两台nginx操作
关闭防火墙及selinux
systemctl stop firewalld
setenforce 0
创建ARP冲突检测脚本
vi /etc/init.d/realserver
#!/bin/bash
# description:Script to start LVS DR real server.
. /etc/rc.d/init.d/functions
VIP=192.168.32.100
#修改相应的VIP
case "$1" in
start)
#启动 LVS-DR 模式,real server on this machine. 关闭ARP冲突检测。
echo "Start LVS of Real Server!"
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
sudo sysctl -p
;;
stop)
#停止LVS-DR real server loopback device(s).
echo "Close LVS Director Server!"
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
sudo sysctl -p
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped!"
else
echo "LVS-DR real server Running..."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
关闭ARP冲突检测
chmod +x /etc/init.d/realserver
chmod +x /etc/rc.d/init.d/functions
service realserver start
安装nginx
sudo rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
yum install -y nginx
修改页面及启动
echo 'ip: 192.168.32.137' > /usr/share/nginx/html/index.html
systemctl start nginx
两个keepalived主机
关闭防火墙及selinux
systemctl stop firewalld
setenforce 0
下载安装包
yum install -y keepalived ipvsadm
修改keepalive master配置
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vi /etc/keepalived/keepalived.conf
global_defs {
smtp_server 127.0.0.1
}
vrrp_instance VI_1 {
state MASTER #指定Keepalived的角色,MASTER为主,BACKUP为备 记得大写
interface ens33 #网卡id 不同的电脑网卡id会有区别 可以使用:ip a查看
virtual_router_id 51 #虚拟路由编号,主备要一致
priority 100 #定义优先级,数字越大,优先级越高,主DR必须大于备用DR
advert_int 1 #检查间隔,默认为1s
authentication { #这里配置的密码最多为8位,主备要一致,否则无法正常通讯
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.32.100 #定义虚拟IP(VIP)为192.168.1.200,可多设,每行一个
}
}
# 定义对外提供服务的LVS的VIP以及port
virtual_server 192.168.32.100 443 {
delay_loop 6 # 设置健康检查时间,单位是秒
lb_algo wlc # 设置负载调度的算法为wlc
lb_kind DR # 设置LVS实现负载的机制,有NAT、TUN、DR三个模式
nat_mask 255.255.255.0
persistence_timeout 0
protocol TCP
real_server 192.168.32.137 443 { # 指定real server1的IP地址
weight 3 # 配置节点权值,数字越大权重越高
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 443
}
}
real_server 192.168.32.145 443 { # 指定real server2的IP地址
weight 3 # 配置节点权值,数字越大权重越高
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 443
}
}
}
修改keepalived backup配置
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vi /etc/keepalived/keepalived.conf
global_defs {
smtp_server 127.0.0.1
}
vrrp_instance VI_1 {
state BACKUP #指定Keepalived的角色,MASTER为主,BACKUP为备 记得大写
interface ens33 #网卡id 不同的电脑网卡id会有区别 可以使用:ip a查看
virtual_router_id 51 #虚拟路由编号,主备要一致
priority 50 #定义优先级,数字越大,优先级越高,主DR必须大于备用DR
advert_int 1 #检查间隔,默认为1s
authentication { #这里配置的密码最多为8位,主备要一致,否则无法正常通讯
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.32.100 #定义虚拟IP(VIP)为192.168.1.200,可多设,每行一个
}
}
# 定义对外提供服务的LVS的VIP以及port
virtual_server 192.168.32.100 443 {
delay_loop 6 # 设置健康检查时间,单位是秒
lb_algo wlc # 设置负载调度的算法为wlc
lb_kind DR # 设置LVS实现负载的机制,有NAT、TUN、DR三个模式
nat_mask 255.255.255.0
persistence_timeout 0
protocol TCP
real_server 192.168.32.137 443 { # 指定real server1的IP地址
weight 3 # 配置节点权值,数字越大权重越高
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 443
}
}
real_server 192.168.32.145 443 { # 指定real server2的IP地址
weight 3 # 配置节点权值,数字越大权重越高
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 443
}
}
}
启动服务
systemctl start keepalived