环境
LVS ip:131
lvs ip :132
web01 :126
web02 :127
安装过程
rpm -qa ipvsadm
两台LVS都要安装(一下都是两台都要安装)
yum install ipvsadm -y rpm -qa ipvsadm ipvsadm-1.26-4.el6.x86_64
创建连接
ln -s /usr/src/kernels/2.6.32-696.23.1.el6.x86_64/ /usr/src/linux
(如果kernels里面是空的,yum install kernel-devel -y)
检查内核是否有
lsmod |grep ip_vs ip_vs_rr 1420 3 ip_vs 126534 5 ip_vs_rr libcrc32c 1246 1 ip_vs ipv6 335589 16 ip_vs,ip6t_REJECT,nf_conntrack_ipv6,nf_defrag_ipv6
如果没有执行(ipvsadm命令)
配置LVS
vip 192.168.70.5 www.daxian.com
添加一个VIP(131)
ip addr add 192.168.70.5/24 dev eth0 label eth0:0
清空所有节点
ipvsadm -C
-C --clean 清空所有
添加实例
ipvsadm -A -t 192.168.70.5:80 -s wrr
-A 添加一个实例,-s 算法 -t指定VIP
添加节点
ipvsadm -a -t 192.168.70.5:80 -r 192.168.70.126:80 -g -w 1 ipvsadm -a -t 192.168.70.5:80 -r 192.168.70.127:80 -g -w 1
-a 添加指定节点 -t指定VIP -r 指定节点ip -g工作模式 -w
优化(设置连接超时的值)
ipvsadm --set 30 5 60
(对应数值:tcp tcpfin udp)
查看
ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.70.5:80 wrr -> 192.168.70.126:80 Route 1 0 0 -> 192.168.70.127:80 Route 1 0 0
绑定RS端vip(web01)
ip addr add 192.168.70.5/32 dev lo label lo:0
添加主机路由
route add -host 192.168.70.5 dev lo
查看路由
route -n
抑制ARP(所有几点服务器都要做,web01,web02)
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
抑制ARP参数说明
|
数值 |
含义 |
|
0(默认) |
在任意网络接口(eth0,eth1,lo)上的任何本地地址 |
|
1 |
尽量避免不在该网络接口子网段的本地地址做出arp回应. 当发起ARP请求的源IP地址 是被设置应该经由路由达到此网络接口的时候很有用.此时会检查来访IP是否为所有接口 上的子网段内ip之一.如果改来访IP不属于各个网络接口上的子网段内,那么将采用级别2的方式来进行处理. |
|
2 |
对查询目标使用最适当的本地地址.在此模式下将忽略这个IP数据包的源地址并尝试 选择与能与该地址通信的本地地址.首要是选择所有的网络接口的子网中外出访问子网中 包含该目标IP地址的本地地址. 如果没有合适的地址被发现,将选择当前的发送网络接口 或其他的有可能接受到该ARP回应的网络接口来进行发送. |
arp_ignore定义
对目标地定义对目标地址为本地IP的ARP询问不同的应答模式0
|
数值 |
含义 |
|
0(默认值) |
回应任何网络接口上对任何本地IP地址的arp查询请求 |
|
1 |
只回答目标IP地址是来访网络接口本地地址的ARP查询请求 |
|
2 |
只回答目标IP地址是来访网络接口本地地址的ARP查询请求,且来访IP必须在该网络接口的子网段内 |
|
3 |
不回应该网络界面的arp请求,而只对设置的唯一和连接地址做出回应 |
|
4-7 |
保留未使用 |
|
8 |
不回应所有(本地地址)的arp查询 |
访问192.168.70.5
查看链接
ipvsadm -Ln --stats
IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes -> RemoteAddress:Port TCP 192.168.70.5:80 8 34 0 2951 0 -> 192.168.70.126:80 4 23 0 2375 0 -> 192.168.70.127:80 4 11 0 576 0
删除节点
ipvsadm -d -t 192.168.70.5:80 -r 192.168.70.126:80
=======================keepalived+LVS==================
首先搭建好Keepalived
清空VIP
ipvsadm -C
ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
配置keeplived
global_defs { router_id LVS_01 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 150 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.70.5/24 } } virtual_server 192.168.70.5 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.255.0 persistence_timeout 50 protocol TCP real_server 192.168.70.126 80 { weight 1 TCP_CHECK { connect_timeout 8 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.70.127 80 { weight 1 TCP_CHECK { connect_timeout 8 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
*删除之前配置的VIP
ip addr del 192.168.70.5/24 dev eth0:0
LB02 配置
global_defs { router_id LVS_02 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.70.5/24 } } virtual_server 192.168.70.5 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.255.0 persistence_timeout 50 protocol TCP real_server 192.168.70.126 80 { weight 1 TCP_CHECK { connect_timeout 8 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.70.127 80 { weight 1 TCP_CHECK { connect_timeout 8 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
启动keepalived
/etc/init.d/keepalived start
查看vip
ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.70.5:80 wrr persistent 50
-> 192.168.70.126:80 Route 1 0 0
-> 192.168.70.127:80 Route 1 0 0
停止192.168.70.126试试
/application/nginx/sbin/nginx -s stop
查看
ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.70.5:80 wrr persistent 50
-> 192.168.70.127:80 Route 1 0 0
启动
/application/nginx/sbin/nginx
在此查看
ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.70.5:80 wrr persistent 50
-> 192.168.70.126:80 Route 1 0 0
-> 192.168.70.127:80 Route 1 0 0
================================问题出现解决办法=====================
负载不均衡
ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.70.5:80 rr persistent 50
-> 192.168.70.126:80 Route 1 0 0
-> 192.168.70.127:80 Route 1 8 1244
#可以吧会话保持注释掉,persistent 重启keepalivied就可以了