LVS_Director + KeepAlived

四台机器部署机ip及职位


vip：192.168.127.100
LVS+Keepalive:         192.168.127.134  192.168.127.130
                          /\/\
                         / /\ \  #lvs
Nginx：        192.168.127.135  192.168.127.137  
lo： vip       192.168.127.100  192.168.127.100  

--------------------------------------------
lvs-dr
rs部署服务
lo配置vip
arp_ignore  arp_announce
dr通信网卡配置ip
ipvs规则
---------------------------------------------
1. 配置rs
[rs1 rs2]# ip addr add dev lo 192.168.127.100/32
[rs1 rs2]# yum -y install nginx 
[rs1 rs2]# systemctl start nginx && systemctl stop firewalld && setenforce 0 && iptables -F 
[rs1]# echo 'rs1' > /usr/share/nginx/html/index.html
[rs2]# echo 'rs2' > /usr/share/nginx/html/index.html
[rs1 rs2]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore          #  echo "net.ipv4.conf.all.arp_ignore = 1" >> /etc/sysctl.conf  && sysctl -p
[rs1 rs2]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce        #  echo "net.ipv4.conf.all.arp_announce = 2" >> /etc/sysctl.conf && sysctl -p
注：sysctl -p
---------------------------------------------
2. 配置dr #两台都需配置，需要更改内容
[dr1 dr2]# yum -y install keepalived
[dr1]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id lvs-master	         #辅助改为lvs-backup
}

vrrp_instance VI_1 {
    state BACKUP				
    nopreempt                    #定义工作模式为非抢占模式 
    interface ens37				#VIP绑定接口
    virtual_router_id 80		 #VRID 同一组集群，主备一致  虚拟路由器 MAC 00-00-5E-00-01-{VRID}
    priority 100				#本节点优先级，辅助改为50
    advert_int 1                 #检查间隔，默认为1s
    authentication {
        auth_type PASS
        auth_pass 98981
    }
    virtual_ipaddress {
        192.168.127.100
    }
}

virtual_server 192.168.127.100 80 {       #LVS配置，可以是fwmark 80
#    delay_loop 6
    lb_algo rr                        #LVS调度算法
    lb_kind DR                        #LVS集群模式（路由模式）
    nat_mask 255.255.255.0
#    persistence_timeout 20           #持久性连接
    protocol TCP                      #健康检查使用的协议
#    sorry_server 2.2.2.2 80          #当所有real server不可用时
  
    real_server 192.168.127.135 80 {
        weight 1
        inhibit_on_failure            #当该节点失败时，把权重设置为0，而不是从IPVS中删除
        HTTP_GET {					#健康检查
            url {
              path /index.html
              digest 615010a656a5bb29d1898f163619611f
            }
            connect_port 80              #检查的端口
            connect_timeout 3            #连接超时的时间
            nb_get_retry 3               #重新连接的次数
            delay_before_retry 2         #重连的间隔
        }
    }

    real_server 192.168.127.137 80 {
        weight 1
        inhibit_on_failure
        HTTP_GET {
            url {
              path /index.html
              digest a0d0c7241bbacd5d330a59d5c334baf5
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
     }
}

-------------------------------------------------
获得Real Server测试页面的MD5SUM值
[root@lvs-master ~]# genhash -s 192.168.127.135 -p 80 -u /index.html
MD5SUM = 615010a656a5bb29d1898f163619611f

# genhash -s 192.168.127.137 -p 80 -u /index.html
MD5SUM = a0d0c7241bbacd5d330a59d5c334baf5