文章目录
思路
关闭重定向功能也就是ARP
ifup ens33:0 启用
break是结束当前所在的循环语句,继续执行后面本循环体之外的语句
exit 0 正常退出应用程序
exit 非零值 异常退出应用程序
后面的值是一个状态码,可以在执行程序后判断这个状态吗
程序:入口(main)有且只有一个,出口有多个
return返回的是状态码,echo返回的是值
GW 网关,vip虚拟IP地址,RIP是web服务器地址
负载均衡器的缺点:session会话(7层),不可以session共享
nginx’可以反向代理解决7曾的会话共享
1 LVS两个节点步骤
1.1 更改主机名,便于查看,LVS负载均衡节点安装ipvsadm和keepalived双节热备实现高可用组件
[root@lvs ~]# hostnamectl set-hostname lvs1
[root@lvs ~]# su
[root@lvs1 ~]#
[root@lvs1 ~]# yum install keepalived ipvsadm -y
[root@web2 network-scripts]# hostnamectl set-hostname lvs2
[root@web2 network-scripts]# su
[root@lvs2 network-scripts]# yum install keepalived ipvsadm -y
1.2 编辑路由配置文件
[root@lvs1 ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward=1
#开启路由转发功能
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
//上面三条是proc响应关闭重定向功能
加载一下使配置生效
[root@lvs1 ~]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
1.3 启动虚拟网卡ens33:0,分为临时启用和配置文件永久启用
临时启用:ifconfig 后面跟ens33:0 再跟IP地址
这里使用永久启用
[root@lvs1 ~]# cd /etc/sysconfig/network-scripts/
[root@lvs1 network-scripts]# cp -p ifcfg-ens33 ifcfg-ens33:0
[root@lvs1 network-scripts]# vim ifcfg-ens33:0
#原有内容全部删除,添加下面四条内容
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0
此时自身的ENS33接口的IP地址是192.168.247.206,先不着急开启ens33:0网卡
[root@lvs1 network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.247.206 netmask 255.255.255.0 broadcast 192.168.247.255
1.4 创建一个LVS节点的LVS启动脚本
[root@lvs1 network-scripts]# cd /etc/init.d/
[root@lvs1 init.d]# ls
functions jexec netconsole network README
[root@lvs1 init.d]# vim dr.sh
#!/bin/bash
GW=192.168.100.1
VIP=192.168.100.10
RIP1=192.168.100.201
RIP2=192.168.100.202
case "$1" in
start)
/sbin/ipvsadm --save > /etc/sysconfig/ipvsadm
#先保存
systemctl start ipvsadm
#先开启服务
/sbin/ifconfig ens33:0 $VIP broadcast $VIP netmask 255.255.255.255 $VIP up
#开启ens33:0网卡,ip地址,广播地址,子网掩码
/sbin/route add -host $VIP dev ens33:0
#添加路由网段信息
/sbin/ipvsadm -A -t $VIP:80 -s rr
#添加LVS设置,访问80端口,使用轮询算法
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
#-g 代表使用DR,上一次使用的是-m ,代表使用nat(此处为个人理解)
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
echo "ipvsadm starting ____________________[ok]"
;;
stop)
/sbin/ipvsadm -C
#清除缓存
systemctl stop ipvsadm
#关闭LVS
ifconfig ens33:0 down
#关掉虚拟IP
route del $VIP
#删掉路由条目
echo "ipvsadm stoped _______________________[ok]"
;;
status)
if [ ! -e /var/lock/subsys/ipvsadm ];then
#如果文件不存在,则
echo "ipvsadm stoped _______________________"
exit 1
else
echo "ipvsadm Runing____________________[ok]"
fi
;;
*)
echo "Usage: $0 {start|stop|status}"
exit 1
esac
exit 0
[root@lvs1 init.d]# chmod +x dr.sh
1.5 先别着急启动,把虚拟机的ens33网卡设置为仅主机模式,修改IP地址为静态IP地址
[root@lvs1 init.d]# cd -
/etc/sysconfig/network-scripts
[root@lvs1 network-scripts]# vim ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="0f432513-5d7a-455c-88b4-257a9a1dbb45"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.100.110
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
[root@lvs1 init.d]# systemctl restart network
[root@lvs1 init.d]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.110 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::413b:c9ad:e0e:1afc prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:d6:c0:8a txqueuelen 1000 (Ethernet)
RX packets 55 bytes 4716 (4.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 42 bytes 5443 (5.3 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.10 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:d6:c0:8a txqueuelen 1000 (Ethernet)
