===== POUND+keepalived構築 ===== ○ 開発環境のインストール  # yum -y install gcc gcc-c++ ○ OpenSSLのインストール  # yum -y install openssl openssl-devel ○ SELINUX 設定  SELinux無効化  # setenforce 0  SELinux設定ファイル編集 システム起動時にSELinuxを無効化  # vi /etc/sysconfig/selinux  SELINUX=enforcing  ↓  SELINUX=disabled ○ iptables(ファイアウォール)設定  # vi /etc/sysconfig/iptables    -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT  -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT    # /etc/rc.d/init.d/iptables restart ○ keepalived  ◆ keepalivedのインストール  # wget http://www.keepalived.org/software/keepalived-1.1.20.tar.gz  # tar zxvf keepalived-1.1.20.tar.gz  # cd keepalived-1.1.20  # ./configure  # make  # make install    ◆ keepalivedの設定  # cp /usr/local/etc/keepalived/keepalived.conf /usr/local/etc/keepalived/keepalived.conf.bak  # vi /usr/local/etc/keepalived/keepalived.conf    設定項目は、  ・アラートメールの送信先  ・アラートメールの送信者  ・NICの仮想IP  あたりが必須になります。  stateについて、サーバでプライオリティをつける場合はMASTERが1台、  それ以外がBACKUPになります。  すべてをBACKUPで並列にしていれば、起動順、安定順などで都合の  良いサーバをMASTERに昇格させます。   /* Masterの設定 */ ! Configuration File for keepalived global_defs { notification_email { master@example.jp } notification_email_from error_reporting@example.jp smtp_server localhost smtp_connect_timeout 30 } vrrp_instance WEB { state BACKUP interface eth0 garp_master_delay 5 virtual_router_id 1 priority 100 nopreempt advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.80.250/24 dev eth0 192.168.80.251/24 dev eth1 } } /* BackUpの設定 */ ! Configuration File for keepalived global_defs { notification_email { master@example.jp } notification_email_from error_reporting@example.jp smtp_server localhost smtp_connect_timeout 30 } vrrp_instance WEB { state BACKUP interface eth0 garp_master_delay 5 virtual_router_id 1 priority 100 nopreempt advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.80.250/24 dev eth0 192.168.80.251/24 dev eth1 } }  ◆ サービス登録と起動  # ln -s /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/keepalived  # ln -s /usr/local/etc/sysconfig/keepalived /etc/sysconfig/keepalived  # mkdir /etc/keepalived  # ln -s /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/  # ln -s /usr/local/sbin/keepalived /usr/sbin/  # chkconfig --add keepalived  # chkconfig keepalived on  # service keepalived start    ◆ 停止  # service keepalived stop    ◆ 確認  # ip addr    生きているサーバ(Master)なら、VIPが割り当てられて以下のように表示される  eth0: mtu 1500 qdisc pfifo_fast qlen 1000   inet 192.168.80.99/24 brd 192.168.80.255 scope global eth0   inet 192.168.80.250/32 scope global eth0    ◆参考サイト  http://dsas.blog.klab.org/archives/50717278.html  http://blog.technology-knowledge.jp/2008/06/02/183/  http://doruby.kbmj.com/sendriver_log/20091214/keepalived_pound_LB_ ○ POUND  ◆ 開発ツール  # yum -y install rpm-build    ◆ リポジトリ追加  epel リポジトリを登録  # rpm -ivh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm  remi リポジトリを登録  # rpm -ivh http://rpms.famillecollet.com/enterprise/remi-release-5.rpm    ◆ 必要なツールのインストール  # yum -y install pcre-devel  # yum -y install google-perftools-devel  # yum -y install pkgconfig    ◆ インストール  # wget http://www.invoca.ch/pub/packages/pound/pound-2.5-1.src.rpm  # rpm -ivh pound-2.5-1.src.rpm  # rpmbuild -ba /usr/src/redhat/SPECS/pound.spec  # rpm -ivh /usr/src/redhat/RPMS/x86_64/pound-2.5-1.x86_64.rpm    ◆ 設定  # cp /etc/pound/pound.cfg /etc/pound/pound.cfg.bak  # vi /etc/pound/pound.cfg  /* 設定例 */ User "nobody" Group "nobody" #RootJail "/usr/share/pound" Control "/var/run/pound/ctl_socket" # Main listening ports ListenHTTP Address 192.168.80.250 Port 80 xHTTP 1 End ListenHTTPS Address 0.0.0.0 Port 444 Cert "/etc/pki/pound/pound.pem" Ciphers "ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL" xHTTP 1 End # Images server(s) Service URL ".*.(jpg|gif)" BackEnd Address 127.0.0.1 Port 80 End End # redirect all requests for /forbidden Service Url "/forbidden.*" Redirect "https://localhost/" End # Catch-all server(s) Service BackEnd Address 192.168.80.97 Port 80 Priority 5 End BackEnd Address 192.168.80.98 Port 80 Priority 5 End Session Type BASIC TTL 300 End End    ◆ 起動、自動起動  # /etc/rc.d/init.d/pound start  # chkconfig pound on