一.DR模式 LVS负载均衡群集部署
工具选项 |
作用 |
-A |
添加虚拟服务器 |
-D |
删除整个虚拟服务器 |
-s |
指定负载调度算法(轮询:rr、加权轮询:wrr、最少连接:lc、加权最少连接:wlc) |
-a |
表示添加真实服务器(节点服务器) |
-d |
删除某一个节点 |
-t |
指定 VIP地址及 TCP端口 |
-r |
指定 RIP地址及 TCP端口 |
-m |
表示使用 NAT群集模式 |
-g |
表示使用 DR模式 |
-i |
表示使用 TUN模式 |
-w |
设置权重(权重为 0 时表示暂停节点) |
-p 60 |
表示保持长连接60秒(默认关闭连接保持) |
-l |
列表查看 LVS 虚拟服务器(默认为查看所有) |
-n |
以数字形式显示地址、端口等信息,常与“-l”选项组合使用。ipvsadm -ln |
DR 服务器: 192.168.247.131
Web 服务器1:192.168.247.135
Web 服务器2:192.168.247.136
vip: 192.168.247.188
客户端: 192.168.247.134
1.配置负载调度器(192.168.247.131)
systemctl stop firewalld.service
setenforce 0
modprobe ip_vs
cat /proc/net/ip_vs
yum -y install ipvsadm
(1)配置虚拟 IP 地址(VIP:192.168.247.188)
cd /etc/sysconfig/network-scripts/
cp ifcfg-ens32 ifcfg-ens32:0
vim ifcfg-ens32:0
DEVICE=ens32:0
ONBOOT=yes
IPADDR=192.168.247.188
NETMASK=255.255.255.255
ifup ens32:0
ifconfig ens32:0
(2)调整 proc 响应参数
vim /etc/sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens32.send_redirects = 0
sysctl -p
(3)配置负载分配策略
ipvsadm-save > /etc/sysconfig/ipvsadm
systemctl start ipvsadm
ipvsadm -C
ipvsadm -A -t 192.168.247.188:80 -s rr
ipvsadm -a -t 192.168.247.188:80 -r 192.168.247.135:80 -g
ipvsadm -a -t 192.168.247.188:80 -r 192.168.247.136:80 -g
ipvsadm
ipvsadm -ln
-
示例:DR 服务器(192.168.247.131)
[root@lion conf.d]# systemctl stop firewalld.service
[root@lion conf.d]# setenforce 0
[root@lion conf.d]# modprobe ip_vs
[root@lion conf.d]# cat /proc/net/ip_vs
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[root@lion conf.d]# yum -y install ipvsadm
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
local | 3.6 kB 00:00:00
nginx-stable | 2.9 kB 00:00:00
正在解决依赖关系
--> 正在检查事务
---> 软件包 ipvsadm.x86_64.0.1.27-7.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
===================================================================================
Package 架构 版本 源 大小
===================================================================================
正在安装:
ipvsadm x86_64 1.27-7.el7 local 45 k
事务概要
===================================================================================
安装 1 软件包
总下载量:45 k
安装大小:75 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : ipvsadm-1.27-7.el7.x86_64 1/1
验证中 : ipvsadm-1.27-7.el7.x86_64 1/1
已安装:
ipvsadm.x86_64 0:1.27-7.el7
完毕!
[root@lion conf.d]# cd /etc/sysconfig/network-scripts/
[root@lion network-scripts]# cp ifcfg-ens32 ifcfg-ens32:0
[root@lion network-scripts]# vim ifcfg-ens32:0
DEVICE=ens32:0
ONBOOT=yes
IPADDR=192.168.247.188
NETMASK=255.255.255.255
[root@lion network-scripts]# ifup ens32:0
[root@lion network-scripts]# ifconfig ens32:0
ens32:0: flags=4163 mtu 1500
inet 192.168.247.188 netmask 255.255.255.255 broadcast 192.168.247.188
ether 00:0c:29:d8:04:9b txqueuelen 1000 (Ethernet)
[root@lion network-scripts]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens32.send_redirects = 0
[root@lion network-scripts]# sysctl -p
net.ipv4.ip_forward = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens32.send_redirects = 0
[root@lion network-scripts]# ipvsadm-save > /etc/sysconfig/ipvsadm
[root@lion network-scripts]# systemctl start ipvsadm
[root@lion network-scripts]# ipvsadm -C
[root@lion network-scripts]# ipvsadm -A -t 192.168.247.188:80 -s rr
[root@lion network-scripts]# ipvsadm -a -t 192.168.247.188:80 -r 192.168.247.135:80 -g
[root@lion network-scripts]# ipvsadm -a -t 192.168.247.188:80 -r 192.168.247.136:80 -g
