lvs+keepalive realizes dual-main mode (using DR), realizes TCP and UDP detection at the same time, realizes non-web-side load balancing, and realizes communication across network segments at the same time

    Because the company leaders need to use the lvs backup machine, so! Using dual masters, they are both masters and backups. I use nat test to find that RS cannot achieve load balancing, so I use DR mode to achieve non-web load balancing

 

lvs1: DIP 10.60.196.183

        VIP 10.60.196.185

lvs2：DIP 10.60.196.184

         VIP 10.60.196.186

DR1 ： 10.60.196.181

DR2 ： 10.60.196.182

--------------------------------------------------------

I use both TCP and UDP here

LVS: IP forwarding needs to be enabled

vim /etc/sysctl.conf

keepalive configuration:

! Configuration File for keepalived

global_defs {
notification_email {
root@localhost
}
notification_email_from admin@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}

vrrp_instance VI_1 {
state BACKUP #Another                                   keepalive is replaced here with MASTER
interface eth0
virtual_router_id 51 
priority 98  #here                                        100
advert_int 1
authentication {
auth_type PASS
auth_pass 11112222
}
virtual_ipaddress {
10.60.196.186/32 label eth0:0
}
}

vrrp_instance VI_2 {
state MASTER　　　　　　　　    #另一台BUCKUP
interface eth0
virtual_router_id 150
priority 100　　　　　　　　　　# 这里99
advert_int 1
authentication {
auth_type PASS
auth_pass 11112222
}
virtual_ipaddress {
10.60.196.185/32 label eth0:1
}
}

virtual_server 10.60.196.186 33001 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
persistence_timeout 0

real_server 10.60.196.181 33001 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}

real_server 10.60.196.182 33001 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}

 

virtual_server 10.60.196.186 33001 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol UDP
persistence_timeout 0

real_server 10.60.196.181 33001 {
weight 1
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}

real_server 10.60.196.182 33001 {
weight 1
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}

 

virtual_server 10.60.196.185 33001 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
persistence_timeout 0

real_server 10.60.196.181 33001 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}

real_server 10.60.196.182 33001 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}

 

virtual_server 10.60.196.185 33001 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol UDP
persistence_timeout 0

real_server 10.60.196.181 33001 {
weight 1
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}

real_server 10.60.196.182 33001 {
weight 1
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}

Add routes after configuration

route add -host 10.60.196.185 dev eth0:1

route add -host 10.60.196.186 dev eth0:0

 

rs: need to add a route and bind VIP at the same time

RS1 and RS2 have the same configuration

ifconfig eth0:0 10.60.196.186 netmask 255.255.255.0

ifconfig eth0:1 10.60.196.185 netmask 255.255.255.0

route add -host 10.60.196.185 dev eth0:1

route add -host 10.60.196.186 dev eth0:0

 

If you also need an external network, you can build two additional machines for iptables forwarding. You need a public network IP and an internal network IP. All requests from the external network are forwarded to the VIP through iptables, and one is for VIP forwarding (iptables here Don't write it), so that you can realize the communication across the network segment! Different network segments have the same reason