18.11 LVS DR模式搭建
18.11 LVS DR模式搭建
脑洞老湿_ 发表于2个月前
18.11 LVS DR模式搭建
  • 发表于 2个月前
  • 阅读 0
  • 收藏 0
  • 点赞 0
  • 评论 0

腾讯云 学生专属云服务套餐 10元起购>>>   

18.11 DR模式搭建

#dir上编写脚本 vim /usr/local/sbin/lvs_dr.sh并执行;     //内容如下
#! /bin/bash
echo 1 > /proc/sys/net/ipv4/ip_forward
ipv=/usr/sbin/ipvsadm
vip=192.168.133.200
rs1=192.168.133.132
rs2=192.168.133.133
#注意这里的网卡名字
ifconfig ens33:2 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev ens33:2
$ipv -C
$ipv -A -t $vip:80 -s wrr
$ipv -a -t $vip:80 -r $rs1:80 -g -w 1
$ipv -a -t $vip:80 -r $rs2:80 -g -w 1

#两台rs上也编写脚本 vim /usr/local/sbin/lvs_rs.sh并执行;   //内容如下
#/bin/bash
vip=192.168.133.200
#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端
#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

1、dir上配置:

编辑脚本文件 vim /usr/local/sbin/lvs_dr.sh并执行:

[root@DasonCheng ~]# vim /usr/local/sbin/lvs_dr.sh
#! /bin/bash
echo 1 > /proc/sys/net/ipv4/ip_forward
ipv=/usr/sbin/ipvsadm
vip=192.168.60.120
rs1=192.168.60.12
rs2=192.168.60.13
#注意这里的网卡名字
ifconfig ens33:2 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev ens33:2
$ipv -C
$ipv -A -t $vip:80 -s wrr
$ipv -a -t $vip:80 -r $rs1:80 -g -w 1
$ipv -a -t $vip:80 -r $rs2:80 -g -w 1
……
[root@DasonCheng ~]# sh /usr/local/sbin/lvs_dr.sh 

2、两台rs上配置:

编辑脚本文件/usr/local/sbin/lvs_rs.sh并执行:

[root@aming2 ~]# vim /usr/local/sbin/lvs_rs.sh           //aming3机器也需要编辑执行;
#! /bin/bash
vip=192.168.60.120
#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端
#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
……
[root@aming2 ~]# sh /usr/local/sbin/lvs_rs.sh
[root@aming3 ~]# vim /usr/local/sbin/lvs_rs.sh
#/bin/bash
vip=192.168.60.120
#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端
#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
……
[root@aming3 ~]# sh /usr/local/sbin/lvs_rs.sh

3、测试:

分别在dir上和两个rs上执行这些脚本
测试
[root@aming2 ~]# sh /usr/local/sbin/lvs_rs.sh
[root@aming3 ~]# sh /usr/local/sbin/lvs_rs.sh
[root@DasonCheng ~]# sh /usr/local/sbin/lvs_dr.sh
[root@DasonCheng ~]# ipvsadm -ln    //可以查看活动连接数;
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.60.120:80 wrr
  -> 192.168.60.12:80             Route   1      5          0         
  -> 192.168.60.13:80             Route   1      4          0 

mark mark mark

18.12 keepalived lvs

完整架构需要两台服务器(角色为dir)分别安装keepalived软件,目的是实现高可用,但keepalived本身也有负载均衡的功能,所以本次实验可以只安装一台keepalived
 keepalived内置了ipvsadm的功能,所以不需要再安装ipvsadm包,也不用编写和执行那个lvs_dir的脚本
 三台机器分别为:
 dir(安装keepalived)133.130
 rs1 133.132
 rs2 133.133
 vip 133.200
 编辑keepalived配置文件 vim /etc/keepalived/keepalived.conf//内容请到https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D21Z/lvs_keepalived.conf 获取
 需要更改里面的ip信息
 执行ipvsadm -C  把之前的ipvsadm规则清空掉
 systemctl restart network 可以把之前的vip清空掉
 两台rs上,依然要执行/usr/local/sbin/lvs_rs.sh脚本
 keepalived有一个比较好的功能,可以在一台rs宕机时,不再把请求转发过去
 测试

1、环境准备:

  1. dir1(安装keepalived,master)60.11;
  2. dir2(安装keepalived,backup)60.12;
  3. rs1 60.13;
  4. rs2 60.14;