[root@lion network-scripts]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP lion:http rr
-> 192.168.247.135:http Route 1 0 0
-> 192.168.247.136:http Route 1 0 0
[root@lion network-scripts]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.247.188:80 rr
-> 192.168.247.135:80 Route 1 3 0
-> 192.168.247.136:80 Route 1 0 0
[root@lion network-scripts]# systemctl stop firewalld
[root@lion network-scripts]# setenforce 0
-> 192.168.247.135:http Route 1 3 0
-> 192.168.247.136:http Route 1 0 0
2.部署共享存储(NFS服务器:192.168.247.134)
systemctl stop firewalld.service
setenforce 0
yum -y install nfs-utils rpcbind
mkdir /opt/kgc /opt/benet
chmod 777 /opt/kgc /opt/benet
vim /etc/exports
/opt/kgc 192.168.247.0/24(r0)
/opt/benet 192.168.247.0/24(r0)
systemctl start rpcbind.service
systemctl start nfs.service
-
示例:NFS服务器(192.168.247.134 )
[root@localhost test]# systemctl stop firewalld.service
[root@localhost test]# setenforce 0
[root@localhost test]# cd
[root@localhost ~]# yum -y install nfs-utils rpcbind
[root@localhost ~]# mkdir /opt/kgc /opt/benet
[root@localhost ~]# chmod 777 /opt/kgc /opt/benet
[root@localhost ~]# vim /etc/exports
[root@localhost ~]# systemctl start rpcbind.service
[root@localhost ~]# systemctl start nfs.service
[root@localhost html]# cd /var/www/html/
[root@localhost html]#mount.nfs 192.168.247.134:/opt/kgc /var/www/html
[root@localhost html]#echo 'this is kgc web!' > /var/www/html/index.html
[root@localhost html]# mount 192.168.247.134:/opt/benet /var/www/html/
[root@localhost html]# echo 'this is benet web!' > /var/www/html/index.html
[root@localhost ~]# systemctl restart rpcbind
[root@localhost ~]# systemctl restart nfs
[root@localhost ~]# showmount -e 192.168.247.134
Export list for 192.168.247.134:
/opt/benet 192.168.247.0/24
/opt/kgc 192.168.247.0/24
3.配置节点服务器(192.168.247.100、192.168.247.101)
systemctl stop firewalld.service
setenforce 0
(1)配置虚拟 IP 地址(VIP:192.168.247.188)
cd /etc/sysconfig/network-scripts/
cp ifcfg-lo ifcfg-lo:0
vim ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
IPADDR=192.168.247.188
NETMASK=255.255.255.255 #注意:子网掩码必须全为 1
ifup lo:0
ifconfig lo:0
route add -host 192.168.247.188 dev lo:0
vim /etc/rc.local
/sbin/route add -host 192.168.247.188 dev lo:0
chmod +x /etc/rc.d/rc.local
(2)调整内核的 ARP 响应参数以阻止更新 VIP 的 MAC 地址,避免发生冲突
vim /etc/sysctl.conf
......
net.ipv4.conf.lo.arp_ignore = 1 #系统只响应目的IP为本地IP的ARP请求
net.ipv4.conf.lo.arp_announce = 2 #系统不使用IP包的源地址来设置ARP请求的源地址,而选择发送接口的IP地址
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
sysctl -p
yum -y install nfs-utils rpcbind httpd
systemctl start rpcbind
systemctl start httpd
mount.nfs 192.168.247.134:/opt/kgc /var/www/html #192.168.247.100
echo 'this is kgc web!' > /var/www/html/index.html
mount.nfs 192.168.247.134:/opt/benet /var/www/html #192.168.247.101
echo 'this is benet web!' > /var/www/html/index.html
-
示例:节点服务器1(192.168.247.135---->192.168.247.100)
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
IPADDR=192.168.247.188
NETMASK=255.255.255.255
[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# ifconfig lo:0
lo:0: flags=73 mtu 65536
inet 192.168.247.188 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
[root@localhost network-scripts]# route add -host 192.168.247.188 dev lo:0
[root@localhost network-scripts]# vim /etc/rc.local
/sbin/route add -host 192.168.247.188 dev lo:0 #将最后一行删除并添加
