一、环境
lvs-keep-m: 192.168.3.24
lvs-keep-s: 192.168.3.25
RS1: 192.168.3.26
RS2: 192.168.3.27
VIP: 192.168.3.28
二、在所有节点都配置ntp同步时间
[root@lvs-keep-m ~]# ntpdate asia.pool.ntp.org [root@lvs-keep-m ~]# hwclock -w
三、RS1和RS2配置httpd服务,以及VIP
RS1操作
[root@RS1 ~]# yum -y install httpd [root@RS1 ~]# echo "<h1>RS1.com</h1>" >/var/www/html/index.html [root@RS1 ~]# service iptables stop iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ] [root@RS1 ~]# service httpd start Starting httpd: httpd: apr_sockaddr_info_get() failed for RS1 httpd: Could not reliably determine the server‘s fully qualified domain name, using 127.0.0.1 for ServerName [ OK ] [root@RS1 ~]# curl http://127.0.0.1 <h1>RS1.com</h1> #以上是配置httpd服务
在RS1上配置VIP,使用脚本配置,脚本内容如下
[root@RS1 ~]# cat realserver.sh
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
#在上文中我们设置的VIP是192.168.3.28
VIP=192.168.3.28
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
#赋予执行权限
[root@RS1 ~]# chmod +x realserver.sh
[root@RS1 ~]# sh realserver.sh start
[root@RS1 ~]# ip a |grep "192.168.3.28"
inet 192.168.3.28/32 brd 192.168.3.28 scope global lo:0
RS2操作
[root@RS2 ~]# yum -y install httpd [root@RS2 ~]# echo "<h1>RS2.com</h1>" >/var/www/html/index.html [root@RS2 ~]# service iptables stop iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ] [root@RS2 ~]# service httpd start Starting httpd: httpd: apr_sockaddr_info_get() failed for RS2 httpd: Could not reliably determine the server‘s fully qualified domain name, using 127.0.0.1 for ServerName [ OK ] [root@RS2 ~]# curl http://127.0.0.1 <h1>RS2.com</h1>
在RS1上配置VIP,使用脚本配置,脚本内容同上
[root@RS2 ~]# sh realserver.sh start [root@RS2 ~]# ip a |grep "192.168.3.28" inet 192.168.3.28/32 brd 192.168.3.28 scope global lo:0
四、lvs-keep-m和lvs-keep-s上安装lvs
lvs-keep-m操作
[root@lvs-keep-m ~]# yum install make popt libnl libnl-devel popt-static gcc* -y [root@lvs-keep-m ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz [root@lvs-keep-m ~]# tar xf ipvsadm-1.26.tar.gz [root@lvs-keep-m ~]# cd ipvsadm-1.26 [root@lvs-keep-m ipvsadm-1.26]# make [root@lvs-keep-m ipvsadm-1.26]# make install
lvs-keep-s操作
[root@lvs-keep-s ~]# yum install make popt libnl libnl-devel popt-static gcc* -y [root@lvs-keep-s ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz [root@lvs-keep-s ~]# tar xf ipvsadm-1.26.tar.gz [root@lvs-keep-s ~]# cd ipvsadm-1.26 [root@lvs-keep-s ipvsadm-1.26]# make [root@lvs-keep-s ipvsadm-1.26]# make install
五、lvs-keep-m和lvs-keep-s上安装keepalived
在lvs-keep-m上安装keepalived
[root@lvs-keep-m ~]# yum install openssl openssl-devel -y
[root@lvs-keep-m ~]# wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz
[root@lvs-keep-m ~]# tar xf keepalived-1.2.13.tar.gz
[root@lvs-keep-m ~]# cd keepalived-1.2.13
[root@lvs-keep-m keepalived-1.2.13]# ./configure
[root@lvs-keep-m keepalived-1.2.13]# make && make install
#将keepalived配置成开机启动
[root@lvs-keep-m keepalived-1.2.13]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
[root@lvs-keep-m keepalived-1.2.13]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
[root@lvs-keep-m keepalived-1.2.13]# mkdir /etc/keepalived
[root@lvs-keep-m keepalived-1.2.13]# ln -s /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
[root@lvs-keep-m keepalived-1.2.13]# ln -s /usr/local/sbin/keepalived /usr/sbin/
#备份keepalived.conf文件
[root@lvs-keep-m keepalived-1.2.13]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
[root@lvs-keep-m ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
lyao@weyee.com #配置管理员邮箱
}
notification_email_from root #配置发件人
smtp_server 127.0.0.1 #配置邮件服务器
smtp_connect_timeout 30
router_id LVS_M #标识当前节点
}
vrrp_instance VI_1 {
state MASTER #配置keepalived的模式
interface eth0 #将VIP绑定在哪个网卡上,这里设置成eth0
virtual_router_id 99 #VRRP组名,两个节点设置必须一样,表明属于同一个VRRP组
priority 101 #配置优先级
advert_int 1 #组播信息发送间隔
authentication {
auth_type PASS #设置验证方式
auth_pass 1111 #验证密码
}
virtual_ipaddress {
192.168.3.28 #配置虚拟IP地址,这里可以配置多个地址,每个VIP下对应不同的realserver
}
}
virtual_server 192.168.3.28 80 {
delay_loop 6
lb_algo rr #配置lvs算法,这里是rr,即轮询
lb_kind DR #配置lvs模型,这里是DR,即直接路由模式
nat_mask 255.255.255.0
#persistence_timeout 50 #会话保持时间
protocol TCP
real_server 192.168.3.26 80 { #配置realaserver地址
weight 1
HTTP_GET { #监控配置
url {
path / #监控网站的/路径
status_code 200
}
connect_timeout 2 #连接超时时间
nb_get_retry 3 #重连次数
delay_before_retry 1 #重连时间间隔
}
}
real_server 192.168.3.27 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
}
#启动keepalived服务
[root@lvs-keep-m ~]# chkconfig --add keepalived
[root@lvs-keep-m ~]# chkconfig keepalived on
[root@lvs-keep-m ~]# chkconfig |grep keep
keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@lvs-keep-m ~]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@lvs-keep-m ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.3.28:80 rr
-> 192.168.3.26:80 Route 1 0 0
-> 192.168.3.27:80 Route 1 0 0
#到此RS1的keepalived已配置好
[root@lvs-keep-m ~]# service iptables stop在lvs-keep-m上安装keepalived
[root@lvs-keep-s ~]# yum install openssl openssl-devel -y
[root@lvs-keep-s ~]# wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz
[root@lvs-keep-s ~]# tar xf keepalived-1.2.13.tar.gz
[root@lvs-keep-s ~]# cd keepalived-1.2.13
[root@lvs-keep-s keepalived-1.2.13]# ./configure
[root@lvs-keep-s keepalived-1.2.13]# make && make install
[root@lvs-keep-s keepalived-1.2.13]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
[root@lvs-keep-s keepalived-1.2.13]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
[root@lvs-keep-s keepalived-1.2.13]# mkdir /etc/keepalived
[root@lvs-keep-s keepalived-1.2.13]# ln -s /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
[root@lvs-keep-s keepalived-1.2.13]# ln -s /usr/local/sbin/keepalived /usr/sbin/
[root@lvs-keep-s keepalived-1.2.13]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
#keepalived的配置文件我们从lvs-keep-m上复制过来修改即可
[root@lvs-keep-s keepalived-1.2.13]# cp ~/keepalived.conf /etc/keepalived/
[root@lvs-keep-s keepalived-1.2.13]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
lyao@weyee.com #配置管理员邮箱
}
notification_email_from root #配置发件人
smtp_server 127.0.0.1 #配置邮件服务器
smtp_connect_timeout 30
router_id LVS_S #修改这里,表示节点标示符
}
vrrp_instance VI_1 {
state BACKUP #修改lvs的模式为BACKUP
interface eth0
virtual_router_id 99
priority 99 #修改优先级,要比master的低
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.28 #配置虚拟IP地址
}
}
virtual_server 192.168.3.28 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
#persistence_timeout 50
protocol TCP
real_server 192.168.3.26 80 { #配置realaserver
weight 1
HTTP_GET { #监控配置
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.3.27 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
}
#添加到开机自动启动
[root@lvs-keep-s ~]# chkconfig --add keepalived
[root@lvs-keep-s ~]# chkconfig keepalived on
[root@lvs-keep-s ~]# chkconfig |grep keep
keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[root@lvs-keep-s ~]# service keepalived start
Starting keepalived: [ OK ]
[root@lvs-keep-s ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.3.28:80 rr
-> 192.168.3.26:80 Route 1 0 0
-> 192.168.3.27:80 Route 1 0 0
[root@lvs-keep-s ~]# service iptables stop
iptables: Flushing firewall rules: [ OK ]
iptables: Setting chains to policy ACCEPT: filter [ OK ]
iptables: Unloading modules: [ OK ]
#正常情况下,这里是查询不到VIP地址的
[root@lvs-keep-s ~]# ip a |grep "192.168.3.28"六、测试结果
#结果显示访问http://192.168.3.28,后端服务正常 [root@qa-web ~]# curl http://192.168.3.28 <h1>RS1.com</h1> [root@qa-web ~]# curl http://192.168.3.28 <h1>RS2.com</h1> [root@qa-web ~]# curl http://192.168.3.28 <h1>RS1.com</h1> [root@qa-web ~]# curl http://192.168.3.28 <h1>RS2.com</h1> [root@qa-web ~]# curl http://192.168.3.28 <h1>RS1.com</h1> [root@qa-web ~]# curl http://192.168.3.28 <h1>RS2.com</h1>
本文出自 “ly36843运维” 博客,请务必保留此出处http://ly36843.blog.51cto.com/3120113/1653551
原文地址:http://ly36843.blog.51cto.com/3120113/1653551
