背景:
随着网站业务量的增长网站的服务器压力越来越大,需要负载均衡方案!商业的硬件如F5又太贵,你们又是创业型互联公司如何有效节约成本,节省不必要的浪费?同时实现商业硬件一样的高性能高可用的功能?有什么好的负载均衡可伸张可扩展的方案吗?答案是肯定的!有!我们利用 LVS+Keepalived基于完整开源软件的架构可以提供一个负载均衡及高可用的服务器。
一、LVS+Keepalived 介绍
LVS是Linux Virtual Server的简写,意即Linux虚拟服务器,是一个虚拟的服务器集群系统。本项目在1998年5月由章文嵩博士成立,是中国国内最早出现的自由软件项目之一.目前有三种IP负载均衡技术(VS/NAT、VS/TUN和VS/DR);八种调度算法(rr,wrr,lc,wlc,lblc,lblcr,dh,sh),常用的是rr轮询算法
Keepalived在这里主要用作RealServer的健康状态检查以及LoadBalance主机和BackUP主机之间failover的实现
二、网站负载均衡构架图
IP信息列表:
名称 IP
LVS-DR-Master 192.168.10.10
LVS-DR-BACKUP 192.168.10.20
LVS-DR-VIP 192.168.10.99
WEB1-Realserver 192.168.10.70
WEB2-Realserver 192.168.10.80
#GateWay 192.168.10.1
服务器系统:CentOS 7.0 最小化安装(仅配置开发工具包)
三、安装LVS和Keepalvied软件包
1. 下载相关软件包
# 1.1、源码包下载
# mkdir /usr/local/src/lvs
# cd /usr/local/src/lvs
# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz
# wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz
# 1.2、LVS和Keepalived源码包安装步骤如下
#lsmod |grep ip_vs
#uname -r
2.6.18-53.el5PAE
#ln -s /usr/src/kernels/2.6.18-53.el5PAE-i686/ /usr/src/linux
#tar zxvf ipvsadm-1.24.tar.gz
#cd ipvsadm-1.24
#make && make install
#find / -name ipvsadm # 查看ipvsadm的位置
#tar zxvf keepalived-1.1.15.tar.gz
#cd keepalived-1.1.15
#./configure && make && make install
#find / -name keepalived # 查看keepalived位置
#cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
#cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
#mkdir /etc/keepalived
#cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
#cp /usr/local/sbin/keepalived /usr/sbin/
#service keepalived start|stop #做成系统启动服务方便管理.
# 2、或者配置好yum源,直接yum安装
# yum -y install ipvsadm
# yum -y install keepalived
四、 配置LVS实现负载均衡
1. LVS-DR,配置LVS脚本实现负载均衡
# vi /root/lvs.sh
#!/bin/sh
# description: start LVS of DirectorServer
# Written by :linj date:2014-10-11
# director vip:192.168.10.99
# real-server-ip:192.168.10.70 192.168.10.80
# set the virtual-ip and port
VIP=192.168.10.99
VPORT1=80
# set the real-server-ip and port
# web
slave3=192.168.10.70
slave2=192.168.10.80
# port
RPORT1=80
Usage ()
{
echo "Usage:`basename $0` (start|stop|status) "
exit 1
}
if [ $# -ne 1 ];then
Usage
fi
case $1 in
start)
echo "start LVS of DirectorServer"
echo 1 > /proc/sys/net/ipv4/ip_forward
# set the vip
/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:0
# clear ipvs table
/sbin/ipvsadm -C
# add lvs vip and port
/sbin/ipvsadm -A -t $VIP:$VPORT1 -s rr
# add real-server-ip and port
/sbin/ipvsadm -a -t $VIP:$VPORT1 -r $slave3:$RPORT1 -g -w 1
/sbin/ipvsadm -a -t $VIP:$VPORT1 -r $slave2:$RPORT1 -g -w 1
/sbin/ipvsadm -L -n
;;
stop)
echo "close LVS DirectorServer"
/sbin/ipvsadm -C
/sbin/ifconfig eth0:0 down
;;
status)
/sbin/ipvsadm -L -n
;;
*)
Usage
esac
2. 配置Realserver脚本
# vi /root/realserver.sh
#!/bin/sh
# description: Config realserver lo and apply noarp
# writed by linj date:2014-10-10
# keypoint ,lo network;netmask:255.255.255.255
VIP=192.168.10.99
BROADCAST=192.168.10.255 #vip's broadcast
Usage ()
{
echo "Usage:`basename $0` (start|stop)"
exit 1
}
if [ $# -ne 1 ];then
Usage
fi
case $1 in
start)
echo "reparing for Real Server"
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore #keypoint
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce #keypoint
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore #keypoint
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce #keypoint
/sbin/ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $BROADCAST up #keypoint
/sbin/route add -host $VIP dev lo:0
;;
stop)
/sbin/ifconfig lo:0 down
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "stop Real Server"
;;
*)
Usage
esac
3、启动相应的脚本
DR-SERVER:192.168.10.99
# chmod 755 lvs
# ./lvs start
REAL-SERVER:192.168.10.70 192.168.10.80
# chmod 755 <span><span>realserver</span></span>
# ./<span><span>realserver</span></span> start
4、注意细节
# 关闭防火墙(iptables)
# systemctl stop firewalld #CentOS7.0版本使用的命令,之前版本的可以用service iptables stop
# 关闭selinux
# vi /etc/selinux/config
# SELINUX=disabled #修改原SELINUX参数enforcing (然后重启机器)
补充:
4.1查看SELinux状态:
# /usr/sbin/sestatus -v ##如果SELinux status参数为enabled即为开启状态
SELinux status: enabled
# getenforce ##也可以用这个命令检查
4.2关闭SELinux:
# 临时关闭(不用重启机器):
# setenforce 0 ##设置SELinux 成为permissive模式</p><p>##setenforce 1 设置SELinux 成为enforcing模式
# 永久关闭,需要重启机器:
# vi /etc/selinux/config 文件
# 将SELINUX=enforcing改为SELINUX=disabled
# 重启机器即可
五、利用Keepalvied实现负载均衡和和高可用性
# 修改keepalived.conf文件
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
#written by :linj date:2014-10-11
vrrp_instance VI_1 {
state MASTER #备份服务器上将MASTER改为BACKUP
interface eth0
virtual_router_id 51
priority 100 # 备份服务上将100改为99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.99
#(如果有多个VIP,继续换行填写.)
}
}
#虚拟ip地址及端口号
virtual_server 192.168.10.99 80 {
delay_loop 6 #(每隔10秒查询realserver状态)
lb_algo rr #(lvs 算法)
lb_kind DR #(Direct Route)模式
nat_mask 255.255.255.255 #网段
persistence_timeout 50 #(同一IP的连接50秒内被分配到同一台realserver)
protocol TCP #(用TCP协议检查realserver状态)
real_server 192.168.10.70 80 {
weight 1 #(权重)
TCP_CHECK {
connect_timeout 10 #(10秒无响应超时)
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.10.80 80 {
weight 1 #(权重)
TCP_CHECK {
connect_timeout 10 #(10秒无响应超时)
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
<pre name="code" class="html"># 修改后运行启动命令
# service keepalived start
六、相关资料参考
LVS的算法介绍 http://www.linuxtone.org/viewthread.php?tid=69
学习LVS的三种转发模式 http://www.linuxtone.org/viewthread.php?tid=77
LVS中的IP负载均衡技术 http://www.linuxtone.org/viewthread.php?tid=68
更多的请到http://www.linuxtone.org 负载均衡版查看
Keepalived 相关参考资料。
http://www.keepalived.org/documentation.html