1.6 开启ens33:0网卡,关闭防火墙
[root@lvs1 ~]# ifup ens33:0
[root@lvs1 ~]# service dr.sh start
ipvsadm starting ____________________[ok]
[root@lvs1 ~]# systemctl stop firewalld
[root@lvs1 ~]# setenforce 0
1.7 此时LVS1第一个负载均衡节点已经配置完毕,接下来配置第二个LSV2,配置的内容和lvs1服务器节点一样,差别在静态ip地址
[root@web2 ~]# cd /etc/sysconfig/network-scripts/
[root@web2 network-scripts]# hostnamectl set-hostname lvs2
[root@web2 network-scripts]# su
[root@lvs2 network-scripts]#
[root@lvs2 network-scripts]# yum install keepalived ipvsadm -y
[root@lvs2 network-scripts]# vim /etc/sysctl.conf
[root@lvs2 network-scripts]# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@lvs2 network-scripts]# cp -p ifcfg-ens33 ifcfg-ens33:0
[root@lvs2 network-scripts]# vim ifcfg-ens33:0
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0
[root@lvs2 network-scripts]# cd /etc/init.d/
[root@lvs2 init.d]# vim dr.sh
//跟lvs1一致
[root@lvs2 init.d]# chmod +x dr.sh
[root@lvs2 init.d]# cd -
/etc/sysconfig/network-scripts
[root@lvs2 network-scripts]# vim ifcfg-ens33
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="ae47f80e-74ad-4ce3-b2f9-6d3899cd9a2b"
DEVICE="ens33"
ONBOOT="yes"
IPADDR=192.168.100.111
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
[root@lvs2 network-scripts]# systemctl restart network
[root@lvs2 network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.111 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::1259:c72a:d63c:9f07 prefixlen 64
ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.10 netmask 255.255.255.0 broadcast 192.168.100.255
ether 00:0c:29:6b:25:36 txqueuelen 1000 (Ethernet)
[root@lvs2 network-scripts]# cd -
/etc/init.d
[root@lvs2 init.d]# cd -
/etc/sysconfig/network-scripts
[root@lvs2 network-scripts]# service dr.sh start
ipvsadm starting ____________________[ok]
[root@lvs2 network-scripts]# systemctl stop firewalld
[root@lvs2 network-scripts]# setenforce 0
[root@lvs2 network-scripts]#
2 下面就开始配置两台web节点服务器
2.1更改主机名
[root@localhost ~]# hostnamectl set-hostname web1
[root@localhost ~]# su
[root@web1 ~]#
2.2 安装httpd服务
[root@web1 ~]# yum install httpd -y
2.3 关闭防火墙和增强服务
[root@web1 yum.repos.d]# systemctl stop firewadlld
[root@web1 yum.repos.d]# setenforce 0
2.4 编辑站点的首页信息
[root@web1 ~]# cd /var/www/html
[root@web1 html]# echo "this is kgc web" > index.html
2.4 编辑lo:0虚拟网卡
[root@web1 html]# cd /etc/sysconfig/network-scripts/
[root@web1 network-scripts]# cp -p ifcfg-lo ifcfg-lo:0
[root@web1 network-scripts]# vim ifcfg-lo:0
//原有内容删除,写入下面内容
DEVICE=lo:0
IPADDR=192.168.100.10
NETMASK=255.255.255.0
ONBOOT=YES
2.5 编辑keepalived的web节点脚本,主要用来限制arp
[root@web1 network-scripts]# cd /etc/init.d/
[root@web1 init.d]# ls
functions netconsole network README
[root@web1 init.d]# vim web.sh
#!/bin/bash
VIP=192.168.100.10
case "$1" in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p > /dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $VIP /dev/null 2>&1
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
把这个web.sh脚本scp到web2节点服务器
[root@web1 init.d]# scp /etc/init.d/web.sh root@192.168.247.154:/etc/init.d/
The authenticity of host '192.168.247.154 (192.168.247.154)' can't be established.
ECDSA key fingerprint is SHA256:Uc0B9+nBzRVbmkCb7FuoF+yLzqsWY8uacWKFdVJCVZE.
