LVS-DR RR (Polling mode) build

This experiment needs two Dr (dispatcher), two RS (real server)

dr1:192.168.0.221

dr2:192.168.0.222

rs1:192.168.0.223

rs2:192.168.0.224

Dr Configuration

Install the underlying package first

[Root@dr1 ~]# yum install-y gcc gcc-c++ make openssl-devel kernel-devel kernel-headers libnl* libpopt* popt-static LIBNFN et* keepalived

Soft link kernel files for ipvsadm installation

[Root@dr1 ~]# ln-s/usr/src/kernels/2.6.32-642.11.1.el6.x86_64/usr/src/linux

Decompression Ipvsadm

[Root@dr1 ~]# tar xzvf ipvsadm-1.26.tar.gz

[ROOT@DR1 ipvsadm-1.26]# make &&make Install

After installing the IPVSADM, you do not need to modify other files.

Because the keepalived package is already included in the underlying package, you can modify the file usage directly in/etc/keepalived keepalived.conf, or replace it with the following thin content provided:

! Configuration File for Keepalived

Global_defs {

Notification_email {

Service@qq.com #配置管理员邮箱, for Alarm, set one line, can set multiple, the system needs to open SendMail service

}

Notification_email_from Alexandre.Cassen@firewall.loc #设置邮件的发送地址

Smtp_server 127.0.0.1 #设置smtp Server address

Smtp_connect_timeout #设置连接smtp服务超时时间

router_id Lvs_devel1 #路由ID, and backup is different, or you will be the error

}

Vrrp_instance Vi_1 {

State Master #指定Keepalived的角色, master indicates that this host is the primary server, and backup represents the standby server.

Interface Eth1 #指定检测网络的接口

virtual_router_id #虚拟路由标识, that is, under the same vrrp_instance, master and backup must be consistent.

Priority #定义优先级, the larger the number, the higher the priority, in a vrrp_instance, master priority must be greater than the priority of backup.

Advert_int 1 #设定MASTER与BACKUP负载均衡器之间同步检查的时间间隔, the unit is seconds.

Authentication {#设定验证类型和密码.

Auth_type Pass #设置验证类型, mainly have pass and ah two kinds

Auth_pass 1111 #设置验证密码, under a vrrp_instance, master and backup must use the same password to communicate properly.

}

virtual_ipaddress{

192.168.0.220 #设置虚拟IP地址, you can set up multiple virtual IP addresses, one for each line.

}

}

Virtual_server 192.168.0.220 {#设置虚拟服务器, the virtual IP address and service port need to be specified, and the IP is separated from the port by a space.

Delay_loop 6 #设置健康检查时间, the unit is seconds.

Lb_algo RR #设置负载调度算法, which is set to RR, the polling algorithm

Lb_kind Dr #设置LVS实现负载均衡的机制, you can have NAT, Tun, and Dr Three modes to choose from.

Persistence_timeout 2 #会话保持时间, the unit is seconds, the session remains functional, and the user's request is distributed to a service node until the session is held up for longer. It is to be noted that this session retention time is the maximum no response timeout, which means that if the user does not perform any action within 2 seconds when the dynamic page is being manipulated, the next operation is distributed to the other node, but if the dynamic page is being manipulated, it is not subject to a 2-second time limit. Because it is experimental in nature, you need to see the polling feature, so adjust this value 2 seconds so small.

Protocol TCP #指定转发协议类型, there are two kinds of TCP and UDP.

Real_server 192.168.0.223 {#配置服务节点1, you need to specify the true IP address and port Realserver, separated by a space between IP and port.

Weight 3 #配置服务节点的权值, weight value in numbers, the larger the number, the higher the weight, the size of the set weights can be different performance of the server to assign different load, can be high performance of the server set a higher weight, and lower performance of the server set a relatively low weight value, This makes it reasonable to use and allocate the system resources.

