redhat linux AS3.0 使用IPVSADM 和arptables做负载均衡

lin_kz

最近公司要用LVS做负载均衡，系统使用的Redhat AS3.0, 网上合适的文档不多，要么是hidden arp配置的选项没有，要么需要打补丁，改内核，非常的麻烦。经过几天的努力和测试，查询大量的文档和LVS资料，终于找到了一个比较方便的，不需要修改内核的方法，发出来给大家共享。
一、LVS--DR  configuration
1、ENV
OS:RedHat AS3
Packeage:ipvsadm-1.21-9.ipvs108.i386.rpm
2、system architecture
director server:10.64.20.112
real server1:10.64.20.110
real server2:10.64.20.111
VIP:10.64.20.113
real server1 and 2 Ip address are configured on eth0
we first assume all servers are finished installed.

3. director server configuration:
#install ipvsadm
rom -ivh ipvsadm-1.21-9.ipvs108.i386.rpm

#confiigure ip forward and redirects
echo "0" >/proc/sys/net/ipv4/ip_forward
echo "1" >/proc/sys/net/ipv4/conf/default/send_redirects
echo "1" >/proc/sys/net/ipv4/conf/lo/send_redirects

#configure VIP address
/sbin/ifconfig eth0:0 10.64.20.113 broadcast 10.64.20.113 netmask 255.255.255.255 up
/sbin/route add -host 10.64.20.113 dev eth0:0

#configre ipvsadm
ipvsadm -C
ipvsadm -A -t 10.64.20.113:http -s rr
ipvsadm -a -t 10.64.20.113:http -r 10.64.20.111 -g -w 1
ipvsadm -a -t 10.64.20.113:http -r 10.64.20.110 -g -w 1

4. real server1 config

#configure ip forward
echo "0" >/proc/sys/net/ipv4/ip_forward

#configure VIP on realserver and route
/sbin/ifconfig lo:0 10.64.20.113 broadcast 10.64.20.113 netmask 255.255.255.255 up
/sbin/route add -host 10.64.20.113 dev lo:0

#hidden arp request
arptables -A IN -d 10.64.20.113 -j DROP
arptables -A OUT -o lo -d  10.64.20.113 -j mangle --mangle-ip-s  10.64.20.113
arptables -A OUT -o eth0 -d  10.64.20.113 -j mangle --mangle-ip-s  10.64.20.110
arptables -A OUT -o eth1 -d  10.64.20.113 -j mangle --mangle-ip-s  <real_ip_on_eth1>  (if you have eth1 connect to network)
5. real server2 config

#configure ip forward
echo "0" >/proc/sys/net/ipv4/ip_forward

#configure VIP on realserver and route
/sbin/ifconfig lo:0 10.64.20.113 broadcast 10.64.20.113 netmask 255.255.255.255 up
/sbin/route add -host 10.64.20.113 dev lo:0
#hidden arp request
arptables -A IN -d 10.64.20.113 -j DROP
arptables -A OUT -o lo -d  10.64.20.113 -j mangle --mangle-ip-s  10.64.20.113
arptables -A OUT -o eth0 -d  10.64.20.113 -j mangle --mangle-ip-s  10.64.20.111
arptables -A OUT -o eth1 -d  10.64.20.113 -j mangle --mangle-ip-s  <real_ip_on_eth1>  (if you have eth1 connect to network)

6. check with IE.
on Director server check ipvsadm list:
#ipvsadm -L


二、LVS--TUN  configuration
1、ENV
OS:RedHat AS3
Packeage:ipvsadm-1.21-9.ipvs108.i386.rpm
2、system architecture
director server:10.64.20.112
real server1:10.64.20.110
real server2:10.64.20.111
VIP:10.64.20.113
real server1 and 2 Ip address are configured on eth0
we first assume all servers are finished installed.

3. Director Server
#!/bin/bash
#set ip_forward on for vs-tun director(1 on, 0 off)
echo "0" >/proc/sys/net/ipv4/ip_forward
#add ethernet device and routing for VIP
/sbin/ifconfig eth0:0 10.64.20.113 broadcast 10.64.20.113 netmask 255.255.255.255 up
/sbin/route add -host 10.64.20.113 dev eth0:0
ipvsadm -C
ipvsadm -A -t 10.64.20.113:http -s rr
ipvsadm -a -t 10.64.20.113:http -r 10.64.20.110 -i -w 1
ipvsadm -a -t 10.64.20.113:http -r 10.64.20.111 -i -w 1

4.real server 1
       

#!/bin/bash
#set_realserver_ip_forwarding to OFF(1 on, 0 off)
echo "0" >/proc/sys/net/ipv4/ip_forward

#install_readserver_vip
insmod ipip
ifconfig tunl0 10.64.20.113 broadcast 10.64.20.113 netmask 255.255.255.255 up
route add -host 10.64.20.113 dev tunl0

#hiding interface tunl0, will not arp
arptables -A IN -d 10.64.20.113 -j DROP
arptables -A OUT -o tunl0 -d  10.64.20.113 -j mangle --mangle-ip-s  10.64.20.113
arptables -A OUT -o eth0 -d  10.64.20.113 -j mangle --mangle-ip-s  10.64.20.110
arptables -A OUT -o eth1 -d  10.64.20.113 -j mangle --mangle-ip-s  <real_ip_on_eth1>  (if you have eth1 connect to network)

5.real server 2
       

#!/bin/bash
#set_realserver_ip_forwarding to OFF(1 on, 0 off)
echo "0" >/proc/sys/net/ipv4/ip_forward

#install_readserver_vip
insmod ipip
ifconfig tunl0 10.64.20.113 broadcast 10.64.20.113 netmask 255.255.255.255 up
route add -host 10.64.20.113 dev tunl0

#hiding interface tunl0, will not arp
arptables -A IN -d 10.64.20.113 -j DROP
arptables -A OUT -o tunl0 -d  10.64.20.113 -j mangle --mangle-ip-s  10.64.20.113
arptables -A OUT -o eth0 -d  10.64.20.113 -j mangle --mangle-ip-s  10.64.20.111
arptables -A OUT -o eth1 -d  10.64.20.113 -j mangle --mangle-ip-s  <real_ip_on_eth1>  (if you have eth1 connect to network)

6. check with IE.
on Director server check ipvsadm list:
#ipvsadm -L

haohaoo

这样有检测real server么？

lky

可实现LVS服务器冗余、real server检测。可通过图形界面很方便的配置

bluejack

楼主呢  后续问题有介绍么