export D=/tmp/downloadmkdir $Dcd $Dwget http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.20.tar.gzwget http://www.linuxvirtualserver.org/software/kernel-2.4/linux-2.4.20-ipvs-1.0.9 .patch.gzwget http://www.linuxvirtualserver.org/software/kernel-2.4/ipvs-1.0.9.tar.gztar zxvf linux-2.4.20.tar.gztar zxvf ipvs-1.0.9.tar.gzgunzip linux-2.4.20-ipvs-1.0.9.patch.gzmv linux-2.4.20 /usr/src/linux-2.4.20cd /usr/srcrm -f linux-2.4ln -s linux-2.4.20 linux-2.4cd linux-2.4patch -p1 < $D/ipvs-1.0.9/contrib/patches/hidden-2.4.20pre10-1.diff (arp for LVS-DR/LVS-Tun)patch -p1 < $D/linux-2.4.20-ipvs-1.0.9.patch (仅在编译Director内核时打补丁)make mrpropercp /boot/config-2.4.20-8 .config (使用Red Hat 9自带的config内核配置文件或使用/usr/src/linux-2.4.7-10/configs下的配置文件)make menuconfig(参照相关ipvs及内核配置)或在图形界面运行: make xconfig
相关网络内核选项:
make depmake cleanmake bzImagemake modulesmake modules_installcp arch/i386/boot/bzImage /boot/ vmlinuz-2.4.20-lvs (rs)cp System.map /boot/System.map.2.4.20-lvs (rs)cp vmlinux /boot/vmlinux-2.4.20-lvs (rs) cd /bootrm -f System mapln -s System.map.2.4.20-lvs (rs) System.mapvi /boot/grub/grub.conf:title 2.4.20-lvs root (hd0,0) kernel /boot/vmlinuz-2.4.20-lvs (rs) ro root=/dev/xxx
如果要安装该内核在其它机器上:
tar czf linux-2.4.20-dir.tgz /usr/src/linux-2.4.20/在其它机器上解压tar zxvf linux-2.4.20-dir.tgz 放置到/usr/srcrm -f linux-2.4ln -s linux-2.4.20 linux-2.4cd linux-2.4make modules_installcp arch/i386/boot/bzImage /boot/ vmlinuz-2.4.20-lvs (rs)cp System.map /boot/System.map.2.4.20-lvs (rs)cd /bootrm -f System mapln -s System.map.2.4.20-lvs (rs) System.mapvi /boot/grub/grub.conf:title 2.4.20-lvs root (hd0,0) kernel /boot/vmlinuz-2.4.20-lvs (rs) ro root=/dev/xxx
2.6.2Director上ipvsadm 的安装:用打过ipvs和hidden(for LVS-DR/LVS-Tun)补丁的新内核启动linux
cd / tmp/download/ipvs-1.0.9/ipvs/ipvsadmmake install
检查ipvsadm 探测到内核的ipvs的补丁可以运行
ipvsadm
如果成功你会看到类似于如下内容:
director: /usr/src# ipvsadmIP Virtual Server version 0.2.7 (size=4096)Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn
说明安装成功运行lsmod | grep ip_vs 可以看到ip_vs模块已经被插入内核运行。2.6.3.运行脚本( Run Scripts )以下以最常用的LVS-DR模式来介绍相关的脚本设置( 以Telnet服务, 轮叫(rr)策略为例 )2.6.3.1Director上:
#!/bin/bash#---------------mini-rc.lvs_dr-director------------------------#set ip_forward OFF for vs-dr director (1 on, 0 off)cat /proc/sys/net/ipv4/ip_forwardecho 0 >/proc/sys/net/ipv4/ip_forward#director is not gw for realservers: leave icmp redirects onecho 'setting icmp redirects (1 on, 0 off) 'echo 1 >/proc/sys/net/ipv4/conf/all/send_redirectscat /proc/sys/net/ipv4/conf/all/send_redirectsecho 1 >/proc/sys/net/ipv4/conf/default/send_redirectscat /proc/sys/net/ipv4/conf/default/send_redirectsecho 1 >/proc/sys/net/ipv4/conf/eth0/send_redirectscat /proc/sys/net/ipv4/conf/eth0/send_redirects#add ethernet device and routing for VIP 192.168.7.110#if use backup director ,pay any attention about bellow/sbin/ifconfig eth0:0 192.168.7.110 broadcast 192.168.7.110 netmask 255.255.255.255 up/sbin/route add -host 192.168.7.110 dev eth0:0#listing ifconfig info for VIP 192.168.7.110/sbin/ifconfig eth0:0#check VIP 192.168.7.110 is reachable from self (director)/bin/ping -c 1 192.168.7.110#listing routing info for VIP 192.168.7.110/bin/netstat -rn#setup_ipvsadm_table#clear ipvsadm table/sbin/ipvsadm -C#installing LVS services with ipvsadm#add telnet to VIP with round robin scheduling/sbin/ipvsadm -A -t 192.168.7.110:telnet -s rr#forward telnet to realserver using direct routing with weight 1/sbin/ipvsadm -a -t 192.168.7.110:telnet -r 192.168.7.11 -g -w 1#check realserver reachable from directorping -c 1 192.168.7.11#forward telnet to realserver using direct routing with weight 1/sbin/ipvsadm -a -t 192.168.7.110:telnet -r 192.168.7.12 -g -w 1#check realserver reachable from directorping -c 1 192.168.7.12#displaying ipvsadm settings/sbin/ipvsadm#not installing a default gw for LVS_TYPE vs-dr#---------------mini-rc.lvs_dr-director------------------------
该段运行脚本对于熟悉Linux网络配置的读者来说应该很容易理解。由于LVS是通过对标准内核打补丁,在内核级提供支持,所以在LVS-DR模式下,首先是进行内核的相关设置。要关闭标准内核下的ip_forward转发方式,即置为0。同时因为LVS-DR模式下,集群的网关是外部网关,而不是负载均衡器。所以要打开icmp包的重定向设置send_redirects置为1。接着就是绑定集群的虚拟服务器的IP地址,并添加一条到该IP地址的主机路由。然后对该虚拟IP做一些必要的自我检测,同时列出路由表。最后是有关ipvasdm的设置,首先清空ipvasdm表,然后添加需要提供负载均衡的服务及调度策略,这里例举的是telnet服务,也可以直接使用端口号,调度策略为轮叫(rr)策略。最后添加转发到真实服务器的直接路由,如果有多台RealServer或需要提供多种服务的负载均衡,依次添加。再做一些到RealServer的网络测试(也可不要),最后显示ipvasdm所有的设置信息。注意:ipvs-1.0.9.tar.gz中包含的ipvsadm是1.21版,安装后在/etc/rc.d/init.d/目录下自动生成了标准的init服务脚本,如果你的Director没有安装备份服务器,你可以通过服务管理工具让它在相应的运行级里自动运行,如果Director是HA系统,则由heartbeat控制运行。另外该服务脚本提供了配置保存功能。配置文件为:/etc/sysconfig/ipvsadm 你必须手工建立。然后在其中输入规则和策略:例如:
-A -t 192.168.7.110:telnet -s rr-A -t 192.168.7.110:http -s rr-a -t 192.168.7.110:telnet -r 192.168.7.11 -g -w 1-a -t 192.168.7.110:http -r 192.168.7.11 -g -w 1
然后存盘。或直接运行:
/sbin/ipvsadm -A -t 192.168.7.110:telnet -s rr/sbin/ipvsadm -A -t 192.168.7.110:http - rr/sbin/ipvsadm -a -t 192.168.7.110:telnet -r 192.168.7.11 -g -w 1/sbin/ipvsadm -a -t 192.168.7.110:http -r 192.168.7.11 -g -w 1
然后运行:/etc/rc.d/init.d/ipvsadm save就可以保存当前配置到/etc/sysconfig/ipvsadm文件中。在具有HA系统的Director上,ipvsadm可以方便地被Heartbeat管理-启动、停止。Director上的VIP(虚拟)服务器地址由Heartbeat负责设置和切换。做法如下:在Heartbeat的配置文件haresources中加类似入如下一行:linuxha1 IPaddr::192.168.7.110/24/192.168.7.255 ipvsadm ldirectord::www ldirectord::mail2.6.3.2. RealServers上:
