centos6.5搭建LVS+Keepalived

1.配置LVS负载调度器#

（1）为eth0配置IP地址，为eth0:0配置VIP地址。#

vi /etc/sysconfig/network-scripts/ifcfg-eth0
……
DEVICE=eth0
IPADDR=192.168.0.130
NETMASK=255.255.255.0
vi /etc/sysconfig/network-scripts/ifcfg-eth0:0
……
DEVICE=eth0:0
IPADDR=192.168.0.150
NETMASK=255.255.255.0
service network restart

（2）调整/proc参数，关闭重定向响应。#

vi /etc/sysctl.conf
……
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.eth0.send_redirects = 0
net.ipv4.conf.eth1.send_redirects = 0
sysctl –p

（3）安装ipvsadm软件包，为VIP创建虚拟服务器，使用rr算法。#

yum -y install ipvsadm
service ipvsadm start

（4）为虚拟服务器添加4个Web节点2个相同，采用DR工作模式，权重均设为1。#

ipvsadm -A -t 192.168.0.150:8080 -s rr
ipvsadm -a -t 192.168.0.150:8080 -r 192.168.0.131 -g -w 1
ipvsadm -a -t 192.168.0.150:8080 -r 192.168.0.141 -g -w 1
ipvsadm -A -t 192.168.0.150:8090 -s rr
ipvsadm -a -t 192.168.0.150:8090 -r 192.168.0.132 -g -w 1
ipvsadm -a -t 192.168.0.150:8090 -r 192.168.0.142 -g -w 1

（5）保存LVS负载分配策略，并通过系统服务ipvsadm进行管理，开机自启。#

service ipvsadm save
chkconfig ipvsadm on

2、配置Web节点服务器#

（1）配置网卡#

[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0
……
DEVICE=lo:0
IPADDR=192.168.0.150
NETMASK=255.255.255.255
service network restart
vi /etc/rc.local //添加VIP本地访问路由
……
/sbin/route add -host 192.168.0.150 dev lo:0
[root@localhost ~]# route add -host 192.168.0.150 dev lo:0

（2）调整/proc参数，禁用ARP响应。#

[root@localhost ~]# vi /etc/sysctl.conf
……
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost ~]# sysctl –p

3、Keepalived高可用，灾备，冗余#

1：安装组件#

[root@localhost ~]# yum -y install kernel-devel openssl-devel popt-devel
[root@localhost ~]# cd /usr/src
[root@localhost src]# tar zxf keepalived-1.2.13.tar.gz
[root@localhost src]# cd keepalived-1.2.13
[root@localhost keepalived-1.2.13]# yum -y install gcc* gcc-*
[root@localhost keepalived-1.2.13]# ./configure –prefix=/ –with-kernel-dir=/usr/src/kernels/2.6.32-431.e16.x86_64
[root@localhost keepalived-1.2.13]# make && make install

[root@localhost ~]# ls -l /etc/init.d/keepalived
[root@localhost ~]# chkconfig –add keepalived
[root@localhost ~]# chkconfig keepalived on
[root@localhost ~]#

2：主服务器的配置#

[root@localhost ~]# service iptables stop
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_01 \起的名字
}

vrrp_instance VI_1 {
state MASTER \另一个为backup
interface eth0
virtual_router_id 1 \保持一致
priority 100
advert_int 1
authentication {
auth_type PASS \保持一致
auth_pass 1111 \保持一致
}
virtual_ipaddress {
192.168.0.150 \保持一致
}
}
[root@localhost keepalived]# service keepalived start
[root@localhost keepalived]# ip addr show dev eth0

3：备份服务器的配置#

[root@localhost ~]# service iptables stop
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
! Configuration File for keepalived

global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_02
}

vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 1
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.150
}
}
[root@localhost keepalived]# service keepalived start
[root@localhost keepalived]# ip addr show dev eth0

4：测试双击热备功能#

用客户机：ping 192.168.0.150 -t
依次down掉两个服务器的网卡，观察ping的信息