目录
1、概述
2、director脚本
3、real server脚本
4、总结
1、概述
LVS的DR类型是在生产环境中运用比较多的部署类型,后端real server服务器的上线、下线的配置比较繁琐,所以可利用bash脚本来完成。本博客基于http://zhaochj.blog.51cto.com/368705/1650198中“虚拟服务VS/DR类型实现”的部份整理了两个脚本,一个是在director上执行,一个在各real server上执行的脚本。
2、director脚本
[root@HAPROXY scripts]# vim vs_dr #!/bin/sh #Program: This script set vs/dr. #Author: zhaochj #Date: 2015-05-11 #Version: 1.0 #chkconfig: 235 90 120 # Source function library. source /etc/init.d/functions # declare variables VIP=192.168.0.222 RIP1=192.168.0.201 RIP2=192.168.0.202 PORT=80 RSWEIGHT1=1 RSWEIGHT2=1 # iptables set iptables -F iptables -X iptables -Z iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -i eth+ -p icmp --icmp-type 8 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp -d $VIP --dport 80 -j ACCEPT # set director case "$1" in start) echo "1" > /proc/sys/net/ipv4/ip_forward ifconfig eth0:0 $VIP netmask 255.255.255.0 up ipvsadm -C ipvsadm -A -t $VIP:$PORT -s wlc ipvsadm -a -t $VIP:$PORT -r $RIP1:$PORT -g -w $RSWEIGHT1 ipvsadm -a -t $VIP:$PORT -r $RIP2:$PORT -g -w $RSWEIGHT2 touch /var/lock/subsys/lvs-dr.lock & > /dev/null echo "VS/DR is starting" ;; stop) echo "0" > /proc/sys/net/ipv4/ip_forward ifconfig eth0:0 down ipvsadm -C rm /var/lock/subsys/lvs-dr.lock echo "VS/DR is stoped" ;; status) [ -e /var/lock/subsys/lvs-dr.lock ] && ipvsadm -L -n || echo "VS/DR is not running" ;; *) echo "Usage $0 {start|stop|status}" ;; esac
3、real server脚本
[root@slave scripts]# vim dr_rs #!/bin/sh #Program: This script is set VS/DR real server #Author: zhaochj #Date: 2015-05-11 #Version: 1.0 #chkconfig: 235 86 130 # Source function library source /etc/init.d/functions # declare variables VIP=192.168.0.222 PORT=80 # iptables set iptables -F iptables -X iptables -Z iptables -P INPUT DROP iptables -P OUTPUT ACCEPT iptables -P FORWARD DROP iptables -A INPUT -i lo -j ACCEPT iptables -A OUTPUT -o lo -j ACCEPT iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT iptables -A INPUT -p tcp --dport 22 -j ACCEPT iptables -A INPUT -p tcp --dport 80 -j ACCEPT # set real server case "$1" in start) echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP up route add -host $VIP dev lo:0 echo "VS/DR real server running" ;; stop) echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce route del -host $VIP ifconfig lo:0 down echo "VS/DR/real server stoped" ;; status) Lostat=`ifconfig lo:0 | grep $VIP` Return=`echo $?` [ $Return != "0" ] && echo "VS/DR real server stoped" || echo "VS/DR real server running" ;; *) echo "Usage $0{start|stop|status}" ;; esac
4、总结
利用脚本把繁琐的工作简单化,而且执行效率更高,只要把脚本测试好,还能避免一些误操作。
转载于:https://blog.51cto.com/zhaochj/1650202