http://www.linuxvirtualserver.org
http://www.linuxvirtualserver.org/VS-DRouting.html
lvs 설치하기
mkdir -p /austin/local/bin
mkdir -p /austin/local/etc
mkdir -p /austin/local/src
scp austin@mzadmin:/austin/ftp/pub/package/rpms/sysstat-4.0.5-3.i386.rpm /tmp/rpms
rpm sysstat을 설치한다.
rpm snmp, ethereal을 제거한다.
/austin/.bashrc 수정
-------------------------------------------------
LOCAL=/austin/local/bin:/austin/local/srcd:/austin/local/mondy/bin:/austin/local/apache/bin:/austin/local/php/bin:/austin/local/rrdtool/bin:/austin/local/net-snmp/bin:/austin/local/net-snmp/sbin:/austin/local/IS/bin:/austin/local/mysql/bin:/austin/local/mysql_ha/bin:/austin/local/fake/bin:/austin/local/mon/clients
PATH=$LOCAL:/bin:/usr/bin:/usr/local/bin:/sbin:/usr/sbin:/usr/local/sbin
LANG=C
TERM=xterm-color
export PATH LANG TERM
# CVS
CVSROOT=":ext:austin@chaconne.neowiz.com:/austin/cvsroot"
CVS_RSH=`which ssh`
export CVSROOT CVS_RSH
# VI
EDITOR='vim'
export EDITOR
# PERL
PERL5LIB=/austin/local/perl5/lib/perl5/5.8.0:/austin/local/perl5/lib/perl5/site_perl/5.8.0:/austin/local/rrdtool/lib/perl
export PERL5LIB
# LESS
LESSCHARSET=latin1
export LESSCHARSET
# for core file size
ulimit -c unlimited
# aliases
alias rm='/bin/rm -i'
# Source global definitions
if [ -f /etc/bashrc ]; then
. /etc/bashrc
fi
----------------------------------------------
/austin/.vimrc 수정
----------------------------------------------
syntax on
set backspace=indent,eol,start
set t_kb=^H
set t_kD=^?
set tabstop=8
set shiftwidth=4
set softtabstop=4
set showmatch
set textwidth=72
set expandtab
set autoindent
set ruler
set hlsearch
set incsearch
set foldmethod=syntax
autocmd BufRead *.c syn region myFold start="{" end="}" transparent fold
autocmd BufRead *.pl syn region myFold start="^sub.*{" end="^}" transparent fold
autocmd BufRead *.c,*.pl syn sync fromstart
autocmd BufRead *.php set filetype=php formatoptions=croql cindent shiftwidth=2 softtabstop=2
----------------------------------------------
/austin/.my.cnf 수정
----------------------------------------------
[client]
password = (적당한 암호 입력)
port = 3306
socket = /tmp/mysql.sock
----------------------------------------------
/root/.bashrc 수정
/root/.vimrc 수정
/etc/hosts 수정
---------------------------------------------
127.0.0.1 localhost.localdomain localhost
61.33.237.245 sonata.neowiz.com
61.33.237.246 partita.neowiz.com
61.33.237.244 chaconne.neowiz.com
61.33.237.247 valkyrie01.neowiz.com
61.33.237.250 valkyrie02.neowiz.com
61.33.237.251 valkyrie03.neowiz.com
----------------------------------------------
/etc/resolv.conf 수정
----------------------------------------------
nameserver 211.234.121.21
nameserver 211.174.57.21
nameserver 168.126.24.1
search sayclub.com. neowiz.com.
----------------------------------------------
scp austin@mzadmin:/austin/ftp/pub/conf/common/bin/* /austin/local/bin/
scp austin@mzadmin:/austin/dist/pkgs/perl5.tar.gz /austin/local/
cd /austin/local/
tar xzvf perl5.tar.gz
----------------------------------------------
/etc/ntp.conf 수정
----------------------------------------------
server time1.sayclub.com
server time2.sayclub.com
driftfile /etc/ntp/drift
----------------------------------------------
scp austin@mzadmin:/austin/dist/pkgs/net-snmp-5.0.7.tar.gz /austin/local/
cd /austin/local
tar xzvf net-snmp-5.0.7.tar.gz
ln -s net-snmp-5.0.7 net-snmp
----------------------------------------------
/etc/ld.so.conf 수정
----------------------------------------------
/usr/kerberos/lib
/usr/X11R6/lib
/austin/local/net-snmp/lib
----------------------------------------------
sudo /sbin/ldconfig
cd /austin/local/src
scp austin@mzadmin:/austin/ftp/pub/package/tarball/Time-HiRes-1.42.tar.gz /austin/local/src/
scp austin@mzadmin:/austin/ftp/pub/package/tarball/Period-1.20.tar.gz /austin/local/src/
scp austin@mzadmin:/austin/ftp/pub/package/tarball/Convert-BER-1.3101.tar.gz /austin/local/src/
scp austin@mzadmin:/austin/ftp/pub/package/tarball/Authen-PAM-0.13.tar.gz /austin/local/src/
scp austin@mzadmin:/austin/ftp/pub/package/tarball/Mon-0.11.tar.gz /austin/local/src/
tar xzvf Time-HiRes-1.42.tar.gz
tar xzvf Period-1.20.tar.gz
tar xzvf Convert-BER-1.3101.tar.gz
tar xzvf Authen-PAM-0.13.tar.gz
tar xzvf Mon-0.11.tar.gz
cd /austin/local/src/Time-HiRes-1.42
perl Makefile.PL PREFIX=/austin/local/perl5
make
make install
cd /austin/local/src/Period-1.20
perl Makefile.PL PREFIX=/austin/local/perl5
make
make install
cd /austin/local/src/Convert-BER-1.3101
perl Makefile.PL PREFIX=/austin/local/perl5
make
make install
cd /austin/local/src/Authen-PAM-0.13
perl Makefile.PL PREFIX=/austin/local/perl5
make
make install
cd /austin/local/src/Mon-0.11
perl Makefile.PL PREFIX=/austin/local/perl5
make
make install
scp austin@mzadmin:/austin/ftp/pub/package/rpms/heartbeat-0.4.9.2-1.i386.rpm .
