一、資源規劃

    在開始搭建之前，我們首先需要準備和規劃好搭建所需的資源。因為效能等方面的考慮，我們使用當前比較流行的DR模式。

搭建前我們需要了解，搭建環境的機器必須在同一網段內，此次環境搭建需要1個VIP和四臺機器（我這裡使用四臺VM）

具體清單如下：

二、配置real server

在/usr/local/sbin下新建realserver.sh，並修改許可權為可執行。

在配置的過程中，需要注意VIP的掩碼需要配置成32位

下面的配置用來在real server上啟用一個VIP，並讓這個VIP忽略網路中的ARP請求。

         #realserver.sh

        =========================================================================

           #!/bin/sh

RS_VIP=30.16.252.240

sh /etc/rc.d/init.d/functions

case "$1" in

start)

       ifconfig lo:0 $RS_VIP netmask 255.255.255.255 broadcast $RS_VIP

       /sbin/route add -host $RS_VIP dev lo:0

       echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore

       echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce

       echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore

       echo "2">/proc/sys/net/ipv4/conf/all/arp_announce

       sysctl -p >/dev/null 2>&1

       echo "RealServer Start OK"

       ;;

stop)

       ifconfig lo:0 down

       route del $RS_VIP >/dev/null2>&1

       echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore

       echo "0">/proc/sys/net/ipv4/conf/lo/arp_announce

       echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore

       echo "0">/proc/sys/net/ipv4/conf/all/arp_announce

       echo "RealServer Stoped"

       ;;

*)

       echo "Usage: $0 {start|stop}"

       exit 1

esac

exit 0

        ===========================================================================

配置完後，執行：sh realserver.sh start

         需要配置開機自啟動：echo "/usr/local/sbin/realserver.sh start" >> /etc/rc.local

兩臺real server的配置是相同的，都要啟動。

搭建應用：

在兩臺real server上部署tomcat，並新建應用test，在test下新建index.html

         #index.html

        [30.16.252.188:8080]   #根據兩臺機器真實值填寫。

三、安裝keepalived

1. 我們選擇keepalived的版本為1.2.8. 具體安裝步驟如下：

         cd /usr/local

         tar -zxvf keepalived-1.2.8.tar.gz

         cd keepalived-1.2.8

         #在執行下面命令前請先做檢查

         #如果沒有這個目錄：/usr/src/kernels/2.6.32-642.6.2.el6.x86_64，可執行命令：yum install kernel-headers kernel-devel

         #如果沒有/usr/src/linux這個目錄，可以執行命令：ln -s /usr/src/kernels/2.6.32-642.6.2.el6.x86_64 /usr/src/linux

         #2.6.32-642.6.2.el6.x86_64為系統核心版本號，大家機器上的目錄可能都不同，執行命令時，以機器上真實的值為準。

./configure  --sysconf=/etc  --with-kernel-dir=/usr/src/linux

         make && make install

ln -s /usr/local/sbin/keepalived /sbin/keepalived

         #中間任何一步有報錯都是缺少依賴包造成，我們需要安裝：

yum install libnl* libpopt*

         yum install popt-devel popt-static

yum install libnfnetlink libnfnetlink-devel

然後編譯和安裝就會通過。

         2. 修改配置檔案

         keepalived的配置檔案位置：/etc/keepalived/keepalived.conf

         30.16.252.190 Master的配置如下：

        ============================================================================

vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 163

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        30.16.252.240

    }

}

virtual_server 30.16.252.240 8080 {

    delay_loop 2

    lb_algo rr

    lb_kind DR

    #persistence_timeout50

    protocol TCP

    real_server 30.16.252.188 8080 {

      weight 1

      TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

      }

    }

    real_server 30.16.252.189 8080 {

      weight 1

      TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

      }

    }

}

        =============================================================================

           30.16.252.191Backup的配置如下：

        =============================================================================

vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 163

    priority 99

    advert_int 1

    authentication {

    auth_type PASS

    auth_pass 1111

    }

virtual_ipaddress {

30.16.252.240

    }

}

virtual_server 30.16.252.240 8080 {

    delay_loop 2

    lb_algo rr

    lb_kind DR

    #persistence_timeout50

    protocol TCP

    real_server 30.16.252.188 8080 {

    weight 1

    TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

}

}

real_server 30.16.252.189 8080 {

    weight 1

    TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

    }

    }

}

        =============================================================================

         3. 啟動keepalived

             service keepalived start

啟動日誌可檢視：/var/log/message

            ===========================================================================================================

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Netlink reflector reports IP 30.16.252.190added

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Netlink reflector reports IPfe80::455:4ff:fe00:43ae added

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Registering Kernel netlink reflector

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Registering Kernel netlink command channel

Mar  2 10:31:44 SZC-L0051222Keepalived_vrrp[305580]: Opening file '/etc/keepalived/keepalived.conf'.

Mar  2 10:31:44 SZC-L0051222Keepalived_vrrp[305580]: Configuration is using : 60678 Bytes

Mar  2 10:31:44 SZC-L0051222Keepalived_vrrp[305580]: Using LinkWatch kernel netlink reflector...

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Opening file'/etc/keepalived/keepalived.conf'.

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Configuration is using : 18337 Bytes

Mar  2 10:31:44 SZC-L0051222Keepalived_vrrp[305580]: VRRP sockpool: [ifindex(2), proto(112), unicast(0),fd(10,11)]

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Using LinkWatch kernel netlink reflector...

Mar 2 10:31:44 SZC-L0051222 Keepalived_healthcheckers[305578]: Activatinghealthchecker for service [30.16.252.188]:8080    #檢測要負載的real server的健康狀況

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Activating healthchecker for service[30.16.252.189]:8080

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Activating healthchecker for service[30.16.252.188]:8088

Mar  2 10:31:44 SZC-L0051222Keepalived_healthcheckers[305578]: Activating healthchecker for service[30.16.252.189]:8088

Mar 2 10:31:45 SZC-L0051222 Keepalived_vrrp[305580]: VRRP_Instance(VI_1)Transition to MASTER STATE      #keepalived direcotor server 之間通訊

Mar  2 10:31:46SZC-L0051222 Keepalived_vrrp[305580]: VRRP_Instance(VI_1) Entering MASTER STATE

Mar  2 10:31:46 SZC-L0051222Keepalived_vrrp[305580]: VRRP_Instance(VI_1) setting protocol VIPs.

Mar  2 10:31:46 SZC-L0051222Keepalived_vrrp[305580]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0for 30.16.252.240

Mar  2 10:31:46 SZC-L0051222Keepalived_healthcheckers[305578]: Netlink reflector reports IP 30.16.252.240added

Mar  2 10:31:51 SZC-L0051222Keepalived_vrrp[305580]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0for 30.16.252.240

 ==============================================================================================================================

四、負載驗證

因在Director server上不能訪問對外提供的VIP，所以又在同網段找了一臺機器進行驗證。

因為防火牆等原因，不能直接使用browser來進行驗證，所以就寫了程式，因為使用了rr(輪詢演算法)，所以1000次訪問，兩臺server各訪問500次。

    注意：persistence_timeout配置可以進行會話保持，即同一臺機器在設定的時間內，請求會定向到同一臺real server.

驗證正常。