[root@localhost network-scripts]# chmod +x /etc/rc.d/rc.local
[root@localhost network-scripts]# vim /etc/sysctl.conf
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@localhost network-scripts]# yum -y install nfs-utils rpcbind httpd
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.ustc.edu.cn
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/4): base/7/x86_64/group_gz | 153 kB 00:00:00
(2/4): extras/7/x86_64/primary_db | 249 kB 00:00:00
(3/4): base/7/x86_64/primary_db | 6.1 MB 00:00:03
(4/4): updates/7/x86_64/primary_db | 21 MB 00:00:13
软件包 rpcbind-0.2.0-49.el7.x86_64 已安装并且是最新版本
正在解决依赖关系
--> 正在检查事务
---> 软件包 httpd.x86_64.0.2.4.6-99.el7.centos.1 将被 安装
--> 正在处理依赖关系 httpd-tools = 2.4.6-99.el7.centos.1,它被软件包 httpd-2.4.6-99.el7.centos.1.x86_64 需要
--> 正在处理依赖关系 /etc/mime.types,它被软件包 httpd-2.4.6-99.el7.centos.1.x86_64 需要
---> 软件包 nfs-utils.x86_64.1.1.3.0-0.68.el7 将被 升级
---> 软件包 nfs-utils.x86_64.1.1.3.0-0.68.el7.2 将被 更新
--> 正在检查事务
---> 软件包 httpd-tools.x86_64.0.2.4.6-99.el7.centos.1 将被 安装
---> 软件包 mailcap.noarch.0.2.1.41-2.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
=======================================================================================================
Package 架构 版本 源 大小
=======================================================================================================
正在安装:
httpd x86_64 2.4.6-99.el7.centos.1 updates 2.7 M
正在更新:
nfs-utils x86_64 1:1.3.0-0.68.el7.2 updates 413 k
为依赖而安装:
httpd-tools x86_64 2.4.6-99.el7.centos.1 updates 94 k
mailcap noarch 2.1.41-2.el7 base 31 k
事务概要
=======================================================================================================
安装 1 软件包 (+2 依赖软件包)
升级 1 软件包
总下载量:3.2 M
Downloading packages:
No Presto metadata available for updates
警告:/var/cache/yum/x86_64/7/updates/packages/httpd-tools-2.4.6-99.el7.centos.1.x86_64.rpm: 头V3 RSA/SHA256 Signature, 密钥 ID f4a80eb5: NOKEY
httpd-tools-2.4.6-99.el7.centos.1.x86_64.rpm 的公钥尚未安装
(1/4): httpd-tools-2.4.6-99.el7.centos.1.x86_64.rpm | 94 kB 00:00:00
(2/4): nfs-utils-1.3.0-0.68.el7.2.x86_64.rpm | 413 kB 00:00:00
mailcap-2.1.41-2.el7.noarch.rpm 的公钥尚未安装
(3/4): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00
(4/4): httpd-2.4.6-99.el7.centos.1.x86_64.rpm | 2.7 MB 00:00:01
-------------------------------------------------------------------------------------------------------
总计 3.0 MB/s | 3.2 MB 00:00:01
从 file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7 检索密钥
导入 GPG key 0xF4A80EB5:
用户ID : "CentOS-7 Key (CentOS 7 Official Signing Key) "
指纹 : 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
软件包 : centos-release-7-9.2009.0.el7.centos.x86_64 (@anaconda)
来自 : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
警告:RPM 数据库已被非 yum 程序修改。
正在安装 : httpd-tools-2.4.6-99.el7.centos.1.x86_64 1/5
正在安装 : mailcap-2.1.41-2.el7.noarch 2/5
正在安装 : httpd-2.4.6-99.el7.centos.1.x86_64 3/5
正在更新 : 1:nfs-utils-1.3.0-0.68.el7.2.x86_64 4/5
清理 : 1:nfs-utils-1.3.0-0.68.el7.x86_64 5/5
验证中 : mailcap-2.1.41-2.el7.noarch 1/5
验证中 : 1:nfs-utils-1.3.0-0.68.el7.2.x86_64 2/5
验证中 : httpd-tools-2.4.6-99.el7.centos.1.x86_64 3/5
验证中 : httpd-2.4.6-99.el7.centos.1.x86_64 4/5
验证中 : 1:nfs-utils-1.3.0-0.68.el7.x86_64 5/5
已安装:
httpd.x86_64 0:2.4.6-99.el7.centos.1
作为依赖被安装:
httpd-tools.x86_64 0:2.4.6-99.el7.centos.1 mailcap.noarch 0:2.1.41-2.el7
更新完毕:
nfs-utils.x86_64 1:1.3.0-0.68.el7.2
完毕!