Tcp_check {#realserve的状态检测设置部分, Unit is seconds

Connect_timeout #10秒无响应超时

Nb_get_retry 3 #重试次数

Delay_before_retry 3 #重试间隔

}

}

Real_server 192.168.0.224 {#配置服务节点2

Weight 1

Tcp_check {

Connect_timeout 3

Nb_get_retry 3

Delay_before_retry3

}

}

}

Save and exit

Use the Ipvsadm–l–n command to see if Keepalived is running, as is the normal status:

[Root@dr1 keepalived] #ipvsadm-L-N

IP virtualserver Version 1.2.1 (size=4096)

Protlocaladdress:port Scheduler Flags

-> remoteaddress:port Forward Weight activeconn inactconn

TCP 192.168.0.220:80 RR Persistent 2

-> 192.168.0.223:80 Route 1 0 0

-> 192.168.0.224:80 Route 1 0 0

ok,keepalived normal operation

See if the eth1 Nic has a VIP

[root@dr1keepalived]# IP A

1:lo:<loopback,up,lower_up> MTU 65536 qdisc noqueue State UNKNOWN

Link/loopback 00:00:00:00:00:00 brd00:00:00:00:00:00

inet 127.0.0.1/8 Scope host Lo

INET6:: 1/128 Scope Host

Valid_lft Forever Preferred_lft Forever

2:eth1:<broadcast,multicast,up,lower_up> MTU 1500 Qdisc pfifo_fast State up qlen1000

Link/ether 00:0c:29:b0:09:39 Brdff:ff:ff:ff:ff:ff

inet 192.168.0.221/24 BRD 192.168.0.255scope Global eth1

inet 192.168.0.220/32 Scope Global eth1

Inet6 FE80::20C:29FF:FEB0:939/64 Scope link

Valid_lft Forever Preferred_lft Forever

OK,IP address has been identified.

Next, look at the Ipvsadm default timeout time

[Root@dr1 keepalived]# ipvsadm-l--timeout

Timeout (TCP Tcpfin UDP): 900 120 300

900 120 300 These three values are the TCP tcpfinudp time. That is, a TCP connection after the LVS, LVS will keep this record for 15 minutes, because this time is too long, so most people will find that after the LVs Dr poll phenomenon did not occur, And I also see that most of the tutorials are not stating this, the giant pits ... Because it is experimental, adjust this number to very small, using the following command to adjust:

[Root@dr1 ~]# ipvsadm--set 1 2 1

View adjustments after adjustment

[Root@dr1 ~]# ipvsadm-l--timeout

Timeout (TCP Tcpfin UDP): 1 2 1

OK, no problem.

Note: The only DR1 configuration listed above, DR2 configuration only needs to modify the following options in the keepalived.conf:

router_id Lvs_devel1 can be changed to Router_idlvs_devel2

State MASTER changed to state BACKUP

Interface Eth1 modified according to the specific interface of the NIC

Priority 100 changed to priority 90

Here you can start doing RS

Rs

First turn off the firewall

[root@localhost ~]# service iptables stop

Iptables:setting chains to Policy Accept:filter [OK]

iptables:flushing firewall rules: [OK]

iptables:unloading modules: [OK]

[Root@localhost ~]# Setenforce 0

Install the base package

[Root@localhost ~]# yum install-y gcc-c++ ncurses-devel gdbm-devel libxml2-devel openssl-devel

Install Apache

[Root@localhost ~]# Tar xzvfhttpd-2.2.14.tar.gz

[Root@localhost ~]# CD httpd-2.2.14

[Root@localhost httpd-2.2.14]#./configure--prefix=/usr/local/apache2--enable-module=so--enable-so--enable-cache --enable-disk-disk-cache--enable-mem-cache--enable-threads--enable-ssl && make && make install

Because of its experimental nature, Apache modifies httpd.conf's servername and index.html content without making other settings.

[Root@localhost ~]# cd/usr/local/apache2/conf/

[Root@localhost conf]# Vim httpd.conf

Change ServerName www.example.com:80 to ServerName 0.0.0.0:80

Save exit

[Root@localhost conf]# CD ...

[Root@localhost apache2]# CD htdocs/

[Root@localhost htdocs]# vim index.html

Put

Save exit

So Apache is set up.

Next Set IP forwarding

In/ETC/INIT.D create sh file, copy the following content into, remember to modify VIP address

#!/bin/bash

. /etc/init.d/functions

sns_vip=192.168.0.220

Case "$" in

Start

Ifconfig lo:0 $SNS _vip netmask 255.255.255.255 broadcast $SNS _VIP

/sbin/route add-host $SNS _vip Dev lo:0

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

Sysctl-p >/dev/null 2>&1

echo "Realserver Start OK"

;;

Stop

Ifconfig lo:0 Down

Route del $SNS _VIP >/dev/null 2>&1

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce

echo "Realserver stoped"

;;

*)

echo "Usage: $ {start|stop}"

Exit 1

Esac

Exit 0

Save and exit

To give files permission to run

[Root@localhost init.d]# chmod a+x Lvsrs

Running files

[root@localhost init.d]# Service Lvsrs start

Realserver Start OK

OK, run no problem, check the following IP address is hanging on the lo ring back

[Root@localhost init.d]# IP A

1:lo: <LOOPBACK,UP,LOWER_UP> mtu65536 qdisc noqueue State UNKNOWN

Link/loopback 00:00:00:00:00:00 BRD 00:00:00:00:00:00

inet 127.0.0.1/8 Scope host Lo

inet 192.168.0.220/32 BRD 192.168.0.220 Scope Global lo:0

INET6:: 1/128 Scope Host

Valid_lft Forever Preferred_lft Forever

2:eth1:<broadcast,multicast,up,lower_up> MTU 1500 Qdisc pfifo_fast State up qlen1000

Link/ether 00:0c:29:86:2a:17 BRD FF:FF:FF:FF:FF:FF

inet 192.168.0.224/24 BRD 192.168.0.255 Scope Global eth1

Inet6 FE80::20C:29FF:FE86:2A17/64 Scope link

Valid_lft Forever Preferred_lft Forever

OK, it's hung up, and then you can start testing.

First go back to the DR1 interface and execute the following command to monitor the connection retention status (2s refresh state)

[Root@dr1 ~]# Watch Ipvsadm-l-n-c

Open the browser, enter the VIP address, every 2 seconds by pressing F5 refresh, the effect shown in the following figure:

First Refresh

View IPVSADM Status

Ipvs Connection Entries

Pro Expire State source virtual destination

TCP 00:00 NONE 192.168.0.219:0 192.168.0.220:80 192.168.0.223:80

TCP 00:00 established 192.168.0.219:15566 192.168.0.220:80 192.168.0.223:80

Second Refresh

View IPVSADM Status

Ipvs Connection Entries

Pro Expire State source virtual destination

TCP 00:00 NONE 192.168.0.219:0 192.168.0.220:80 192.168.0.224:80

TCP 00:00 established 192.168.0.219:15566 192.168.0.220:80 192.168.0.224:80

OK, so there's no problem with the master, then disconnect Master's eth1 network test backup Dr poll

First, open cmd first ping vip address-T, as shown in the following figure

Then execute the following command to turn off the ETH1 network card and view the ping condition

[Root@dr1 ~]# Ifdown eth1

As you can see, Ping lost only one packet and switched to backup Dr.

Next, test backup Dr's polling situation and use the browser to refresh every 2 seconds

First Refresh

View IPVSADM Status

Ipvs Connection Entries

Pro Expire State source virtual destination

TCP 00:00 NONE 192.168.0.219:0 192.168.0.220:80 192.168.0.223:80

TCP 00:00 established 192.168.0.219:15566 192.168.0.220:80 192.168.0.223:80

Second Refresh

View IPVSADM Status

Ipvs Connection Entries

Pro Expire State source virtual destination

TCP 00:00 NONE 192.168.0.219:0 192.168.0.220:80 192.168.0.224:80

TCP 00:00 established 192.168.0.219:15566 192.168.0.220:80 192.168.0.224:80

OK, so there's no problem with backup Dr, the whole experiment is done.

Note: The only RS1 configuration listed above, RS2 configuration only needs to modify the following content in index.html:

RealServer1 changed to RealServer2