Shulou(Shulou.com)06/03 Report--

Experimental environment:

LVS01:192.168.0.149 # (public network)

10.0.0.13 # (intranet)

LVS02:192.168.0.150

10.0.0.14

Web01:10.0.0.15 # (self-built web environment)

Web02:10.0.0.16 # (self-built web environment)

VIP:192.168.0.145

Installation preparation:

[root@LVS01 ~] # cat / etc/redhat-release

CentOS release 6.7 (Final)

[root@LVS01 ~] # uname-r

2.6.32-573.el6.x86_64

[root@LVS01 ~] # lsmod | grep ip_vs # check whether to install LVS or enable LVS

[root@LVS01] # ls-ld / usr/src/kernels/2.6.32-573.12.1.el6.x86_64

Drwxr-xr-x 22 root root 4096 Dec 18 00:12 / usr/src/kernels/2.6.32-573.12.1.el6.x86_64

[root@LVS01] # ln-s / usr/src/kernels/2.6.32-573.12.1.el6.x86_64/ / usr/src/linux

[root@LVS01 ~] # grep forward / etc/sysctl.conf # enable kernel forwarding

# Controls IP packet forwarding

Net.ipv4.ip_forward = 1

Execution

# sysctl-p

1. Install LVS:

[root@LVS01 ~] # wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz

[root@LVS01 ~] # tar xf ipvsadm-1.26.tar.gz

[root@LVS01 ~] # cd ipvsadm-1.26

[root@LVS01 ipvsadm-1.26] # make

[root@LVS01 ipvsadm-1.26] # make install

[root@LVS01 ipvsadm-1.26] # lsmod | grep ip_vs

[root@LVS01 ipvsadm-1.26] # which ipvsadm

/ sbin/ipvsadm

[root@LVS01 ipvsadm-1.26] # cd..

[root@LVS01] # ipvsadm-- version

Ipvsadm v1.26 2008-5-15 (compiled with popt and IPVS v1.2.1)

[root@LVS01 ~] # lsmod | grep ip_vs

Ip_vs 125694 0

Libcrc32c 1246 1 ip_vs

Ipv6 334932 141 ip_vs

# the above three lines of results indicate that the installation is successful

two。 Install Keepalived:

[root@LVS01 tools] # ln-s / usr/src/kernels/2.6.32-573.12.1.el6.x86_64/ / usr/src/linux

[root@LVS01 tools] # tar xf keepalived-1.2.7.tar.gz

[root@LVS01 tools] # cd keepalived-1.2.7

[root@LVS01 keepalived-1.2.7] #. / configure

....

Keepalived version: 1.2.7

Compiler: gcc

Compiler flags:-g-O2

Extra Lib:-lpopt-lssl-lcrypto-lnl

Use IPVS Framework: Yes

IPVS sync daemon support: Yes

IPVS use libnl: Yes

Use VRRP Framework: Yes

Use VRRP VMAC: Yes

SNMP support: No

Use Debug flags: No

# of the above final results, there should be at least 3 Yes, as follows:

Use IPVS Framework: Yes # ipvs framework

IPVS sync daemon support: Yes # ipvs synchronization support

Use VRRP Framework: Yes # VRRP framework

[root@LVS01 keepalived-1.2.7] # make

[root@LVS01 keepalived-1.2.7] # make install

[root@LVS01 keepalived-1.2.7] # cp / usr/local/etc/rc.d/init.d/keepalived / etc/rc.d/init.d/

[root@LVS01 keepalived-1.2.7] # cp / usr/local/etc/sysconfig/keepalived / etc/sysconfig/

[root@LVS01 keepalived-1.2.7] # mkdir / etc/keepalived-p

[root@LVS01 keepalived-1.2.7] # cp / usr/local/etc/keepalived/keepalived.conf / etc/keepalived/

[root@LVS01 keepalived-1.2.7] # cp / usr/local/sbin/keepalived / usr/sbin/

[root@LVS01 keepalived-1.2.7] # / etc/init.d/keepalived start

Starting keepalived: [OK]

