一、环境
lvs-keep-m: 192.168.3.24
lvs-keep-s: 192.168.3.25
RS1: 192.168.3.26
RS2: 192.168.3.27
VIP: 192.168.3.28
二、在所有节点都配置ntp同步时间
[[email protected] ~]# ntpdate asia.pool.ntp.org [[email protected] ~]# hwclock -w
三、RS1和RS2配置httpd服务,以及VIP
RS1操作
[[email protected] ~]# yum -y install httpd [[email protected] ~]# echo "<h1>RS1.com</h1>" >/var/www/html/index.html [[email protected] ~]# service iptables stop iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ] [[email protected] ~]# service httpd start Starting httpd: httpd: apr_sockaddr_info_get() failed for RS1 httpd: Could not reliably determine the server‘s fully qualified domain name, using 127.0.0.1 for ServerName [ OK ] [[email protected] ~]# curl http://127.0.0.1 <h1>RS1.com</h1> #以上是配置httpd服务
在RS1上配置VIP,使用脚本配置,脚本内容如下
[[email protected] ~]# cat realserver.sh #!/bin/bash # # Script to start LVS DR real server. # description: LVS DR real server # . /etc/rc.d/init.d/functions #在上文中我们设置的VIP是192.168.3.28 VIP=192.168.3.28 host=`/bin/hostname` case "$1" in start) # Start LVS-DR real server on this machine. /sbin/ifconfig lo down /sbin/ifconfig lo up echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev lo:0 ;; stop) # Stop LVS-DR real server loopback device(s). /sbin/ifconfig lo:0 down echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce ;; status) # Status of LVS-DR real server. islothere=`/sbin/ifconfig lo:0 | grep $VIP` isrothere=`netstat -rn | grep "lo:0" | grep $VIP` if [ ! "$islothere" -o ! "isrothere" ];then # Either the route or the lo:0 device # not found. echo "LVS-DR real server Stopped." else echo "LVS-DR real server Running." fi ;; *) # Invalid entry. echo "$0: Usage: $0 {start|status|stop}" exit 1 ;; esac #赋予执行权限 [[email protected] ~]# chmod +x realserver.sh [[email protected] ~]# sh realserver.sh start [[email protected] ~]# ip a |grep "192.168.3.28" inet 192.168.3.28/32 brd 192.168.3.28 scope global lo:0
RS2操作
[[email protected] ~]# yum -y install httpd [[email protected] ~]# echo "<h1>RS2.com</h1>" >/var/www/html/index.html [[email protected] ~]# service iptables stop iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ] [[email protected] ~]# service httpd start Starting httpd: httpd: apr_sockaddr_info_get() failed for RS2 httpd: Could not reliably determine the server‘s fully qualified domain name, using 127.0.0.1 for ServerName [ OK ] [[email protected] ~]# curl http://127.0.0.1 <h1>RS2.com</h1>
在RS1上配置VIP,使用脚本配置,脚本内容同上
[[email protected] ~]# sh realserver.sh start [[email protected] ~]# ip a |grep "192.168.3.28" inet 192.168.3.28/32 brd 192.168.3.28 scope global lo:0
四、lvs-keep-m和lvs-keep-s上安装lvs
lvs-keep-m操作
[[email protected] ~]# yum install make popt libnl libnl-devel popt-static gcc* -y [[email protected] ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz [[email protected] ~]# tar xf ipvsadm-1.26.tar.gz [[email protected] ~]# cd ipvsadm-1.26 [[email protected] ipvsadm-1.26]# make [[email protected] ipvsadm-1.26]# make install
lvs-keep-s操作
[[email protected] ~]# yum install make popt libnl libnl-devel popt-static gcc* -y [[email protected] ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz [[email protected] ~]# tar xf ipvsadm-1.26.tar.gz [[email protected] ~]# cd ipvsadm-1.26 [[email protected] ipvsadm-1.26]# make [[email protected] ipvsadm-1.26]# make install
五、lvs-keep-m和lvs-keep-s上安装keepalived
在lvs-keep-m上安装keepalived
[[email protected] ~]# yum install openssl openssl-devel -y [[email protected] ~]# wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz [[email protected] ~]# tar xf keepalived-1.2.13.tar.gz [[email protected] ~]# cd keepalived-1.2.13 [[email protected] keepalived-1.2.13]# ./configure [[email protected] keepalived-1.2.13]# make && make install #将keepalived配置成开机启动 [[email protected] keepalived-1.2.13]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ [[email protected] keepalived-1.2.13]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ [[email protected] keepalived-1.2.13]# mkdir /etc/keepalived [[email protected] keepalived-1.2.13]# ln -s /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ [[email protected] keepalived-1.2.13]# ln -s /usr/local/sbin/keepalived /usr/sbin/ #备份keepalived.conf文件 [[email protected] keepalived-1.2.13]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak [[email protected] ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { [email protected] #配置管理员邮箱 } notification_email_from