Centos7.0 system lvs installation and deployment

Source: Internet
Author: User
Tags openldap

Centos7.0 system lvs installation and deployment

System: CentOS Linux release 7.0.1406 (Core)

First, set the system language format and use the yum command that comes with the system to install and upgrade the required library.

# LANG = C

Yuminstall gcc-c ++ libtool-libs kernel-devel libjpeglibjpeg-devel libpng-devel libtiff-devel gettext gettext-devellibxml2 libxml2-devel zlib-devel net-snmp file glib2 glib2-devel bzip2 diff * openldap-devel bzip2-devel ncurses * curl extensions e2fsprogs-devel krb5krb5-devel libidn-devel openssl-devel vim-minimal unzip extensions-devel png jpeg zlib gd php-gd * libiconv libevent mhash extensions-fastestmirror ntp patch flex bison tar pcre-devel pcre-static automakeautoconf glibc-devel openldap nss_ldap openldap-clients openldap-serverslibart_lgpl-devel pixman-devel pango-devel * cairo-devel * perl-* curl- devel make apr * keyutils-libs-devel kernel-headers compat * mpfrcpp libgomp libstdc ++-devel ppl cloog-ppl libcom_err-devel libsepol-devellibselinux-devel libXpm * php-common

1. system settings before installation

1. modify the current maximum number of opened files

Echo-e "ulimit-SHn 51200">/etc/rc. local

Echo-e "ulimit-SHn 51200">/etc/profile

Echo-e "* soft nofile51200">/etc/security/limits. conf

Echo-e "* hard nofile51200">/etc/security/limits. conf

Source/etc/profile

2. Firewall settings

The default firewall of centos7.0 is firewalld (to test, disable the default firewall and use iptables firewall)

Systemctl stop firewalld. service # stop firewall

Systemctl disable firewalld. service # disable firewall startup

View the default Firewall Status:

Firewall-cmd -- state

Not running

Vi/etc/sysconfig/iptables

/Bin/systemctl enableiptables. service

/Bin/systemctl restartiptables. service

3. Modify selinux

Sed-I's/SELINUX = enforcing/# SELINUX = enforcing/'/etc/selinux/config

Sed-I's/SELINUXTYPE = targeted/# SELINUXTYPE = targeted/'/etc/selinux/config

Echo-e "SELINUX = disabled">/etc/selinux/config

4. Uninstall the java package

Rpm-qa | grep java

(All the queried java packages are uninstalled)

5. Restart reboot

Ii. Install lvs

122.144.166.21: LVS_MASTER

122.144.166.22: LVS_BACKUP

122.144.177.21: LVS_MASTER_VIP

Real_server: 122.144.166.100

Real_server: 122.144.166.101

Install the required dependency package

Yum install popt-static kernel-devel make gcc openssl-devel lftplibnl * popt * libnl * libpopt * gcc *

1. lvs installation and deployment: Install LVS and keepalived software (LVS_MASTER & LVS_BACKUP) on two lvs servers)

Check whether the kernel module supports
Lsmod | grep ip_vs # No
2. Install ipvsadm
Wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz
Tar zxf ipvsadm-1.26.tar.gz
Cd ipvsadm-1.26

Rpm-qa | grep kernel-devel (installed by default)

Make & make install

Load the ip_vs Module
# Execute the ipvsadm command to load
Ipvsadm
# View the result (the result is displayed successfully)

