lvs+keepalived集群实验记录

一：lvs nat模式

r1  192.168.100.10     gateway   192.168.100.1
r2   192.168.100.11     gateway   192.168.100.1
dr    eth1:192.168.10.236(外网)   eth0:192.168.100.1(内网网关)

lvs_nat.sh脚本如下所示

#! /bin/bash
# director 服务器上开启路由转发功能: 
echo 1 > /proc/sys/net/ipv4/ip_forward
# 关闭icmp的重定向
echo 0 > /proc/sys/net/ipv4/conf/all/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/default/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth0/send_redirects
echo 0 > /proc/sys/net/ipv4/conf/eth1/send_redirects

iptables -F
iptables -t nat -F
iptables -t nat -X
#iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j MASQUERADE
#这条命令并没有关联
ipvsadm -C
#ipvsadm -A -t 192.168.75.131:80 -s rr -p 300   #-p 300   长链接300秒(会导致5分钟不更换服务器)
ipvsadm -A -t 192.168.10.236:80 -s wrr
#wrr表示权重轮询，根据权重来轮询
ipvsadm -a -t 192.168.75.131:80 -r 192.168.100.10:80 -m -w 1
ipvsadm -a -t 192.168.75.131:80 -r 192.168.100.11:80 -m -w 2

二:lvs-dr（这里设置vip为192.168.10.220）

r1 192.168.10.234
r2  192.168.10.235
dr   192.168.10.236

在dr机器上执行以下脚本lvsdr.sh

#!/bin/bash
# director服务器上开启路由转发功能
# echo 1 > /proc/sys/net/ipv4/ip_forward
# 测试发现因为调度器跟real_server在同一网段，如果需要转发给外网或别的网段就打开
ipv=/sbin/ipvsadm
vip=192.168.10.220
rs1=192.168.10.234
rs2=192.168.10.235
ifconfig eth0:0 $vip broadcast $vip netmask 255.255.255.255 up
# 注意子网掩码是255.255.255.255，代表vip所在网段没有别的主机了
route add -host $vip dev eth0:0
# 增加一条路由
$ipv -C
$ipv -A -t $vip:80 -s rr
$ipv -a -t $vip:80 -r $rs1:80 -g -w 1
$ipv -a -t $vip:80 -r $rs2:80 -g -w 1
# -g代表dr模式

在r1和r2执行以下脚本lvs_dr_rs.sh

#!/bin/bash
vip=192.168.1.160
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce

三：lvs+keepalived

#lvs_dr的基础上，增加一台dr2 192.168.10.237      两台机器都执行以下操作
yum install ipvsadm
yum install keepalived

执行如下脚本lvs_dr.sh

#!/bin/bash
# director服务器上开启路由转发功能
# echo 1 > /proc/sys/net/ipv4/ip_forward
# 测试发现因为调度器跟real_server在同一网段，如果需要转发给外网或别的网段就打开
ipv=/sbin/ipvsadm
vip=192.168.10.220
rs1=192.168.10.234
rs2=192.168.10.235
ifconfig eth0:0 $vip broadcast $vip netmask 255.255.255.255 up
# 注意子网掩码是255.255.255.255，代表vip所在网段没有别的主机了
route add -host $vip dev eth0:0
# 增加一条路由
$ipv -C
$ipv -A -t $vip:80 -s rr
$ipv -a -t $vip:80 -r $rs1:80 -g -w 1
$ipv -a -t $vip:80 -r $rs2:80 -g -w 1
# -g代表dr模式

然后编辑/etc/keepalived/keepalived.conf

global_defs {
   notification_email {
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 0
   router_id lvs-1
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 10
    priority 100
    advert_int 2
    authentication {
        auth_type PASS
        auth_pass aixocm
    }
    virtual_ipaddress {
        192.168.10.220/24 dev eth0
    }
}

virtual_server 192.168.10.220 80 {
    delay_loop 3
    lb_algo rr
    lb_kind DR
    nat_mask 255.255.255.0
    persistence_timeout 0
    protocol TCP

    real_server 192.168.10.234 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }

    real_server 192.168.10.235 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }

}

在dr2上只要修改

state MASTER         >>      tate BACKUP
priority 100         >>       priority 90

然后/etc/init.d/keepalived start