seesaw v2简单部署

来源：互联网发布：java连接数编辑：程序博客网时间：2024/05/10 10:29

seesaw v2简单部署

环境

realserver centos7 64bit
realserver application nginx
seesaw node debian 8.3 64bit
seesaw01 10.10.11.192
VIP 10.10.11.223
client 10.10.17.25

结构

                    +------------------+                    |                  |                    |    seesaw01      |                    |  10.10.11.0/24   |                    +------------------+                      |             |                      eth0          eth1                10.10.11.192     (启动过程中，这里有10.10.11.223)                      |             |   +--------------------------------------------------+        |                             |                10.10.17.25                   10.10.11.37        |                             |               +--------+                  +-----------+       | client |                  | backend01 |       +--------+                  +-----------+

部署

安装依赖

apt-get install -y selinux-utils setools libnl-3-dev libnl-genl-3-dev ipvsadm

安装seesaw v2

编译参考：https://github.com/google/seesaw或我的前一篇博客《Seesaw v2了解》

编写安装脚本

将编译完成的二进制文件存放至新建~/bin目录，将源码中的etc目录复制到~/bin目录下，编写~/bin/install.sh:

#!/bin/bashSEESAW_BIN="/usr/local/seesaw"SEESAW_ETC="/etc/seesaw"SEESAW_LOG="/var/log/seesaw"install -d "${SEESAW_BIN}" "${SEESAW_ETC}" "${SEESAW_LOG}"install "~/bin/seesaw_cli" /usr/bin/seesawfor component in {ecu,engine,ha,healthcheck,ncc,watchdog}; do  install "~/bin/seesaw_${component}" "${SEESAW_BIN}"doneinstall "etc/init/seesaw_watchdog.conf" "/etc/init"install "etc/seesaw/watchdog.cfg" "${SEESAW_ETC}"# Enable CAP_NET_RAW for seesaw binaries that require raw sockets./sbin/setcap cap_net_raw+ep "${SEESAW_BIN}/seesaw_ha"/sbin/setcap cap_net_raw+ep "${SEESAW_BIN}/seesaw_healthcheck"

安装

root@seesaw01:~/bin# chmod +x seesaw_* && chmod +x install.shroot@seesaw01:~/bin# ./install.sh

配置

/etc/seesaw/seesaw.cfg配置文件内容：

root@seesaw01:~/bin# vim /etc/seesaw/seesaw.cfg[cluster]anycast_enabled = falsename = testnode_ipv4 = 10.10.11.192# peer_ipv4 第二个seesaw节点ip，本示例中只配置一个seesaw节点# vip_ipv4 目前还不知道这个vip是干啥用的，测试中没用到这个IP地址vip_ipv4 = 10.10.11.222[config_server]primary = https://seesaw01/[interface]node = eth0lb = eth1

修改/etc/hosts，新增:127.0.0.1 seesaw01

/etc/seesaw/cluster.pb配置文件内容：

root@seesaw01:~/bin# vim /etc/seesaw/cluster.pbseesaw_vip: <  fqdn: "seesaw-vip."  ipv4: "10.10.11.222/24"  status: TESTING>node: <  fqdn: "seesaw01."  ipv4: "10.10.11.192/24"  status: TESTING>vserver: <  name: "test-vserver"  entry_address: <    fqdn: "lb-test.localdomain."    ipv4: "10.10.11.223/24"    status: TESTING  >  rp: "admin@localdomain"  vserver_entry: <    protocol: TCP    port: 80    scheduler: RR    healthcheck: <      type: HTTP      port: 80      mode: DSR      proxy: false      tls_verify: false    >  >  backend: <    host: <      fqdn: "10.10.11.37."      ipv4: "10.10.11.37/24"      status: TESTING    >    weight: 1  >>

运行

/usr/local/seesaw/seesaw_watchdog -alsologtostderr=true -logtostderr=true

状态查看

root@seesaw01:~# seesawSeesaw CLI - Engine version 2root@test> ? config exit quit failover override showroot@test> show ? bgp backends destinations ha nodes version vlans vservers warningsroot@test> show nodesNodes[1] seesaw01. enabledroot@test> show vserversVserver  Name:                test-vserver  Hostname:            lb-test.localdomain.  Status:              enabled (override state default; config state enabled)  IPv4 Address:        10.10.11.223/24  IPv6 Address:        <not configured>  Services:    IPv4 TCP/80    (DSR, rr scheduler)        State:       enabled, healthy, active        Watermarks:  Low 0.00, High 0.00, Currently 1.00root@test> show backendsBackend  Hostname: 10.10.11.37.  Destinations:  [  1] test-vserver/10.10.11.37:80/TCP (enabled, unhealthy, inactive)root@test>

show backends 查看realserver状态时发现是unhealthy, inactive

使用ipvsadm模块查看结果如下：

root@seesaw01:~# ipvsadm -lnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnFWM  65536 rr  -> 10.10.11.37:0                Route   1      0          7

# 在client上ping VIP，能通➜  ~  ping -c 4 10.10.11.223PING 10.10.11.223 (10.10.11.223): 56 data bytes64 bytes from 10.10.11.223: icmp_seq=0 ttl=63 time=2.272 ms64 bytes from 10.10.11.223: icmp_seq=1 ttl=63 time=2.245 ms64 bytes from 10.10.11.223: icmp_seq=2 ttl=63 time=1.610 ms64 bytes from 10.10.11.223: icmp_seq=3 ttl=63 time=2.294 ms--- 10.10.11.223 ping statistics ---4 packets transmitted, 4 packets received, 0.0% packet lossround-trip min/avg/max/stddev = 1.610/2.105/2.294/0.286 ms

浏览器打开http://10.10.11.223无法访问

配置realserver

ssh root@10.10.11.37[root@localhost ~]# vim ~/lvs_real.sh#!/bin/bash# description: Config realserver#Written by :http://kerry.blog.51cto.comSNS_VIP=10.10.11.223/etc/rc.d/init.d/functionscase "$1" instart)/sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP up/sbin/route add -host $SNS_VIP dev lo:0echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "2">/proc/sys/net/ipv4/conf/lo/arp_announceecho "1">/proc/sys/net/ipv4/conf/all/arp_ignoreecho "2">/proc/sys/net/ipv4/conf/all/arp_announcesysctl -p >/dev/null 2>&1echo "RealServer Start OK";;stop)/sbin/ifconfig lo:0 down/sbin/route del $SNS_VIP >/dev/null2>&1echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "0">/proc/sys/net/ipv4/conf/lo/arp_announceecho "0">/proc/sys/net/ipv4/conf/all/arp_ignoreecho "0">/proc/sys/net/ipv4/conf/all/arp_announceecho "RealServer Stoped";;*)echo "Usage: $0 {start|stop}"exit 1esacexit 0[root@localhost ~]# chmod +x lvs_real.sh

注意文件中的VIP。

realserver上执行 ./lvs_real.sh start

在seesaw01上再次查看backends状态:

root@seesaw01:~# seesaw -c "show backends"Backend  Hostname: 10.10.11.37.  Destinations:  [  1] test-vserver/10.10.11.37:80/TCP (enabled, healthy, active)

状态为healthy active

ipvsadm状态也恢复正常了：

root@seesaw01:~# ipvsadm -lnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnTCP  10.10.11.223:80 rr  -> 10.10.11.37:80               Route   1      0          0FWM  65536 rr  -> 10.10.11.37:0                Route   1      0          3

浏览器也可以访问http://10.10.11.223了

总结

这个测试只是在局域网中进行简单的部署，并没有体现出seesaw多vlan的功能。目前试运行的几乎与LVS DR模式一致。下一步将结合quagga 进行多vlan特性测试。

可能遇到的坑

/var/log/seesaw/seesaw_ncc.logF0131 18:57:34.972241    5389 ipvs.go:40] IPVS initialisation failed: failed to resolve family name

未安装或者未成功加载ipvs内核模块，解决：

root@seesaw01:~# apt-get install ipvsadm

加载模块

modprobe ip_vsmodprobe ip_vs_wrr

设置模块开机自动加载

root@seesaw01:~# echo ip_vs > /etc/modules-load.d/ipvs.confroot@seesaw01:~# echo ip_vs_wrr > /etc/modules-load.d/ipvs.confroot@seesaw01:~# systemctl restart systemd-modules-load.service

/var/log/seesaw/seesaw_engine.logF0131 19:38:11.393617   20543 core.go:274] Failed to initialise LB interface: Failed to initialise sysctls:

优化模块：

root@seesaw01:~# echo nf_conntrack_ipv4 > /etc/modules-load.d/nf_conntrack.confroot@seesaw01:~# systemctl restart systemd-modules-load.service

/var/log/seesaw/seesaw_engine.logF0131 20:03:08.723735    1775 core.go:274] Failed to initialise LB interface: Failed to get dummy interface: no such network interface

或者

F0204 13:14:48.620264    8790 core.go:274] Failed to initialise LB interface: Failed to get dummy interface: route ip+net: no such network interface

解决：

ip link add dummy0 type dummy
或者
ip link add ip+net type dummy

0 0