3 月242020

[原创]用LVS+keepalived做HALB

内容纲要

实验环境

以下所有系统都使用Centos7.7版本

192.168.50.142   web1
192.168.50.146   web1的广播地址
192.168.50.143   web2
192.168.50.147   web2的广播地址
192.168.50.140   lvs+keepalived1
192.168.50.141   lvs+keepalived2
192.168.50.145   vip

所有主机关闭selinux 关闭firwalld 设置好yum源  安装net-tools 设置好主机名

1.首先在web1和web2上安装web服务,这里已apache为例。

web1和web2安装apche的方式都一样,只有首页显示的文字不同(用来测试是否为负载均衡,实际生产环境中的网页是一样的)

[web1]
yum install httpd -y
echo "http1" > /var/www/html/index.html
systemctl start httpd;systemctl enable httpd

[web2]
yum install httpd -y
echo "http2" > /var/www/html/index.html
systemctl start httpd;systemctl enable httpd

2.设置web1和web2伪装vip地址

[web1]
cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0

vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.50.145
NETMASK=255.255.255.255
NETWORK=192.168.50.142
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=192.168.50.146
ONBOOT=yes
NAME=lo:0

[web2]
cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0

vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.50.145
NETMASK=255.255.255.255
NETWORK=192.168.50.143
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=192.168.50.147
ONBOOT=yes
NAME=lo:0

3.修改web1和web2的arp设置,目的是为了不把自己的VIP告诉客户端,请求别人是也不告诉自己带有VIP地址。 web1和web2设置一样,都需要设置。最后用ifconfig查看

vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2

sysctl -p
systemctl restart network
ifconfig

4.在lvs+keepalived1和lvs+keepalived2中安装lvs和keepalived

yum install ipvsadm keepalived -y
systemctl start keepalived;systemctl enable keepalived

5.用 lvs+keepalived1当主节点, lvs+keepalived2当备用的lvs节点。 编辑keepaalived配置文件(我把我的配置文件贴出来)

[lvs+keepalived1]
vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
   }
   #notification_email_from 1355357587@Lionel.com
   #smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_1
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        192.168.50.145
    }
}

virtual_server 192.168.50.145 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
   # persistence_timeout 0
    protocol TCP

    real_server 192.168.50.142 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 0
        }
    }
    real_server 192.168.50.143 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 0
        }
    }
}

virtual_server 10.10.10.2 1358 {
    delay_loop 6
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server 192.168.200.200 1358

    real_server 192.168.200.2 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.3 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.3 1358 {
    delay_loop 3
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.200.4 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.5 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}



[lvs+keepalived2]
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
   }
   #notification_email_from 1355357587@Lionel.com
   #smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_2
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        192.168.50.145
    }
}

virtual_server 192.168.50.145 80 {
    delay_loop 1
    lb_algo rr
    lb_kind DR
    persistence_timeout 0
    protocol TCP

    real_server 192.168.50.142 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 0
        }
    }
    real_server 192.168.50.143 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 0 
        }
    }
}

virtual_server 10.10.10.2 1358 {
    delay_loop 6
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server 192.168.200.200 1358

    real_server 192.168.200.2 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.3 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.3 1358 {
    delay_loop 3
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.200.4 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.5 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

6.重启keepalived并查看lvs状态

ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.50.145:80 rr
  -> 192.168.50.142:80            Route   1      0          0         
  -> 192.168.50.143:80            Route   1      0          0         
TCP  10.10.10.2:1358 rr persistent 50
  -> 192.168.200.200:1358         Masq    1      0          0         
TCP  10.10.10.3:1358 rr persistent 50

7.测试访问vip

[root@localhost ~]# curl 192.168.50.145
httpd2
[root@localhost ~]# curl 192.168.50.145
httpd1
[root@localhost ~]# curl 192.168.50.145
httpd2
[root@localhost ~]# curl 192.168.50.145
httpd1
[root@localhost ~]# curl 192.168.50.145
httpd2
[root@localhost ~]# curl 192.168.50.145
httpd1
[root@localhost ~]# curl 192.168.50.145
httpd2
打赏微海报分享
spacer

Leave a reply

评论审核已启用。您的评论可能需要一段时间后才能被显示。

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据