• lvs 中DR模式负载均衡及keepalived


     

    lvs DR配置 

    LVS负载均衡:三种负载均衡模式:DR,TUN(ip隧道),NAT,这里我们介绍DR模式

    server1:

    首先,配置server机yum源 方便后期实验流畅
    vim /etc/yum.repos.d/rhel-source.repo
    [rhel-source]
    name=Red Hat Enterprise Linux $releasever - $basearch - Source
    baseurl=http://172.25.8.250/rhel6.5
    enabled=1
    gpgcheck=1
    gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
    [LoadBalancer]
    name=LoadBalancer
    baseurl=http://172.25.8.250/rhel6.5/LoadBalancer
    gpgcheck=0
    [HighAvailability]
    name=HighAvailability
    baseurl=http://172.25.8.250/rhel6.5/HighAvailability
    gpgcheck=0
    [ResilientStorage]
    name=ResilientStorage
    baseurl=http://172.25.8.250/rhel6.5/ResilientStorage
    gpgcheck=0
    [ScalableFileSystem]
    name=ScalableFileSystem
    baseurl=http://172.25.8.250/rhel6.5/ScalableFileSystem
    gpgcheck=0
    yum install ipvsadm -y
    ipvsadm -A -t 172.25.8.100:80 -s rr         ##添加策略 指定vip 172.25.8.100:80,-t指tcp,-s rr 指定轮询

    ipvsadm -a -t 172.25.8.100:80 -r 172.25.8.2:80 -g   ##将虚拟ip映射到真实的ip,-r指定realserver -t指定tcp协议 -g指dr模式
    ipvsadm -a -t 172.25.8.100:80 -r 172.25.8.3:80 -g
    ipvsadm -l                  #列出策略
    [root@server1 html]# ipvsadm -l
    IP Virtual Server version 1.2.1 (size=4096)
    Prot LocalAddress:Port Scheduler Flags
      -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
    TCP  172.25.8.100:http rr
      -> server2:http                 Route   1      0          0        
      -> server3:http                 Route   1      0          0        
     

    server2:

    yum install httpd
    vim /var/www/html/index.html
    /etc/init.d/httpd start
     
    server3:yum install httpd
    vim /var/www/html/index.html
    /etc/init.d/httpd start
    server1:
    ip addr add  172.25.8.100/24 dev eth0        #添加一个虚拟ip
    ip addr

    server2:

    ip addr add 172.25.8.100/32  dev lo
    ip addr
     

    server3:

    ip addr add 172.25.8.100/32  dev lo
    ip addr

    物理机测试:

    curl 172.25.8.100
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server3</h1>
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server2</h1>
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server3</h1>
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server2</h1>
    为防止客户端在访问vip时直接访问到realserver,需要在realserver设置一定的策略

    server2:

    yum install arptables_jf            
    arptables -A IN -d 172.25.8.100 -j DROP      ##访问realserver的100ip时的请求直接丢弃                               
    arptables -A OUT -s 172.25.8.100 -j mangle --mangle-ip-s 172.25.8.2      ##realserver发出的信息全部转换为指定的真实ip
    /etc/init.d/arptables_jf save        ##保存策略

    server3:

    yum install arptables_jf
    arptables -A IN -d 172.25.8.100 -j DROP
    arptables -A OUT -s 172.25.8.100 -j mangle --mangle-ip-s 172.25.8.3
    /etc/init.d/arptables_jf save

    测试:

    在物理机中
    arp -d 172.25.8.100
    curl 172.25.8.100
    测试结果
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server3</h1>
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server2</h1>
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server3</h1>
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server2</h1>
     
     
    但是此时无法实现健康检查,我们需要用ldirectord服务实现
    Ldirector是一个监控集群服务节点运行状态的插件。Ldirector如果监控到集群节点中某个服务出现故障,就屏蔽此节点的对外连接功能,同时将后续请求转移到正常的节点提供服务,这个插件经常用在LVS负载均衡集群中

    server1:

    yum install ldirectord-3.9.5-3.1.x86_64.rpm
    cp /usr/share/doc/ldirectord-3.9.5/ldirectord.cf /etc/ha.d
    cd /etc/ha.d/
    vim ldirectord.cf


    ipvsadm -C       ##清空策略
    /etc/init.d/ldirectord start
    yum install httpd
    vim /var/www/html/index.html
    /etc/init.d/httpd start
    此时,当server3关闭httpd服务

    测试结果如下
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server2</h1>
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server2</h1>
    [root@foundation8 ~]# curl 172.25.8.100
    <h1>server2</h1>

    此时,当server2也关闭httpd服务
    结果如下
    [root@foundation8 ~]# curl 172.25.8.100
    维护中。。
    [root@foundation8 ~]# curl 172.25.8.100
    维护中。。
     
