LVS操作手册
BY 王平安_阿骨打 吴佳明_普空
1 集群模式-配置(单台)
a) 安装系统和工具
# 参见lvs-fullnat-synproxy.tar中的README, 包括 LVS kernel和keepalived等的编译方法;
b) 内核启动参数
在kernel一行中,添加“nohz=off ”
注:如果不关闭nohz,大压力下CPU0可能会消耗过高,压力不均匀; c) Sysctl配置
路径:/etc/sysctl.conf
# configure for lvs
net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.core.netdev_max_backlog = 500000
d) 配置网卡参数
路径:/etc/rc.local 关闭网卡LRO和GRO
# ethtool -K eth0 gro off # ethtool -K eth0 lro off
绑定网卡中断
# set_irq_affinity eth0 #脚本参见附录,该脚本是ixgbe/igb driver网卡
e) 关闭系统参数
路径:/etc/rc.local
关闭irqbalance
# service irqbalance stop
# chkconfig --level 2345 irqbalance off f) LocalAddress配置
路径:/etc/rc.local
Local address绑定到内网(下联)网卡上
ip addr add 192.168.100.1/32 dev eth1 ip addr add 192.168.100.2/32 dev eth1 ip addr add 192.168.100.3/32 dev eth1 ip addr add 192.168.100.4/32 dev eth1 ip addr add 192.168.100.5/32 dev eth1
g) Zebra.conf
路径:/etc/quagga/zebra.conf
启动方式:/usr/sbin/zebra -d -f /etc/quagga/zebra.conf
hostname lvs-route-4 password 8 123456 enable password 8 123456 log file /var/log/zebra.log service password-encryption
h) Ospf.conf
路径:/etc/quagga/ospf.conf
启动方式:/usr/sbin/ospfd -d -f /etc/quagga/ospf.conf
hostname lvs-4-ospfd password 8 123456 enable password 8 123456 log file /var/log/ospf.log log stdout log syslog
service password-encryption
interface eth0 //上连网卡号
ip ospf message-digest-key 8 md5 123456 ip ospf hello-interval 3 ip ospf dead-interval 12
router ospf
ospf router-id 192.168.0.14 //route id配置为 上连网卡接口ip log-adjacency-changes
auto-cost reference-bandwidth 1000
network 1.1.1.0/24 area 0.0.0.11 // VIP网段
network 192.168.0.12/30 area 0.0.0.11 // 上连IP网段 area 0.0.0.11 authentication message-digest area 0.0.0.11 stub no-summary
i) Keepalived.conf
启动:service keepalived start 更新:service keepalived reload 停止:service keepalived stop
Keepalived的配置包含2个文件,以taobao业务为例:
说明:一个集群内的所有LVS配置文件基本相同,区别的地方见红色区域 i. 主配置文件keepalived.conf
路径:/etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs {
# notification_email { # abc@taobao.com # }
# notification_email_from abc@taobao.com
# smtp_server 192.168.200.1 # smtp_connect_timeout 40 }
local_address_group laddr_g1 { 192.168.100.1 192.168.100.2 192.168.100.3 192.168.100.4 192.168.100.5 }
! include virtual server configure file include taobao.conf
ii. 业务配置文件 “业务名.conf” 路径:/etc/keepalived/taobao.conf
virtual_server_group taobao { 1.1.1.1 80 //vip1 1.1.1.2 80 //vip2 }
!for taobao.com
virtual_server group taobao { delay_loop 7
lb_algo rr
lb_kind FNAT
protocol TCP
syn_proxy
laddr_group_name laddr_g1
alpha //启动alpha模式,以便自动绑定vip omega // 启动omega模式,以便自动解除vip quorum 1 hysteresis 0
quorum_up \quorum_down \
/* healthcheck for L4 */ real_server 192.168.1.1 80 {
weight 100
inhibit_on_failure
TCP_CHECK {
connect_timeout 5 }
}
/* healthcheck for L7 */ real_server 192.168.1.2 80 { weight 100
inhibit_on_failure HTTP_GET { url {
path /index.html status_code 200 }
connect_timeout 3 nb_get_retry 2 delay_before_retry 5 } } }
j)
环境检查 i. 重要性高
在LVS刚部署完毕,或者运维操作完毕时,都必须检查以下配置; ? 命令ip addr list,查看后端VIP是否绑定正确, 查看local address是否绑定正确 ? 命令ipvsadm –ln,查看流量是否过来,各RS上流量是否均匀,流量大小是否
符合预期;
? 命令ps aux | grep keepalived,查看keepalived进程个数是否正确 ? 命令tcpdump –i any –nnn | grep OSPF, 查看ospf心跳是否正常 ? 命令route –n, 查看ospf生成的路由是否正常
? 命令tail –n 1000 /var/log/message, 查看keepalived启动日志是否异常 ii. 重要性低
除了检查“3.1 重要性高”的点,还需要检查以下信息:
? 执行cat /proc/interrupts | grep ethx,其中ethx为万兆网卡,查看网卡中断是
否被正确地绑定在N个核上;
? 在client上curl vip,在lvs上curl rs_ip,查看能否curl通;
2 主备模式-配置(单台)
a) 安装系统和工具
# 参见lvs-fullnat-synproxy.tar中的README,包括 LVS kernel和keepalived等的编译方法;
b) 内核启动参数
在kernel一行中,添加“nohz=off ”
注:如果不关闭nohz,大压力下CPU0可能会消耗过高,压力不均匀; c) Sysctl配置
路径:/etc/sysctl.conf
# configure for lvs
net.core.netdev_max_backlog = 500000
d) 配置网卡参数
路径:/etc/rc.local 关闭网卡LRO和GRO
# ethtool -K eth0 gro off # ethtool -K eth0 lro off
绑定网卡中断
# set_irq_affinity eth0 #脚本参见附录,该脚本是ixgbe/igb driver网卡
e) 关闭系统参数
路径:/etc/rc.local
关闭irqbalance
# service irqbalance stop
# chkconfig --level 2345 irqbalance off f)
LocalAddress配置 路径:/etc/rc.local
Local address绑定到内网(下联)网卡上
ip addr add 192.168.100.1/32 dev eth1 ip addr add 192.168.100.2/32 dev eth1 ip addr add 192.168.100.3/32 dev eth1 ip addr add 192.168.100.4/32 dev eth1 ip addr add 192.168.100.5/32 dev eth1
g) Keepalived.conf
启动:service keepalived start 更新:service keepalived reload 停止:service keepalived stop
Keepalived的配置包含2个文件,以taobao业务为例:
说明:一个集群内的所有LVS配置文件基本相同,区别的地方见红色区域 i. 主配置文件keepalived.conf
路径:/etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs {
# notification_email { # abc@taobao.com # }
# notification_email_from abc@taobao.com # smtp_server 192.168.200.1 # smtp_connect_timeout 40 }
local_address_group laddr_g1 { 192.168.100.1 192.168.100.2 192.168.100.3