linux vip 原理,利用Linux架构负载均衡（Load balancer）系统

最新推荐文章于 2021-05-13 21:24:09 发布

JIAN人依在

最新推荐文章于 2021-05-13 21:24:09 发布

阅读量841

点赞数

文章标签： linux vip 原理

/ipvs-0.9.16-2.2.17.patch | patch -p1

在这一步完成后你必须重新编译Linux的内核，并且确定下面的选项被编译到新的内核中！

Kernel Compile Options:

Code maturity level options ---

[*] Prompt for development and/or incomplete code/drivers

Networking options ---

[*] Network firewalls

....

[*] IP: firewalling

....

[*] IP: masquerading

....

[*] IP: masquerading virtual server support

(12) IP masquerading table size (the Nth power of 2)

IPVS: round-robin scheduling

IPVS: weighted round-robin scheduling

IPVS: least-connection scheduling

IPVS: weighted least-connection scheduling

....

[*] IP: aliasing support

内核编译完后用新的内核重新启动系统。

然后执行下面的命令：

#cd //ipvsadm/

#make

#make install

至此，ipvsadm安装完毕！

· 安装 keepalived-0.2.7.tar.gz，执行下面的命令：

#tar keepalived-0.2.7.tar.gz

#cd keepalived-0.2.7

#make

#make install

· 安装heartbeat-0.4.9.tar.gz

#tar zxvf heartbeat-0.4.9.tar.gz

#cd heartbeat-0.4.9

#make

#make install

4，配置：

IP地址的配置：

用户IP地址：192.168.2.21

两台LLB各有两块网卡：eth0,eth1,

Master LLB eth0: 192.168.2.1

Master LLB eth1: 10.10.10.1

Slave LLB eth0: 192.168.2.2

Slave LLB eth1: 10.10.10.2

Server-1 : 10.10.10.11

Server-2 : 10.10.10.12

Server-3 : 10.10.10.13

另外还有两个特殊的IP地址是最需要注意的，一个是整个集群对外统一使用的IP地址，我们称它为VIP(Virtual IP) ,我们

他设为：192.168.2.11,这个IP地址应该出现在您的DNS中，如：我们配置的这个集群提供的是web服务，则在DNS中应该有这样

的记录：

--> 192.168.2.11

在LLB启动后VIP会运行在LLB的eth0:0上；

另一个特殊的IP是运行在LLB的eth1:0上，这个IP是三台服务器的默认网关，我们称它为V-gate (Virtual gate)。

所有的IP地址的子网掩码全采用255.255.255.0。VIP与V-gate在后面进行配置。到目前为止，网络中应该是一个这样的环境：

client

192.168.2.21

________|__________

| |

Master LLB Slave LLB

eth0:192.168.2.1 eth0:192.168.2.2

eth1:10.10.10.10.1 eth1:10.10.10.2

| |

|_________________|

HUB

____________|_______________

| | |

webserver1 webserver2 webserver3

10.10.10.11 10.10.10.12 10.10.10.13

配置文件：

在LLB中，ipchains与ipvsadm是由keepalived来启动的，keepalived是由heartbeat来启动。Keepalived有两个配置文件：

/etc/keepalived/keepalived.conf和/etc/lvs.conf

/etc/lvs.conf内容如下：

#Configuration file for portFW NAT

#/etc/lvs.conf

#Port forwarding

ipvsadm -A -t 192.168.2.11:80 -s rr

#nat

ipchains -A forward -j MASQ -p tcp -s 10.10.10.0/24 80 -d 0.0.0.0/0

解释：

ipvsadm -A -t 192.168.2.11:80 -s rr

这句的意思是说192.168.2.11是一个集群地址(VIP)，并且是针对80端口的，也就是说是一个web集群。在这个集群中采用

Round-Robin(rr)的算法。

ipchains -A forward -j MASQ -p tcp -s 10.10.10.0/24 80 -d 0.0.0.0/0

这句的作用是在服务器给用户做出回应时，将IP地址进行伪装，由10.10.10.11, 10.10.10.12, 10.10.10.13伪

装成192.168.2.11。

/etc/keepalived/keepalived.conf内容如下：

# Configuration File for keepalived

#begin www server config.......

virtual_server 192.168.2.11 80{

lb_algo rr

lb_kind NAT

protocol TCP

real_server 10.10.10.11 80 {

weight 1

ICMP_CHECK

}

real_server 10.10.10.12 80 {

weight 1

ICMP_CHECK

}

real_server 10.10.10.13 80 {

weight 1

ICMP_CHECK

}

#end of Fweb config!

解释：在这个文件里对三台服务器进行具体的说明，并且三台服务器有相同的Weight值。Keepalived以Layer3的方式(ICMP_CHECK)工作，

既定期检查服务器是否存在。

heartbeat 有三个配置文件：/etc/ha.d/ha.cf；/etc/ha.d/haresources；/etc/ha.d/ authkeys

/etc/ha.d/ha.cf内容如下：

# keepalive: how many seconds between heartbeats

keepalive 2

logfile /var/log/ha-log

# deadtime: seconds-to-declare-host-dead

deadtime 10

# hopfudge maximum hop count minus number of nodes in config

hopfudge 1

# What UDP port to use for udp or ppp-udp communication?

udpport 1001

# What interfaces to heartbeat over?

udp eth0

# Facility to use for syslog()/logger (alternative to log/debugfile)

logfacility local0

# Tell what machines are in the cluster

# node nodename ... -- must match uname -n

node Master #Master是Master LLB的机器名，必须与uname –n 相一致

node Slave #Slave是Slave LLB的机器名，必须与uname –n 相一致

/etc/ha.d/haresources内容如下：

Master IPaddr::10.10.10.9/24/eth1 IPaddr::192.168.2.11/24/eth0 keepalived

其中10.10.10.9是V-gate的值，192.168.2.11是VIP的值，这两个特殊的IP地址就是在这里设置的。并且说明了Master是主用的LLB，

Keepalived是需要heartbeat启动的程序。Keepalived是在安装Keepalived时自动生成的一个可执行文件，heartbeat会

在/etc/ha.d/resource.d目录下寻找keepalived，所以您需要将可执行的keepalived文件复制到/etc/ha.d/resource.d/目录下。

/etc/ha.d/ authkeys内容如下：

auth 1

1 sha1 cluster

这个文件不是很重要，但一定要有。在这里说明了LLB之间的一种AUTH机制。详细的说明请参考：

至此，所有的安装配置全部完成。一共有五个配置文件：

· /etc/keepalived/keepalived.conf

· /etc/lvs.conf

· /etc/ha.d/ha.cf

· /etc/ha.d/haresources

· /etc/ha.d/ authkeys

请您在仔细检查一下，而且确定这五个文件都安装在了Master LLB与Slave LLB上。下一步就可以启动了。

启动系统：

[root@master heartbeat]#heartbeat start

[root@slave heartbeat ]# heartbeat start

如果没有什么问题，系统已经启动了，以下是我的Master LLB上的一些启动的记录：

heartbeat的/var/log/ha-log如下：

heartbeat: 2001/05/29_10:31:37 info: **************************

heartbeat: 2001/05/29_10:31:37 info: Configuration validated. Starting heartbeat 0.4.9

heartbeat: 2001/05/29_10:31:37 info: heartbeat: version 0.4.9

heartbeat: 2001/05/29_10:31:37 info: Heartbeat generation: 20

heartbeat: 2001/05/29_10:31:37 info: Creating FIFO /var/run/heartbeat-fifo.

heartbeat: 2001/05/29_10:31:37 notice: UDP heartbeat started on port 1001 interface eth0

heartbeat: 2001/05/29_10:31:37 info: Local status now set to: 'up'

heartbeat: 2001/05/29_10:31:37 info: Heartbeat restart on node master

heartbeat: 2001/05/29_10:31:38 info: Link master:eth0 up.

heartbeat: 2001/05/29_10:31:38 info: Running /etc/ha.d/rc.d/ifstat ifstat

heartbeat: 2001/05/29_10:32:08 WARN: node slave: is dead

heartbeat: 2001/05/29_10:32:08 info: Local status now set to: 'active'

heartbeat: 2001/05/29_10:32:08 info: Node master: status up

heartbeat: 2001/05/29_10:32:08 info: Running /etc/ha.d/rc.d/status status

heartbeat: 2001/05/29_10:32:08 info: mach_down takeover complete.

heartbeat: 2001/05/29_10:32:08 info: Running /etc/ha.d/resource.d/IPaddr 192.168.2.11/24/e

th0 status

heartbeat: 2001/05/29_10:32:08 info: Node master: status active

heartbeat: 2001/05/29_10:32:08 info: Resource acquisition completed.

heartbeat: 2001/05/29_10:32:08 info: Running /etc/ha.d/rc.d/status status

heartbeat: 2001/05/29_10:32:08 info: Running /etc/ha.d/rc.d/ip-request ip-request

heartbeat: 2001/05/29_10:32:18 info: Running /etc/ha.d/resource.d/IPaddr 192.168.2.11/24/e

th0 status

heartbeat: 2001/05/29_10:32:18 info: Acquiring resource group: master IPaddr::192.168.2.11/24

