安装keepalive +lvs的master主机
Ip 192.168.195.131
1.安装master组件和依赖包
| 1 | yum install keepalived ipvsadm gcc openssl openssl-devel -y
|
2.备份keepalived的配置文件
| 1 | cp /etc/keepalived/keepalived.conf {,.bak}
|
3.编辑配置文件
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 | cat> /etc/keepalived/keepalived.conf<<EOF
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
3341084075@qq.com ## 此处设置虚ip切换时候的通知邮箱
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL ##设置lvs的id全网唯一
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER ## 设置lvs的状态,MASTE和SLAAVE BACKUP需要修改此处
interface ens33 ##设置服务的接口
virtual_router_id 51 ##设置虚拟路由的id(master和backup)需要一致 ,不然主备无法通信,切换
priority 100 ##设置主从的优先级 BACKUP需要修改此处
advert_int 1
authentication { ##设置验证类型的和密码
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { ##设置vip
192.168.195.12
}
}
virtual_server 192.168.195.12 80 {
delay_loop 6 ##健康检查间隔
lb_algo rr ## lvs调度算法
lb_kind DR ##lvs调度模式
persistence_timeout 50 ##会话保持的时间
protocol TCP ##协议
real_server 192.168.195.128 80 { ##真实的服务器
weight 1 ##权重 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.195.129 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
EOF
|
4.开启路由转发
1)添加配置文件 开启网络转发
| 1 | echo 1 > /proc/sys/net/ipv4/ip_forward
|
2)刷新配置
sysctl -p
5重启keepalived服务并设置开机自启动
1)重启keepalive
| 1 | systemctl restart keepalived
|
2)设置开机自启动
systemctl enable keepalived
注:如果服务启动不起来,并报错/usr/lib64/perl5/CORE/libperl.so: file too short,那就必须先升级perl,然后在重新安装这些步骤哦!
6查看服务
ipvsadm -l
安装keepalive +lvs backup主机
Ip 192.168.195.130
1.安装backup组件和依赖包
| 1 | yum install keepalived ipvsadm gcc openssl openssl-devel popt-devel -y
|
2.备份keepalived的配置文件
| 1 | cp /etc/keepalived/keepalived.conf {,.bak}
|
3.编辑配置文件
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 | vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
3341084075@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1:
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state backup
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.195.12
}
}
virtual_server 192.168.195.12 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.195.128 80 {
weight 1
SSL_GET {
url {
path /
digest ff20ad2481f97b1754ef3e12ecd3a9cc
}
url {
path /mrtg/
digest 9b3a0c85a887a256d6939da88aabd8cd
}
conect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.195.129 80 {
weight 1
SSL_GET {
url {
path /
digest ff20ad2481f97b1754ef3e12ecd3a9cc
}
url {
path /mrtg/
digest 9b3a0c85a887a256d6939da88aabd8cd
}
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
|
4.开启路由转发
1)添加配置文件
echo 1 > /proc/sys/net/ipv4/ip_forward
2)刷新配置
sysctl -p
5重启keepalived服务并设置开机自启动
1)重启keepalive
systemctl restart keepalived
2)设置开机自启动
systemctl enable keepalived
注:如果服务启动不起来,并报错/usr/lib64/perl5/CORE/libperl.so: file too short,那就必须先升级perl,然后在重新安装这些步骤哦!
6查看服务
ipvsadm -l
安装 nginx
这里使用ngixn的脚本安装
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 | #!/bin/bash
#2020年7月11日22:08:39
#by jackios
#####
yum -y install gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel net-tools
cd /usr/local/src
if [ ! -d nginx-1.16.1.tar.gz ] ; then
wget http://nginx.org/download/nginx-1.16.1.tar.gz
fi
echo "tar"
tar xf nginx-1.16.1.tar.gz -C /usr/local
echo "build"
cd /usr/local/nginx-1.16.1
useradd -s /sbin/nologin nginx -M
./configure \
--prefix=/usr/local/nginx \
--user=nginx \
--group=nginx \
--with-http_stub_status_module \
--pid-path=/var/run/nginx/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--with-http_gzip_static_module \
--http-client-body-temp-path=/var/temp/nginx/client \
--http-proxy-temp-path=/var/temp/nginx/proxy \
--http-fastcgi-temp-path=/var/temp/nginx/fastcgi \
--http-uwsgi-temp-path=/var/temp/nginx/uwsgi \
--http-scgi-temp-path=/var/temp/nginx/scgi
make -j2
make install -j2
echo "start"
mkdir -p /var/temp/nginx
mkdir -p /var/run/nginx
/usr/local/nginx/sbin/nginx
ps -ef|grep nginx
netstat -ntlp|grep 80
systemctl stop firewall.service
|
使用脚本配置vip
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 | #!/bin/sh
#LVS Client Server
VIP=192.168.195.12
case $1 in
start)
ifconfig lo:1 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:1
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
exit 0
;;
stop)
ifconfig lo:1 down
route del $VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped OK"
exit 1
;;
*)
echo "Usage: $0 {start|stop}"
;;
esac
|
使用的脚本的命令在sh中有提示
最后在浏览器上访问 vip 192.168.58.12 就可到 192.168.58.128 或者129上的nginx上
赞赏
601
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