     

    keepalived:

    Keepalived的作用是检测服务器的状态,如果有一台web服务器宕机,或工作出现故障,Keepalived将检测到,并将有故障的服务器从系统中剔除,同时使用其他服务器代替该服务器的工作,当服务器工作正常后Keepalived自动将服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的服务器

    主要用作RealServer的健康状态检查以及LoadBalance主机和BackUP主机之间failover的实现。

    server1:

    /etc/init.d/ldirectord stop
    chkconfig  ldirectord off            ##关闭ldirectord服务
    下载keepalived-2.0.6.tar.gz
    tar zxf keepalived-2.0.6.tar.gz     ##解压
    yum install rpm-build -y
    yum install gcc -y
    yum install openssl-devel -y
    cd keepalived-2.0.6
    [root@server1 keepalived-2.0.6]# ./configure --prefix=/usr/local/keepalived --with-init=SYSV     ##编译
    [root@server1 keepalived-2.0.6]# make
    [root@server1 keepalived-2.0.6]# make install      ##安装
    cd /usr/local/keepalived/
    [root@server1 keepalived]# ls        ##软链接的制作
    bin  etc  sbin  share
    cd sbin/
    ln -s /usr/local/keepalived/sbin/keepalived  /sbin/
    cd etc/rc.d/init.d
    chmod +x keepalived
    ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
    cd etc/sysconfig
    ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
    cd etc/keeplived
    ln -s /usr/local/keepalived/etc/keepalived/ /etc/
    cd /usr/local/
    scp -r keepalived/ server4:/usr/local/       ##将定制好的策略发送到server4中
    yum install mailx -y
    cd /etc/keeplived
    vim keepalived.conf 

    server4:

    cd /usr/local/keeplived
    ls
    [root@server4 keepalived]# ln -s /usr/local/keepalived/sbin/keepalived  /sbin/
    [root@server4 keepalived]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
    [root@server4 keepalived]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
     
    mkdir /etc/keeplived
    cd /etc/keepalived/
    vim keepalived.conf 
     

     scp server1:/etc/yum.repos.d/rhel-source.repo /etc/yum.repos.d/rhel-source.repo 

    yum install ipvsadm -y
     ipvsadm -l

    物理机测试

    for i in range{1..6}; do curl 172.25.8.100;  done
    ;
    将server1中keepalived关闭
    server4会自动获取ip,同时访问正常

    此时再将server1打开,ip又会回到server1中,因为server1的优先级比较高

    server2:

    yum install vsftpd -y
    /etc/init.d/vsftpd start

    server3:

    yum install vsftpd -y
    /etc/init.d/vsftpd start
    cd /var/ftp
    touch file
    server1:
    vim /etc/keepalived/keepalived.conf
    在最下方添加

    ipvsadm -l

    server4:

    vim /etc/keepalived/keepalived.conf
    在最下方添加
    ipvsadm -l

    测试

    物理机
    for i in range{1..6}; do curl 172.25.8.100; done;

     lftp 172.25.8.100

    互备:

    server1:

    vim /etc/keepalived/keepalived.conf

    server4:

    vim /etc/keepalived/keepalived.conf
     
     
    对server2,3需要添加新的策略

    server2:

    [root@server2 ftp]# ip addr add 172.25.8.200/32 dev lo
    [root@server2 ftp]# arptables -A IN -d 172.25.8.200 -j DROP
    [root@server2 ftp]# arptables -A OUT -s 172.25.8.200 -j mangle --mangle-ip-s 172.25.8.2
    [root@server2 ftp]# /etc/init.d/arptables_jf save

    server3:

    [root@server3 ftp]# ip addr add 172.25.8.200/32 dev lo

    [root@server3 ftp]# arptables -A IN -d 172.25.8.200 -j DROP
    [root@server3 ftp]# arptables -A OUT -s 172.25.8.200 -j mangle --mangle-ip-s 172.25.8.3
    [root@server3 ftp]# /etc/init.d/arptables_jf save

    测试

    for i in range{1..6}; do curl 172.25.8.100; done;
     
    此时server1和server2互为主备
    当server1或server4任意一个over时
    另一台会自动获取ip并提供服务
     
     
     
     
     
     
  • 相关阅读:
    python (八)迭代器、生成器、列表推导式
    python (七)装饰器
    HTML基础 (一)
    jQuery(一)
    JavaScript 练习(二)事件
    DOM节点(二)
    git操作顺序
    VUE练习(二)解决Bug
    前端环境VSCode
    JavaScript 基础基础最基础
  • 原文地址:https://www.cnblogs.com/zhengyipengyou/p/9643943.html
Copyright © 2020-2023  润新知