LVS 서버 keepalived 설치 및 구성
LVS 서버 keepalived 설치 및 구성
서버 정보
LVS : 192.168.0.101
vip : 192.168.0.100
www1 : 192.168.0.102
www2 : 192.168.0.103
DB : 192.168.0.104
1. /etc/sysctl.conf 에서 net.ipv4.ip_forward = 1로 수정 후 적용
sysctl -p
2. ipvsadm 설치
yum install -y ipvsadm
3. keepalived 압축해제 및 설치
[root@localhost ~ ]# tar xvzfp keepalived-1.2.1.tar.gz
[root@localhost ~ ]# cd keepalived-1.2.1
[root@localhost ~ ]#./configure –with-kernel-dir=/usr/src/kernels/2.6.18-164.11.1.el5-x86_64
~
Keepalived configuration
————————
Keepalived version : 1.2.1
Compiler : gcc
Compiler flags : -g -O2 -DETHERTYPE_IPV6=0x86dd
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework : Yes
Use Debug flags : No
[root@localhost ~ ]# make
~
Building ../bin/genhash
strip ../bin/genhash
Make complete
make[1]: Leaving directory `/root/src/keepalived-1.2.1/genhash’
Make complete
[root@localhost ~ ]# make install
~
make[1]: Leaving directory `/root/src/keepalived-1.2.1/keepalived’
make -C genhash install
make[1]: Entering directory `/root/src/keepalived-1.2.1/genhash’
install -d /usr/local/bin
install -m 755 ../bin/genhash /usr/local/bin/
install -d /usr/local/share/man/man1
install -m 644 ../doc/man/man1/genhash.1 /usr/local/share/man/man1
make[1]: Leaving directory `/root/src/keepalived-1.2.1/genhash’
4. keepalived 설정파일 및 실행파일 symbolic link 설정
[root@localhost ~ ]# ln -s /usr/local/etc/keepalived /etc/keepalived
[root@localhost ~ ]# ln -s /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/keepalived
[root@localhost ~ ]# ln -s /usr/local/etc/sysconfig/keepalived /etc/sysconfig/keepalived
5. keepalived.conf 설정
[root@localhost ~ ]# vi /etc/keepalived/keepalived.conf
———————————————————————–
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.0.101
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
garp_master_delay 5
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.100
}
}
virtual_server 192.168.0.100 80 {
delay_loop 6
lb_algo lc
lb_kind DR
! persistence_timeout 50
protocol TCP
! sorry_server 192.168.0.101 1358
real_server 192.168.0.102 80 {
weight 1
HTTP_GET {
url {
path /
digest 8b97db165eaf8d8d3a549418aee46738
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.0.103 80 {
weight 1
HTTP_GET {
url {
path /
digest 78d20f502a13c1b23c2fbc91614cbba3
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
———————————————————————–
real 서버에 대한 digest 값은 아래와 같이 확인한다.
[root@localhost ~ ]# genhash -s 192.168.0.102 -p 80 –url /
MD5SUM = 8b97db165eaf8d8d3a549418aee46738
[root@localhost ~ ]# genhash -s 192.168.0.103 -p 80 –url /
MD5SUM = 78d20f502a13c1b23c2fbc91614cbba3
6. keepalived 데몬 실행
[root@localhost ~ ]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
데몬 실행시 아래와 같이 에러가 발생할 경우
[root@localhost ~ ]# /etc/init.d/keepalived start
Starting keepalived: /bin/bash: keepalived: command not found
[FAILED]
/etc/rc.d/init.d/keepalived 파일의 상단에 PATH를 지정해 주거나, daemon keepalived 부분에 절대경로를 삽입한다.
PATH=/sbin:/bin:/usr/bin:/usr/sbin:/usr/local/sbin
or
daemon keepalived –> daemon /usr/local/sbin/keepalived
7. vip 확인 및 ipvsadm -l 로 load balancing 상태 확인
[root@localhost ~ ]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 00:30:48:fb:d1:4e brd ff:ff:ff:ff:ff:ff
inet 192.168.0.101/24 brd 192.168.0.255 scope global eth0
inet 192.168.0.100/32 scope global eth0
inet6 fe80::230:48ff:fefb:d14e/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop qlen 1000
link/ether 00:30:48:fb:d1:4f brd ff:ff:ff:ff:ff:ff
4: sit0: <NOARP> mtu 1480 qdisc noop
link/sit 0.0.0.0 brd 0.0.0.0
[root@localhost ~ ]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.100:http lc
-> 192.168.0.102:http Route 1 0 0
-> 192.168.0.103:http Route 1 0 0
8. real server 커널 파라미터 변경
[root@localhost ~ ]# vi /etc/sysctl.conf
net.ipv4.conf.eth0.arp_ignore = 1
net.ipv4.conf.eth0.arp_announce = 2
[root@localhost ~ ]# sysctl -p
9. real 서버에 loop back IP 등록
[root@localhost ~ ]# ifconfig lo:0 192.168.0.100 netmask 255.255.255.255 broadcast 192.168.0.100 up
/etc/rc.local 에 추가하거나. /etc/sysconfig/network-scripts/ifcfg-lo:0 파일 생성