2019独角兽企业重金招聘Python工程师标准>>>
DR模式搭建
一、
• dir上编写脚本 vim /usr/local/sbin/lvs_dr.sh //内容如下
#! /bin/bash
echo 1 > /proc/sys/net/ipv4/ip_forward
ipv=/usr/sbin/ipvsadm
vip=192.168.133.200
rs1=192.168.133.132
rs2=192.168.133.133
#注意这里的网卡名字
ifconfig ens33:2 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev ens33:2
$ipv -C
$ipv -A -t $vip:80 -s wrr
$ipv -a -t $vip:80 -r $rs1:80 -g -w 1
$ipv -a -t $vip:80 -r $rs2:80 -g -w 1
二、
• 两台rs上也编写脚本 vim /usr/local/sbin/lvs_rs.sh//内容如下
#/bin/bash
vip=192.168.133.200
#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端
#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
• 分别在dir上和两个rs上执行这些脚本
• 测试
实例:
[root@localhosts 01]# vim /usr/local/sbin/lvs_dr.sh
#! /bin/bashecho 1 > /proc/sys/net/ipv4/ip_forwardipv=/usr/sbin/ipvsadmvip=192.168.133.200rs1=192.168.133.132rs2=192.168.133.133#注意这里的网卡名字
ifdown ens33
ifup ens33
ifconfig ens33:2 $vip broadcast $vip netmask 255.255.255.255 uproute add -host $vip dev ens33:2$ipv -C$ipv -A -t $vip:80 -s rr$ipv -a -t $vip:80 -r $rs1:80 -g -w 1$ipv -a -t $vip:80 -r $rs2:80 -g -w 1[root@localhosts 01]# sh /usr/local/sbin/lvs_dr.sh 在两台rs上面操作
[root@localhosts 02]# vim /usr/local/sbin/lvs_rs.sh
#/bin/bashvip=192.168.133.200#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 uproute add -host $vip lo:0#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.htmlecho "1" >/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/lo/arp_announceecho "1" >/proc/sys/net/ipv4/conf/all/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/all/arp_announce
[root@localhosts 02]# vim /usr/local/sbin/lvs_rs.sh
#/bin/bashvip=192.168.133.200#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifdown lo
ifup lo
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 uproute add -host $vip lo:0#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.htmlecho "1" >/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/lo/arp_announceecho "1" >/proc/sys/net/ipv4/conf/all/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/all/arp_announce[root@localhosts 02]# sh /usr/local/sbin/lvs_rs.sh[root@localhosts 03]# vim /usr/local/sbin/lvs_dr.sh
#/bin/bashvip=192.168.133.200#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 uproute add -host $vip lo:0#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.htmlecho "1" >/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/lo/arp_announceecho "1" >/proc/sys/net/ipv4/conf/all/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/all/arp_announce[root@localhosts 03]# sh /usr/local/sbin/lvs_dr.sh在所有的机器上面操作,查看是否有192.168.133.200,IP地址
[root@localhosts ]# route -n[root@localhosts ]# ip add[root@localhosts ]# iptables -t nat -F
[root@localhosts ]# curl http://192.168.133.200/
[root@localhosts ]#[root@localhosts 01]# ipvsadm -ln
测试
在浏览器里面输入:192.168.133.200
Keepalived+LVS DR
• 编辑keepalived配置文件 vim /etc/keepalived/keepalived.conf//内容请到https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D21Z/lvs_keepalived.conf 获取
• 需要更改里面的ip信息
• 执行ipvsadm -C 把之前的ipvsadm规则清空掉
• systemctl restart network 可以把之前的vip清空掉
• 两台rs上,依然要执行/usr/local/sbin/lvs_rs.sh脚本
• keepalived有一个比较好的功能,可以在一台rs宕机时,不再把请求转发过去
• 测试
实例:
[root@localhosts 03]# systemctl stop nginx #关闭nginx
然后在浏览器刷新页面,发现页面刷新不了
[root@localhosts 03]# ps aux | grep nginx [root@localhosts 01]# ipvsadm -ln[root@localhosts 01]# vi /etc/keepalived/keepalived.conf #把里面的东西清空之后复制,下面的内容
vrrp_instance VI_1 {#备用服务器上为 BACKUPstate MASTER#绑定vip的网卡为ens33,你的网卡和阿铭的可能不一样,这里需要你改一下interface ens33virtual_router_id 51#备用服务器上为90priority 100advert_int 1authentication {auth_type PASSauth_pass aminglinux}virtual_ipaddress {192.168.133.200}
}
virtual_server 192.168.133.200 80 {#(每隔10秒查询realserver状态)delay_loop 10#(lvs 算法)lb_algo wlc#(DR模式)lb_kind DR#(同一IP的连接60秒内被分配到同一台realserver)persistence_timeout 60#(用TCP协议检查realserver状态)protocol TCPreal_server 192.168.133.132 80 {#(权重)weight 100TCP_CHECK {#(10秒无响应超时)connect_timeout 10nb_get_retry 3delay_before_retry 3connect_port 80}}real_server 192.168.133.133 80 {weight 100TCP_CHECK {connect_timeout 10nb_get_retry 3delay_before_retry 3connect_port 80}}
}[root@localhosts 01]# systemctl start keepalived #开启 keepalived [root@localhosts 01]# ps aux | grep keep
[root@localhosts 01]# ip add
[root@localhosts 01]# ipvsadm -ln
[root@localhosts 01]# ip add[root@localhosts 01]# systemctl stop keepalived #关闭 keepalived [root@localhosts 03]# systemctl start nginx[root@localhosts 01]# ipvsadm -ln
[root@localhosts 01]# systemctl start keepalived #开启 keepalived
[root@localhosts 01]# ipvsadm -ln
扩展
haproxy+keepalived http://blog.csdn.net/xrt95050/article/details/40926255
nginx、lvs、haproxy比较 http://www.csdn.net/article/2014-07-24/2820837