CentOS 6.3 Deploy LVS (NAT) +keepalived for high-performance, highly available load balancing

First, System Environment

Experimental topology:

Lab Environment:

Vmware 9.01 + Windows 8 x64 Enterprise Edition +8g Memory

Virtual Machine steps:

1, install a CentOS 6.3 x64 host, the memory is 1GB, the network is NAT mode, pay attention to check the VMware Edit menu under Virtual Network editor VMnet8

2, power-up, installation system. Basic knowledge, no longer say, note: Choose English instead of Chinese, choose the basic server mode, system name: Lvs-master

3, after installing the system, log in with the root user, perform ifconfig view under the network situation, found:

Without seeing its physical NIC, we need to find a way to fix it.

Vi/etc/sysconfig/network-scripts/ifcfg-eth0

Modify it as follows, set up with the system, IP is static address instead of DHCP,IP address, mask, gateway, DNS and other information

Test ping to see if you can ping Baidu, yes, why the above gateway is 192.168.9.2, because the IP specified in VMnet8 in the virtual machine.

Start cloning multiple hosts to compose the test environment:

Shut down the host Init 0, and then right-lvs-master,manager-clone in the virtual, pay attention to choose Create a full clone, machine name input lvs-backup, about 30 seconds time can be cloned well.

Power on the Lvs-backup host, the system starts normally

We need to do two things,

One is the hostname modified to lvs-backup, this easy

Vi/etc/sysconfig/network

Modify Lvs-master to Lvs-backup. Then reboot the system to find that the system name modification is complete.

The second is to modify the system IP

1. After removing the/etc/udev/rules.d/70-persistent-net.rules, restart the machine . 70-persistent-net.rules This file determines the binding of the network card to the MAC address, after importing the existing virtual machine, but the MAC address of the NIC has changed, so the system does not think the network device exists.

2, after such treatment eth0 still can not start normally, need to/etc/udev/rules.d/70-persistent-net.rules file final modification "eth1" for "eth0",

Then remove the Mac directly from the/etc/sysconfig/network-scripts/ifcfg-eth0.

Restart the machine again, the eth0 can start normally.

Make sure you see the eth0 device after you execute the ifconfig command, and then continue with the following actions:

Vi/etc/sysconfig/network-scripts/ifcfg-eth0

To modify the system IP to 192.168.9.202

Execute the service network restart, and now test the ping www.baidu.com to see if it can be ping.

Repeat the above steps, the WEB1 and WEB2 two hosts also cloning completed, IP is 192.168.9.203,192.168.9.204

The network configuration is passed, and the network connection settings can be made using SECURECRT below.

=====================================================================================

System platform: CentOS 6.3

kernel:2.6.32-279.el6.i686

View Kernel method: Cat/proc/version, why do you focus on this? Because one of the steps below is to create a soft connection to the directory on this kernel, it is important to note why this directory is specified below.

LVS Version: ipvsadm-1.26

Keepalived version: keepalived-1.2.4

Third, installation

0, install the LVS before the system needs to install

Yum-y Install openssl-devel lftplibnl* popt* libnl* libpopt* gcc*

1. Configure lvs+keepalived on the two director servers separately

--------------------------LVS Install--------------------------

Cd/usr/src

wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz

If you have already created a soft connection, then delete it: rm/usr/src/linux Note that you cannot take the last/, otherwise you cannot delete it.

Ln-s/usr/src/kernels/2.6.32-279.el6.x86_64//usr/src/linux/

Tar zxvf ipvsadm-1.26.tar.gz

CD ipvsadm-1.26

Make && make install

keepalived Install-------------

Cd..

wget http://www.keepalived.org/software/keepalived-1.2.4.tar.gz

Tar zxvf keepalived-1.2.4.tar.gz

CD keepalived-1.2.4

./configure

Make && make install

######### keepalived into a start-up service for easy management ##########

\cp/usr/local/etc/rc.d/init.d/keepalived/etc/init.d/

\cp/usr/local/etc/sysconfig/keepalived/etc/sysconfig/

mkdir/etc/keepalived/

\cp/usr/local/etc/keepalived/keepalived.conf/etc/keepalived/

\cp/usr/local/sbin/keepalived/usr/sbin/

Service keepalived Start

2. Turn on route forwarding

Vi/etc/sysctl.conf

Modify the following values from 0 to 1:

Net.ipv4.ip_forward = 1

Refresh system variables to make system file changes effective immediately

Sysctl-p

3, Configuration keepalived

Vi/etc/keepalived/keepalived.conf

Input

:.,$d 

Delete all content and enter the following in Lvs-master:

! Configuration File for keepalived
global_defs {
   notification_email {
      [email protected]
   }
   notification_email_from [email protected]
   smtp_server smtp.163.com
  # smtp_connect_timeout 30
   router_id LVS_DEVEL
}



# VIP1
vrrp_instance VI_1 {
    state MASTER #Change MASTER to BACKUP on the backup server
    interface eth0
    lvs_sync_daemon_inteface eth0
    virtual_router_id 51
    priority 100 # 100 to 90 on the backup service
    advert_int 5
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    virtual_ipaddress {
192.168.9.200
        # (If there are multiple VIPs, continue to fill in new lines.)
    }
}



virtual_server 192.168.9.200 80 {
    delay_loop 6 # (Query the realserver status every 10 seconds)
    lb_algo wlc # (lvs algorithm)
    lb_kind DR # (Direct Route)
    persistence_timeout 60 # (connections of the same IP are assigned to the same realserver within 60 seconds)
    protocol TCP # (check realserver status with TCP protocol)

    real_server 192.168.9.203 80 {
        weight 100 # (weight)
        TCP_CHECK {
        connect_timeout 10 # (10 seconds no response timeout)
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
    }

    real_server 192.168.9.204 80 {
        weight 100
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
     }
}

