LVS+keepalived+nginx

LVS是Linux Virtual Server的简写，基于4层协议不处理，不响应，只转发，速度更快

wget -c http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz

ln -s /usr/src/kernels/2.6.*  /usr/src/linux  //IPVS模块编译进内核里，需要做软连接

tar xzvf ipvsadm-1.24.tar.gz &&cd ipvsadm-1.24 && make && make install

wget -c  http://www.keepalived.org/software/keepalived-1.1.15.tar.gz

tar -xzvf keepalived-1.1.15.tar.gz &&cd keepalived-1.1.15

./configure --prefix=/usr/local/keepalived --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86_64/;make&&make install

cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

cp  /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

cp /usr/local/keepalived/sbin/keepalived  /usr/sbin/

cp -r /usr/local/keepalived/etc/keepalived/ /etc

192.168.10.130，192.168.10.128为均衡的后端机器  ，192.168.10.131 192.168.10.132 为LVS主备

MASTER配置文件

! Configuration File for keepalived
global_defs {
notification_email {
liu6630@qq.com
}
notification_email_from liu6630@qq.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 152
priority 100
advert_int 5
nopreempt
authentication {
auth_type PASS
auth_pass 2222
}
virtual_ipaddress {
192.168.10.141
}
}
virtual_server 192.168.10.141 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 60
protocol TCP
real_server 192.168.10.128 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.10.130 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}

BACKUP配置文件 将priority 改小些就行

real_server 真实服务器起执行脚本lvs_realserver.sh

#!/bin/sh
#LVS Client Server
VIP=192.168.10.141
case $i in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
exit 0
;;
stop)
ifconfig lo:0 down
route del $VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped OK"
exit 1
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac

LVS不会检测你后端502超时错误，只关心80端口是否开启对于应用来说，这样检测明显不足，可以增加LVS对后端Nginx URL的检测，能访问URL则表示服务正常，代码：real_server 192.168.1.4 80 {

weight 100

HTTP_GET {

        url {

 

        path /monitor/warn.jsp

 

        status_code 200

 

        }

connect_timeout 10

nb_get_retry 3

delay_before_retry 3

}

}

与mysql+keepalived去区别，real_server 不能为本机 IP

lvs的设置：
查看是ipvsadm --list --timeout, 比如我的机器就会返回如下结果：
# ipvsadm --list --timeout
Timeout (tcp tcpfin udp): 7200 5 60
这就表明我的tcp session的timeout时间是7200秒。
设置timeout：
ipvsadm --set 7200 5 60
这个值如果设置太小，你的client将会收到 connection reset by peer此类的错误提示。
keepalived的配置：
就是virtual_server的persistence_timeout，意思就是在这个一定时间内会讲来自同一用户（根据ip来判断的）route到同一个real
server。对于长连接类的应用，配置值最好跟lvs的配置的timeout一致。

排错

1.编译是否加了内核 没加内核不会启动检测 加了

2配置文件是否在 /etc/keepalivde 下  cp -r /usr/local/keepalived/etc/keepalived/ /etc

3是否加载modprobe ip_vs   未加载虚拟IP模块 有VIP其他服务也不能访问VIP

4是否VIP与真实IP同一网段且无IP冲突 

5VIP是否起来 可以用 ip addr list 查看

6 virtual_router_id  同一集群的keepalived的主、备机的virtual_router_id 必须相同,取值0-255 但是同一内网中不应有相同virtual_router_id的集群

7 ipvsadm -ln 察看IPVS规则 是否添加真实服务器

8tcpdump  -nn port 80 and host 192.168.10.141

9ab -c 100 -n 1000 http://192.168.10.141/  压测