root #配置发件人 smtp_server 127.0.0.1 #配置邮件服务器 smtp_connect_timeout 30 router_id LVS_M #标识当前节点 } vrrp_instance VI_1 { state MASTER #配置keepalived的模式 interface eth0 #将VIP绑定在哪个网卡上,这里设置成eth0 virtual_router_id 99 #VRRP组名,两个节点设置必须一样,表明属于同一个VRRP组 priority 101 #配置优先级 advert_int 1 #组播信息发送间隔 authentication { auth_type PASS #设置验证方式 auth_pass 1111 #验证密码 } virtual_ipaddress { 192.168.3.28 #配置虚拟IP地址,这里可以配置多个地址,每个VIP下对应不同的realserver } } virtual_server 192.168.3.28 80 { delay_loop 6 lb_algo rr #配置lvs算法,这里是rr,即轮询 lb_kind DR #配置lvs模型,这里是DR,即直接路由模式 nat_mask 255.255.255.0 #persistence_timeout 50 #会话保持时间 protocol TCP real_server 192.168.3.26 80 { #配置realaserver地址 weight 1 HTTP_GET { #监控配置 url { path / #监控网站的/路径 status_code 200 } connect_timeout 2 #连接超时时间 nb_get_retry 3 #重连次数 delay_before_retry 1 #重连时间间隔 } } real_server 192.168.3.27 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 2 nb_get_retry 3 delay_before_retry 1 } } } #启动keepalived服务 [[email protected] ~]# chkconfig --add keepalived [[email protected] ~]# chkconfig keepalived on [[email protected] ~]# chkconfig |grep keep keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off [[email protected] ~]# /etc/init.d/keepalived start Starting keepalived: [ OK ] [[email protected] ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.3.28:80 rr -> 192.168.3.26:80 Route 1 0 0 -> 192.168.3.27:80 Route 1 0 0 #到此RS1的keepalived已配置好 [[email protected] ~]# service iptables stop
在lvs-keep-m上安装keepalived
[[email protected] ~]# yum install openssl openssl-devel -y [[email protected] ~]# wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz [[email protected] ~]# tar xf keepalived-1.2.13.tar.gz [[email protected] ~]# cd keepalived-1.2.13 [[email protected] keepalived-1.2.13]# ./configure [[email protected] keepalived-1.2.13]# make && make install [[email protected] keepalived-1.2.13]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ [[email protected] keepalived-1.2.13]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ [[email protected] keepalived-1.2.13]# mkdir /etc/keepalived [[email protected] keepalived-1.2.13]# ln -s /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ [[email protected] keepalived-1.2.13]# ln -s /usr/local/sbin/keepalived /usr/sbin/ [[email protected] keepalived-1.2.13]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak #keepalived的配置文件我们从lvs-keep-m上复制过来修改即可 [[email protected] keepalived-1.2.13]# cp ~/keepalived.conf /etc/keepalived/ [[email protected] keepalived-1.2.13]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { [email protected] #配置管理员邮箱 } notification_email_from root #配置发件人 smtp_server 127.0.0.1 #配置邮件服务器 smtp_connect_timeout 30 router_id LVS_S #修改这里,表示节点标示符 } vrrp_instance VI_1 { state BACKUP #修改lvs的模式为BACKUP interface eth0 virtual_router_id 99 priority 99 #修改优先级,要比master的低 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.3.28 #配置虚拟IP地址 } } virtual_server 192.168.3.28 80 { delay_loop 6 lb_algo rr lb_kind DR nat_mask 255.255.255.0 #persistence_timeout 50 protocol TCP real_server 192.168.3.26 80 { #配置realaserver weight 1 HTTP_GET { #监控配置 url { path / status_code 200 } connect_timeout 2 nb_get_retry 3 delay_before_retry 1 } } real_server 192.168.3.27 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 2 nb_get_retry 3 delay_before_retry 1 } } } #添加到开机自动启动 [[email protected] ~]# chkconfig --add keepalived [[email protected] ~]# chkconfig keepalived on [[email protected] ~]# chkconfig |grep keep keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off [[email protected] ~]# service keepalived start Starting keepalived: [ OK ] [[email protected] ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.3.28:80 rr -> 192.168.3.26:80 Route 1 0 0 -> 192.168.3.27:80 Route 1 0 0 [[email protected] ~]# service iptables stop iptables: Flushing firewall rules: [ OK ] iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Unloading modules: [ OK ] #正常情况下,这里是查询不到VIP地址的 [[email protected] ~]# ip a |grep "192.168.3.28"
六、测试结果
#结果显示访问http://192.168.3.28,后端服务正常 [[email protected] ~]# curl http://192.168.3.28 <h1>RS1.com</h1> [[email protected] ~]# curl http://192.168.3.28 <h1>RS2.com</h1> [[email protected] ~]# curl http://192.168.3.28 <h1>RS1.com</h1> [[email protected] ~]# curl http://192.168.3.28 <h1>RS2.com</h1> [[email protected] ~]# curl http://192.168.3.28 <h1>RS1.com</h1> [[email protected] ~]# curl http://192.168.3.28 <h1>RS2.com</h1>
时间: 2024-10-14 15:15:14