较得知,piranha的主-备的地位是相同的,也就是说主故障后备就会代替主,经其地位从备切换为主,而当先前的主恢复正常后则先前的主便成了备,其不会主动切换自己的身份为主,当前的备可以检测到先前的主已经恢复但并不会主动将自己的身份修改为备。

keepalived则是主备分明的,其利用优先级的设置可以严格的制定主备身份。

 

参考文章

 

LVS-HOWTO

http://www.keepalived.org/documentation.html

http://bbs.linuxtone.org/thread-1077-1-1.html

 

资源下载

Keepalived-UserGuide    CN EN

 

 

 配置文件:

master_keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_MASTER
}

vrrp_instance VI_1 {
    state MASTER
    interface eth1
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.40.200
    }
}


virtual_server 192.168.40.200 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    nat_mask 255.255.255.0
    persistence_timeout 50
    protocol TCP

    real_server 192.168.40.128 80 {
        weight 1
        #inhibit_on_failure
     TCP_CHECK  {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
                }
        }

    real_server 192.168.40.129 80 {
        weight 1
        #inhibit_on_failure
     TCP_CHECK  {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
                }
        }
}
             

backup_keepalived.conf

! Configuration File for keepal

YWSOS.COM 平台代运维解决方案
 评论
 发表评论
姓   名:

Powered by AKCMS