LVS

1. 安装
   yum install popt popt-devel libnl libnl-devel kernel-headers kernel-devel openssl openssl-devel
   rpm -ivh popt-static-1.13-7.el6.x86_64.rpm
   tar zxvf ipvsadm-1.26.tar.gz
   cd ipvsadm-1.26
   make
   make install

tar zxvf keepalived-1.2.7.tar.gz
cd keepalived-1.2.7
./configure --prefix=/usr/local/keepalived
make
make install

mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/keepalived

2. 配置
   global_defs {
   router_id LVS
   }

vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.1.50
}
}

virtual_server 10.10.1.50 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 7200
protocol TCP

real_server 10.10.1.53 80 {
    weight 3               
    TCP_CHECK {
    connect_timeout 3       
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
}
real_server 10.10.1.54 80 {
    weight 3
    TCP_CHECK {
    connect_timeout 3
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
 }

}

3. real_server上须要执行脚本启动VIP
   #!/bin/bash
   SNS_VIP=10.10.1.50
   . /etc/rc.d/init.d/functions
   case "$1" in
   start)
   ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP up
   /sbin/route add -host $SNS_VIP dev lo:0
   echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
   echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
   echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
   echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
   sysctl -p >/dev/null 2>&1
   echo "RealServer Start OK"
   ;;
   stop)
   ifconfig lo:0 down
   route del $SNS_VIP >/dev/null 2>&1
   echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
   echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
   echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
   echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
   echo "RealServer Stoped"
   ;;
   *)
   echo "Usage: $0 {start|stop}"
   exit 1
   esac
   exit 0

4. 其余注意点
   ① real_server上须要开启IP转发
   sed -i 's/net.ipv4.ip_forward = 1/net.ipv4.ip_forward = 0/g' /etc/sysctl.conf
   sysctl -p

② vrrp防火墙设置
-A INPUT -d 224.0.0.18 -j ACCEPT

5. lvs长连接的优化
   ① 查看是ipvsadm --list --timeout, 好比个人机器就会返回以下结果：
   Timeout (tcp tcpfin udp): 7200 5 60
   这就代表个人tcp session的timeout时间是7200秒。
   设置timeout：
   ipvsadm --set 7200 5 60
   这个值若是设置过小，你的client将会收到 connection reset by peer此类的错误提示。
   ② keepalived的配置：
   就是virtual_server的persistence_timeout ，意思就是在这个必定时间内会讲来自同一用户（根据ip来判断的）route到同一个real
   server。对于长链接类的应用，你确定须要这么作。配置值最好跟lvs的配置的timeout一致。

6. 命令行模式（不安装keepalived）添加记录ipvsadm -A -t 10.66.10.200:80 -s rr -p 60添加真实主机ipvsadm -a -t 10.66.10.200:80 -r 10.66.10.197:80 -gipvsadm -a -t 10.66.10.200:80 -r 10.66.10.198:80 -g删除真实主机ipvsadm -d -t 10.66.10.200:80 -r 10.66.10.198:80删除记录ipvsadm -D -t 10.66.10.200:80