Actual combat environment (CentOS7)
VIP 10.211.55.180 (virtual IP)
LVS1 10.211.55.151 (main LVS)
LVS2 10.211.55.152 (standby LVS)
RS1 10.211.55.171 (real server 1)
RS2 10.211.55.172 (real server 2)
initialization environment all Node
iptalbes -F #Clear the firewall
systemctl stop firewalld #Turn off the firewall
systemctl disable firewalld #Stop the firewall from booting up
setenforce 0 #Temporarily turn off selinux
sed -i's/^SELINUX=.*$/SELINUX=disabled/g' /etc/ selinux/config
#Close selinux
date #Time
yum -y install epel-release
#Install epel source LVS1, 2 operation
1, install keepalived ipvsadm
yum -y install keepalived ipvsadm
[root@localhost ~]# lsmod |grep ip_vs #check ipvs module
ip_vs_rr 12600 1
ip_vs 145497 3 ip_vs_rr
nf_conntrack 139264 9 ip_vs,nf_nat,nf_nat_ipv4,nf_nat_ipv6,xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_netlink,nf_conntrack_ipv4,nf_conntrack_ipv6
libcrc32c 12644 4 xfs,ip_vs,nf_nat,nf_conntrack
2、配置keepalived (LVS1、2)
2.1 修改keepalived的配置文件
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict #
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER #LVS1 here is the MASTER, then LVS2 is changed to BACKUP
interface eth0 #CENTOS7 ens33
virtual_router_id 51 #If the master and backup are consistent
priority 100 #LVS1 is 100, then LVS2 is 100 , Such as 90, the greater the weight, which side VIP will float on 99 89
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.211.55.180 #VIP
}
}
virtual_server 10.211.55.180 80 {#VIP
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 10.211.55.171 80 {#Back-end RS1 detection
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.211.55.172 80 {#Back-end RS2 detection
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry delay 3
nb_get_retry
connect_port 80
}
}
}
2.2 Set boot up (LVS1, 2)
systemctl enable keepalived
systemctl start keepalived
3. Configure LVS, execute the following script (LVS1, 2), and set the script to boot up
vi /opt/lvs_dr.sh
#!/bin/sh
# description: Start LVS of Director server
VIP=10.211.55.180
RIP1=10.211.55.171
RIP2=10.211.55.172
case "$1" in
start)
echo "start LVS of Director Server "
# set the Virtual IP Address and sysctl parameter
# /sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up
# route add -host $VIP dev eth0:0
echo "1" >/proc/sys/net /ipv4/ip_forward
#Clear IPVS table
/sbin/ipvsadm -C
#set LVS
/sbin/ipvsadm -A -t $VIP:80 -s rr # -p 600 #If you need session persistence, cancel the -p 600 here Comment
#Run LVS
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
/sbin/ipvsadm
;;
stop)
echo "close LVS Directorserver"
echo "0" >/proc/sys/net/ipv4/ip_forward
/ sbin/ipvsadm -C
# /sbin/ifconfig eth0:0 down
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
chmod +x /opt/lvs_dr.sh #Add execution permission
echo "/opt/ lvs_dr.sh start" >>/etc/profile #Boot self-start
4. Configure RS operation, perform the following operations (RS1, 2) to
install nginx
yum -y install nginx #RS1, 2 install
echo 10.211.55.171 >/usr/ share/nginx/html/index.html #RS1 operation
echo 10.211.55.172 >/usr/share/nginx/html/index.html #RS2Upper operation
Set up the RS script and set it to start automatically
vi /opt/lvs_rs.sh
#!/bin/bash
VIP=10.211.55.180
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo “1″ >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo “2″ >/proc/sys/net/ipv4/conf/lo/arp_announce
echo “1″ >/proc/sys/net/ ipv4/conf/all/arp_ignore
echo “2″ >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p
#end
This operation is to bind a virtual IP address on the loopback device and set it The subnet mask is 255.255.255.255, which maintains intercommunication with the virtual IP on the Director Server, and then prohibits the local ARP request.
Since the virtual ip, which is the VIP address above, is shared by Director Server and all Real servers, if there is an ARP request for the VIP address, if the Director Server responds to all Real servers, there will be a problem. Therefore, it needs to be prohibited. Real server responds to the ARP request. The role of the lvsrs script is to make Real Server not respond to arp requests.
chmod + /opt/lvs_rs.sh #Add execution permissions
echo "/opt/lvs_rs.sh "#Startup automatically after booting
5. Test
Find a client and execute the following command
->$ for i in `seq 20`;do curl 10.211.55.180;done
10.211.55.171
10.211.55.172
10.211 .55.171
10.211.55.172
10.211.55.171
10.211.55.172
10.211.55.171
10.211.55.172
10.211.55.171
10.211.55.172
10.211.55.171
10.211.55.172
10.211.55.171
10.211.55.172
10.211.55.171
10.211.55.172
10.211.55.171
10.211.55.172
10.211.55.171
10.211.55.172
CentOS 7 DNS installation and configuration
Guess you like
Origin blog.51cto.com/slapping/2551547
Ranking