[root@LVS01 keepalived-1.2.7] # ps-ef | grep keepalived

Root 14563 1 0 06:57? 00:00:00 keepalived-D

Root 14565 14563 0 06:57? 00:00:00 keepalived-D

Root 14566 14563 0 06:57? 00:00:00 keepalived-D

Root 14570 13038 0 06:57 pts/0 00:00:00 grep keepalived

[root@LVS01 keepalived-1.2.7] # / etc/init.d/keepalived stop

Stopping keepalived: [OK]

[root@LVS01 keepalived-1.2.7] # ps-ef | grep keepalived | grep-v grep

3. Configure Keepalived:

Master (LVS01):

[root@LVS01 ~] # cat / etc/keepalived/keepalived.conf

! Configuration File for keepalived

Global_defs {

Notification_email {

1729294227@qq.com

}

Notification_email_from Alexandre.Cassen@firewall.loc

Smtp_server 192.168.0.200

Smtp_connect_timeout 30

Router_id LVS_1

}

Vrrp_instance VI_1 {

State MASTER

Interface eth0

Virtual_router_id 51

Priority 100

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Virtual_ipaddress {

192.168.0.145/24

}

}

Virtual_server 192.168.0.145 80 {

Delay_loop 6

Lb_algo wrr # load balancing algorithm

Lb_kind DR # load balancing mode

Nat_mask 255.255.255.0 # Subnet Mask

Persistence_timeout 300 # session persistence

Protocol TCP # protocol

Real_server 10.0.0.15 80 {

Weight 1

TCP_CHECK {

Connect_timeout 8

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

Real_server 10.0.0.16 80 {

Weight 1

TCP_CHECK {

Connect_timeout 8

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

}

Standby (LVS02):

[root@LVS02 ~] # cat / etc/keepalived/keepalived.conf

! Configuration File for keepalived

Global_defs {

Notification_email {

1729294227@qq.com

}

Notification_email_from Alexandre.Cassen@firewall.loc

Smtp_server 192.168.0.200

Smtp_connect_timeout 30

Router_id LVS_2

}

Vrrp_instance VI_1 {

State BACKUP

Interface eth0

Virtual_router_id 51

Priority 99

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Virtual_ipaddress {

192.168.0.145/24

}

}

Virtual_server 192.168.0.145 80 {

Delay_loop 6

Lb_algo wrr

Lb_kind DR

Nat_mask 255.255.255.0

Persistence_timeout 300

Protocol TCP

Real_server 10.0.0.15 80 {

Weight 1

TCP_CHECK {

Connect_timeout 8

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

Real_server 10.0.0.16 80 {

Weight 1

TCP_CHECK {

Connect_timeout 8

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

}

4. Manually bind VIP to RS (on two web machines):

Web01:

[root@web01] # curl-I localhost

HTTP/1.1 200 OK

Server: nginx/1.6.3

Date: Thu, 26 Nov 2015 12:09:12 GMT

Content-Type: text/html

Content-Length: 24

Last-Modified: Thu, 26 Nov 2015 09:19:01 GMT

Connection: keep-alive

ETag: "5656ce85-18"

Accept-Ranges: bytes

192.168.0.151:test1-web

[root@web01 ~] # ifconfig lo:0 192.168.0.145 Universe 32 up

[root@web01 ~] # ifconfig lo:0

Lo:0 Link encap:Local Loopback

Inet addr:192.168.0.145 Mask:0.0.0.0

UP LOOPBACK RUNNING MTU:65536 Metric:1

Web02:

[root@web02] # curl-I localhost

HTTP/1.1 200 OK

Server: nginx/1.6.3

Date: Sat, 07 Nov 2015 16:18:31 GMT

Content-Type: text/html

Content-Length: 24

Last-Modified: Sat, 07 Nov 2015 13:27:39 GMT

Connection: keep-alive

ETag: "563dfc4b-18"

Accept-Ranges: bytes

192.168.0.160:test2-web

[root@web02 ~] # ifconfig lo:0 192.168.0.145 Universe 32 up

[root@web02 ~] # ifconfig lo:0

Lo:0 Link encap:Local Loopback

Inet addr:192.168.0.145 Mask:0.0.0.0

UP LOOPBACK RUNNING MTU:65536 Metric:1

# the above can be achieved by script

Note that do the following three things to ensure that the IP does not conflict:

