LVS-DR模式配置
192.168.1.132(web02)为分发器,
192.168.1.131(web01)和 192.168.1.133(web03)为realserver
一. 配置分发器
1. 配置vip(192.168.1.140)
- vi /etc/sysconfig/network-scripts/ifcfg-eth0:1, 修改如下参数
DEVICE=eth0:1
IPADDR=192.168.1.140
- 重启网络服务, 查看
eth0:1 Link encap:Ethernet HWaddr 00:0C:29:41:7F:7F
inet addr:192.168.1.140 Bcast:192.168.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:19 Base address:0x2000
2. 添加规则
- ipvsadm -C
- ipvsadm -A -t 192.168.1.140:80 -s rr
- ipvsadm -a -t 192.168.1.140:80 -r 192.168.1.131 -g
- ipvsadm -a -t 192.168.1.140:80 -r 192.168.1.133 -g
其中-g表示DR模式 - ipvsadm -L -n
[root@web02 ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.140:80 rr
-> 192.168.1.131:80 Route 1 0 0
-> 192.168.1.133:80 Route 1 0 0
- /etc/init.d/ipvsadm save
二. 配置realserver
在web01上配置
1. 增加回环口网卡
- cd /etc/sysconfig/network-scripts/
- cp ifcfg-lo ifcfg-lo:1
- 编辑ifcfg-lo:1
DEVICE=lo:1
IPADDR=192.168.1.140(分发器vip)
NETMASK=255.255.255.255
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
ONBOOT=yes
NAME=loopback
- 查看ifconfig
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:12 errors:0 dropped:0 overruns:0 frame:0
TX packets:12 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1092 (1.0 KiB) TX bytes:1092 (1.0 KiB)
lo:1 Link encap:Local Loopback
inet addr:192.168.1.140 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
2. 关闭arp转发,
配置apr转发, 只接受到192.168.1.131的数据包, 回环口配置的140的不接受
web01, 02, 03上有相同的ip地址, 如何才能保证不冲突呢?
- echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore
- echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
- vi /etc/sysctl.conf, 在最后追加以下两行内容
net.ipv4.conf.eth0.arp_ignore = 1
net.ipv4.conf.eth0.arp_announce = 2
- 生效 sysctl -p
注意: arp_ignore为1: 表示只回答目标ip访问本网络接口(eth0)的arp查询请求
arp_announce为2: 对外广播, 在eth0上接收到一个vip的数据包, 判断vip地址是不是和eth0的ip地址一样, 如果一样, 则回复这个包, 如果不一样, 则丢弃
浏览器中访问http://192.168.1.140/
, 测试成功
三. web02安装配置keepalived
1. 安装
- 下载源码
wget http://www.keepalived.org/software/keepalived-1.2.17.tar.gz - 解压
tar -zxvf keepalived-1.2.17.tar.gz && cd keepalived-1.2.17 - 安装依赖
yum -y install gcc openssl openssl-devel openssl-perl - 编译 安装
./configure --prefix=/usr/local/keepalived
make && make install
2. 配置keepalived
- cd /usr/local/keepalived/
- 链接配置文件到/etc下
ln -s /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/ - 链接启动文件到/etc下
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ - vi /etc/init.d/keepalived, 修改如下内容为
. /usr/local/keepalived/etc/sysconfig/keepalived
export PATH=$PATH:/usr/local/keepalived/sbin
- vi /usr/local/keepalived/etc/sysconfig/keepalived, 指定配置文件位置
KEEPALIVED_OPTIONS="-D -f /etc/keepalived.conf" - 启动
/etc/init.d/keepalived start - 查看ip
ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:41:7f:7f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.132/24 brd 192.168.1.255 scope global eth0
inet 192.168.200.16/32 scope global eth0
inet 192.168.200.17/32 scope global eth0
inet 192.168.200.18/32 scope global eth0
inet 192.168.1.140/24 brd 192.168.1.255 scope global secondary eth0:1
inet6 fe80::20c:29ff:fe41:7f7f/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
- 将环境还原
# 移除lvs-dr模式配置的内容
rm -rf /etc/sysconfig/network-scripts/ifcfg-eth0:1
service network restart
ipvsadm -C
/etc/init.d/ipvsadm save
service ipvsadm restart
- 修改配置文件
vi /etc/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from localhost
smtp_server localhost
smtp_connect_timeout 30
# 表示当前节点名称, 备用不能相同
router_id web02_master
}
vrrp_instance VI_1 {
# 设定为主节点
state MASTER
interface eth0
# 主备节点virtual_router_id必须一致
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
# 设定虚拟ip
virtual_ipaddress {
192.168.1.140
}
}
virtual_server 192.168.1.140 80 {
delay_loop 6
lb_algo rr
#lb_kind NAT
lb_kind DR
nat_mask 255.255.255.0
#persistence_timeout 50
persistence_timeout 1
protocol TCP
real_server 192.168.1.131 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.1.133 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
- 重启 service keepalived restart ,
- http://192.168.1.140 在浏览器查看
- ip addr 查看
[root@web02 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:41:7f:7f brd ff:ff:ff:ff:ff:ff
inet 192.168.1.132/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.140/32 scope global eth0
inet6 fe80::20c:29ff:fe41:7f7f/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
- 在另一台机器上配置备用节点, 当主节点挂掉后, 会自动切换到备用节点