- Configuring LVS services requires at least four nodes
server20.com 172.25.23.20
server21.com 172.25.23.21
server22.com 172.25.23.22
server24.com 172.25.23.24
iptables selinux on each node needs to be turned off and iptables startup is prohibited;
- Start by installing the httpd service on server22.com and server24.com.
[root@server22 ~]# yum install httpd -y [root@server22 ~]# /etc/init.d/httpd start [root@server24 ~]# yum install httpd -y [root@server24 ~]# /etc/init.d/httpd start
- Ensure browser access to get the following results
- Next, configure the directory node
- First you need to configure a VIP address on the directory
[root@server21 ~]# ip addr add 172.25.23.100/24 dev eth0
[root@server21 ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:62:3a:95 brd ff:ff:ff:ff:ff:ff
inet 172.25.23.21/24 brd 172.25.23.255 scope global eth0
inet 172.25.23.100/24 scope global secondary eth0
inet6 fe80::5054:ff:fe62:3a95/64 scope link
valid_lft forever preferred_lft forever
- After the IP address is provided, the httpd service cannot be accessed properly because the appropriate httpd service rules and backend httpd service nodes are not specified for binding.
[root@server21 ~]# ipvsadm -A -t 172.25.23.100:80 -s rr [root@server21 ~]# ipvsadm -a -t 172.25.23.100:80 -r 172.25.23.22:80 -g [root@server21 ~]# ipvsadm -a -t 172.25.23.100:80 -r 172.25.23.24:80 -g
- You can view the newly added rules
[root@server21 ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.25.23.100:http rr -> 172.25.23.22:http Route 1 0 0 -> 172.25.23.24:http Route 1 0 0
- Next, check to see if it is dispatched correctly and to which node it is dispatched
[root@server21 ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.25.23.100:http rr -> 172.25.23.22:http Route 1 0 2 [Represents two links] -> 172.25.23.24:http Route 1 0 2
- Despite the above configuration, the service is still not accessible properly and will continue to be configured on realserver.
[root@server22 ~]# yum install arptables_jf -y [root@server22 ~]# arptables -A IN -d 172.25.23.100 -j DROP [root@server22 ~]# arptables -A OUT -s 172.25.23.100 -j mangle --mangle-ip-s 172.25.23.22 [root@server22 ~]# /etc/init.d/arptables_jf save Saving current rules to /etc/sysconfig/arptables: [ OK ] [root@server24 ~]# yum install arptables_jf -y [root@server24 ~]# arptables -A IN -d 172.25.23.100 -j DROP [root@server24 ~]# arptables -A OUT -s 172.25.23.100 -j mangle --mangle-ip-s 172.25.23.24 [root@server24 ~]# /etc/init.d/arptables_jf save Saving current rules to /etc/sysconfig/arptables: [ OK ]
- Next, you need to configure aliases on both network cards
[root@server22 ~]# ifconfig eth0:1 172.25.23.100 netmask 255.255.255.0 [root@server24 ~]# ifconfig eth0:1 172.25.23.100 netmask 255.255.255.0
-
Then refresh the page through the browser
-
Next, configure ldirecotry to implement monitoring status checks for back-end services
-
First you need to install the package
[root@server21 ~]# yum install ldirectord-3.9.5-3.1.x86_64.rpm [root@server21 ~]# cp /usr/share/doc/ldirectord-3.9.5/ldirectord.cf /etc/ha.d/
- Modify Profile
[root@server21 ~]# vim /etc/ha.d/ldirectord.cf
//Change or add
virtual=172.25.23.100:80
real=172.25.23.22:80 gate
real=172.25.23.24:80 gate
fallback=127.0.0.1:80 gate
service=http
scheduler=rr
#persistent=600
#netmask=255.255.255.255
protocol=tcp
checktype=negotiate
checkport=80
request="index.html"
# receive="Test Page"
# virtualhost=www.x.y.z
- Next stop the service on a node and the dispatch request used will not be dispatched on an abnormal node
[root@server22 ~]# /etc/init.d/httpd stop Stopping httpd: [ OK ]
- Service requests are handed over to server24.com to respond
- To prevent a single node failure of ldriectory, you can use server20.com and server21.com to configure a highly available cluster of ldirectory, which is configured with high availability here
[root@server21 ~]# vim /etc/ha.d/haresources server20.com IPaddr::172.25.23.100/24/eth0 ldirectord httpd
- You also need to copy the configuration information above to another node, and you also need to copy the configuration file for ldirectory
[root@server21 ~]# scp /etc/ha.d/haresources 172.25.23.20:/etc/ha.d/haresources haresources 100% 5969 5.8KB/s 00:00 [root@server21 ~]# scp /etc/ha.d/ldirectord.cf 172.25.23.20:/etc/ha.d/ ldirectord.cf 100% 8280 8.1KB/s 00:00
- You also need to make sure that the ldirectory program exists on the server 20.com node
[root@server20 ~]# /etc/init.d/ldirectord
- Since the cluster service is configured, the resources need to be handed over to the cluster for configuration, so the state of the resources needs to be restored Here
[root@server21 ~]# /etc/init.d/ldirectord stop Stopping ldirectord... success [root@server21 ~]# ip addr del 172.25.23.100/24 dev eth0
- Then start the heartbeat service on top of both nodes
[root@server20 ~]# /etc/init.d/heartbeat start Starting High-Availability services: INFO: Resource is stopped Done. [root@server21 ~]# /etc/init.d/heartbeat start Starting High-Availability services: INFO: Resource is stopped Done.