3. Install and deploy keepalived:

Wgethttp: // www.keepalived.org/software/keepalived-1.20..tar.gz

Tar-zxvf keepalived-1.2.16.tar.gz

Cd keepalived-1.2.16/

./Configure

Make & make install

######## Make keepalived a startup service for convenient management ##########

Cp/usr/local/etc/rc. d/init. d/keepalived/etc/init. d/

Cp/usr/local/etc/sysconfig/keepalived/etc/sysconfig/

Mkdir/etc/keepalived/

Cp/usr/local/etc/keepalived. conf/etc/keepalived/

Cp/usr/local/sbin/keepalived/usr/sbin/

Service keepalived restart

4. Enable route forwarding

Vi/etc/sysctl. conf

Net. ipv4.ip _ forward = 1

Net. ipv4.conf. lo. arp_ignore = 0

Net. ipv4.conf. lo. arp_announce = 0

Net. ipv4.conf. all. arp_ignore = 0

Net. ipv4.conf. all. arp_announce = 0

Refresh system variables to make System File changes take effect immediately

Sysctl-p

Echo 1>/proc/sys/net/ipv4/ip_forward

5. Configure the virtual vip address on LVS_MASTER

Ifconfig lo: 0 122.144.177.21 netmask restart failure 192 broadcast 122.144.177.255 (I use 122.144.177.21 as the drifting address here. We recommend adding the lo: 0 configuration file to prevent restart failure)

6. Configure Keepalived

################ Example ##################### ####

Vi/etc/keepalived. conf

! Configuration File for keepalived

Global_defs {

Router_idLVS_DEVEL_MASTER # indicates an identifier for running the keepalived server. Information displayed on the subject during email sending

}

Vrrp_instance VI_1 {

State MASTER # specifies the keepalived role. MASTER indicates that the host is the MASTER server, and BACKUP indicates that the host is a BACKUP server.

Interface em1 # specify the HA Monitoring Network interface

Virtual_router_id 51 # virtual route ID. This ID is a number and the same vrrp instance uses a unique ID. That is, under the same vrrp_instance, the MASTER and BACKUP must be consistent.

Priority 100 # defines the priority. The greater the number, the higher the priority. In the same vrrp_instance, the MASTER priority must be higher than the BACKUP priority.

Advert_int 1 # Set the synchronization check interval between the MASTER and BACKUP Load balancer, in seconds

Authentication {# Set the authentication type and password

Auth_type PASS # Set the authentication type, mainly including PASS and AH

Auth_pass 1111 # Set the verification password. In the same vrrp_instance, the MASTER and BACKUP must use the same password for normal communication.

}

Virtual_ipaddress {# Set virtual IP addresses. You can set multiple virtual IP addresses, one per line.

122.144.177.216

}

}

Virtual_server 122.144.177.216 80 {# To set a virtual server, you must specify the virtual IP address and service port. IP addresses and ports are separated by spaces.

Delay_loop 6 # Set the runtime check time, in seconds

Lb_algorr # Set the load scheduling algorithm. Here it is set to rr, that is, the polling algorithm.

Lb_kind DR # Set LVS to implement load balancing. Available in NAT, TUN, and DR Modes

Nat_mask 255.255.255.0

Persistence_timeout 50 # session persistence time, in seconds. This option is very useful for dynamic web pages and provides a good solution for session sharing in the cluster system. # With this session persistence function, user requests are distributed to a service node until the session persistence time is exceeded. # Note that the session persistence time is the maximum no response timeout time. That is to say, if the user does not perform any operation within 50 seconds when operating the dynamic page, # The subsequent operations will be distributed to another node, but if the user is still operating on the dynamic page, it will not be subject to the time limit of 50 seconds

Protocol TCP # specifies the forwarding protocol type, which can be TCP or UDP

Real_server122.144.166.213 80 {# configure Service Node 1. You must specify the real IP address and port of the realserver, which are separated by spaces.

Weight 1 # configure the weight of a service node. The weight size is represented by a number. The larger the number, the higher the weight. The size of the weight can be different for servers with different performance. # assign different loads, you can set a higher weight for a high-performance server and a lower weight for a low-performance server so that system resources can be properly utilized and allocated.

Connect_timeout 3 # No response timeout in 3 seconds

Nb_get_retry 3 # indicates the number of retries

Delay_before_retry 3 # indicates the Retry Interval.