sudo rpm -ivh heartbeat-0.4.9.2-1.i386.rpm
sudo /sbin/chkconfig --level 2345 heartbeat on
scp austin@mzadmin:/austin/ftp/pub/package/rpms/ipvsadm-1.21-4.i386.rpm .
sudo rpm -ivh ipvsadm-1.21-4.i386.rpm
sudo /sbin/chkconfig --level 0123456 ipvsadm off
scp austin@mzadmin:/austin/dist/pkgs/mon-0.99.2.tar.gz /austin/local/
cd /austin/local
tar xzvf mon-0.99.2.tar.gz
ln -s mon-0.99.2 mon
mkdir mon/log.d
---http.monitor-------------------------------------------
/etc/sysctl.conf 수정
----------------------------------------------
# Kernel sysctl configuration file for Red Hat Linux
#
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and
# sysctl.conf(5) for more details.
# Controls IP packet forwarding
net.ipv4.ip_forward = 1
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Controls the System Request debugging functionality of the kernel
#kernel.sysrq = 0 # 커널 버젼이 달라서 key 인식에 문제가 있음.
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernhttp.monitorel.core_uses_pid = 1
----------------------------------------------
sudo /sbin/sysctl -p
----------------------------------------------
/var/spool/cron/root 수정
----------------------------------------------
MAILTO=""
0 6 * * * ( /usr/bin/find /austin/ -name \*core\* -exec rm -rf "{}" \;)
----------------------------------------------
----------------------------------------------
/var/spool/cron/austin 수정
----------------------------------------------
MAILTO=""
PERL5LIB=/austin/local/perl5/lib/perl5/5.8.0:/austin/local/perl5/lib/perl5/site_perl/5.8.0:/austin/local/rrdtool/lib/perl
----------------------------------------------
----------------------------------------------
/etc/sysconfig/ipvsadm 수정
----------------------------------------------
-A -t 서비스할 IP:port -s wrr
-a -t 서비스할 IP:port -r real server IP:port -g -w 10
-a -t 서비스할 IP:port -r real server IP:port -g -w 10
----------------------------------------------
----------------------------------------------
/etc/ha.d/ha.cf 수정
----------------------------------------------
----------------------------------------------
/etc/ha.d/haresources 수정
----------------------------------------------
----------------------------------------------
/etc/ha.d/authkeys 수정
----------------------------------------------
----------------------------------------------
http.monitor
sudo chmod 600 /etc/ha.d/authkeys
----------------------------------------------
/etc/init.d/lvs 수정
----------------------------------------------
----------------------------------------------
/etc/init.d/mon 수정
----------------------------------------------
----------------------------------------------
sudo /sbin/chkconfig --add mon
sudo /sbin/chkconfig --level 0123456 mon off
----------------------------------------------
/austin/local/mon/mon.cf 수정
----------------------------------------------
----------------------------------------------
/austin/local/mon/auth.cf 수정
----------------------------------------------
----------------------------------------------
/austin/local/mon/alert.d/virtualserver.alert
----------------------------------------------
----------------------------------------------
/austin/local/mon/mon.d/is.monitor
----------------------------------------------
---------------------------------------------------------------------
real server 설정
---------------------------------------------------------------------
arp reply를 하지 않게 hidden patch 를 해준다.
(kernel을 다시 컴파일해야할 필요가 있다.)
http://www.linuxvirtualserver.org/docs/arp.html
http://www.linux-vs.org/~julian/
http://www.ssi.bg/~ja/
http://www.ssi.bg/~ja/hidden-2.4.20pre10-1.diff
hidden-2.4.20pre10-1.diff 로 kernel을 패치해준다.
kernel을 다시 컴파일 하고 reboot한다.
/sbin/ifconfig lo:0 서비스IP netmask 255.255.255.255 broadcast 서비스IP up
/sbin/route add -host 서비스IP dev lo:0
(윗 두 줄을 수행하지 않고 nmap 서비스IP를 치면 우리가 원하는 port가 filtered 되있다고 나온다.)
댓글 없음:
댓글 쓰기