lvs heartbeat ldirectord一 系統(tǒng)環(huán)境1 操作系統(tǒng) centos 5.4 主服務(wù)器，centos5.5 從服務(wù)器兩臺真實的web 服務(wù)器系統(tǒng)為 web1 是redhat5.1 w

lvs heartbeat ldirectord

一 系統(tǒng)環(huán)境

1 操作系統(tǒng) centos 5.4 主服務(wù)器，centos5.5 從服務(wù)器

兩臺真實的web 服務(wù)器系統(tǒng)為 web1 是redhat5.1 web2是 Redhat5.4

2網(wǎng)絡(luò)環(huán)境

主服務(wù)器 lvs-master ip 192.168.0.148

從服務(wù)器 lvs-slave ip 192.168.0.150

真實服務(wù)器 web1 ip 192.168.0.86

真實服務(wù)器 web2 ip 192.168.0.89

虛擬 ip 192.168.0.100

3所需要軟件

#yum -y install heartbeat heartbeat-ldirectord ipvsadm

#yum -y install heartbeat

Yum install net-snmp libnet

通過在線升級。

4系統(tǒng)設(shè)置

在主服務(wù)器lvs-master 設(shè)置hosts 文件

[root@lvs-master ~]# cat /etc/hosts

# Do not remove the following line, or various programs # that require network functionality will fail.

127.0.0.1 lvs-master.localdomain localhost ::1 localhost6.localdomain6 localhost6 lvs-master 192.168.0.148

lvs-slave 192.168.0.150

在從服務(wù)器lvs-slave 設(shè)置hosts 文件

[root@lvs-slave ~]# cat /etc/hosts

# Do not remove the following line, or various programs

# that require network functionality will fail.

127.0.0.1 lvs-slave.localdomain localhost

#::1 localhost6.localdomain6 localhost6

lvs-slave 192.168.0.150

lvs-master 192.168.0.148

192.168.0.148 mail.ty.com

關(guān)閉不必要的服務(wù)

在主服務(wù)器lvs-master 和從服務(wù)器作系統(tǒng)操作

chkconfig bluetooth off

chkconfig firstboot off

chkconfig cups off

chkconfig ip6tables off

chkconfig iptables off

chkconfig isdn off

chkconfig kudzu off

chkconfig sendmail off

chkconfig smartd off

chkconfig autofs off

service bluetooth stop

service firstboot stop

service cups stop

service ip6tables stop

service iptables stop

service isdn stop

service kudzu stop

service sendmail stop

service smartd stop

service autofs stop

同步系統(tǒng)時間

#ntpdate time.nist.gov

對于 selinux 最好關(guān)掉 lvs-master 和lvs-slave 做如下操作

[root@lvs-master ~]# cat /etc/sysconfig/selinux

# This file controls the state of SELinux on the system.

# SELINUX= can take one of these three values:

# enforcing - SELinux security policy is enforced.

# permissive - SELinux prints warnings instead of enforcing. # disabled - SELinux is fully disabled.

SELINUX=enforcing

# SELINUXTYPE= type of policy in use. Possible values are: # targeted - Only targeted network daemons are protected. # strict - Full SELinux protection.

SELINUXTYPE=targeted

二 軟件安裝配置

1 軟件安裝

#yum -y install heartbeat heartbeat-ldirectord ipvsadm #yum -y install heartbeat

Yum install net-snmp libnet

檢查下是否完全安裝以下包

[root@lvs-master /]# rpm -qa |grep heartbeat

heartbeat-stonith-2.1.3-3.el5.centos

heartbeat-ldirectord-2.1.3-3.el5.centos

heartbeat-gui-2.1.3-3.el5.centos

heartbeat-2.1.3-3.el5.centos

heartbeat-devel-2.1.3-3.el5.centos

heartbeat-pils-2.1.3-3.el5.centos

[root@lvs-master /]# rpm -qa |grep ipvsadm

ipvsadm-1.24-10

復(fù)制heartbeat 配置文件

cp /usr/share/doc/heartbeat-2.1.3/authkeys /etc/ha.d

cp /usr/share/doc/heartbeat-2.1.3/ha.cf /etc/ha.d/

cp /usr/share/doc/heartbeat-2.1.3/ haresources /etc/ha.d

cp /usr/share/doc/heartbeat-ldirectord-2.1.3/ ldirectord.cf /etc/ha.d

3 修改配置文件

[root@lvs-master ~]# cd /etc/ha.d/

Authkeys 文件配置

[root@lvs-master ha.d]# grep -v ^# authkeys

auth 3

3 md5 Hello!