1. Bind to the loopback interface (lo)

two。 Bind VIP address

3. The subnet mask is 255.255.255.255

5. Manually suppress the ARP response on the RS side (on two web machines):

Echo "1" > / proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce

Echo "1" > / proc/sys/net/ipv4/conf/all/arp_ignore

Echo "2" > / proc/sys/net/ipv4/conf/all/arp_announce

# the above can be achieved by script

6. Final test:

[root@LVS01 ~] # / etc/init.d/keepalived start

[root@LVS01] # ipvsadm-L-n

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.0.145:80 wrr persistent 300

-> 10.0.0.15 80 Route 100 0

-> 10.0.0.16 80 Route 100 0

[root@LVS01 ~] # ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

Inet 127.0.0.1/8 scope host lo

Inet6:: 1/128 scope host

Valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00:0c:29:a4:26:69 brd ff:ff:ff:ff:ff:ff

Inet 192.168.0.149/24 brd 192.168.0.255 scope global eth0

Inet 192.168.0.145/24 scope global secondary eth0

Inet6 fe80::20c:29ff:fea4:2669/64 scope link

Valid_lft forever preferred_lft forever

3: eth4: mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00:0c:29:a4:26:73 brd ff:ff:ff:ff:ff:ff

Inet 10.0.0.13/24 brd 10.0.0.255 scope global eth4

Inet6 fe80::20c:29ff:fea4:2673/64 scope link

Valid_lft forever preferred_lft forever

[root@LVS02 ~] # / etc/init.d/keepalived start

[root@LVS02] # ipvsadm-L-n

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.0.145:80 wrr persistent 300

-> 10.0.0.15 80 Route 100 0

-> 10.0.0.16 80 Route 100 0

[root@LVS02 ~] # ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

Inet 127.0.0.1/8 scope host lo

Inet6:: 1/128 scope host

Valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00:0c:29:6a:27:b4 brd ff:ff:ff:ff:ff:ff

Inet 192.168.0.150/24 brd 192.168.0.255 scope global eth0

Inet6 fe80::20c:29ff:fe6a:27b4/64 scope link

Valid_lft forever preferred_lft forever

3: eth4: mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00:0c:29:6a:27:be brd ff:ff:ff:ff:ff:ff

Inet 10.0.0.14/24 brd 10.0.0.255 scope global eth4

Inet6 fe80::20c:29ff:fe6a:27be/64 scope link

Valid_lft forever preferred_lft forever

7. Simulated "failure" tests are highly available:

[root@LVS01 ~] # / etc/init.d/keepalived stop

Stopping keepalived: [OK]

[root@LVS01 ~] # ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

Inet 127.0.0.1/8 scope host lo

Inet6:: 1/128 scope host

Valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00:0c:29:a4:26:69 brd ff:ff:ff:ff:ff:ff

Inet 192.168.0.149/24 brd 192.168.0.255 scope global eth0

Inet6 fe80::20c:29ff:fea4:2669/64 scope link

Valid_lft forever preferred_lft forever

3: eth4: mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00:0c:29:a4:26:73 brd ff:ff:ff:ff:ff:ff

Inet 10.0.0.13/24 brd 10.0.0.255 scope global eth4

Inet6 fe80::20c:29ff:fea4:2673/64 scope link

Valid_lft forever preferred_lft forever

[root@LVS02 ~] # ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

Inet 127.0.0.1/8 scope host lo

Inet6:: 1/128 scope host

Valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00:0c:29:6a:27:b4 brd ff:ff:ff:ff:ff:ff

Inet 192.168.0.150/24 brd 192.168.0.255 scope global eth0

Inet 192.168.0.145/24 scope global secondary eth0

Inet6 fe80::20c:29ff:fe6a:27b4/64 scope link

Valid_lft forever preferred_lft forever

3: eth4: mtu 1500 qdisc pfifo_fast state UP qlen 1000

Link/ether 00:0c:29:6a:27:be brd ff:ff:ff:ff:ff:ff

Inet 10.0.0.14/24 brd 10.0.0.255 scope global eth4

Inet6 fe80::20c:29ff:fe6a:27be/64 scope link

Valid_lft forever preferred_lft forever

Hey hey, VIP drift is successful, look at the web interface!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.