1.DR模式搭建
1.1 准备三台机器,并配置相关IP
//调度器配置
[root@knightlai01 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:ec:fc:cf brd ff:ff:ff:ff:ff:ff
inet 192.168.139.168/24 brd 192.168.139.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feec:fccf/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
//rs1 rs2
//rs1
[root@knightlai02 ~]# ip addr
2: ens36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:b1:e4:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.139.125/24 brd 192.168.139.255 scope global noprefixroute ens36
valid_lft forever preferred_lft forever
//rs2
[root@knightlai03 ~]# ip addr
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:72:4a:c2 brd ff:ff:ff:ff:ff:ff
inet 192.168.139.170/24 brd 192.168.139.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
1.2 配置相关脚本
//调度器上配置脚本
[root@knightlai01 ~]vim /usr/local/sbin/lvs_dr.sh
#! /bin/bash
echo 1 > /proc/sys/net/ipv4/ip_forward
ipv=/usr/sbin/ipvsadm
vip=192.168.220.200
rs1=192.168.220.125
rs2=192.168.220.170
#注意这里的网卡名字
ifconfig ens33:2 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev ens33:2
$ipv -C
$ipv -A -t $vip:80 -s wrr
$ipv -a -t $vip:80 -r $rs1:80 -g -w 1
$ipv -a -t $vip:80 -r $rs2:80 -g -w 1
//rs1 rs2上配置脚本两个脚本是一样的
[root@knightlai02 ~]vim /usr/local/sbin/lvs_rs.sh
#/bin/bash
vip=192.168.139.200
#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端
#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
1.3测试DR模式
//调度器上执行脚本
[root@knightlai01 conf]# sh /usr/local/sbin/lvs_dr.sh
//rs1 rs2执行脚本
[root@knightlai02 ~]# sh /usr/local/sbin/lvs_rs.sh
[root@knightlai03 ~]# sh /usr/local/sbin/lvs_rs.sh
[root@knightlai02 ~]# curl 192.168.139.125
This is a backup backup!
[root@knightlai03 ~]# curl 192.168.139.170
This is 192.168.139.170!
//测试lvs DR是否生效
[root@knightlai01 conf]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 conf]# curl 192.168.139.200
This is a backup backup!
[root@knightlai01 conf]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 conf]# curl 192.168.139.200
This is a backup backup!
[root@knightlai01 conf]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 conf]# curl 192.168.139.200
This is a backup backup!
[root@knightlai01 conf]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 conf]# curl 192.168.139.200
This is a backup backup!
[root@knightlai01 conf]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 conf]# curl 192.168.139.200
This is a backup backup!
2.Keepalived+LVS DR
2.1 准备三台机器,分别配置ip地址
1台需要安装keepalived 做为dir 另外2台作为realserver
dir(安装keepalived)139.168
rs1 139.125
rs2 139.170
vip 139.200ip 133.20
//配置dir上面的ip地址
[root@knightlai01 ~]# ip addr
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:ec:fc:cf brd ff:ff:ff:ff:ff:ff
inet 192.168.139.168/24 brd 192.168.139.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feec:fccf/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
//rs1
[root@knightlai02 network-scripts]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.139.200/32 brd 192.168.139.200 scope global lo:0
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens36: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:b1:e4:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.139.125/24 brd 192.168.139.255 scope global noprefixroute ens36
valid_lft forever preferred_lft forever
//rs2
[root@knightlai03 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.139.200/32 brd 192.168.139.200 scope global lo:0
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:72:4a:c2 brd ff:ff:ff:ff:ff:ff
inet 192.168.139.170/24 brd 192.168.139.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
2.2编辑keepalived.conf脚本
global_defs {
notification_email { # 配置邮箱报警
[email protected] # (如果要开启邮件报警,需要开启相应的sendmail服务)
}
notification_email_from [email protected]
smtp_server 127.0.0.1 # 邮箱的服务器
smtp_connect_timeout 30 # 邮箱连接设置
router_id LVS_DEVEL # 表示keepalived服务器的一个标识,是发邮件时显示在邮件主题中的信息
}
vrrp_instance VI_1 { #定义一个vrrp组,组名唯一
state MASTER #定义改主机为keepalived的master主机
interface eth0 #监控eth0号端口
virtual_router_id 51 #虚拟路由id号为58,id号唯一,这个id决定了多播的MAC地址
# (一组keepalived相同,多组不能相同)
priority 150 #设置本节点的优先级,master的优先级 要比backup的优先级别高,数值要大
# (一组中keepalived会检查此选项然后选举出一台服务器作为路由,配置vip)
advert_int 1 #检查间隔,默认为1秒
authentication {
auth_type PASS #认证方式,密码认证
auth_pass 1111 #认证的密码,这个密码必须和backup上的一致
}
virtual_ipaddress { #设置虚拟的ip, 这个ip是以后对外提供服务的ip。如果有多个VIP,继续换行填写.
192.168.139.200
}
}
virtual_server 192.168.139.200 80 { #虚拟主机设置,ip同上。
delay_loop 2 #每隔2秒查询realserver状态
lb_algo rr #lvs的调度算法
lb_kind DR #lvs的集群模式
nat_mask 255.255.255.0
# persistence_timeout 50 #同一IP的连接50秒内被分配到同一台realserver
# 测试的时候可以不用开
protocol TCP #用TCP协议检查realserver状态
real_server 192.168.139.125 80 { #后端真实主机1
weight 100 #每台机器的权重,0表示不给该机器转发请求,直到它恢复正常。
TCP_CHECK { #健康检查项目,以下
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.139.170 80 { #后端真实主机2
weight 100 #每台机器的权重,0表示不给该机器转发请求,直到它恢复正常。
TCP_CHECK { #健康检查项目,以下
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
另外2台realserver还是按DR模式配置脚本并执行
#/bin/bash
vip=192.168.139.200
#把vip绑定在lo上,是为了实现rs直接把结果返回给客户端
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端
#参考文档www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
//两台rs上面都要执行
[root@knightlai03 ~]sh /usr/local/sbin/lvs_rs.sh
2.3 测试Keepalived+LVS DR
[root@knightlai01 ~]#ipvsadm -C
[root@knightlai01 ~]#systemctl restart network
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# curl 192.168.139.200
This is a backup backup!
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# curl 192.168.139.200
This is a backup backup!
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# curl 192.168.139.200
This is a backup backup!
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# curl 192.168.139.200
This is a backup backup!
//模拟一台宕机测试(将rs1直接挂起,现在访问就全部在rs2上面)
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# curl 192.168.139.200
This is 192.168.220.170!
[root@knightlai01 ~]# ping 192.168.139.125
PING 192.168.139.125 (192.168.139.125) 56(84) bytes of data.
From 192.168.139.168 icmp_seq=1 Destination Host Unreachable
From 192.168.139.168 icmp_seq=2 Destination Host Unreachable
注:如果发现rs没有轮询,注释掉keepalived.conf中persistence_timeout 50即可