LVS + Keepalived achieves layer-4 load and high availability

LVS + Keepalived achieves layer-4 load and high availability

A new project is going to be launched recently and requires soft loads. I decided to use nginx as a reverse proxy. However, after nginx is installed, I found that nginx cannot display css and js. I am still studying it, however, because the project is urgent, we still adopt the classic architecture LVS + Keepalived.

Environment:

LVS-01 192.168.199.117 MASTER

LVS-02 192.168.199.118 BACKUP

WEB-01 192.168.199.113

WEB-02 192.168.199.114

VIP 192.168.199.119

Compile and install LVS

Ln-s/usr/src/kernels/2.6.18-308. el5-x86_64 // usr/src/linux

Wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz

Tar zxf ipvsadm-1.26.tar.gz

Cd ipvsadm-1.26

Make

 

If an error is reported, the result is as follows:

Make [1]: *** [libipvs. o] Error1

Make [1]: Leaving directory '/root/tools/ipvsadm-1.26/lib1_s'

Make: *** [libs] Error 2

 

After query, there are many statements that have not solved my problem:

1. Some say that kernel soft link ln-s/usr/src/kernels/2.6.18-308. el5-x86_64 // usr/src/linux

2. Some say yuminstall gcc -*

3. Also, yum installlibnl * popt *

The above method may apply to the actual environment, but it is not valid on my machine. I have been tossing for a long time. I want to consult experts and check the tips again:

1. The ipvsadm-1.26 version is suitable for kernel 2.6.28-rc3 and later

2. After selecting the corresponding ipvsadm, you also need to select the corresponding keepalived. Otherwise, after keepalived is started, there will be no realserver list. The general display is as follows:

IP Virtual Server version 1.2.1 (size = 4096)

Prot LocalAddress: portsched1_flags

-> RemoteAddress: Port Forward Weight ActiveConn InActConn

 

Okay, the problem is found. Repeat it and download the lower version of ipvsadm. My kernel version is 2.6.18-308. el5-x86_64, with ipvsadm-1.24 testing normal, the version of keepalived is keepalived-1.1.15, the specific operation is as follows:

Install LVS

Ln-s/usr/src/kernels/2.6.18-308. el5-x86_64 // usr/src/linux

Wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz

Tar zxvf ipvsadm-1.24.tar.gz

Cd ipvsadm-1.24

Make

Make install

Cd ..

Ipvsadm-version

 

Install keepalived

Wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz

Tar zxfkeepalived-1.1.15.tar.gz

Cd keepalived-1.1.15

./Configure

Make

Make install

Cp/usr/local/etc/rc. d/init. d/keepalived/etc/init. d/

Cp/usr/local/etc/sysconfig/keepalived/etc/sysconfig/

Mkdir/etc/keepalived/

Cp/usr/local/etc/keepalived. conf/etc/keepalived/

Cp/usr/local/sbin/keepalived/usr/sbin/

/Etc/init. d/keepalived start

So far, the installation is complete, and the following configuration file.

 

Keepalived configuration file on the LVS-01, the master and slave are basically the same, different for the red part

Vim/etc/keepalived. conf

! Configuration File forkeepalived

Global_defs {

Router_id LVS-01 # routeid

}

Vrrp_instance LVS {

State MASTER # BACKUP

Interface eth0

Virtual_router_id 251

Priority 100 # the value of the slave node is smaller than that of the master node.

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Virtual_ipaddress {

192.168.199.119

}

}

Virtual_server 192.168.199.11980 {

Delay_loop 6

Lb_algo wrr

Lb_kind DR

Persistence_timeout 60 # session persistence

Protocol TCP

 

Real_server 192.168.199.113 80 {

Weight 1

TCP_CHECK {

Connect_timeout 10

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

Real_server 192.168.168.199.114 80 {

Weight 1

TCP_CHECK {

Connect_timeout 10

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

}

 

