LVS+Keepalived实现负载均衡试验笔记试验环境
192.168.40.130 Master-LVS-Director
192.168.40.131 Backup-LVS-Director
192.168.40.200 VIP
192.168.40.128 RealServer1
192.168.40.129 RealServer2
拓扑图--------^
在master-lvs-director 和backup-lvs-directory 安装:keepalived,并配置keepalived.conf
在Realserver1和Realserver2中配置lvsRealServer.sh启动脚本
安装ipvsadm
# yum install -yipvsadm
安装keepalived
确认当前运行的内核
# uname -r
2.6.18-128.4.1.el5xen
# ls -1/usr/src/kernels
2.6.18-128.4.1.el5-x86_64
2.6.18-128.el5-x86_64
# wget http://www.keepalived.org/software/keepalived-1.1.17.tar.gz
# tar -xvzfkeepalived-1.1.17.tar.gz
# cdkeepalived-1.1.17
# ./configure--sysconfdir=/etc/ --sbindir=/usr/sbin/--with-kernel-dir=/usr/src/kernels/2.6.18-128.4.1.el5-x86_64
Keepalived configuration
------------------------
Keepalived version:1.1.17
Compiler: gcc
Compiler flags: -g-O2
Extra Lib : -lpopt-lssl -lcrypto
Use IPVS Framework :Yes
IPVS sync daemonsupport : Yes
Use VRRP Framework :Yes
Use LinkWatch: No
Use Debug flags: No
# make &&make install
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[root@KEEP ~]# /etc/init.d/network restart
[root@KEEP ~]# cd/data/keepalived/
[root@KEEP keepalived]#tar zxvf keepalived-1.2.12.tar.gz
[root@KEEP keepalived]#cd keepalived-1.2.12/
[root@KEEPkeepalived-1.2.12]# ./configure --prefix=/usr/local/keepalived
[root@KEEPkeepalived-1.2.12]# make
[root@KEEPkeepalived-1.2.12]# make install
[root@KEEPkeepalived-1.2.2]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@KEEPkeepalived-1.2.2]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived/etc/init.d/
[root@KEEPkeepalived-1.2.2]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived/etc/sysconfig/
[root@KEEPkeepalived-1.2.2]# ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
[root@KEEPkeepalived-1.2.12]# cd
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
配置keepalived
# vi/etc/keepalived/keepalived.conf
下载 keepalived.conf
! Configuration Filefor keepalived
# 全局定义
global_defs {
notification_email {
13810955300@139.com
}
notification_email_fromroot@experiment.jobkoo.com
#smtp主机地址
smtp_server 127.0.0.1
smtp_connect_timeout30
#运行Keepalived服务器的一个标识。发邮件时显示在邮件标题中的信息
router_id LVS_MASTER
}
#VIP
vrrp_instance VI_1 {
#指定实例的初始状态(角色)。在两台router都启动时马上会根据priority的高低开始竞选
#高priority为Master
state MASTER
#VT_1 实例绑定的网卡
interface eth0
#VRID 标记(0-255)
virtual_router_id 51
#优先级,BACKUP的值一定要低于MASTER
priority 100
#检查间隔
advert_int 1
#设置认证
authentication {
#认证类型
auth_type PASS
#认证密码
auth_pass 1111
}
#VIP 这个IP在发生MASTER 到 BACKUP切换时会随之add或del,所以每台服务器上可以不绑定
#虚拟地址,而都放入virtual_ipaddress块中(可以多个),keepalived会自动使用ip地址进
#行绑定(不需要依赖ifcfg-eth0),利用ip add show eth0可以看到加入的VIP
virtual_ipaddress {
192.168.40.200
}
}
#定义virtual_server (HTTP |80)
virtual_server192.168.40.200 80 {
delay_loop 6 # service polling的delay时间
lb_algo wlc # 调度算法
lb_kind DR # LVS工作方式
persistence_timeout50 # 会话保持时间
protocol TCP # 协议类型(TCP|UDP)
#定义rs1,每一个rs都需要下面的一个配置段
real_server192.168.40.128 80 {
weight 1 # 权值默认1,0为失效
#inhibit_on_failure # 在服务器健康检查失败后不从IPVS中删除而将其权值标记为0
# TCP方式的健康检查
TCP_CHECK { #注意这里有一个空格,如果不加空格,将无法添加第二台主机
connect_timeout10 # 连接超时时间
nb_get_retry 3 # 重试次数
delay_before_retry3 # 重试间隔
connect_port 80 # 健康检查端口
}
}
# 定义rs2
real_server192.168.40.129 80 {
weight 1
TCP_CHECK { #注意这里有一个空格,如果不加空格,将无法添加第二台主机
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
配置真实服务器RealServer LVS启动脚本
为了方便起见我自己编写了一个启动脚本,如下:
下载 lvsRealServer.sh
#!/bin/bash
#Description :RealServer Start!