/eth0 IPaddr::10.10.10.9/24/eth1 keepalived

heartbeat: 2001/05/29_10:32:18 info: Running /etc/ha.d/resource.d/IPaddr 192.168.2.11/24/e

th0 start

heartbeat: 2001/05/29_10:32:18 info: ifconfig eth0:0 192.168.2.11 netmask 255.255.255.0 br

oadcast 192.168.2.255

heartbeat: 2001/05/29_10:32:18 info: Sending Gratuitous Arp for 192.168.2.11 on eth0:0 [et

h0]

heartbeat: 2001/05/29_10:32:18 info: Running /etc/ha.d/resource.d/IPaddr 10.10.10.9/24/

eth1 start

heartbeat: 2001/05/29_10:32:19 info: ifconfig eth1:0 10.10.10.9 netmask 255.255.255.0

broadcast 192.168.2.255

heartbeat: 2001/05/29_10:32:19 info: Sending Gratuitous Arp for 10.10.10.9 on eth1:0 [e

th1]

heartbeat: 2001/05/29_10:32:19 info: Running /etc/ha.d/resource.d/keepalived

keepalived 的keepalived.log文件如下：

/etc/keepalived/log/keepalived.log

[24/05/01 - 09:39:11] keepalived[709]: Starting keepalived daemon

[24/05/01 - 09:39:11] keepalived[710]: Using LVS dynamic data representation :

[24/05/01 - 09:39:11] keepalived[710]: ------< Global definitions >------

[24/05/01 - 09:39:11] keepalived[710]: LVS ID =

[24/05/01 - 09:39:11] keepalived[710]: Delay loop = , Smtp server =

[24/05/01 - 09:39:11] keepalived[710]: Email notification from =

[24/05/01 - 09:39:11] keepalived[710]: ------< LVS Topology >------

[24/05/01 - 09:39:11] keepalived[710]: VS IP = 192.168.2.11, PORT = 80

[24/05/01 - 09:39:11] keepalived[710]: -> lb_algo = rr, lb_kind = NAT, persistence = , pr

otocol = TCP

[24/05/01 - 09:39:11] keepalived[710]: -> SVR IP = 10.10.10.11, PORT = 80, WEIGHT = 1

[24/05/01 - 09:39:11] keepalived[710]: -> Keepalive method = ICMP_CHECK

[24/05/01 - 09:39:11] keepalived[710]: -> SVR IP = 10.10.10.12, PORT = 80, WEIGHT = 1

[24/05/01 - 09:39:11] keepalived[710]: -> Keepalive method = ICMP_CHECK

[24/05/01 - 09:39:11] keepalived[710]: -> SVR IP = 10.10.10.13, PORT = 80, WEIGHT = 1

[24/05/01 - 09:39:11] keepalived[710]: -> Keepalive method = ICMP_CHECK

我们将一台服务器的网线从网络上拿掉：(keepalived.log文件如下：注意最后两行)

24/05/01 - 09:39:11] keepalived[709]: Starting keepalived daemon

[24/05/01 - 09:39:11] keepalived[710]: Using LVS dynamic data representation :

[24/05/01 - 09:39:11] keepalived[710]: ------< Global definitions >------

[24/05/01 - 09:39:11] keepalived[710]: LVS ID =

[24/05/01 - 09:39:11] keepalived[710]: Delay loop = , Smtp server =

[24/05/01 - 09:39:11] keepalived[710]: Email notification from =

[24/05/01 - 09:39:11] keepalived[710]: ------< LVS Topology >------

[24/05/01 - 09:39:11] keepalived[710]: VS IP = 192.168.2.11, PORT=80

[24/05/01 - 09:39:11] keepalived[710]: -> lb_algo = rr, lb_kind = NAT, persistence = , pr

otocol = TCP

[24/05/01 - 09:39:11] keepalived[710]: -> SVR IP = 10.10.10.11, PORT=80, WEIGHT = 1

[24/05/01 - 09:39:11] keepalived[710]: -> Keepalive method = ICMP_CHECK

[24/05/01 - 09:39:11] keepalived[710]: -> SVR IP = 10.10.10.12, PORT=80, WEIGHT = 1

[24/05/01 - 09:39:11] keepalived[710]: -> Keepalive method = ICMP_CHECK

[24/05/01 - 09:39:11] keepalived[710]: -> SVR IP = 10.10.10.13, PORT=80, WEIGHT = 1

[24/05/01 - 09:39:11] keepalived[710]: -> Keepalive method = ICMP_CHECK

[24/05/01 - 09:48:56] keepalived[710]: ICMP check failed to 10.10.10.13.

[24/05/01 - 09:48:56] keepalived[710]: Removing service [10.10.10.13:80] from VS [192.168

.2.11:80]

再将网线插上去后配置文件如下：(keepalived.log文件如下:注意最后两行)