CentOS5.5环境下布署LVS keepalived

#!/bin/bash# BY kerryhu# MAIL:king_819@163.com# BLOG:http://kerry.blog.51cto.com# Please manual oper

#!/bin/bash

# BY kerryhu

# MAIL:king_819@163.com

# BLOG:http://kerry.blog.51cto.com

# Please manual operation yum of before Operation.....

系统环境`：CentOS 5.5（定制安装）

组件：

Base

Development Libraries

Development Tools

Editors

Text-based Internet

lvs-master ：192.168.9.201

lvs-backup ：192.168.9.202

vip ：192.168.9.200

web1：192.168.9.203

web2：192.168.9.204

netmask ：255.255.255.0

gateway ：192.168.9.1

网络拓扑：

echo "============================ 更新系统时间 ======================" yum install -y ntp

ntpdate time.nist.gov

echo "00 01 * * * /usr/sbin/ntpdate time.nist.gov" /etc/crontab

echo “============================ 关闭不用服务 =======================”

/root/del_servcie.sh # 附件中自定义脚本

echo “========================= 安装ipvsadm 、keepalived ==================”

[root@master ~]# cd /usr/local/src

[root@master ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz

[root@master ~]# wget http://www.keepalived.org/software/keepalived-1.1.17.tar.gz

[root@master ~]# ln -sv /usr/src/kernels/2.6.18-194.el5-i686/ /usr/src/linux

[root@master ~]# tar -zxvf ipvsadm-1.24.tar.gz

[root@master ~]# cd ipvsadm-1.24

[root@master ~]# make;make install

[root@master ~]# cd ..

[root@master ~]# tar -zxvf keepalived-1.1.17.tar.gz

[root@master ~]# cd keepalived-1.1.17

[root@master ~]# ./configure

configure: error:

!!! OpenSSL is not properly installed on your system. !!!

!!! Can not include OpenSSL headers files.

解决办法：

[root@master ~]# yum -y install openssl-devel

[root@master ~]# ./configure

[root@master ~]# make;make install

编译的时候出现这个提示，说明keepalived 和内核结合了，如果不是这样的，需要加上这个参数./configure --with-kernel-dir=/kernel/path

Keepalived configuration

------------------------

Keepalived version : 1.1.17

Compiler : gcc

Compiler flags : -g -O2

Extra Lib : -lpopt -lssl -lcrypto

Use IPVS Framework : Yes

IPVS sync daemon support : Yes

Use VRRP Framework : Yes

Use LinkWatch : No

Use Debug flags : No

echo “======================= 配置keepalived ===========================”

[root@master ~]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/

[root@master ~]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

[root@master ~]# mkdir /etc/keepalived

[root@master ~]# cp /usr/local/sbin/keepalived /usr/sbin/

[root@master ~]# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

king_819@163.com

}

notification_email_from king_819@163.com

smtp_server smtp.163.com

# smtp_connect_timeout 30

router_id LVS_DEVEL

}

# VIP1

vrrp_instance VI_1 {

state MASTER #备份服务器上将MASTER 改为BACKUP interface eth0

lvs_sync_daemon_inteface eth0

virtual_router_id 51

priority 100 # 备份服务上将100改为90

advert_int 5

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

192.168.9.200

#(如果有多个VIP ，继续换行填写.)

}

}

virtual_server 192.168.9.200 80 {

delay_loop 6 #(每隔10秒查询realserver 状态)

lb_algo wlc #(lvs 算法)

lb_kind DR #(Direct Route)

persistence_timeout 60 #(同一IP 的连接60秒内被分配到同一台realserver) protocol TCP #(用TCP 协议检查realserver 状态)

real_server 192.168.9.203 80 {

weight 100 #(权重)

TCP_CHECK {

connect_timeout 10 #(10秒无响应超时)

nb_get_retry 3

delay_before_retry 3

connect_port 80

}

}

real_server 192.168.9.204 80 {

weight 100

TCP_CHECK {

connect_timeout 10

nb_get_retry 3

delay_before_retry 3

connect_port 80

}

}

}

[root@master ~]# service keepalived start|stop

[root@master ~]# chkconfig –level 2345 keepalived on

echo “====================== 配置realserver =========================”

[root@web_1 ~]# vi /root/lvs_real.sh

#!/bin/bash

# description: Config realserver

#Written by : http://kerry.blog.51cto.com

SNS_VIP=192.168.9.200

/etc/rc.d/init.d/functions

case "$1" in

start)

/sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP /sbin/route add -host $SNS_VIP dev lo:0

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

sysctl -p >/dev/null 2>&1

echo "RealServer Start OK"

;;

stop)

/sbin/ifconfig lo:0 down

/sbin/route del $SNS_VIP >/dev/null 2>&1

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce

echo "RealServer Stoped"

;;

*)

echo "Usage: $0 {start|stop}"

exit 1

esac

exit 0

[root@web_1 ~]# chmod x /roo/lvs_real.sh

[root@web_1 ~]# /root/lvs_real.sh start

[root@web_1 ~]# ifconfig

[root@web_1 ~]# echo “/root/lvs_real.sh start” >> /etc/rc.local

echo “===================== 测试LVS keepalived ========================” #LVS_master、LVS_backup上开启keepalived ，LVS_master先绑定VIP

LVS_master：

LVS_backup：

#解析域名，测试访问

#测试关闭LVS_master，短暂的掉包后，LVS_backup马上接替工作

LVS_backup接替LVS_master绑定

VIP

LVS_backup负责转发

LVS_master重启完成后，就会自动接回控制权，继续负责转发

#测试关闭其中一台

realserver

通过上面测试可以知道，当realserver 故障或者无法提供服务时，负载均衡器通过健康检查自动把失效的机器从转发队列删除掉，实现故障隔离，保证用户的访问不受影响

#重启被关闭的

realserver

当realserver 故障恢复后，负载均衡器通过健康检查自动把恢复后的机器添加到转发队列中