Enter the following in Lvs-backup:

! Configuration File for keepalived
global_defs {
   notification_email {
      [email protected]
   }

   notification_email_from [email protected]
   smtp_server smtp.163.com
  # smtp_connect_timeout 30
   router_id LVS_DEVEL
}



# VIP1
vrrp_instance VI_1 {
    state BACKUP #Change MASTER to BACKUP on the backup server
    interface eth0
    lvs_sync_daemon_inteface eth0
    virtual_router_id 51
    priority 90 # change 100 to 90 on the backup service
    advert_int 5
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
192.168.9.200
        # (If there are multiple VIPs, continue to fill in new lines.)
    }
}



virtual_server 192.168.9.200 80 {
    delay_loop 6 # (Query the realserver status every 10 seconds)
    lb_algo wlc # (lvs algorithm)
    lb_kind DR # (Direct Route)
    persistence_timeout 60 # (connections of the same IP are assigned to the same realserver within 60 seconds)
    protocol TCP # (check realserver status with TCP protocol)

    real_server 192.168.9.203 80 {
        weight 100 # (weight)
        TCP_CHECK {
        connect_timeout 10 # (10 seconds no response timeout)
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
    }

    real_server 192.168.9.204 80 {
        weight 100
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }

     }

}

Configuring Keepalived Self-booting

Chkconfig--level 0123456 keepalived on

Viewing the self-starting status

Chkconfig--list keepalived

= = = The following script is executed on the Web server =========================================================================================== =====

Edit the following files on the WEB1 and WEB2 machines

vi/root/lvs_real.sh

#!/bin/bash

# description: Config realserver

#Written by : http://kerry.blog.51cto.com

SNS_VIP=192.168.9.200

 

/etc/rc.d/init.d/functions

 

case "$1" in

start)

       /sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP

       /sbin/route add -host $SNS_VIP dev lo:0

       echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

       echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

       echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

       echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

       sysctl -p >/dev/null 2>&1

       echo "RealServer Start OK"

 

       ;;

stop)

       /sbin/ifconfig lo:0 down

       /sbin/route del $SNS_VIP >/dev/null 2>&1

       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore

       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce

       echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore

       echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce

       echo "RealServer Stoped"

       ;;

*)

       echo "Usage: $0 {start|stop}"

       exit 1

esac

 

exit 0

Assigning Permissions to execute

chmod 755/etc/rc.d/init.d/functions Other People's configuration document does not have this step, I do not know why always said to execute to this sentence when no permissions, so I added the Execute permission

chmod 755/root/lvs_real.sh

/root/lvs_real.sh start

Add Auto Start

echo "/root/lvs_real.sh start" >>/etc/rc.local

================================================================================================

Turn off Iptables, because the CentOS 6.3 X64 default is to turn on iptables, so we are not convenient to test this experiment, so temporarily adopt the method of closing iptables, and then test how to use Iptables rules later.

Configuring iptables off self-booting

Chkconfig--level 0123456 iptables off

Viewing the self-starting status

Chkconfig--list iptables

Turn off all four machines iptables to prevent other problems.

This is still not possible, because no restart can not stop the iptables, so on the four platform to execute the following command:

Service Iptables Stop

================================================================================================

4, configure HTTP in 2 webserver respectively, here use a simple web server:httpd This software package, of course also can use Apache or tomcat.

Execute the following command on 192.168.9.203 and 192.168.9.204:

Yum-y Install httpd

cd/var/www/html/

VI index.html

－－－－－－－－－－－－－－－－－－－－－－－－－－－－－

Content on 192.168.9.203:

Content on 192.168.9.204:

－－－－－－－－－－－－－－－－－－－－－－－－－－－－－

/ETC/INIT.D/HTTPD start

The result is that an error failed to start:

Let's revise:

Vi/etc/httpd/conf/httpd.conf

ServerName www.example.com:80

Start again:

/ETC/INIT.D/HTTPD restart

Set Boot httpd

Chkconfig--level 0123456 httpd on

Another machine configuration, the process is slightly.

It is important to start keepalvied on both LVS servers, otherwise you will not be able to see the following interface properly:

Service keepalived Restart

Iv. Testing

# # # #高可用性测试 # #

Simulate the failure, stop the keepalived service on the Centos-lvs_master, and then observe the logs on the Centos-lvs_backup, as follows

From the log, after the host failure, the standby immediately detected, the standby machine becomes the master role, and take over the host's virtual IP resources, and finally bind the virtual IP on the Etho device.

When the keepalived service on the Centos-lvs_master is turned on, the Centos-lvs_backup log state.

From the log, the standby machine detects that the host is back to normal, freeing the virtual IP resource to become the backup role again.

# # # #Failover test # #

Failover is the test when a node fails, the Keepalived producer module can be found in time and then block the failure node, while the server transferred to the normal node to execute.

Stop the WEB2 node service, assuming that the node fails, and then the main, standby log information is as follows

From the above can be seen, keepalived monitoring module detected 192.168.9.204 This host failure, the WEB2 from the cluster system removed. At this time access http://192.168.9.200 can only see WEB1.)

Restart the service for the WEB2 node with the following log information:

Keepalived Monitoring module detects 192.168.9.204 This host is back to normal, and then add this node to the cluster system, again access to the WEB2 page can be accessed.

==============================================================================================

Reference Documentation:

http://blog.csdn.net/winsonyuan/article/details/7069884

CentOS 6.3 Deploy LVS (NAT) +keepalived for high-performance, highly available load balancing