修改認證方式為md5加密該文件只需要把選項的#號去掉即可

#chmod 600 authkeys //注意 該文件權(quán)限必須是600負責啟動會報錯。 ha.cf 文件配置

[root@lvs-master ha.d]# cat ha.cf |grep -v ^#

debugfile /var/log/ha-debug

logfile /var/log/ha-log

logfacility local0

keepalive 2

deadtime 30

warntime 10

udpport 694

bcast eth0 # Linux

ucast eth0 192.168.0.150

auto_failback on

node lvs-master

node lvs-slave

respawn hacluster /usr/lib/heartbeat/ipfail

apiauth ipfail gid=haclient uid=hacluster

注：ucast eth0 192.168.0.0150 是從本地(lvs-master)的eth0網(wǎng)卡去ping lvs-slave的IP ，在lvs-slave 服務(wù)器上，需要把這個IP 改成lvs-master 的IP ，這是2臺LVS 唯一區(qū)別

Haresources 文件配置

[root@lvs-master ha.d]# cat haresources |grep -v ^#

lvs-master lvs_switch 192.168.0.100 lvs_dr ldirectord

lvs-master 是主服務(wù)器的名稱（heartbeat 是通過主機名來區(qū)分主服節(jié)點的所以必須要注意） 可以通過

[root@lvs-master ha.d]# uname -n

lvs-master 查看主機名

192.168.0.100 是虛擬ip 所有域名都要解析到這個i p （在真實的服務(wù)器虛擬ip 要是isp 提供的公網(wǎng)ip ）

Lvs-switch 是啟動腳本

lvs_dr 是啟動腳本

配置lvs-switch 啟動腳本

[root@lvs-master init.d]# pwd

/etc/rc.d/init.d

[root@lvs-master init.d]# cat lvs_switch

#!/bin/sh

# description: close lo:0 and arp_ignore

VIP=192.168.0.100

. /etc/rc.d/init.d/functions

case $1 in

start)

echo "start director server and close lo:0"

#ifconfig lo:0 down

echo "1" > /proc/sys/net/ipv4/ip_forward

echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce

;;

stop)

echo "start Real Server"

echo "0" >/proc/sys/net/ipv4/ip_forward

/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev lo:0

echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce

sysctl -p

;;

*)

echo "Usage: lvs {start|stop}"

exit 1

esac

配置lvs-dr 啟動腳本

[root@lvs-master init.d]# pwd

/etc/rc.d/init.d

[root@lvs-master init.d]# cat lvs_dr

#!/bin/sh

# description: start LVS of Directorserver

VIP=192.168.0.100

RIP1=192.168.0.86

RIP2=192.168.0.89

SERVICE=80 #http is used in this case

. /etc/rc.d/init.d/functions

case $1 in

start)

echo "start LVS of DirectorServer"

# set ip_forward&send_redirects

echo "0" >/proc/sys/net/ipv4/ip_forward

echo "1" >/proc/sys/net/ipv4/conf/all/send_redirects

echo "1" >/proc/sys/net/ipv4/conf/default/send_redirects

echo "1" >/proc/sys/net/ipv4/conf/eth0/send_redirects

# set the Virtual IP Address

/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev eth0:0

#Clear IPVS table

/sbin/ipvsadm -C

#set LVS

/sbin/ipvsadm -A -t $VIP:$SERVICE -s rr

/sbin/ipvsadm -a -t $VIP:$SERVICE -r $RIP1:$SERVICE -g -w 1

/sbin/ipvsadm -a -t $VIP:$SERVICE -r $RIP2:$SERVICE -g -w 1

#/sbin/ipvsadm -a -t $VIP:$SERVICE -r $RIP3:$SERVICE -g -w 1 /sbin/ipvsadm --set 30 120 300

#Run LVS

/sbin/ipvsadm

#end

;;

stop)

echo "close LVS Directorserver"

/sbin/ipvsadm -C

;;

*)

echo "Usage: $0 {start|stop}"

exit 1

esac

chmod x lvs_dr lvs_swtch 加上可執(zhí)行權(quán)限

軟鏈接 ln –s /etc/rc.d/init.d/lvs_switch /etc/ha.d/resource.d/

ln –s /etc/rc.d/init.d/lvs_dr /etc/ha.d/resource.d/

[root@lvs-master ha.d]# cat ldirectord.cf | grep -v ^#

checktimeout=3

checkinterval=1

fallback=127.0.0.1:80

autoreload=yes

logfile="/var/log/ldirectord.log"

quiescent=no

virtual=192.168.0.100:80

real=192.168.0.86:80 gate

real=192.168.0.89:80 gate

service=http

request="index.html"

receive="Test Page"

scheduler=rr

#persistent=600

#netmask=255.255.255.255

protocol=tcp

checktype=connect

checkport=80

request="index.html"

receive="Test Page"

于是主服務(wù)器lvs-master 配置完成

從服務(wù)器 lvs-slave安裝配置

軟件安裝

#yum -y install heartbeat heartbeat-ldirectord ipvsadm

#yum -y install heartbeat

Yum install net-snmp libnet

在主服務(wù)器復(fù)制文件到從服務(wù)器

[root@lvs-master ha.d]# scp ha.cf haresources ldirectord.cf root@192.168.0.150:/etc/ha.d/ 復(fù)制到從服務(wù)器上。

三 真實服務(wù)器web1和web2的配置

Web1和web2的腳本內(nèi)容相同。

cat /etc/rc.d/init.d/lvs_rs

#!/bin/sh

# chkconfig: 2345 72 08

# description: Config realserver lo:0 port and apply arp patch VIP=192.168.0.100

. /etc/rc.d/init.d/functions

case $1 in

authkeys

start)

echo "lo:0 port starting"

echo "0" >/proc/sys/net/ipv4/ip_forward

/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev lo:0

echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce

sysctl -p

;;

stop)

echo "lo:0 port closing"

ifconfig lo:0 down

echo "1" > /proc/sys/net/ipv4/ip_forward

echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce

;;

*)

echo "Usage: $0 {start|stop}"

exit 1

esac

修改文件的權(quán)限

Chmod x /etc/rc.d/init.d/lvs_rs

分別啟動該腳本

/etc/rc.d/init.d/lvs_rs start

四 測試heartbeat 的性能

在主lvs-master 和從服務(wù)器lvs-slave 分別啟動

/etc/init.d/heartbeat start

/etc/ha.d/resource.d/ldirectord start

在主服務(wù)器lvs-master 通過命令 ip add

6: eth0: mtu 1500 qdisc noqueue link/ether 00:0c:29:2d:ea:18 brd ff:ff:ff:ff:ff:ff

inet 192.168.0.148/24 brd 192.168.0.255 scope global eth0

inet 192.168.0.100/32 brd 192.168.0.100 scope global eth0:0 inet6 fe80::20c:29ff:fe2d:ea18/64 scope link

虛擬ip （vip ）192.168.0.100被綁定到eth0:0

查看負載均衡情況可以通過

[root@lvs-master ha.d]# ipvsadm -ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 192.168.0.100:80 rr

-> 192.168.0.89:80 Route 1 0 0

當后臺web 服務(wù)器down 了就會自動從ipvsadm 表中刪除該主機的信息。如果恢復(fù)了就會自動添加上去

2 將主 lvs-master關(guān)掉或?qū)⒕W(wǎng)卡禁用。到從服務(wù)器lvs-slave 上就會看到從服務(wù)器接管了主服務(wù)器的角色。在eth0:0綁定了192.168.0.100繼續(xù)提高服務(wù)。

等到主lvs-master 恢復(fù)。ip 會切換的lvs-master 上。