LVS

标签：优化   session   用户   def   lib   time   glob   主机   lis   

tar zxvf keepalived-1.2.7.tar.gz
cd keepalived-1.2.7
./configure --prefix=/usr/local/keepalived
make
make install

mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/keepalived

2. 配置
   global_defs {
   router_id LVS
   }

vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.1.50
}
}

virtual_server 10.10.1.50 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 7200
protocol TCP

real_server 10.10.1.53 80 {
    weight 3               
    TCP_CHECK {
    connect_timeout 3       
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
}
real_server 10.10.1.54 80 {
    weight 3
    TCP_CHECK {
    connect_timeout 3
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
 }

}

3. real_server上需要执行脚本启动VIP
   #!/bin/bash
   SNS_VIP=10.10.1.50
   . /etc/rc.d/init.d/functions
   case "$1" in
   start)
   ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP up
   /sbin/route add -host $SNS_VIP dev lo:0
   echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
   echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
   echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
   echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
   sysctl -p >/dev/null 2>&1
   echo "RealServer Start OK"
   ;;
   stop)
   ifconfig lo:0 down
   route del $SNS_VIP >/dev/null 2>&1
   echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
   echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
   echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
   echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
   echo "RealServer Stoped"
   ;;
   *)
   echo "Usage: $0 {start|stop}"
   exit 1
   esac
   exit 0

4. 其他注意点
   ① real_server上需要开启IP转发
   sed -i ‘s/net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 0/g‘ /etc/sysctl.conf
   sysctl -p

② vrrp防火墙设置
-A INPUT -d 224.0.0.18 -j ACCEPT

5. lvs长链接的优化
   ① 查看是ipvsadm --list --timeout, 比如我的机器就会返回如下结果：
   Timeout (tcp tcpfin udp): 7200 5 60
   这就表明我的tcp session的timeout时间是7200秒。
   设置timeout：
   ipvsadm --set 7200 5 60
   这个值如果设置太小，你的client将会收到 connection reset by peer此类的错误提示。
   ② keepalived的配置：
   就是virtual_server的persistence_timeout ，意思就是在这个一定时间内会讲来自同一用户（根据ip来判断的）route到同一个real
   server。对于长连接类的应用，你肯定需要这么做。配置值最好跟lvs的配置的timeout一致。

6. 命令行模式（不安装keepalived）
   添加记录
   ipvsadm -A -t 10.66.10.200:80 -s rr -p 60
   添加真实主机
   ipvsadm -a -t 10.66.10.200:80 -r 10.66.10.197:80 -g
   ipvsadm -a -t 10.66.10.200:80 -r 10.66.10.198:80 -g
   删除真实主机
   ipvsadm -d -t 10.66.10.200:80 -r 10.66.10.198:80
   删除记录
   ipvsadm -D -t 10.66.10.200:80

LVS

标签：优化   session   用户   def   lib   time   glob   主机   lis   

原文地址：http://blog.51cto.com/14123407/2335287