2、master配置:

vrrp_instance VI_1 {
    #备用服务器上为 BACKUP
    state MASTER
    #绑定vip的网卡为ens33,你的网卡和阿铭的可能不一样,这里需要你改一下
    interface ens33
    virtual_router_id 51
    #备用服务器上为90
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass aminglinux
    }
    virtual_ipaddress {
        192.168.60.200
    }
}
virtual_server 192.168.60.200 80 {
    #(每隔10秒查询realserver状态)
    delay_loop 10
    #(lvs 算法)
    lb_algo wlc
    #(DR模式)
    lb_kind DR
    #(同一IP的连接0秒内被分配到同一台realserver)
    persistence_timeout 0
    #(用TCP协议检查realserver状态)
    protocol TCP
    real_server 192.168.60.13 80 {
        #(权重)
        weight 100
        TCP_CHECK {
        #(10秒无响应超时)
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
    }
    real_server 192.168.60.14 80 {
        weight 100
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
     }
}

3、backup配置:

[root@DasonCheng ~]# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass aminglinux
    }
    virtual_ipaddress {
        192.168.60.200
    }
}
virtual_server 192.168.60.200 80 {
    delay_loop 10
    lb_algo wlc
    lb_kind DR
    persistence_timeout 0
    protocol TCP
    real_server 192.168.60.13 80 {
        weight 100
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
    }
    real_server 192.168.60.14 80 {
        weight 100
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
        }
     }
}

4、rs1配置:

[root@aming3 ~]# vim /usr/local/sbin/lvs_rs.sh
#/bin/bash
vip=192.168.60.200
#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端
#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
……
[root@aming3 ~]# sh /usr/local/sbin/lvs_rs.sh

5、rs2配置:

[root@aming4 ~]# vim /usr/local/sbin/lvs_rs.sh
#/bin/bash
vip=192.168.60.200
#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端
#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
……
[root@aming4 ~]# sh /usr/local/sbin/lvs_rs.sh

6、测试:

在测试前,有这几点注意:

  1. 关闭dir1、2的nginx,避免访问出错;
  2. 保证aming3,aming4的nginx处于运行状态;
  3. aming3,aming4得先curl localhost成功才行;
  4. 关闭dir1、dir2、aming3和aming4的防火墙和selinux;
  5. 保证配置文件的正确性!
  6. ip add查看vip(virtual ip)
  7. systemctl restart keepalived重启服务;

正常测试:
mark mark mark
关闭aming3:

[root@aming3 ~]# systemctl stop nginx   
#谷歌的aming3变成了aming4,其他的刷新无改变;

mark
还原aming3,关闭master:

//关闭前:
[root@DasonCheng ~]# ip add
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:f0:f3:49 brd ff:ff:ff:ff:ff:ff
    inet 192.168.60.11/24 brd 192.168.60.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.60.200/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.60.110/24 brd 192.168.60.255 scope global secondary ens33:1
       valid_lft forever preferred_lft forever
    inet6 fe80::32d1:eea9:5747:f919/64 scope link 
       valid_lft forever preferred_lft forever
……
[root@aming2 ~]# ip add
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d4:f4:59 brd ff:ff:ff:ff:ff:ff
    inet 192.168.60.12/24 brd 192.168.60.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.60.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::f44b:1b66:dbe1:349a/64 scope link 
       valid_lft forever preferred_lft forever
//关闭后:过了一段时间,可以正常访问了;60.200在backup设备上面;
[root@DasonCheng ~]# ip add
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:f0:f3:49 brd ff:ff:ff:ff:ff:ff
    inet 192.168.60.11/24 brd 192.168.60.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.60.110/24 brd 192.168.60.255 scope global secondary ens33:1
       valid_lft forever preferred_lft forever
    inet6 fe80::32d1:eea9:5747:f919/64 scope link 
       valid_lft forever preferred_lft forever
……
[root@aming2 ~]# ip add
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d4:f4:59 brd ff:ff:ff:ff:ff:ff
    inet 192.168.60.12/24 brd 192.168.60.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.60.200/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::f44b:1b66:dbe1:349a/64 scope link 
       valid_lft forever preferred_lft forever

mark mark mark
还原master:

#立刻恢复master优先级;
[root@DasonCheng ~]# systemctl start keepalived
[root@DasonCheng ~]# ip add
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:f0:f3:49 brd ff:ff:ff:ff:ff:ff
    inet 192.168.60.11/24 brd 192.168.60.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.60.200/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.60.110/24 brd 192.168.60.255 scope global secondary ens33:1
       valid_lft forever preferred_lft forever
    inet6 fe80::32d1:eea9:5747:f919/64 scope link 
       valid_lft forever preferred_lft forever
共有 人打赏支持
粉丝 2
博文 70
码字总数 81467
×
脑洞老湿_
如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!
* 金额(元)
¥1 ¥5 ¥10 ¥20 其他金额
打赏人
留言
* 支付类型
微信扫码支付
打赏金额:
已支付成功
打赏金额: