Deploy LVS (NAT) + keepalived in centos 6.3 to achieve high-performance and high-availability Load Balancing

I,System Environment

Tutorial topology:

 

 

Lab environment:

VMware 9.01 + Windows 8x64 Enterprise Edition + 8 GB memory

VM steps:

1. Install a centos 6.3 x64 host with 1 GB memory and Nat network. Check vmnet8 in Virtual Network editor under the edit menu in VMware.

2. Power up and install the system. Basic knowledge, no longer said, note: select English rather than Chinese, select the basic server mode, system name: LVS-MASTER

3. After installing the system, log in with the root user and run ifconfig to view the network conditions:

We don't see its physical Nic. We need to solve it.

VI/etc/sysconfig/network-scripts/ifcfg-eth0

As shown in the following figure, set the IP address to static address instead of DHCP, IP address, mask, gateway, DNS, and other information as the system starts.

 

Test the ping command to see if it can ping Baidu. By the way, the gateway above is 192.168.9.2 because it is the IP address specified in vmnet8 In the VM.

 

Start cloning multiple hosts to form a test environment:

 

Shut down host init 0, right-click the virtual LVS-MASTER, Manager-clone, be sure to choose create a full clone, machine name input LVS-BACKUP, around thirty seconds to clone.

 

Power up the LVS-BACKUP host and the system starts properly

We need to do two things,

One is to change the host name to the LVS-BACKUP, Which is easy

VI/etc/sysconfig/Network

You can change the LVS-MASTER to a LVS-BACKUP. Then reboot the system and you will find that the system name has been modified.

 

 

Second, modify the system IP address.

 

1. delete/etc/udev/rules. d/70-persistent-net.rulesRestart the machine. The file 70-persistent-net.rules determines the binding between the nic and the MAC address. After the existing virtual machine is imported, the MAC address of the NIC changes, so the system determines that the network device does not exist.

2. After such processing, eth0 cannot be started normally. You need to change the final modification of the/etc/udev/rules. d/70-persistent-net.rules file "eth1" to "eth0 ",

Then remove the Mac from the/etc/sysconfig/network-scripts/ifcfg-eth0 directly.

AgainRestart the machine, Eth0 can be started normally.

 

Are you sure you can see the eth0 device after executing the ifconfig command, and then proceed with the following action:

VI/etc/sysconfig/network-scripts/ifcfg-eth0

Change the system IP address to 192.168.9.202.

Run the service network restart command and test the ping www.baidu.com to see if the Ping is successful.

 

Repeat the preceding steps to clone the web1 and web2 hosts. The IP addresses are 192.168.9.203 and 192.168.9.204 respectively.

 

After the network configuration is passed, you can use securecrt to set the network connection.

========================================================== ========================================================== =====

System Platform: centos 6.3

Kernel: 2.6.32-279. el6.i686

Check the kernel method: CAT/proc/version. Why do you want to explain it here? The following procedure creates a soft connection to the directory of the kernel.

LVS version: ipvsadm-1.26

Keepalived version: keepalived-1.2.4

Iii. Installation

0. The system must be installed before LVS is installed.

Yum-y install OpenSSL-devel lftplibnl * popt * libnl * libpopt * GCC *

 

1. Configure LVS + keepalived on the two ctor servers respectively.

------------- LVS install --------------------------

CD/usr/src

Wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz

If you have already created a soft connection, delete it: Rm/usr/src/Linux. Note that the last/cannot be deleted.

Ln-S/usr/src/kernels/2.6.32-279. el6.x86 _ 64 // usr/src/Linux/

Tar zxvf ipvsadm-1.26.tar.gz

CD ipvsadm-1.26

Make & make install

 Keepalived install -------------

CD ..

Wget http://www.keepalived.org/software/keepalived-1.2.4.tar.gz

Tar zxvf keepalived-1.2.4.tar.gz

CD keepalived-1.2.4

./Configure

Make & make install

######## Make keepalived a startup service for convenient management ##########

\ CP/usr/local/etc/rc. d/init. d/keepalived/etc/init. d/

\ CP/usr/local/etc/sysconfig/keepalived/etc/sysconfig/

Mkdir/etc/keepalived/

\ CP/usr/local/etc/keepalived. CONF/etc/keepalived/

\ CP/usr/local/sbin/keepalived/usr/sbin/

Service keepalived start

2. Enable route forwarding

VI/etc/sysctl. conf

Modify the following values from 0 to 1:

Net. ipv4.ip _ forward = 1

 

Refresh system variables to make System File changes take effect immediately

Sysctl-P

 

3. Configure keepalived

VI/etc/keepalived. conf

Input

:.,$d 

Delete all content and enter the following in the LVS-MASTER:

! Configuration file for login {icationication_email {[email protected]} login [email protected] smtp_server smtp.163.com # route 30 router_id lvs_devel} # vip1vrrp_instance vi_1 {state master # Backup Server Changes master to backup interface eth0 lvs_sync_daemon_inteface eth0 virtual_router_id 51 priority 100 # change 100 to 90 advert_int 5 authentication {auth_type pass auth_pass 1111} virtual_ipaddress {
192.168.9.200 # (if there are multiple VIPs, continue with the line feed .)}} virtual_server 192.168.9.200 80 {delay_loop 6 # (RealServer status query every 10 seconds) lb_algo wlc # (LVS algorithm) lb_kind Dr # (direct route) persistence_timeout 60 # (connections from the same IP address are allocated to the same RealServer within 60 seconds) protocol TCP # (check the RealServer status using the TCP protocol) real_server 192.168.9.203 80 {weight 100 # (weight) tcp_check {connect_timeout 10 # (no response timeout in 10 seconds) nb_get_retry 3 timeout 3 connect_port 80} real_server 192.168.9.204 80 {weight 100 tcp_check {connect_timeout 10 nb_get_retry 3 timeout 3 connect_port 80 }}}

Enter the following in the LVS-BACKUP:

! Configuration file for login {icationication_email {[email protected]} login [email protected] smtp_server smtp.163.com # route 30 router_id lvs_devel} # vip1vrrp_instance vi_1 {state backup # Backup Server Changes master to backup interface eth0 lvs_sync_daemon_inteface eth0 virtual_router_id 51 priority 90 # change 100 to 90 advert_int 5 authentication {auth_type pass auth_pass 1111} virtual_ipaddress {
192.168.9.200 # (if there are multiple VIPs, continue with the line feed .)}} virtual_server 192.168.9.200 80 {delay_loop 6 # (RealServer status query every 10 seconds) lb_algo wlc # (LVS algorithm) lb_kind Dr # (direct route) persistence_timeout 60 # (connections from the same IP address are allocated to the same RealServer within 60 seconds) protocol TCP # (check the RealServer status using the TCP protocol) real_server 192.168.9.203 80 {weight 100 # (weight) tcp_check {connect_timeout 10 # (no response timeout in 10 seconds) nb_get_retry 3 timeout 3 connect_port 80} real_server 192.168.9.204 80 {weight 100 tcp_check {connect_timeout 10 nb_get_retry 3 timeout 3 connect_port 80 }}}

Configure keepalived to start automatically

Chkconfig -- level 0123456 keepalived on

View auto-start status

Chkconfig -- list keepalived

 

=== The following script is executed on the Web server ======================== ========================================================== ==================================

Edit the following file on the web1 and web2 machines:

VI/root/lvs_real.sh

#!/bin/bash# description: Config realserver#Written by : http://kerry.blog.51cto.comSNS_VIP=192.168.9.200 /etc/rc.d/init.d/functions case "$1" instart)       /sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP       /sbin/route add -host $SNS_VIP dev lo:0       echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore       echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce       echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore       echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce       sysctl -p >/dev/null 2>&1       echo "RealServer Start OK"        ;;stop)       /sbin/ifconfig lo:0 down       /sbin/route del $SNS_VIP >/dev/null 2>&1       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce       echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore       echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce       echo "RealServer Stoped"       ;;*)       echo "Usage: $0 {start|stop}"       exit 1esac exit 0

 

Grant execution permission

 

Chmod 755/etc/rc. d/init. d/functions other people's configuration documents do not have this step. I don't know why I always say I have no permission to execute this sentence, so I added the execution permission.

Chmod 755/root/lvs_real.sh

/Root/lvs_real.sh start

Add auto start

Echo "/root/lvs_real.sh start">/etc/rc. Local

========================================================== ========================================================== ======================

Disable iptables because iptables is enabled by default in centos 6.3 x64, which makes it inconvenient for us to test this experiment. Therefore, we will temporarily disable iptables and test how to use iptables rules later.

Configure iptables to disable auto-start

Chkconfig -- level 0123456 iptables off

View auto-start status

Chkconfig -- list iptables

Disable all the iptables of the four machines to prevent other problems.

This is not the case, because iptables cannot be stopped without restarting. Therefore, run the following command on the four platforms:

Service iptables stop

========================================================== ========================================================== ======================

4. Configure HTTP in two webservers respectively. Here, a simple web server: httpd package is used. Of course, Apache or Tomcat can be used.

Run the following commands on 192.168.9.203 and 192.168.9.204:

Yum-y install httpd

CD/var/www/html/

VI index.html

 

-----------------------------

Content on 192.168.9.203:

<H1> web1/192.168.9.203

 

Content on 192.168.9.204:

<H1> web1/192.168.9.204

-----------------------------

/Etc/init. d/httpd start

Failed to start after an error is found:

 

Let's modify it:

VI/etc/httpd/CONF/httpd. conf

Servername www.example.com: 80

Restart:

/Etc/init. d/httpd restart

Enable httpd at startup

Chkconfig -- level 0123456 httpd on

 

The configuration of another machine is the same, and the process is omitted.

 

It is important to start keepalvied on both LVS servers. Otherwise, the following interface cannot be viewed normally:

Service keepalived restart

 

 

Iv. Test

#### High availability test ####

Simulate a fault, stop the keepalived service on the CentOS-LVS_MASTER, and then observe the log on the CentOS-LVS_BACKUP, the information is as follows

The log shows that after the host fails, the slave immediately detects that the slave is changed to the master role and takes over the virtual IP Address Resources of the host, finally, bind the virtual IP address to the etho device.

The log status of the CentOS-LVS_MASTER after the keepalived service on the CentOS-LVS_BACKUP is turned on.

The log shows that after the slave detects that the host is restored to normal, the virtual IP resource is released and becomes the backup role again.

#### Failover test ####

Failover is to test whether the keepalived monitoring module can detect and block faulty nodes in time when a node fails, and transfer the server to a normal node for execution.

Disable the service of the web2 node. If the node fails, the logs of the master and slave nodes are as follows:

 

As can be seen from the above, the keepalived monitoring module detects the failure of the host 192.168.9.204 and removes web2 from the cluster system. Access http: // 192.168.9.200 to view only web1)

 

Restart the service on the web2 node. The log information is as follows:

 

After the keepalived monitoring module detects that the host 192.168.9.204 has recovered to normal, it adds the node to the cluster system and can access the web2 page again)

========================================================== ========================================================== ====================

Reference:

Http://blog.csdn.net/winsonyuan/article/details/7069884

From: http://www.cnblogs.com/littlehb/archive/2012/12/13/2816652.html