码迷,mamicode.com
首页 > 其他好文 > 详细

lvs-dr+keepalived

时间:2017-12-19 01:39:21      阅读:168      评论:0      收藏:0      [点我收藏+]

标签:http   state   int   连接   keep   gre   one   padding   oba   

一、       环境准备

主机名

Ip地址

系统版本

           ha1

192.168.138.13

Centos7.3

ha2

192.168.138.14

Centos7.3

           Rs1

192.168.138.15

Centos7.3

           Rs2 

192.168.138.16

Centos7.3

测试机器

192.168.138.17

Ubuntu

 

  1. 关闭防火墙和selinux
  2. 时间同步
  3. 更改主机名

[root@localhost ~]# cat >> /etc/hosts << EOF

> 192.168.138.13     ha1

> 192.168.138.14     ha2

> 192.168.138.15     rs1

> 192.168.138.16     rs2

> EOF

重启之后才生效

当前生效: [root@localhost ~]# hostnamectl set-hostname ha1

  1. 在ha1和ha2 上安装 lvs,keepalived

#yum install ipvsadm keepalived –y

  1. 在rs1和rs2上安装httpd

#yum install httpd –y

二、       配置realserver(rs1,rs2上操作)

1.配置web测试主页

[root@rs1 ~]# echo "web5 test page! " >> /var/www/html/index.html

[root@rs2 ~]# echo "web6 test page! " >> /var/www/html/index.html

2.启动并设开机自启动

[root@rs1 ~]# systemctl start httpd

[root@rs1 ~]# systemctl eable httpd

3.测试访问web页面

[root@rs1 ~]# curl http://192.168.138.15

[root@rs2 ~]# curl http://192.168.138.16

           4.rs端arp抑制(DR 模式)

         如果不抑制, 广播消息会通过物理网卡到达真实服务器,而真实服务器上有VIP,所以,会响应此请求

          抑制后,前端路由将请求发往VIP时,只能是Dirctor上的VIP

   解决方法:修改Linux内核参数,将RS上的VIP配置为lo接口的别名,限制Linux仅对对应接口的ARP请求做响应

手动:

#Vim  /etc/sysctl.conf

net.ipv4.conf.lo.arp_ignore=1

net.ipv4.conf.lo.arp_announce=2

net.ipv4.conf.all.arp_ignore=1

net.ipv4.conf.all.arp_announce=2
脚本(自动):

[root@rs1 ~]# vim /etc/init.d/lvs_rs

#!/bin/sh

 

# Startup script handle the initialisation of LVS

# chkconfig: - 28 72

# description: Initialise the Linux Virtual Server for DR

#

### BEGIN INIT INFO

# Provides: ipvsadm

# Required-Start: $local_fs $network $named

# Required-Stop: $local_fs $remote_fs $network

# Short-Description: Initialise the Linux Virtual Server

# Description: The Linux Virtual Server is a highly scalable and highly

#   available server built on a cluster of real servers, with the load

#   balancer running on Linux.

# description: start LVS of DR-RIP

LOCK=/var/lock/ipvsadm.lock

VIP=192.168.138.10

. /etc/rc.d/init.d/functions

start() {

     PID=`ifconfig | grep lo:10 | wc -l`

     if [ $PID -ne 0 ];

     then

         echo "The LVS-DR-RIP Server is already running !"

     else

         /sbin/ifconfig lo:10 $VIP netmask 255.255.255.255 broadcast $VIP up

         /sbin/route add -host $VIP dev lo:10

         echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore       # 1– 只回答目标IP地址是来访网络接口本地地址的ARP查询请求

         echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce   # 2-限制了使用本地的vip地址作为优先的网络接口

         echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

         echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

         /bin/touch $LOCK

            echo "starting LVS-DR-RIP server is ok !"

     fi

}

 

stop() {

         /sbin/route del -host $VIP dev lo:10

         /sbin/ifconfig lo:10 down  >/dev/null

         echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore

         echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce

         echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore

         echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce

         rm -rf $LOCK

         echo "stopping LVS-DR-RIP server is ok !"

