Shulou(Shulou.com)06/02 Report--

CentOS release 6.8 x64 (Final) 2.6.32-642.4.2.el6.x86_64 install keepalived-1.3.5+lvs

=

I. Environmental installation:

=

1. Dependent installation

Yum install-y openssl-devel libnl3-devel ipset-devel iptables-devel libnfnetlink-devel popt* adds soft connection ln-s / usr/src/kernels/ `uname-r` / usr/src/linux

IP settings for 2.5 machines

LVS1: 172.16.0.100

LVS2: 172.16.0.101

VIP: 172.16.0.150

WEB: 172.16.0.102

WEB2:172.16.0.103

Web3:172.16.0.104 (windows client IIS)

3. Close selinux

Modify the SELINUX=disabled setting in the / etc/selinux/config file, and then restart the server.

4. Close iptables, if not, need to increase the open port in more cases.

# iptables-I INPUT-p tcp-- dport 80-j ACCEPT # iptables-I INPUT-p icmp-j ACCEPT # service iptables save

2. Installation steps (install on LVS1.LVS2):

=

1) install lvs management tools

1.tar zxvf ipvsadm-1.26.tar.gz 2.cd ipvsadm-1.26 3. Make '4.'make install' 5.#ipvsadm 6.lsmod | grep ip_vs

2) install keepalived software

1. Tar zxvf keepalived-1.3.5.tar.gz 2. Cd ikeepalived-1.3.5 3. / configure-- prefix=/usr/local/keepalived-- with-init=SYSV # Note: (upstart | systemd | SYSV | SUSE | openrc) # choose the corresponding startup mode according to the system. 'make' 5.' make install'.

6. Configure the path to the keepalived file

Cp / usr/local/keepalived/etc/rc.d/init.d/keepalived / etc/init.d/ cp / usr/local/keepalived/etc/sysconfig/keepalived / etc/sysconfig/ mkdir / etc/keepalived cp / usr/local/keepalived/etc/keepalived/keepalived.conf / etc/keepalived/ cp / usr/local/keepalived/sbin/keepalived / usr/sbin/

7. Configuration file (vim / etc/keepalived/keepalived.conf)

# here is the global definition section

Global_defs {notification_email {root@local # set alarm email single or multiple addresses} notification_email_from server@local # sending address smtp_server 127.0.0.1 # smtp address smtp_connect_timeout 30 # actual router_id LVS_ONE # route ID when connecting to the smtp server timed out cannot be the same between the two machines. LVS2 is changed to different vrrp_skip_check_adv_addr # vrrp_strict # strictly enforce VRRP protocol specification, this mode does not support node unicast. # and restart the keepalived service, iptables will automatically start, originally planned to shut down iptables, # but the test found that several times (through the command service iptables stop and chkconfig iptables off,) # shut down the iptables, but after starting or restarting the keepalived service, automatically start iptables, # and add a rule to DROP the VIP address. As a result, the VIP can not be found and the ping can not be found. The default installation comes with configuration # with this option. So it is recommended that you disable this option. Vrrp_garp_interval 0 vrrp_gna_interval 0} # vrrp instance definition part vrrp_instance VI_1 {state MASTER # keepalived role MASTER represents the primary server. LVS2 is changed to: BACKUP interface eth0 # specify the monitoring network card virtual_router_id 51 # virtual route label, the same instance, need the same label. Priority 150 # the higher the priority number, the higher the priority. The priority of MASTER is higher than that of BACKUP (for example, master 150 Backup 1 # set check time unit between master and standby s authentication {# set authentication type and password auth_type PASS auth_pass 1111} virtual_ipaddress {# set virtual IP address can set multiple 172.16.0.150 dev eth0 label eth0:0 per line 24 brd 172.16.0.255 dev eth0 label eth0:0} # Virtual Server Sub-virtual_server 172.16.0.150 80 {delay_loop 6 # set running check time unit s lb_algo rr # load scheduling algorithm rr, that is, rotation algorithm lb_kind DR # set LVS load mechanism NAT TUN DR three modes optional persistence_timeout 0 # session time # session is maintained at a service node # the user has no action within 50 seconds of the dynamic page Then it will be distributed to other nodes # the user acts all the time without the restriction of 50s protocol TCP # uses the protocol # below is the real_server part real_server 172.16.0.102 80 {weight 1 # service node weight, the greater the number The higher the weight # the size of the weight can distribute different loads to servers with different performance # in order to make effective and reasonable use of server resources TCP_CHECK {# status check part connect_timeout 3 # 3s unresponsive timeout Nb_get_retry 3 # retry number delay_before_retry 3 # retry interval connect_port 80 # connection Port}} real_server 172.16.0.103 80 {weight 1 TCP_CHECK { Connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80}} real_server 172.16.0.104 80 {weight 1 TCP_CHECK {connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80}