ECDSA key fingerprint is MD5:1b:1a:ef:ff:89:db:6e:70:f1:be:91:f8:87:cc:35:0f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.247.154' (ECDSA) to the list of known hosts.
root@192.168.247.154's password:
web.sh 100% 760 464.9KB/s 00:00
到web2查看
[root@localhost ~]# hostnamectl set-hostname web2
[root@localhost ~]# su
[root@web2 ~]# cd /etc/init.d/
[root@web2 init.d]# ls
functions netconsole network README web.sh
2.6回到web1,配置ens33网卡为静态
[root@web1 init.d]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
BOOTPROTO=static //设为静态
IPADDR=192.168.100.201 //增加
NETMASK=255.255.255.0 //增加
GATEWAY=192.168.100.1 //增加
修改网卡模式为仅主机模式后,重启网卡
[root@web1 init.d]# systemctl restart network
[root@web1 init.d]# systemctl stop firewalld
[root@web1 init.d]# setenforce 0
setenforce: SELinux is disabled
[root@web1 init.d]#
[root@web1 init.d]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.201 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::20c:29ff:fe3c:9844 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:3c:98:44 txqueuelen 1000 (Ethernet)
RX packets 23168 bytes 17442648 (16.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4083 bytes 357167 (348.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.100.10 netmask 255.255.255.0
loop txqueuelen 1 (Local Loopback)
网卡修改完毕
2.7 开启服务
[root@web1 init.d]# ls
functions netconsole network README web.sh
[root@web1 init.d]# chmod +x web.sh
[root@web1 init.d]# service web.sh start
RealServer Start OK
[root@web1 init.d]# systemctl start httpd
[root@web1 init.d]#
自检一下
2.8 然后到另外一台服务器,web2去配置
跟web1一样的操作
先切换网卡为仅主机模式(ipvsadm和keepalived已经yum完毕)
[root@web2 init.d]# systemctl stop firewalld
[root@web2 init.d]# setenforce 0
setenforce: SELinux is disabled
[root@web2 init.d]# cd /var/www/html/
[root@web2 html]# echo "this is accp web2" > index.html
[root@web2 html]# cd /etc/sysconfig/network-scripts/
[root@web2 network-scripts]# ls
ifcfg-ens33 ifdown-isdn ifup ifup-plip ifup-tunnel
ifcfg-lo ifdown-post ifup-aliases ifup-plusb ifup-wireless
ifdown ifdown-ppp ifup-bnep ifup-post init.ipv6-global
ifdown-bnep ifdown-routes ifup-eth ifup-ppp network-functions
ifdown-eth ifdown-sit ifup-ib ifup-routes network-functions-ipv6
ifdown-ib ifdown-Team ifup-ippp ifup-sit
ifdown-ippp ifdown-TeamPort ifup-ipv6 ifup-Team
ifdown-ipv6 ifdown-tunnel ifup-isdn ifup-TeamPort
[root@web2 network-scripts]# cp -p ifcfg-lo ifcfg-lo:0
[root@web2 network-scripts]# ls
ifcfg-ens33 ifdown-ipv6 ifdown-tunnel ifup-isdn ifup-TeamPort
ifcfg-lo ifdown-isdn ifup ifup-plip ifup-tunnel
ifcfg-lo:0 ifdown-post ifup-aliases ifup-plusb ifup-wireless
ifdown ifdown-ppp ifup-bnep ifup-post init.ipv6-global
ifdown-bnep ifdown-routes ifup-eth ifup-ppp network-functions
ifdown-eth ifdown-sit ifup-ib ifup-routes network-functions-ipv6
ifdown-ib ifdown-Team ifup-ippp ifup-sit
ifdown-ippp ifdown-TeamPort ifup-ipv6 ifup-Team
[root@web2 network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.10
NETMASK=255.255.255.0
ONBOOT=YES
[root@web2 network-scripts]# vim ifcfg-ens33
# Generated by dracut initrd
NAME="ens33"
DEVICE="ens33"
ONBOOT=yes
NETBOOT=yes
UUID="e242604f-11ba-46c3-8112-0f30fac1082a"
IPV6INIT=yes
BOOTPROTO=static
TYPE=Ethernet
IPADDR=192.168.100.202
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
[root@web2 network-scripts]# systemctl restart network
