1.配置LVS负载调度器
(1)为eth0配置IP地址,为eth0:0配置VIP地址。
vi /etc/sysconfig/network-scripts/ifcfg-eth0
……
DEVICE=eth0
IPADDR=192.168.0.130
NETMASK=255.255.255.0
vi /etc/sysconfig/network-scripts/ifcfg-eth0:0
……
DEVICE=eth0:0
IPADDR=192.168.0.150
NETMASK=255.255.255.0
service network restart
(2)调整/proc参数,关闭重定向响应。
vi /etc/sysctl.conf
……
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.eth0.send_redirects = 0
net.ipv4.conf.eth1.send_redirects = 0
sysctl –p
(3)安装ipvsadm软件包,为VIP创建虚拟服务器,使用rr算法。
yum -y install ipvsadm
service ipvsadm start
(4)为虚拟服务器添加4个Web节点2个相同,采用DR工作模式,权重均设为1。
ipvsadm -A -t 192.168.0.150:8080 -s rr
ipvsadm -a -t 192.168.0.150:8080 -r 192.168.0.131 -g -w 1
ipvsadm -a -t 192.168.0.150:8080 -r 192.168.0.141 -g -w 1
ipvsadm -A -t 192.168.0.150:8090 -s rr
ipvsadm -a -t 192.168.0.150:8090 -r 192.168.0.132 -g -w 1
ipvsadm -a -t 192.168.0.150:8090 -r 192.168.0.142 -g -w 1
(5)保存LVS负载分配策略,并通过系统服务ipvsadm进行管理,开机自启。
service ipvsadm save
chkconfig ipvsadm on
2、配置Web节点服务器
(1)配置网卡
[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0
……
DEVICE=lo:0
IPADDR=192.168.0.150
NETMASK=255.255.255.255
service network restart
vi /etc/rc.local //添加VIP本地访问路由
……
/sbin/route add -host 192.168.0.150 dev lo:0
[root@localhost ~]# route add -host 192.168.0.150 dev lo:0
(2)调整/proc参数,禁用ARP响应。
[root@localhost ~]# vi /etc/sysctl.conf
……
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost ~]# sysctl –p
3、Keepalived高可用,灾备,冗余
1:安装组件
[root@localhost ~]# yum -y install kernel-devel openssl-devel popt-devel
[root@localhost ~]# cd /usr/src
[root@localhost src]# tar zxf keepalived-1.2.13.tar.gz
[root@localhost src]# cd keepalived-1.2.13
[root@localhost keepalived-1.2.13]# yum -y install gcc* gcc-*
[root@localhost keepalived-1.2.13]# ./configure –prefix=/ –with-kernel-dir=/usr/src/kernels/2.6.32-431.e16.x86_64
[root@localhost keepalived-1.2.13]# make && make install
[root@localhost ~]# ls -l /etc/init.d/keepalived
[root@localhost ~]# chkconfig –add keepalived
[root@localhost ~]# chkconfig keepalived on
[root@localhost ~]#
2:主服务器的配置
[root@localhost ~]# service iptables stop
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_01 \起的名字
}
vrrp_instance VI_1 {
state MASTER \另一个为backup
interface eth0
virtual_router_id 1 \保持一致
priority 100
advert_int 1
authentication {
auth_type PASS \保持一致
auth_pass 1111 \保持一致
}
virtual_ipaddress {
192.168.0.150 \保持一致
}
}
[root@localhost keepalived]# service keepalived start
[root@localhost keepalived]# ip addr show dev eth0
3:备份服务器的配置
[root@localhost ~]# service iptables stop
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 1
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.150
}
}
[root@localhost keepalived]# service keepalived start
[root@localhost keepalived]# ip addr show dev eth0
4:测试双击热备功能
用客户机:ping 192.168.0.150 -t
依次down掉两个服务器的网卡,观察ping的信息