III. Client settings (web1,web2 configuration)

1. Add startup and shutdown scripts and chmod execution permissions

#! / bin/bash # # Script to start LVS DR real server. # description: LVS DR real server #. / etc/rc.d/init.d/functionsVIP=172.16.0.150 # modify the corresponding VIP host= `/ bin/ hostname`case "$1" in start) # launch LVS-DR mode, real server on this machine. Turn off ARP collision detection. / sbin/ifconfig lo down / sbin/ifconfig lo up echo 1 > / proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > / proc/sys/net/ipv4/conf/lo/arp_announce echo 1 > / proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > / proc/sys/net/ipv4/conf/all/arp_announce / sbin/ Ifconfig lo:0$ VIP broadcast $VIP netmask 255.255.255.255 up / sbin/route add-host $VIP dev lo:0 ; stop) # stop LVS-DR real server loopback device (s). / sbin/ifconfig lo:0 down echo 0 > / proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > / proc/sys/net/ipv4/conf/lo/arp_announce echo 0 > / proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > / proc/sys/net/ipv4/conf/all/arp_announce;; status) # Status of LVS-DR real server. Islothere= `/ sbin/ifconfig lo:0 | grep $VIP` isrothere= `netstat-rn | grep "lo:0" | grep $VIP` if [! "$islothere"-o! Isrothere]; then # Either the route or the lo:0 device # not found. Echo "LVS-DR real server Stopped!" Else echo "LVS-DR real server Running..." Fi;; *) # Invalid entry. Echo "$0: Usage: $0 {start | status | stop}" exit 1;; esac

two。 Add web http service, use port 80 to open the website.

3. Test whether the servers can PING each other.

Add VIP items (web3 machines) to the 4.windows client:

Win2003 address setting method: control Panel-> add hardware-> add New hardware-> manually install hardware-"Network Adapter"

Rename to VIP, add IP address 172.16.0.104, mask 255.255.255.0

Open regedit and edit: subnetMask is 255.255.255.255

HKEY_LOCAL_MACHINE\ System\ CurrentControlSet\ Services\ Tcpip\ Parameters\ Interfaces

Win2008 address setting method: control Panel-hardware and Printer-> add hardware

Find the new loopback connection, rename it to VIP, right-click the VIP connection property, and start setting TCP/IP

172.16.0.104 255.255.255.255.255 saved

Run CMD to execute:

Netsh interface ipv4 set interface "VIP" weakhostreceive=enabled netsh interface ipv4 set interface "VIP" weakhostsend=enabled netsh interface ipv4 set interface "LAN" weakhostreceive=enabled netsh interface ipv4 set interface "LAN" weakhostsend=enabled

4. Test and check keepalived+lvs problems

1. View Syslog / var/log/messages

2. Check the network connectivity of the load balancer (ping command or arping).

3. Check the operation of keepalived. Ps-aux | grep keepalived to see if the process is started. Lsmod | grep ip_vs, check whether the ipvs module is loaded into the system kernel, whether the vip is bound to the network interface, and whether the ipvsadm has output.

4. Check whether the configuration file of keepalived is written correctly.

5. Check whether the load balancer enables firewall rules.

6. Whether the web of realserver is normal

Recommended document: http://www.keepalived.org/pdf/sery-lvs-cluster.pdf

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.