#Write by:Cooper
#LastModefiy:2009.08.21
VIP=192.168.40.200
LVS_TYPE=DR
startrs()
{
echo "start LVSof REALServer"
if ["$LVS_TYPE" == "DR" ];then
/sbin/ifconfig lo:0$VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host$VIP dev lo:0
else
/sbin/ifconfig tunl0$VIP netmask 255.255.255.255 broadcast $VIP up
/sbin/route add -host$VIP dev tunl0
fi
echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/all/arp_announce
}
stoprs()
{
if ["$LVS_TYPE" == "DR" ];then
/sbin/ifconfig lo:0down
echo "close LVSDirectorserver"
else
/sbin/ifconfig tunl0down
echo "close LVSTunnel server"
fi
echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0">/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0">/proc/sys/net/ipv4/conf/all/arp_announce
}
# ============ Main===========
case $1 in
"start")
startrs;;
"stop")
stoprs;;
"*")
echo "Usage $0{start|stop}"
exit 1
esac
该脚本默认启动LVS/DR模式,通过修改脚本变量可以实现LVS/Tunnel模式的切换。
**服务启动顺序:
启动顺序:
1.在RealServer真实服务器上启动:
[root@rs-1]# shlvsRealServer.sh start
[root@rs-1]# servicehttpd start
[root@rs-2]# shlvsRealServer.sh start
[root@rs-2]# servicehttpd start
2.在LVS上启动:
[root@lvs-master]#servicekeepalived start
[root@lvs-backup]#servicekeepalived start
查看LVS运行情况
[root@Master-LVS]#ipvsadm -ln
IP Virtual Serverversion 1.2.1 (size=4096)
ProtLocalAddress:Port Scheduler Flags
->RemoteAddress:Port ForwardWeight ActiveConn InActConn
TCP 192.168.40.200:443 wlc persistent 50
->192.168.40.128:443 Route 1 0 0
->192.168.40.129:443 Route 1 0 0
TCP 192.168.40.200:80 wlc persistent 50
->192.168.40.128:80 Route 1 0 0
->192.168.40.129:80 Route 1 0 0
故障测试
RS故障
切换到其中的一台rs上,如192.168.40.128
# service httpd stop
这时查看Master/Backup LVS上的的日志输出
[root@Master-LVS]#tail -f /var/log/message
?View Code LOG 1
Sep 311:08:01 experiment Keepalived_healthcheckers: TCP connection to[192.168.40.128:80] failed !!!
Sep 3 11:08:01 experimentKeepalived_healthcheckers: Removing service [192.168.40.128:80] from VS[192.168.40.200:80]
Sep 3 11:08:01 experimentKeepalived_healthcheckers: Remote SMTP server [127.0.0.1:25] connected.
Sep 3 11:08:01 experiment Keepalived_healthcheckers:TCP connection to [192.168.40.128:443] failed !!!
Sep 3 11:08:01 experimentKeepalived_healthcheckers: Removing service [192.168.40.128:443] from VS[192.168.40.200:443]
Sep 3 11:08:01 experimentKeepalived_healthcheckers: Remote SMTP server [127.0.0.1:25] connected.
Sep 3 11:08:01 experimentKeepalived_healthcheckers: SMTP alert successfully sent.
[root@Backup-LVS]#tail -f /var/log/message
?View Code LOG 1
Sep 311:08:02 localhost Keepalived_healthcheckers: TCP connection to [192.168.40.128:443]failed !!!
Sep 3 11:08:02 localhostKeepalived_healthcheckers: Removing service [192.168.40.128:443] from VS[192.168.40.200:443]
Sep 3 11:08:02 localhostKeepalived_healthcheckers: Remote SMTP server [127.0.0.1:25] connected.
Sep 3 11:08:02 localhostKeepalived_healthcheckers: TCP connection to [192.168.40.128:80] failed !!!
Sep 3 11:08:02 localhostKeepalived_healthcheckers: Removing service [192.168.40.128:80] from VS[192.168.40.200:80]
Sep 3 11:08:02 localhost Keepalived_healthcheckers:Remote SMTP server [127.0.0.1:25] connected.
Sep 3 11:08:03 localhostKeepalived_healthcheckers: SMTP alert successfully sent.
通过日志可以看出Master与Backup几乎同时感知了RS1服务器已经故障,并且从IPVS中移除故障rs(或者将其权值标记为0也就是不可用)。并且向指定的邮箱发送邮件,Master和Backup都会发送邮件,其邮件标题会根据router_id的值区分出Master和Backup
Master LVS-Router故障
停止Master-LVS的keepalived服务,人为造成故障
[root@Master-LVS]#service keepalived stop
这时查看Backup-LVS的log信息
[root@Backup-LVS]#tail -f /var/log/message
?View Code LOG 1
Sep 311:23:28 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTERSTATE
Sep 3 11:23:29 localhost Keepalived_vrrp:VRRP_Instance(VI_1) Entering MASTER STATE
Sep 3 11:23:29 localhost Keepalived_vrrp:VRRP_Instance(VI_1) setting protocol VIPs.
Sep 3 11:23:29 localhost Keepalived_vrrp:VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.40.200
Sep 3 11:23:29 localhost Keepalived_vrrp: Netlinkreflector reports IP 192.168.40.200 added
Sep 3 11:23:29 localhost Keepalived_healthcheckers:Netlink reflector reports IP 192.168.40.200 added
Sep 3 11:23:34 localhost Keepalived_vrrp:VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.40.200
由日志可以看出,Backup-LVS监测到Master-LVS故障后立即将自己的身份切换为Master然后将VIP设置到自己的eth0端口上并发送ARP广播。
现在我手动将Master-LVS的keepalived的服务起来,然后再查看Backup-LVS的log信息
[root@Master-LVS]#service keepalived start
[root@Backup-LVS]#tail -f /var/log/message
?View Code LOG 1
Sep 311:30:44 localhost Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prioadvert
Sep 3 11:30:44 localhost Keepalived_vrrp:VRRP_Instance(VI_1) Entering BACKUP STATE
Sep 3 11:30:44 localhost Keepalived_vrrp:VRRP_Instance(VI_1) removing protocol VIPs.
Sep 3 11:30:44 localhost Keepalived_vrrp: Netlinkreflector reports IP 192.168.40.200 removed
Sep 3 11:30:44 localhostKeepalived_healthcheckers: Netlink reflector reports IP 192.168.40.200 removed
由Backup-LVS的日志可以看到,其检测到比自己优先级高的实例后将自己的身份切换成了Backup,然后将VIP从eth0端口移除,并发送心跳给Master-LVS。
piranha与keepalived比较
经过比较得知,piranha的主-备的地位是相同的,也就是说主故障后备就会代替主,经其地位从备切换为主,而当先前的主恢复正常后则先前的主便成了备,其不会主动切换自己的身份为主,当前的备可以检测到先前的主已经恢复但并不会主动将自己的身份修改为备。
而keepalived则是主备分明的,其利用优先级的设置可以严格的制定主备身份。
参考文章
LVS-HOWTO
http://www.keepalived.org/documentation.html
http://bbs.linuxtone.org/thread-1077-1-1.html
资源下载
Keepalived-UserGuide CN EN
配置文件:
master_keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_MASTER
}
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.40.200
}
}
virtual_server 192.168.40.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.40.128 80 {
weight 1
#inhibit_on_failure
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.40.129 80 {
weight 1
#inhibit_on_failure
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
backup_keepalived.conf
! Configuration File for keepal
