lvs+keepalvied的实现
系统
#cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
主机列表:
keepalvie1:10.1.41.62
keepalvie2:10.1.41.63
vip:10.1.41.89
realserver1:10.1.41.66
realserver2:10.1.41.67
lvs模式: DR
1.在主备keepalived服务器都安装lvs和keepalived
ln -sv /usr/src/kernels/3.10.0-327.el7.x86_64 /usr/src/linux
tar -xf ipvsadm-1.28.tar.gz -C /usr/local
cd ipvsadm-1.28
ls
tar -xf ipvsadm-1.28.tar.gz -C /usr/local
yum install libnl* popt* -y
make && make install
lsmod | grep ip_vs
/sbin/ipvsadm
lsmod | grep ip_vs
cd ..
tar zxf keepalived-1.3.0.tar.gz -C /usr/local
cd keepalived-1.3.0
cd /usr/local/keepalived-1.3.0/
yum install openssl-devel libnfnetlink-devel -y
./configure --prefix=/usr/local/keepalived --sbindir=/usr/sbin --sysconfdir=/etc
make && make install
service keepalived start
systemctl enable keepalived
2.主keepalived服务器配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs_62
vrrp_mcast_group4 224.0.0.19
}
vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 62
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.1.41.89/24
}
}
virtual_server 10.1.41.89 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 50
protocol TCP
#ipvsadm -A -t 10.1.41.89:80 -s wrr -p 20
real_server 10.1.41.66 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.1.41.67 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
#ipvsadmin -a -t 10.1.41.89:80 -r 10.1.41.66 -g -w 1
#ipvsadmin -a -t 10.1.41.89:80 -r 10.1.41.67 -g -w 1
3.备keepalived服务器配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs_63
vrrp_mcast_group4 224.0.0.19
}
vrrp_instance VI_1 {
state BACKUP
interface ens160
virtual_router_id 62
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.1.41.89/24
}
}
virtual_server 10.1.41.89 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 50
protocol TCP
#ipvsadm -A -t 10.1.41.89:80 -s wrr -p 20
real_server 10.1.41.66 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.1.41.67 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
#ipvsadmin -a -t 10.1.41.89:80 -r 10.1.41.66 -g -w 1
#ipvsadmin -a -t 10.1.41.89:80 -r 10.1.41.67 -g -w 1
4.主从keepalived服务器配置文件都更改后重启keepalived服务
service keepalived restart
5.我们在主keepalived查看配置完成后的结果
# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.1.41.89:80 wrr persistent 50
-> 10.1.41.66:80 Route 1 0 0
-> 10.1.41.67:80 Route 1 0 0
# ip addr | grep 10.1.41.89
inet 10.1.41.89/24 scope global secondary ens160
6.Realserver配置
在2台realserver(10.1.41.66;10.1.41.67)上都执行下面的命令
ifconfig ens160:0 10.1.41.89 broadcast 10.1.41.89 netmask 255.255.255.255
route add -host 10.1.41.89 dev ens160:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p
ok 整个lvs+keepalvied实验完成
用浏览器访问10.1.41.89 并可以顺便停任何一台都不会影响对网站的访问
系统
#cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
主机列表:
keepalvie1:10.1.41.62
keepalvie2:10.1.41.63
vip:10.1.41.89
realserver1:10.1.41.66
realserver2:10.1.41.67
lvs模式: DR
1.在主备keepalived服务器都安装lvs和keepalived
ln -sv /usr/src/kernels/3.10.0-327.el7.x86_64 /usr/src/linux
tar -xf ipvsadm-1.28.tar.gz -C /usr/local
cd ipvsadm-1.28
ls
tar -xf ipvsadm-1.28.tar.gz -C /usr/local
yum install libnl* popt* -y
make && make install
lsmod | grep ip_vs
/sbin/ipvsadm
lsmod | grep ip_vs
cd ..
tar zxf keepalived-1.3.0.tar.gz -C /usr/local
cd keepalived-1.3.0
cd /usr/local/keepalived-1.3.0/
yum install openssl-devel libnfnetlink-devel -y
./configure --prefix=/usr/local/keepalived --sbindir=/usr/sbin --sysconfdir=/etc
make && make install
service keepalived start
systemctl enable keepalived
2.主keepalived服务器配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs_62
vrrp_mcast_group4 224.0.0.19
}
vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 62
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.1.41.89/24
}
}
virtual_server 10.1.41.89 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 50
protocol TCP
#ipvsadm -A -t 10.1.41.89:80 -s wrr -p 20
real_server 10.1.41.66 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.1.41.67 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
#ipvsadmin -a -t 10.1.41.89:80 -r 10.1.41.66 -g -w 1
#ipvsadmin -a -t 10.1.41.89:80 -r 10.1.41.67 -g -w 1
3.备keepalived服务器配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs_63
vrrp_mcast_group4 224.0.0.19
}
vrrp_instance VI_1 {
state BACKUP
interface ens160
virtual_router_id 62
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.1.41.89/24
}
}
virtual_server 10.1.41.89 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 50
protocol TCP
#ipvsadm -A -t 10.1.41.89:80 -s wrr -p 20
real_server 10.1.41.66 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.1.41.67 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
#ipvsadmin -a -t 10.1.41.89:80 -r 10.1.41.66 -g -w 1
#ipvsadmin -a -t 10.1.41.89:80 -r 10.1.41.67 -g -w 1
4.主从keepalived服务器配置文件都更改后重启keepalived服务
service keepalived restart
5.我们在主keepalived查看配置完成后的结果
# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.1.41.89:80 wrr persistent 50
-> 10.1.41.66:80 Route 1 0 0
-> 10.1.41.67:80 Route 1 0 0
# ip addr | grep 10.1.41.89
inet 10.1.41.89/24 scope global secondary ens160
6.Realserver配置
在2台realserver(10.1.41.66;10.1.41.67)上都执行下面的命令
ifconfig ens160:0 10.1.41.89 broadcast 10.1.41.89 netmask 255.255.255.255
route add -host 10.1.41.89 dev ens160:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p
ok 整个lvs+keepalvied实验完成
用浏览器访问10.1.41.89 并可以顺便停任何一台都不会影响对网站的访问