Start keealived

/Etc/init. d/keepalived restart

Check whether VIP exists

[Root @ localhost ipvsadm-1.26] # ip add

1: lo: <LOOPBACK, UP, LOWER_UP> mtu 16436 qdisc noqueue

Link/loopback 00: 00: 00: 00: 00: 00 brd00: 00: 00: 00: 00: 00

Inet 127.0.0.1/8 scope host lo

Inet6: 1/128 scope host

Valid_lft forever preferred_lft forever

2: eth0: <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000

Link/ether 00: 0c: 29: 70: 47: f4 brdff: ff

Inet 192.168.199.117/24 brd 192.168.199.255scope global eth0

Inet 192.168.199.119/32 scope global eth0

Inet6 fe80: 20c: 29ff: fe70: 47f4/64 scopelink

Valid_lft forever preferred_lft forever

3: sit0: <NOARP> mtu 1480 qdisc noop

Link/sit 0.0.0.0 brd 0.0.0.0

Check whether the realserver list exists.

[Root @ localhost ipvsadm-1.26] # ipvsadm-Ln

IP Virtual Server version 1.2.1 (size = 4096)

Prot LocalAddress: portsched1_flags

-> RemoteAddress: Port Forward Weight ActiveConn InActConn

TCP 192.168.199.119: 80 wrr

-> 192.168.199.113: 80 Route 1 0 0

-> 192.168.199.114: 80 Route 1 0 0

 

Finally, don't forget to use the script to configure VIP and ARP suppression on the realserver, as shown below:

[Root @ localhost tools] # cat realserver. sh

#! /Bin/sh

[-F "/etc/init. d/functions"] &./etc/init. d/functions

VIP = (

192.168.199.119

)

Start (){

# Bind VIP

For (I = 0; I <$ {# VIP [*]}; I ++ ))

Do

/Sbin/ifconfig lo: $ I $ {VIP [$ I]} netmask?#255.255 up>/dev/null2> & 1

Done

# ARP restrain

Echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce

Echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore

Echo "2">/proc/sys/net/ipv4/conf/all/arp_announce

}

 

Stop (){

For (I = 0; I <$ {# VIP [*]}; I ++ ))

Do

/Sbin/ifconfig lo: $ I $ {VIP [$ I]} netmask?#%255 down

Done

Echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "0">/proc/sys/net/ipv4/conf/lo/arp_announce

Echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore

Echo "0">/proc/sys/net/ipv4/conf/all/arp_announce

}

 

Case "$1" in

Start)

Start

If [$? -Eq 0]; then

Action "s start sucess"/bin/true

Else

Action "s start failed"/bin/false

Fi

;;

Stop)

Stop

If [$? -Eq 0]; then

Action "s stop sucess"/bin/true

Else

Action "s stop failed"/bin/false

Fi

;;

*)

Echo "USAGE: $0 {start | stop }"

Esac

 

View the VIP

[Root @ localhost tools] # ip add

1: lo: <LOOPBACK, UP, LOWER_UP> mtu 16436 qdisc noqueue

Link/loopback 00: 00: 00: 00: 00: 00 brd00: 00: 00: 00: 00: 00

Inet 127.0.0.1/8 scope host lo

Inet 192.168.199.119/32 brd 192.168.199.119scope global lo: 0

Inet6: 1/128 scope host

Valid_lft forever preferred_lft forever

2: eth0: <BROADCAST, MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000

Link/ether 00: 0c: 29: 41: 7c: 7e brdff: ff

Inet 192.168.199.114/24 brd 192.168.199.255scope global eth0

Inet6 fe80: 20c: 29ff: fe41: 7c7e/64 scopelink

Valid_lft forever preferred_lft forever

3: sit0: <NOARP> mtu 1480 qdisc noop

Link/sit 0.0.0.0 brd 0.0.0.0

The rest is fault simulation and testing, so we won't write more here.

LVS-NAT for Linux Server LB Clusters

LB cluster-LVS-NAT mode for cluster services in Linux

LVS-NAT + ipvsadm implement service cluster on RHEL 5.7

Realization of LVS-NAT and LVS-DR model of Linux Virtual Server

LVS + Keepalived high-availability server Load balancer cluster architecture Experiment

This article permanently updates the link address: