CentOS6.5环境下布署LVS+keepalived

lvs-master：192.168.9.201
lvs-backup：192.168.9.202
vip：192.168.9.200
web1：192.168.9.203
web2：192.168.9.204
netmask：255.255.255.0
gateway：192.168.9.1

网络拓扑：

echo "============================ 更新系统时间 ======================"
yum install -y ntp
ntpdate time.nist.gov
echo "00 01 * * * /usr/sbin/ntpdate time.nist.gov" /etc/crontab

echo “============================ 关闭不用服务 =======================”
/root/del_servcie.sh           # 附件中自定义脚本

echo “========================= 安装ipvsadm、keepalived ==================”
[root@master ~]# cd /usr/local/src
[root@master ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz
[root@master ~]# wget http://www.keepalived.org/software/keepalived-1.1.17.tar.gz
[root@master ~]# ln -sv /usr/src/kernels/2.6.18-194.el5-i686/ /usr/src/linux
[root@master ~]# tar -zxvf ipvsadm-1.24.tar.gz
[root@master ~]# cd ipvsadm-1.24
[root@master ~]# make;make install
[root@master ~]# cd ..
[root@master ~]# tar -zxvf keepalived-1.1.17.tar.gz
[root@master ~]# cd keepalived-1.1.17
[root@master ~]# ./configure 
[root@master ~]# make;make install
编译的时候出现这个提示，说明keepalived和内核结合了，如果不是这样的，需要加上这个参数./configure --with-kernel-

dir=/kernel/path
Keepalived configuration
------------------------
Keepalived version       : 1.1.17
Compiler                 : gcc
Compiler flags           : -g -O2
Extra Lib                : -lpopt -lssl -lcrypto 
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
Use VRRP Framework       : Yes
Use LinkWatch            : No
Use Debug flags          : No

echo “======================= 配置keepalived ===========================”
[root@master ~]#  cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
[root@master ~]#  cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
[root@master ~]#  mkdir /etc/keepalived
[root@master ~]#  cp /usr/local/sbin/keepalived /usr/sbin/
[root@master ~]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
 
global_defs {
   notification_email {
      king_819@163.com
   }
   notification_email_from king_819@163.com
   smtp_server smtp.163.com
  # smtp_connect_timeout 30
   router_id LVS_DEVEL
}
 
# VIP1
vrrp_instance VI_1 {
    state MASTER             #备份服务器上将MASTER改为BACKUP   
    interface eth0            #网卡名称
    lvs_sync_daemon_inteface eth0
    virtual_router_id 51
    priority 100    # 备份服务上将100改为90
    advert_int 5
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.9.200   
        #(如果有多个VIP，继续换行填写.)
    }
}
 
virtual_server 192.168.9.200 80 {
    delay_loop 6                  #(每隔10秒查询realserver状态)
    lb_algo wlc                  #(lvs 算法)
    lb_kind DR                  #(Direct Route)
    persistence_timeout 60        #(同一IP的连接60秒内被分配到同一台realserver)
    protocol TCP                #(用TCP协议检查realserver状态)
 
    real_server 192.168.9.203 80 {
        weight 100               #(权重)
        TCP_CHECK {
        connect_timeout 10       #(10秒无响应超时)
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
    }
    real_server 192.168.9.204 80 {
        weight 100
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
     }
}
[root@master ~]#  service keepalived start|stop
[root@master ~]# chkconfig –level 2345 keepalived on

echo “====================== 配置realserver =========================”

在web服务器上执行脚本添加vip
[root@web_1 ~]# vi /root/lvs_real.sh
#!/bin/bash
# description: Config realserver
#Written by : http://kerry.blog.51cto.com

SNS_VIP=192.168.9.200
 
. /etc/rc.d/init.d/functions
 
case "$1" in
start)
       /sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
       /sbin/route add -host $SNS_VIP dev lo:0
       echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
       sysctl -p >/dev/null 2>&1
       echo "RealServer Start OK"
 
       ;;
stop)
       /sbin/ifconfig lo:0 down
       /sbin/route del $SNS_VIP >/dev/null 2>&1
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
       echo "RealServer Stoped"
       ;;
*)
       echo "Usage: $0 {start|stop}"
       exit 1
esac
 
exit 0

[root@web_1 ~]# chmod +x /roo/lvs_real.sh
[root@web_1 ~]# /root/lvs_real.sh start
[root@web_1 ~]# ifconfig

[root@web_1 ~]# echo “/root/lvs_real.sh start” >> /etc/rc.local

echo “===================== 测试LVS+keepalived ========================”
#LVS_master、LVS_backup上开启keepalived，LVS_master先绑定VIP

/sbin/ifconfig eth1:0 inet VIP netmask 255.255.255.255 #此处先只在master上加，如果master挂掉，backup会自动启用

LVS_master：

LVS_backup：

#解析域名，测试访问，LVS转发

或者可以用/etc/init.d/ipvsadm status 查看（ipvsadm有时候看不到IP）

#测试关闭LVS_master，短暂的掉包后，LVS_backup马上接替工作

LVS_backup接替LVS_master绑定VIP

LVS_backup负责转发

LVS_master重启完成后，就会自动接回控制权，继续负责转发

#测试关闭其中一台realserver

通过上面测试可以知道，当realserver故障或者无法提供服务时，负载均衡器通过健康检查自动把失效的机器从转发队列删除掉，

实现故障隔离，保证用户的访问不受影响

#重启被关闭的realserver

当realserver故障恢复后，负载均衡器通过健康检查自动把恢复后的机器添加到转发队列中

常见问题：

1：master挂掉后，备的没有自动接起服务

首先检查备的vip是否有启动，如果没启动，仔细检查配置文件keepalived.conf里面的vrrp_instance里的interface是否为实际网卡的名称。

2：启动keepalived后vip没有启动

检查配置文件是否在/etc/keepalived/下 如果在别的地方移动到/etc/keepalived/下，尝试过日过不在和个地方就会报错