O:环境准备
-
三台虚拟机
-
分别取名dir rs1 rs2
-
给dir1和dir2分别加入网关=dir的IP
vi /etc/sysconfig/network-scripts/ifcfg-ens33 GETWAY=192.168.200.147 ##也可以在虚拟机设置那边改
-
清空iptables的规则
iptables -F; iptables -t nat -F; service iptables save
-
安装yum源
rm -f /etc/yum.repos.d/* cat /etc/yum.repos.d/local.repo [gpmall] name=gpmall baseurl=file:///opt/gpmall-repo gpgcheck=0 enabled=1 yum clean all yum repolist
-
安装iptables-service
yum -y install iptables-services
-
清空规则
iptables -F; iptables -t nat -F; service iptables save
-
关闭防火墙
systemctl stop firewalld systemctl disable firewalld setenforce 0 getenforce 0
Ⅰ:安装LVS
-
dir安装ipvsadm
yum install -y ipvsadm
-
dir编写脚本
vim /usr/local/sbin/lvs_nat.sh #! /bin/bash # director 服务器上开启路由转发功能 echo 1 > /proc/sys/net/ipv4/ip_forward # 关闭icmp的重定向 echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects # 注意区分网卡名字 echo 0 > /proc/sys/net/ipv4/conf/ens33/send_redirects echo 0 > /proc/sys/net/ipv4/conf/ens34/send_redirects # director 设置nat防火墙 iptables -t nat -F iptables -t nat -X iptables -t nat -A POSTROUTING -s 192.168.200.0/24 -j MASQUERADE # director设置ipvsadm IPVSADM='/usr/sbin/ipvsadm' $IPVSADM -C $IPVSADM -A -t 192.168.147.144:80 -s wlc ###-p 300### $IPVSADM -a -t 192.168.147.144:80 -r 192.168.200.131:80 -m -w 1 #rs1 $IPVSADM -a -t 192.168.147.144:80 -r 192.168.200.132:80 -m -w 1 #rs2 #-t 后面为主机模式IP地址 bash/usr/local/sbin/lvs_nat.sh #启动脚本 killall nginx
-
rs1+2 安装niginx,配置网页数据
yum -y install nginx echo "rs1" > /usr/share/nginx/html/index.html echo "rs2" > /usr/share/nginx/html/index.html
-
测试nginx
curl 192.168.200.150 rs2 curl 192.168.200.148 rs1 curl 192.168.183.129 rs2 curl 192.168.183.129 rs1 curl 192.168.183.129 rs2 curl 192.168.183.129 rs1
Ⅱ:DR模式LVS搭建
-
关闭前面网关
-
编写dir脚本
vim /usr/local/sbin/lvs_rs.sh #! /bin/bash echo 1 > /proc/sys/net/ipv4/ip_forward ipv=/usr/sbin/ipvsadm vip=192.168.200.110 虚拟 rs1=192.168.200.148 rs2=192.168.200.150 #注意这里的网卡名字 ifconfig ens33:2 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip dev ens33:2 $ipv -C $ipv -A -t $vip:80 -s wrr $ipv -a -t $vip:80 -r $rs1:80 -g -w 1 $ipv -a -t $vip:80 -r $rs2:80 -g -w 1
-
编写rs1+2脚本
vim /usr/local/sbin/lvs_rs.sh #/bin/bash vip=192.168.200.110 #虚拟- #把vip绑定在lo上,是为了实现rs直接把结果返回给客户端 ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip lo:0 #以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端 #参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
-
3节点运行脚本并测试
bash /usr/local/sbin/lvs_dr.sh
-
keepalived+LVS
O:环境搭建:
1.keepalived +vip
2.配置keepalivede文件
vim /etc/keepalived/keepalived.conf //添加内容如下 vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.110 } } virtual_server 192.168.200.110 80 { #VIP delay_loop 10 #每隔10秒查询realserver状态 lb_algo wlc #lvs算法 lb_kind DR #DR模式 persistence_timeout 60 #(同一IP的连接60秒内被分配到同一台realserver) protocol TCP #用TCP协议检查realserver状态 real_server 192.168.200.148 80 { #真实服务器ip weight 100 #权重 TCP_CHECK { connect_timeout 10 # 10秒无响应超时(连接超时时间) nb_get_retry 3 #失败重试次数 delay_before_retry 3 #失败重试的间隔时间 connect_port 80 #连接的后端端口 } } real_server 192.168.200.150 80 { weight 100 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
3.清空规则,重启脚本
ipvsadm -C //把之前的ipvsadm规则清空 systemctl restart network //可以把之前设置的VIP删除掉 rs1:sh /usr/local/sbin/lvs_rs.sh rs2:sh /usr/local/sbin/lvs_rs.sh systemctl start keepalived ps aux |grep keepalived root 2294 0.0 0.0 118684 1388 ? Ss 15:14 0:00 /usr/sbin/keepalived -D root 2295 0.0 0.1 122884 2388 ? S 15:14 0:00 /usr/sbin/keepalived -D root 2296 0.0 0.1 122884 2412 ? S 15:14 0:00 /usr/sbin/keepalived -D root 2298 0.0 0.0 112720 988 pts/0 R+ 15:15 0:00 grep --color=auto keepalived
-
-