安装keepalive +lvs的master主机
Ip 192.168.195.131
1.安装master组件和依赖包
1 | yum install keepalived ipvsadm gcc openssl openssl-devel -y |
2.备份keepalived的配置文件
1 | cp /etc/keepalived/keepalived .conf {,.bak} |
3.编辑配置文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 | cat > /etc/keepalived/keepalived .conf<<EOF global_defs { notification_email { acassen@firewall.loc failover@firewall.loc 3341084075@qq.com ## 此处设置虚ip切换时候的通知邮箱 } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL ##设置lvs的id全网唯一 vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state MASTER ## 设置lvs的状态,MASTE和SLAAVE BACKUP需要修改此处 interface ens33 ##设置服务的接口 virtual_router_id 51 ##设置虚拟路由的id(master和backup)需要一致 ,不然主备无法通信,切换 priority 100 ##设置主从的优先级 BACKUP需要修改此处 advert_int 1 authentication { ##设置验证类型的和密码 auth_type PASS auth_pass 1111 } virtual_ipaddress { ##设置vip 192.168.195.12 } } virtual_server 192.168.195.12 80 { delay_loop 6 ##健康检查间隔 lb_algo rr ## lvs调度算法 lb_kind DR ##lvs调度模式 persistence_timeout 50 ##会话保持的时间 protocol TCP ##协议 real_server 192.168.195.128 80 { ##真实的服务器 weight 1 ##权重 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.195.129 80 { weight 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } } EOF |
4.开启路由转发
1)添加配置文件 开启网络转发
1 | echo 1 > /proc/sys/net/ipv4/ip_forward |
2)刷新配置
sysctl -p
5重启keepalived服务并设置开机自启动
1)重启keepalive
1 | systemctl restart keepalived |
2)设置开机自启动
systemctl enable keepalived
注:如果服务启动不起来,并报错/usr/lib64/perl5/CORE/libperl.so: file too short,那就必须先升级perl,然后在重新安装这些步骤哦!
6查看服务
ipvsadm -l
安装keepalive +lvs backup主机
Ip 192.168.195.130
1.安装backup组件和依赖包
1 | yum install keepalived ipvsadm gcc openssl openssl-devel popt-devel -y |
2.备份keepalived的配置文件
1 | cp /etc/keepalived/keepalived .conf {,.bak} |
3.编辑配置文件
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 | vim /etc/keepalived/keepalived .conf global_defs { notification_email { acassen@firewall.loc failover@firewall.loc 3341084075@qq.com } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1: smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state backup interface ens33 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.195.12 } } virtual_server 192.168.195.12 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.195.128 80 { weight 1 SSL_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } conect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.195.129 80 { weight 1 SSL_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } |
4.开启路由转发
1)添加配置文件
echo 1 > /proc/sys/net/ipv4/ip_forward
2)刷新配置
sysctl -p
5重启keepalived服务并设置开机自启动
1)重启keepalive
systemctl restart keepalived
2)设置开机自启动
systemctl enable keepalived
注:如果服务启动不起来,并报错/usr/lib64/perl5/CORE/libperl.so: file too short,那就必须先升级perl,然后在重新安装这些步骤哦!
6查看服务
ipvsadm -l
安装 nginx
这里使用ngixn的脚本安装
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 | #!/bin/bash #2020年7月11日22:08:39 #by jackios ##### yum -y install gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel net-tools cd /usr/local/src if [ ! -d nginx-1.16.1. tar .gz ] ; then wget http: //nginx .org /download/nginx-1 .16.1. tar .gz fi echo "tar" tar xf nginx-1.16.1. tar .gz -C /usr/local echo "build" cd /usr/local/nginx-1 .16.1 useradd -s /sbin/nologin nginx -M . /configure \ --prefix= /usr/local/nginx \ --user=nginx \ --group=nginx \ --with-http_stub_status_module \ --pid-path= /var/run/nginx/nginx .pid \ --lock-path= /var/lock/nginx .lock \ --error-log-path= /var/log/nginx/error .log \ --http-log-path= /var/log/nginx/access .log \ --with-http_gzip_static_module \ --http-client-body-temp-path= /var/temp/nginx/client \ --http-proxy-temp-path= /var/temp/nginx/proxy \ --http-fastcgi-temp-path= /var/temp/nginx/fastcgi \ --http-uwsgi-temp-path= /var/temp/nginx/uwsgi \ --http-scgi-temp-path= /var/temp/nginx/scgi make -j2 make install -j2 echo "start" mkdir -p /var/temp/nginx mkdir -p /var/run/nginx /usr/local/nginx/sbin/nginx ps -ef| grep nginx netstat -ntlp| grep 80 systemctl stop firewall.service |
使用脚本配置vip
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | #!/bin/sh #LVS Client Server VIP=192.168.195.12 case $1 in start) ifconfig lo:1 $VIP netmask 255.255.255.255 broadcast $VIP /sbin/route add -host $VIP dev lo:1 echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce sysctl -p > /dev/null 2>&1 echo "RealServer Start OK" exit 0 ;; stop) ifconfig lo:1 down route del $VIP > /dev/null 2>&1 echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce echo "RealServer Stoped OK" exit 1 ;; *) echo "Usage: $0 {start|stop}" ;; esac |
使用的脚本的命令在sh中有提示
最后在浏览器上访问 vip 192.168.58.12 就可到 192.168.58.128 或者129上的nginx上
赞赏