LVS+keepalived+nginx

LVS是Linux Virtual Server的简写,基于4层协议不处理,不响应,只转发,速度更快 

 

wget -c http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz

ln -s /usr/src/kernels/2.6.*  /usr/src/linux  //IPVS模块编译进内核里,需要做软连接

tar xzvf ipvsadm-1.24.tar.gz &&cd ipvsadm-1.24 && make && make install

wget -c  http://www.keepalived.org/software/keepalived-1.1.15.tar.gz 

tar -xzvf keepalived-1.1.15.tar.gz &&cd keepalived-1.1.15

./configure --prefix=/usr/local/keepalived --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86_64/;make&&make install

cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

cp  /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

cp /usr/local/keepalived/sbin/keepalived  /usr/sbin/

cp -r /usr/local/keepalived/etc/keepalived/ /etc

192.168.10.130,192.168.10.128为均衡的后端机器  ,192.168.10.131 192.168.10.132 为LVS主备

MASTER配置文件 

! Configuration File for keepalived
global_defs {
notification_email {
liu6630@qq.com
}
notification_email_from liu6630@qq.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 152
priority 100
advert_int 5
nopreempt
authentication {
auth_type PASS
auth_pass 2222
}
virtual_ipaddress {
192.168.10.141
}
}
virtual_server 192.168.10.141 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 60
protocol TCP
real_server 192.168.10.128 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.10.130 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}

BACKUP配置文件 将priority 改小些就行

real_server 真实服务器起执行脚本lvs_realserver.sh

#!/bin/sh
#LVS Client Server
VIP=192.168.10.141
case $i in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
exit 0
;;
stop)
ifconfig lo:0 down
route del $VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped OK"
exit 1
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac

LVS不会检测你后端502超时错误,只关心80端口是否开启对于应用来说,这样检测明显不足,可以增加LVS对后端Nginx URL的检测,能访问URL则表示服务正常,代码:real_server 192.168.1.4 80 {

 

        weight 100

 

        HTTP_GET {

 

        url {

 

        path /monitor/warn.jsp

 

        status_code 200

 

        }

        connect_timeout 10

 

        nb_get_retry 3

 

        delay_before_retry 3

 

     }

 

与mysql+keepalived去区别,real_server 不能为本机 IP

lvs的设置:
查看是ipvsadm --list --timeout, 比如我的机器就会返回如下结果:
# ipvsadm --list --timeout
Timeout (tcp tcpfin udp): 7200 5 60
这就表明我的tcp session的timeout时间是7200秒。
设置timeout:
ipvsadm --set 7200 5 60
这个值如果设置太小,你的client将会收到 connection reset by peer此类的错误提示。
keepalived的配置:
就是virtual_server的persistence_timeout,意思就是在这个一定时间内会讲来自同一用户(根据ip来判断的)route到同一个real
server。对于长连接类的应用,配置值最好跟lvs的配置的timeout一致。

排错 

1.编译是否加了内核 没加内核不会启动检测 加了

2配置文件是否在 /etc/keepalivde 下  cp -r /usr/local/keepalived/etc/keepalived/ /etc 

3是否加载modprobe ip_vs   未加载虚拟IP模块 有VIP其他服务也不能访问VIP

4是否VIP与真实IP同一网段且无IP冲突 

5VIP是否起来 可以用 ip addr list 查看 

6 virtual_router_id  同一集群的keepalived的主、备机的virtual_router_id 必须相同,取值0-255 但是同一内网中不应有相同virtual_router_id的集群 

7 ipvsadm -ln 察看IPVS规则 是否添加真实服务器

8tcpdump  -nn port 80 and host 192.168.10.141 

9ab -c 100 -n 1000 http://192.168.10.141/  压测 

posted @ 2017-05-23 18:50  林夕之风  阅读(245)  评论(0编辑  收藏  举报