}

Real_server 122.144.166.214 80 {

Weight 1

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry 3

}

}

###################### LVS_MASTER ################# ###

! Configuration File for keepalived

Global_defs {

Router_id LVS_DEVEL_MASTER

}

Vrrp_instance VI_1 {

State MASTER

Interface em1

Virtual_router_id 51

Priority100

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Virtual_ipaddress {

122.144.177.21

}

}

Virtual_server122.144.177.21 80 {

Delay_loop 6

Lb_algorr

Lb_kind DR

Persistence_timeout 50

Protocol TCP

Real_server122.144.166.100 80 {

Weight 1

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry 3

}

Real_server122.144.166.101 80 {

Weight 1

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry 3

}

}

###################### LVS_BACKUP ################# ###

! Configuration File for keepalived

Global_defs {

Router_id LVS_DEVEL_BACKUP

}

Vrrp_instance VI_1 {

State BACKUP

Interface em1

Virtual_router_id 51

Priority 90

Advert_int 1

Authentication {

Auth_type PASS

Auth_pass 1111

}

Virtual_ipaddress {

122.144.177.21

}

}

Virtual_server122.144.177.21 80 {

Delay_loop 6

Lb_algo rr

Lb_kind DR

Persistence_timeout 50

Protocol TCP

Real_server122.144.166.100 80 {

Weight 1

Connect_timeout3

Nb_get_retry 3

Delay_before_retry 3

}

Real_server122.144.166.101 80 {

Weight 1

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry 3

}

}

######################################## ########

Configure keepalived to start automatically

Chkconfig -- level 0123456 keepalived on

View auto-start status

Chkconfig -- list keepalived

Enable keepalived service keepalived restart

######################################## ########

7. Test #### high availability test ####

Simulate a fault, stop the keepalived service on the CentOS-LVS_MASTER, and then observe the log on the CentOS-LVS_BACKUP, the information is as follows

The log shows that after the host fails, the slave immediately detects that the slave is changed to the MASTER role and takes over the virtual IP Address Resources of the host, finally, bind the virtual IP address to the em1 device.

The log status of the CentOS-LVS_MASTER after the keepalived service on the CentOS-LVS_BACKUP is turned on

The log shows that after the slave detects that the host is restored to normal, the virtual IP resource is released and becomes the BACKUP role again.

######################################## ####

Web server settings (122.144.166.100 and 122.144.166.101)

######################################## ###

Edit the following file on the WEB1 and WEB2 machines:

Vi/home/shell/lvs_real.sh

#! /Bin/bash

# Description: Config realserver

# Written by: http://kerry.blog.51cto.com

SNS_VIP = 122.144.177.21

/Etc/rc. d/init. d/functions

Case "$1" in

Start)

/Sbin/ifconfig lo: 0 $ SNS_VIP netmask1_255.0 broadcast $ SNS_VIP

/Sbin/route add-host $ SNS_VIP dev lo: 0

Echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce

Echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore

Echo "2">/proc/sys/net/ipv4/conf/all/arp_announce

Sysctl-p>/dev/null 2> & 1

Echo "RealServer Start OK"

;;

Stop)

/Sbin/ifconfig lo: 0 down

/Sbin/route del $ SNS_VIP>/dev/null2> & 1

Echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "0">/proc/sys/net/ipv4/conf/lo/arp_announce

Echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore

Echo "0">/proc/sys/net/ipv4/conf/all/arp_announce

Echo "RealServer Stoped"

;;

*)

Echo "Usage: $0 {start | stop }"

Exit 1

Esac

Exit 0

######################################## ######

Grant execution permission

Chmod 777/home/shell/lvs_real.sh

Chmod 755/etc/rc. d/init. d/functions other people's configuration documents do not have this step. I don't know why I always say I have no permission to execute this sentence, so I added the execution permission.

Chmod 755/home/shell/lvs_real.sh

/Home/shell/lvs_real.sh start

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.