- Next, after writing to the server, prompt the user for information
[root@server20 ~]# echo <h2>the server is busying please try later</h2> >/var/www/html/index.html [root@server21 ~]# echo <h2>the server is busying please try later</h2> >/var/www/html/index.html
- See if heatbeat managed cluster resources are functioning properly
[root@server20 ~]# /etc/init.d/ldirectord status
ldirectord for /etc/ha.d/ldirectord.cf is running with pid: 5126
[root@server20 ~]# /etc/init.d/httpd status
httpd (pid 5154) is running...
[root@server20 ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:03:aa:77 brd ff:ff:ff:ff:ff:ff
inet 172.25.23.20/24 brd 172.25.23.255 scope global eth0
inet 172.25.23.100/24 brd 172.25.23.255 scope global secondary eth0
inet6 fe80::5054:ff:fe03:aa77/64 scope link
valid_lft forever preferred_lft forever
- View information about ipvs
[root@server20 ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP localhost:http rr -> 172.25.23.22:http Route 1 0 0 -> 172.25.23.24:http Route 1 0 0
- Next close the httpd service above the node
[root@server22 ~]# /etc/init.d/httpd stop Stopping httpd: [ OK ] [root@server24 ~]# /etc/init.d/httpd stop Stopping httpd: [ OK ]
-
Next, browse to see the page that failed to access
-
Next, close heartbeat and close ldirectory to configure the keepalived cluster
root@server20 ~]# /etc/init.d/heartbeat stop Stopping High-Availability services: Done. [root@server20 ~]# chkconfig heartbeat off [root@server20 ~]# /etc/init.d/ldirectord stop Stopping ldirectord... success [root@server20 ~]# chkconfig ldirectord off root@server20 ~]# /etc/init.d/heartbeat stop Stopping High-Availability services: Done. [root@server21 ~]# chkconfig heartbeat off [root@server21 ~]# /etc/init.d/ldirectord stop Stopping ldirectord... success [root@server21 ~]# chkconfig ldirectord off
*keepalived Requires compilation for installation
[root@server20 keepalived-1.2.24]# yum install libnl-devel libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm [This package requires additional download]-y [root@server20 keepalived-1.2.24]# ./configure --prefix=/usr/local/keepalived [root@server20 keepalived-1.2.24]# make [root@server20 keepalived-1.2.24]# make install [root@server20 keepalived-1.2.24]# scp -r /usr/local/keepalived/ 172.25.23.21:/usr/local/ [root@server20 keepalived-1.2.24]# ln -sv /usr/local/keepalived/etc/keepalived /etc/ `/etc/keepalived' -> `/usr/local/keepalived/etc/keepalived' [root@server20 keepalived-1.2.24]# ln -sv /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ `/etc/init.d/keepalived' -> `/usr/local/keepalived/etc/rc.d/init.d/keepalived' [root@server20 keepalived-1.2.24]# chmod +x /etc/init.d/keepalived [root@server20 keepalived-1.2.24]# ln -sv /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived `/etc/sysconfig/keepalived' -> `/usr/local/keepalived/etc/sysconfig/keepalived' [root@server20 keepalived-1.2.24]# ln -sv /usr/local/keepalived/sbin/keepalived /sbin/ `/sbin/keepalived' -> `/usr/local/keepalived/sbin/keepalived' [root@server20 keepalived-1.2.24]# ln -sv /usr/local/keepalived/etc/ /etc/ `/etc/etc' -> `/usr/local/keepalived/etc/'
- Next you need to configure it on server21.com
[root@server21 ~]# ln -sv /usr/local/keepalived/etc/keepalived /etc/ `/etc/keepalived' -> `/usr/local/keepalived/etc/keepalived' [root@server21 ~]# ln -sv /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ [root@server21 ~]# chmod +x /etc/init.d/keepalived [root@server21 ~]# ln -sv /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@server21 ~]# ln -sv /usr/local/keepalived/sbin/keepalived /sbin/
- Attempting to start the service on two nodes is certain to be normal
[root@server21 ~]# /etc/init.d/keepalived start Starting keepalived: [ OK ] [root@server21 ~]# /etc/init.d/keepalived stop Stopping keepalived: [ OK ] [root@server20 keepalived-1.2.24]# /etc/init.d/keepalived start Starting keepalived: [ OK ] [root@server20 keepalived-1.2.24]# /etc/init.d/keepalived stop Stopping keepalived: [ OK ]
- Next you need to modify the configuration file
[root@server20 ~]# vim /etc/keepalived/keepalived.conf
//Add or modify the following information:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@server20.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.23.100