#!/bin/bash#----------mini-rc.lvs_dr-realserver------------------#installing default gw 192.168.7.254 for vs-dr/sbin/route add default gw 192.168.7.254#showing routing table/bin/netstat -rn#checking if DEFAULT_GW 192.168.1.254 is reachableping -c 1 192.168.7.254#set_realserver_ip_forwarding to OFF (1 on, 0 off).echo 0 >/proc/sys/net/ipv4/ip_forwardcat /proc/sys/net/ipv4/ip_forward#looking for DIP 192.168.7.9ping -c 1 192.168.7.9#looking for VIP (will be on director)ping -c 1 192.168.7.110#install_realserver_vip/sbin/ifconfig lo:0 192.168.7.110 broadcast 192.168.7.110 netmask 255.255.255.255 up#ifconfig output/sbin/ifconfig lo:0
#installing route for VIP 192.168.1.110 on device lo:0/sbin/route add -host 192.168.7.110 dev lo:0#listing routing info for VIP 192.168.7.110/bin/netstat -rn#hiding interface lo:110, will not arpecho 1 >/proc/sys/net/ipv4/conf/all/hiddencat /proc/sys/net/ipv4/conf/all/hiddenecho 1 >/proc/sys/net/ipv4/conf/lo/hiddencat /proc/sys/net/ipv4/conf/lo/hidden#----------mini-rc.lvs_dr-realserver------------------该段脚本和上面的脚本比较类似,相信不用再多做介绍了。需要注意的是:LVS-DR模式下,缺省网关的设置。集群的网关是外部网关,而不是负载均衡器。还有就是RealServer上绑定的VIP地址的设备lo:0。另外不要忘了开启not arp补丁的设置开关。相信你已经很清楚了。你也可以把以上脚本改写成符合init语法的标准脚本,放到/etc/rc.d/init.d/下面运行,或直接加到/etc/init.d/rc.local下运行。改写为标准init语法脚本如下:#!/bin/bash## hidden This shell script takes care of starting and stopping#the ipvs-hidden subsystem (hiddend).## chkconfig: 2345 78 12# description:ipvs-hidden# processname: hiddendprog="hidden"start(){echo 0 >/proc/sys/net/ipv4/ip_forward/sbin/ifconfig lo:0 192.168.7.110 broadcast 192.168.7.110 netmask 255.255.255.255 up# installing route for VIP 192.168.1.110 on device lo:0/sbin/route add -host 192.168.7.110 dev lo:0# listing routing info for VIP 192.168.7.110/bin/netstat -rn# hiding interface lo:0, will not arp# echo 1 >/proc/sys/net/ipv4/conf/all/hiddenecho 1 >/proc/sys/net/ipv4/conf/lo/hidden}stop(){echo 1 >/proc/sys/net/ipv4/ip_forward/sbin/ifconfig lo:0 192.168.7.110 broadcast 192.168.7.110 netmask 255.255.255.255 down/sbin/route del -host 192.168.7.110 dev lo:0# echo 0 >/proc/sys/net/ipv4/conf/all/hiddenecho 0 >/proc/sys/net/ipv4/conf/lo/hidden} restart(){ stop start}condrestart(){ && restart || :}# See how we were called.case "" in start) start ;; stop) stop ;; restart)stopstart ;; *) echo $"Usage: " exit 1esacexit $?然后:cp rc.lvs /etc/rc.d/init.d/hiddendchmod 755 /etc/rc.d/init/d/hiddendchkconfig - -add hiddend 别想一下造出大海,必须先由小河川开始。