centos7 keepalived lvs 集群案例
环境:
[root@0f34df37cdaf keepalived]# cat /etc/redhat-release
CentOS Linux release 7.8.2003 (Core)
DIP(lvs+keepalived): 172.17.0.5 Vip : 172.17.0.100
SIP1(nginx服务器): 172.17.0.3 lo:1 172.17.0.100
SIP2(nginx服务器): 172.17.0.4 lo:1 172.17.0.100
真实服务器配置-SIP1
禁用环回回参与ARP响应
[root@fcdceef9b08b network-scripts]# echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
[root@fcdceef9b08b network-scripts]# echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
[root@fcdceef9b08b network-scripts]# echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
[root@fcdceef9b08b network-scripts]# echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
设置lo:1 IP
ifconfig lo:0 172.17.0.100 broadcast 172.17.0.100 netmask 255.255.255.255 up
[root@fcdceef9b08b network-scripts]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:2 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 32570 bytes 210608267 (200.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 29939 bytes 1798892 (1.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 172.17.0.100 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
真实服务器配置-SIP2
禁用环回回参与ARP响应
[root@fcdceef9b08b network-scripts]# echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
[root@fcdceef9b08b network-scripts]# echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
[root@fcdceef9b08b network-scripts]# echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
[root@fcdceef9b08b network-scripts]# echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
设置lo:1 IP
ifconfig lo:0 172.17.0.100 broadcast 172.17.0.100 netmask 255.255.255.255 up
[root@fcdceef9b08b network-scripts]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 172.17.0.2 netmask 255.255.0.0 broadcast 0.0.0.0
inet6 fe80::42:acff:fe11:2 prefixlen 64 scopeid 0x20<link>
ether 02:42:ac:11:00:02 txqueuelen 0 (Ethernet)
RX packets 32570 bytes 210608267 (200.8 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 29939 bytes 1798892 (1.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 172.17.0.100 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
LVS+keepalived服务器
安装软件
[root@0f34df37cdaf /]#yum install net-tools
[root@0f34df37cdaf /]# yum install -y kernel kernel-devel
[root@0f34df37cdaf /]# yum install ipvsadm -y
[root@0f34df37cdaf /]# yum insall keepalived* -y
添加模块
[root@0f34df37cdaf /]# modprobe ip_vs_rr
[root@0f34df37cdaf /]# modprobe ip_vs_wrr
查看模块信息
[root@0f34df37cdaf /]# lsmod |grep ip_vs
ip_vs_rr 12600 0
ip_vs_wrr 12697 1
ip_vs 145497 5 ip_vs_rr,ip_vs_wrr
nf_conntrack 139264 8 ip_vs,nf_nat,nf_nat_ipv4,nf_nat_ipv6,xt_conntrack,nf_nat_masquerade_ipv4,nf_conntrack_ipv4,nf_conntrack_ipv6
libcrc32c 12644 4 xfs,ip_vs,nf_nat,nf_conntrack
配置文件
备份配置文件
[root@0f34df37cdaf /]# cd /etc/keepalived/
[root@0f34df37cdaf keepalived]# cp keepalived.conf keepalived.conf.bak
配置keepalived.conf
[root@0f34df37cdaf keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
631646620.com
}
notification_email_from sysokean_yjy@163.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
# VIP1
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 100
advert_int 5
nopreempt
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.17.0.100
}
}
virtual_server 172.17.0.100 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 60
protocol TCP
real_server 172.17.0.2 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 172.17.0.3 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
启动keepalived
[root@0f34df37cdaf keepalived]# systemctl start keepalived
查看VIP是否生成
[root@0f34df37cdaf keepalived]# ip addr|grep 0.100
inet 172.17.0.100/32 scope global eth0
查看ipvsadmin信息是否生成
[root@0f34df37cdaf keepalived]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.17.0.100:80 wrr persistent 60
-> 172.17.0.2:80 Route 100 0 0
-> 172.17.0.3:80 Route 100 0 0
访问测试
找一台机器使用curl vip 来测试访问
[root@9b178f891e44 ansible]#
[root@9b178f891e44 ansible]# ifconfig |grep inet|grep -v inet6
inet 172.17.0.4 netmask 255.255.0.0 broadcast 0.0.0.0
inet 127.0.0.1 netmask 255.0.0.0
[root@9b178f891e44 ansible]#
[root@9b178f891e44 ansible]#
[root@9b178f891e44 ansible]# curl 172.17.0.100
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
测试成功
注:
lvs 与keepalived在一起时,可以不用单独配置lvs, 在keepalived.conf中一起配置,启动keepalived时,会把lvs的配置一起启动
当测试访问不成功,而ipvsadm -Ln有信息时,可以在lvs机器上添加一条路由
route add -host 172.17.0.100 eth0
---------------------------end