[root@web2 network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.100.202 netmask 255.255.255.0 broadcast 192.168.100.255
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.100.10 netmask 255.255.255.0
loop txqueuelen 1 (Local Loopback)
[root@web2 network-scripts]# cd /etc/init.d/
[root@web2 init.d]# ls
functions netconsole network README web.sh
[root@web2 init.d]# chmod +x web.sh
[root@web2 init.d]# service web.sh start
RealServer Start OK
[root@web2 init.d]# systemctl start httpd
[root@web2 init.d]# ifup lo:0
[root@web2 init.d]#
2.9 两台web节点都重新启动一下lo:0网卡
[root@web1 init.d]# ifup lo:0
web2的httpd验证
3 此时上面两个节点已经部署好了,接下来到lvs节点部署keepdalived
3.1 编辑/etc/keepalived/keepalived.conf脚本
[root@lvs1 ~]# vim /etc/keepalived/keepalived.conf
10 smtp_server 127.0.0.1 //smtp邮件服务
12 router_id LVS_01 //router-id不能相同
20 state MASTER //主服务器是MASTER,从服务器是BACKUP
21 interface ens33 //端口是ens33,未修改的eth0是centos6的网卡名称
22 virtual_router_id 51 //虚拟的router-id指的是组号,同一个虚拟IP的服务器的组号要一致
23 priority 100 //优先级,主服务器要比从服务器高,当主服务器宕机时,优先级会自动减,默认减10,所以为了让从服务器顶上去,从服务器的优先级可以设为95
25 authentication { //auth 验证,如果修改的话,同一组号的数据都要相同,这里是实验,就不修改了
26 auth_type PASS
27 auth_pass 1111
28 }
29 virtual_ipaddress { //虚拟IP地址,可以写多个,这里留一个就行,192.168.100.10
30 192.168.200.10
31 192.168.200.17
32 192.168.200.18
33 }
34 virtual_server 192.168.100.10 80 { //虚拟IP地址,访问80端口
36 lb_algo rr //轮询算法
37 lb_kind DR //改为DR模式
41 real_server 192.168.100.201 80 { //web节点服务器地址
42 weight 1 //权重为1
43 SSL_GET { //把这一部分删除,43-51,添加使用TCP检查
44 url {
45 path /
46 digest ff20ad2481f97b1754ef3e12ecd3a9cc
47 }
48 url {
49 path /mrtg/
50 digest 9b3a0c85a887a256d6939da88aabd8cd
51 }
43 TCP_CHECK { //43-44为添加部分
44 connect_port 80
//接下来吧real_server部分复制出来一份在同一个virtual_server中
50 real_server 192.168.100.202 80 {
51 weight 1
52 TCP_CHECK {
53 connect_port 80
54 connect_timeout 3
55 nb_get_retry 3
56 delay_before_retry 3
57 }
58 }
//然后把其余的部分删掉,
61 virtual_server 10.10.10.2 1358 { //从这一行起,往下全部删除
保存退出之后,使用scp复制此脚本到lvs2服务器节点上,然后进行修改
[root@lvs1 ~]# scp /etc/keepalived/keepalived.conf root@192.168.100.111:/etc/keepalived/
The authenticity of host '192.168.100.111 (192.168.100.111)' can't be established.
ECDSA key fingerprint is SHA256:x1H9Hass0iDGNKV6ZT9+Sc5KRNPzbWu3EE5vCsCGa+U.
ECDSA key fingerprint is MD5:99:54:50:44:f6:b5:e6:79:95:ac:79:b9:b4:a7:3a:4c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.100.111' (ECDSA) to the list of known hosts.
root@192.168.100.111's password:
keepalived.conf 100% 1149 824.4KB/s 00:00
[root@lvs1 ~]#
此时切换到lvs2节点,修改scp过来的/etc/keepalived/keepalived.conf文件
[root@lvs2 ~]# vim /etc/keepalived/keepalived.conf
12 router_id LVS_02
20 state BACKUP
23 priority 95
3.2 配置文件修改完毕,然后可以启动服务了
[root@lvs1 ~]# systemctl start keepalived.service
[root@lvs2 ~]# systemctl start keepalived.service
4 测试:打开客户端,设置仅主机模式,设置静态IP
4.1 只成功了一次,到服务器里面把网卡重新启动一下
[root@lvs1 ~]# systemctl restart network
[root@lvs1 ~]# ifup ens33:0
[root@lvs1 ~]# systemctl start keepalived.service
[root@lvs1 ~]#
[root@lvs2 ~]# systemctl restart network
[root@lvs2 ~]# ifup ens33:0
开启到lvs2的网卡,就成功了
4.2 这个时候去网页访问一下,访问到web2节点服务器内容
这个时候关掉LVS1服务器网卡,访问到web1节点服务器内容
[root@lvs1 network-scripts]# systemctl stop network
[root@lvs1 network-scripts]#
再次开启LVS1服务器网卡,会发现无法访问,
再次关闭LVS1服务器网卡,可以访问,此时轮询到web2节点服务器上
扫一扫
1526
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