}

 

status() {

     if [ -e $LOCK ];

     then

        echo "The LVS-DR-RIP Server is already running !"

     else

        echo "The LVS-DR-RIP Server is not running !"

     fi

}

 

case "$1" in

  start)

        start

        ;;

  stop)

        stop

        ;;

  restart)

        stop

        start

        ;;

  status)

        status

        ;;

  *)

        echo "Usage: $1 {start|stop|restart|status}"

        exit 1

esac

exit 0

 增加执行权限

[root@rs1 ~]# chmod +x /etc/init.d/lvs_rs

添加为系统服务

[root@rs1 ~]# chkconfig --add lvs_rs

设置为开机自启动

[root@rs1 ~]# chkconfig lvs_rs on

启动

[root@rs1 ~]# systemctl start lvs_rs

查看状态

[root@rs1 ~]# systemctl status lvs_rs

查看vip 是否绑定

[root@rs1 ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet 192.168.138.10/32 brd 192.168.138.10 scope global lo:10

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:a6:ca:72 brd ff:ff:ff:ff:ff:ff

    inet 192.168.138.15/24 brd 192.168.138.255 scope global ens33

       valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fea6:ca72/64 scope link

       valid_lft forever preferred_lft forever

三、       配置keepalived

[root@ha1 ~]# cd /etc/keepalived/

[root@ha1 keepalived]# ls

keepalived.conf

备份

[root@ha1 keepalived]# cp keepalived.conf{,.bak}

配置   /etc/keepalived/keepalived.conf 文件

  ! Configuration File for keepalived

global_defs {                               

  notification_email {

acassen@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 127.0.0.1

smtp_connect_timeout 30

 router_id LVS_1

}

vrrp_instance VI_1 {                 //实例配置

  state MASTER                        //MASTER或BACKUP

  interface ens33                       //网卡接口

  lvs_sync_daemon_interface ens33

  virtual_router_id 51                //虚拟路由id

  priority                           //优先级

  advert_int 1

  authentication {                    //认证

    auth_type PASS

    auth_pass 1111

}

virtual_ipaddress {                  //虚拟ip地址

192.168.138.10

}

}

virtual_server 192.168.138.10 80 {

  delay_loop 6                          //定义RS运行情况监测时间间隔

  lb_algo wrr                            //定义负载调度算法

  lb_kind DR                            //定义LVS的工作模式

  nat_mask 255.255.255.0                 //定义虚拟服务的mask

#  persistence_timeout 300                  //定义会话保持时间,S为单位

  protocol TCP                           //指定转发协议

  real_server 192.168.138.15 80 {             //真实服务器IP地址和端口

    weight 1                         //定义RS的权重

    TCP_CHECK {                   //RS server健康检查部分

      connect_timeout 8                  //连接超时

      nb_get_retry 3                      //定义重试次数

      delay_before_retry 3                 //定义重试时间间隔

      connect_port 80                   //定义健康检查端口

}

}

real_server 192.168.138.16 80 {

  weight 1

  TCP_CHECK {

    connect_timeout 8

    nb_get_retry 3

    delay_before_retry 3

connect_port 80

}

}

}

                                                                                         

[root@ha1 keepalived]# systemctl start keepalived

查看VIP是否添加成功

[root@ha1 keepalived]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:7f:09:12 brd ff:ff:ff:ff:ff:ff

    inet 192.168.138.13/24 brd 192.168.138.255 scope global ens33

       valid_lft forever preferred_lft forever

    inet 192.168.138.10/32 scope global ens33

       valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fe7f:912/64 scope link

       valid_lft forever preferred_lft forever

查看lvs配置是否成功

[root@ha1 keepalived]# ipvsadm -ln --stats

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes

  -> RemoteAddress:Port

TCP  192.168.138.10:80                   0        0        0        0        0

  -> 192.168.138.15:80                   0        0        0        0        0

  -> 192.168.138.16:80                   0        0        0        0        0

四、测试

1.测试lvs功能

root@chengchen-virtual-machine:~# for ((i=1;i<=10;i++)); do curl http://192.168.138.10; done

web6 test page!

web5 test page!

web6 test page!

web5 test page!

web6 test page!

web5 test page!

web6 test page!

web5 test page!

web6 test page!

web5 test page!

lvs-dr+keepalived

标签:http   state   int   连接   keep   gre   one   padding   oba   

原文地址:http://www.cnblogs.com/sxchengchen/p/8059224.html

(0)
(0)
   
举报
评论 一句话评论(0
登录后才能评论!
© 2014 mamicode.com 版权所有  联系我们:gaon5@hotmail.com
迷上了代码!