**
lvs/NAT模式
**利用keepalived对DS的高可用**
集群ip配置
DS1: 内网网卡 ip:192.168.112.10 外网网卡 ip:20.20.64.10
RS1: 网卡ip:192.168.112.20 gw:192.168.112.100(vip)
RS2: 网卡ip:192.168.112.40 gw:192.168.112.100(vip)
keepalived备用DS2:内网网卡 ip:192.168.112.50 外网网卡 ip:20.20.64.50
DS调度器需要通过keepalived对两张网卡分别配置一个虚拟Ip
面向公网:20.20.64.100
面向内网:192.168.112.100
client端:ip:20.20.64.30
1、对RS真实服务器的配置
route add default gw 192.168.112.100 #添加一个网关指向内网虚拟IP
ip route show #查看是否添加成功
yum -y install httpd
service httpd start
chkconfig httpd on
echo “测试内容” >> /var/www/html/index.html
2、对两台DS的配置
a. 配置路由转发
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
sysctl -p
** b. 配置ipvsadm**
注意:该步可以在keepalived配置文件完成
modprobe ip_vs
yum -y install ipvsadm
ipvsadm -A -t 20.20.64.100:80 -s rr
ipvsadm -a -t 20.20.64.100:80 -r 192.168.112.20:80 -m #添加一个真实服务器
ipvsadm -a -t 20.20.64.100:80 -r 192.168.112.40:80 -m
ipvsadm -L #查看上面添加的真实服务器是否在集群中
service ipvsadm save #保存服务器规则
service ipvsadm start #启动服务
chkconfig ipvsadm on #设置服务开机自启
c. 下载keepalived源码包
wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
解压并安装
yum -y install kernel-devel openssl-devel popt-devel gcc*
cd /root/keepalived-1.2…
./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-642.el6.x86_64/
make && make install
chkconfig --add keepalived
chkconfig keepalived on
d. 编辑keepalived配置文件
下面是主keepalived配置文件,备用的只需修改,
router_id LV1、state MASTER、priority 100
global_defs {
router_id LV1
}
#分别对两个网卡配置一个虚拟Ip
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
20.20.64.100
192.168.112.100
}
}
#如果不做“b”步内容,则需要将下面内容加上
virtual_server 20.20.64.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
protocol TCP
real_server 192.168.112.20 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
real_server 192.168.112.40 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
e. 测试
启动keepalived,通过client端访问,虚拟ip:20.20.64.100,可以得到后端主机的内容
停掉主keepalived,通过client端依然能访问到后端主机内容