[root@localhost network-scripts]# systemctl start rpcbind
[root@localhost network-scripts]# systemctl start httpd
[root@localhost html]# systemctl stop firewalld
[root@localhost html]# setenforce 0
[root@localhost html]# vim /etc/httpd/conf/httpd.conf
KeepAlive off #添加至末尾
[root@localhost html]# systemctl restart httpd
节点服务器2(192.168.247.136---->192.168.247.101)
[root@localhost conf.d]# systemctl stop firewalld.service
[root@localhost conf.d]# setenforce 0
[root@localhost conf.d]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
IPADDR=192.168.247.188
NETMASK=255.255.255.255
[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# ifconfig lo:0
lo:0: flags=73 mtu 65536
inet 192.168.247.188 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
[root@localhost network-scripts]# route add -host 192.168.247.188 dev lo:0
[root@localhost network-scripts]# vim /etc/rc.local
/sbin/route add -host 192.168.247.188 dev lo:0
[root@localhost network-scripts]# chmod +x /etc/rc.d/rc.local
[root@localhost network-scripts]# vim /etc/sysctl.conf
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@localhost network-scripts]# yum -y install nfs-utils rpcbind httpd
已加载插件:fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: ftp.sjtu.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: ftp.sjtu.edu.cn
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
nginx-stable | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
正在解决依赖关系
--> 正在检查事务
---> 软件包 httpd.x86_64.0.2.4.6-99.el7.centos.1 将被 安装
--> 正在处理依赖关系 httpd-tools = 2.4.6-99.el7.centos.1,它被软件包 httpd-2.4.6-99.el7.centos.1.x86_64 需要
--> 正在处理依赖关系 /etc/mime.types,它被软件包 httpd-2.4.6-99.el7.centos.1.x86_64 需要
---> 软件包 nfs-utils.x86_64.1.1.3.0-0.61.el7 将被 升级
---> 软件包 nfs-utils.x86_64.1.1.3.0-0.68.el7.2 将被 更新
---> 软件包 rpcbind.x86_64.0.0.2.0-47.el7 将被 升级
---> 软件包 rpcbind.x86_64.0.0.2.0-49.el7 将被 更新
--> 正在检查事务
---> 软件包 httpd-tools.x86_64.0.2.4.6-99.el7.centos.1 将被 安装
---> 软件包 mailcap.noarch.0.2.1.41-2.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
=======================================================================================================
Package 架构 版本 源 大小
=======================================================================================================
正在安装:
httpd x86_64 2.4.6-99.el7.centos.1 updates 2.7 M
正在更新:
nfs-utils x86_64 1:1.3.0-0.68.el7.2 updates 413 k
rpcbind x86_64 0.2.0-49.el7 base 60 k
为依赖而安装:
httpd-tools x86_64 2.4.6-99.el7.centos.1 updates 94 k
mailcap noarch 2.1.41-2.el7 base 31 k
事务概要
=======================================================================================================
安装 1 软件包 (+2 依赖软件包)
升级 2 软件包
总计:3.3 M
总下载量:2.8 M
Downloading packages:
(1/3): mailcap-2.1.41-2.el7.noarch.rpm | 31 kB 00:00:00
(2/3): httpd-tools-2.4.6-99.el7.centos.1.x86_64.rpm | 94 kB 00:00:00
(3/3): httpd-2.4.6-99.el7.centos.1.x86_64.rpm | 2.7 MB 00:00:00
-------------------------------------------------------------------------------------------------------
总计 3.9 MB/s | 2.8 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
警告:RPM 数据库已被非 yum 程序修改。
正在更新 : rpcbind-0.2.0-49.el7.x86_64 1/7
正在安装 : mailcap-2.1.41-2.el7.noarch 2/7
正在安装 : httpd-tools-2.4.6-99.el7.centos.1.x86_64 3/7
正在安装 : httpd-2.4.6-99.el7.centos.1.x86_64 4/7
正在更新 : 1:nfs-utils-1.3.0-0.68.el7.2.x86_64 5/7
清理 : 1:nfs-utils-1.3.0-0.61.el7.x86_64 6/7
清理 : rpcbind-0.2.0-47.el7.x86_64 7/7
验证中 : httpd-tools-2.4.6-99.el7.centos.1.x86_64 1/7
验证中 : mailcap-2.1.41-2.el7.noarch 2/7
验证中 : httpd-2.4.6-99.el7.centos.1.x86_64 3/7
验证中 : 1:nfs-utils-1.3.0-0.68.el7.2.x86_64 4/7
验证中 : rpcbind-0.2.0-49.el7.x86_64 5/7
验证中 : 1:nfs-utils-1.3.0-0.61.el7.x86_64 6/7
验证中 : rpcbind-0.2.0-47.el7.x86_64 7/7
已安装:
httpd.x86_64 0:2.4.6-99.el7.centos.1
作为依赖被安装:
httpd-tools.x86_64 0:2.4.6-99.el7.centos.1 mailcap.noarch 0:2.1.41-2.el7
更新完毕:
nfs-utils.x86_64 1:1.3.0-0.68.el7.2 rpcbind.x86_64 0:0.2.0-49.el7
完毕!
[root@localhost network-scripts]# systemctl start rpcbind
[root@localhost network-scripts]# systemctl start httpd
[root@localhost html]# systemctl stop firewalld
[root@localhost html]# setenforce 0
[root@localhost html]# vim /etc/httpd/conf/httpd.conf
KeepAlive off #添加至末尾
[root@localhost html]# systemctl restart httpd
4.测试 LVS 群集
- 在客户端使用浏览器访问 http://192.168.247.188/