}
}
virtual_server 172.25.23.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# persistence_timeout 50
protocol TCP
real_server 172.25.23.22 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.23.24 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
- Copy this configuration file to server21.com
[root@server20 ~]# scp /etc/keepalived/keepalived.conf 172.25.23.21:/etc/keepalived/keepalived.conf keepalived.conf 100% 1037 1.0KB/s 00:00
- And make the following changes
Change as follows:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@server21.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.23.100
}
}
virtual_server 172.25.23.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# persistence_timeout 50
protocol TCP
real_server 172.25.23.22 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.23.24 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
- The httpd service for configuring real server is working
[root@server22 ~]# /etc/init.d/httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for server22.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[ OK ]
[root@server24 ~]# /etc/init.d/httpd start
Starting httpd: [ OK ]
- The keepalived node configuration starts the keepalived service
[root@server20 ~]# /etc/init.d/keepalived restart Stopping keepalived: [ OK ] Starting keepalived: [ OK ] [root@server21 ~]# /etc/init.d/keepalived restart Stopping keepalived: [ OK ] Starting keepalived: [ OK ]
- View Logged Service Startup Information
Apr 4 22:48:13 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:13 server20 Keepalived_vrrp[16094]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 172.25.23.100 Apr 4 22:48:13 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:13 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:13 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:13 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:13 server20 Keepalived_healthcheckers[16093]: Netlink reflector reports IP 172.25.23.100 added Apr 4 22:48:18 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:18 server20 Keepalived_vrrp[16094]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 172.25.23.100 Apr 4 22:48:18 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:18 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:18 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:48:18 server20 Keepalived_vrrp[16094]: Sending gratuitous ARP on eth0 for 172.25.23.100
- Virtual IP services are normally accessible through browsers
- Observe the migration of services by closing keepalived on server20.com
- Serr20.com shows that the service has stopped
Apr 4 22:57:38 server20 Keepalived_vrrp[16094]: VRRP_Instance(VI_1) removing protocol VIPs. Apr 4 22:57:38 server20 Keepalived_healthcheckers[16093]: Netlink reflector reports IP 172.25.23.100 removed Apr 4 22:57:38 server20 Keepalived_healthcheckers[16093]: Removing service [172.25.23.22]:80 from VS [172.25.23.100]:80 Apr 4 22:57:38 server20 Keepalived_healthcheckers[16093]: Removing service [172.25.23.24]:80 from VS [172.25.23.100]:80 Apr 4 22:57:38 server20 Keepalived_healthcheckers[16093]: Stopped
- Serr21.com shows above that the service is being configured
Apr 4 22:57:45 server21 Keepalived_vrrp[6283]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 172.25.23.100 Apr 4 22:57:45 server21 Keepalived_vrrp[6283]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:57:45 server21 Keepalived_vrrp[6283]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:57:45 server21 Keepalived_vrrp[6283]: Sending gratuitous ARP on eth0 for 172.25.23.100 Apr 4 22:57:45 server21 Keepalived_vrrp[6283]: Sending gratuitous ARP on eth0 for 172.25.23.100
- Address is already properly configured
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:62:3a:95 brd ff:ff:ff:ff:ff:ff
inet 172.25.23.21/24 brd 172.25.23.255 scope global eth0
inet 172.25.23.100/32 scope global eth0
- The rules for ipvsadm have also been transferred
[root@server21 ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.25.23.100:http rr -> 172.25.23.22:http Route 1 0 0 -> 172.25.23.24:http Route 1 0 0
- Access to services is also normal;