DNS+keepalived
Lvs 安装
在redhat7.3中 yum install ipvsadm -y 启动 起不来的原因是
因为 /etc/sysconfig/ipvsadm 没有这个文件
这时候我们要执行:ipvsadm --save > /etc/sysconfig/ipvsadm然后启动
负载均衡实现
172.25.254.11 server1 安装 ipvsadm 实现12、13 的http轮询
172.25.254.12 server2 安装 arptables
172.25.254.13 server3 安装 arptables
在server1中
安装arptables 及httpd 服务
启动httpd 服务设置开机自自动
创建/var/www/html/index.html
[root@server1 ~]# cat /var/www/html/index.html
server1
在server 2 中安装 arptables 及httpd 服务
启动httpd 服务设置开机自自动
创建/var/www/html/index.html
[root@server2 ~]# cat /var/www/html/index.html
Server2
在server 3 中安装 arptables 及httpd 服务
启动httpd 服务设置开机自自动
创建/var/www/html/index.html
[root@server3 ~]# cat /var/www/html/index.html
Server3
配置好之后开始配置
在server1中 配置
ipvsadm -A -t 172.25.254.100:80 -s rr
ipvsadm -a -t 172.25.254.100:80 -r 172.25.254.12 -g
ipvsadm -a -t 172.25.254.100:80 -r 172.25.254.13 -g
在server2 中配置
ip addr add 172.25.254.100/24 dev ens3
arptables -A INPUT -i 172.25.254.100 -j DROP
arptables -A OUTPUT -s 172.25.254.100 -j mangle --mangle-ip-s 172.25.254.12
在server3中配置
ip addr add 172.25.254.100/24 dev ens3
arptables -A INPUT -i 172.25.254.100 -j DROP
arptables -A OUTPUT -s 172.25.254.100 -j mangle --mangle-ip-s 172.25.254.13
在物理机器中或者其他虚拟机中测试
[root@server4 ~]# curl 172.25.254.100
server2
[root@server4 ~]# curl 172.25.254.100
server3
[root@server4 ~]# curl 172.25.254.100
server2
可以看到rr轮询
Keepalived 安装
在server1安装keepalived 为master
在server4中安装keepalived 为 slave
启动keepalived 设置开机自启动
在server1中配置keepalived 主配置文件
[root@server1 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_internal 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens3
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100
}
}
virtual_server 172.25.254.11 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 172.25.254.12 80 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.254.13 80 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.254.14 80 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
重启动keepalived
systemctl restart keepalived
在server4中配置keepalived
[root@server4 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_internal 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP 修改为BACKUP
interface ens3
virtual_router_id 51
priority 50 比主小就行
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100
}
}
virtual_server 172.25.254.11 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 172.25.254.12 80 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.254.13 80 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.254.14 80 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
重启动keepalived
测试 down 掉 server 网卡
systemctl restart keepalived
systemctl stop network
查看server4 网卡配置
明显可以看到VIP 跑到server 4中
在server1中启动网卡查看IP
Systemctl start network
明显看到VIP 又回来了.
在测试dns 53 端口
这里就使用server1和server3
在server1 中配置,安装 dns服务
Yum install bind -y
启动named 服务 并设置开机自启动
更改keepalived配置文件
[root@server1 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_internal 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens3
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100
}
}
virtual_server 172.25.254.100 53 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 172.25.254.100 53 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.254.11 53 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.254.13 53 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
在server3 中配置
安装 dns服务
Yum install bind -y
启动named 服务 并设置开机自启动
[root@server3 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_internal 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens3
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100
}
}
virtual_server 172.25.254.100 53 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 172.25.254.11 53 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.254.13 53 {
weight 1
TCP_CHECK{
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
重启动服务
在server1中down 掉network
在server3中查看
在启动server1 network
在masert端dns 中配置
Vi /etc/named.conf
options {
listen-on port 53 { any; };
listen-on-v6 port 53 { any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
Vi /etc/named.rfc1912.zones 添加
zone "westos.com" IN {
type master;
file "westos.com.zone";
allow-update { none; };
also-notify { 172.25.254.14; }; 指向slave
};
cp /var/named/named.localhost /var/named/westos.com.zone -p
编辑配置文件 westos.com.zone
vi westos.com.zone
$TTL 1D
@ IN SOA dns.westos.com root.westos. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
NS dns.westos.com.
dns A 172.25.254.100 vip地址
www CNAME bbs.westos.com.
bbs A 172.25.254.12
bbs A 172.25.254.14
重启动named 服务,添加IP
ip addr add 172.25.254.100/24 dev ens3
在 添加解析
[root@server2 named]# cat /etc/resolv.conf
# Generated by NetworkManager
search ilt.example.com
nameserver 172.25.254.100
使用物理机测试,在物理机添加解析
[root@foundation15 ~]# cat /etc/resolv.conf
# Generated by NetworkManager
search ilt.example.com
nameserver 172.25.254.100
Dig 测试
[root@foundation15 ~]# dig www.westos.com
在slave 端 配置
Vi /etc/named.conf
options {
# listen-on port 53 { 127.0.0.1; };
# listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query { any; };
Vi /etc/named.rfc1912.zones
zone "westos.com" IN {
type slave;
masters { 172.25.254.100; };
file "slaves/westos.com.zone";
allow-update { none; };
};
重启dns服务配置完成
这里发现keepalived服务会经常性出现脑裂情况,检测发现开启防火墙原因导致,如需开启防火墙可按照以下方式修改防火墙配置,这里是redhat7修改防火墙配置.
keepalived 开启防火墙出现脑裂现象
开启组播地址
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface ens192 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
重载配置
firewall-cmd --reload
再次检查脑裂消失