1.7.6版本虚拟机封装
- 封装7.6版本的虚拟机:安装:改时区,最小化安装,自动分区。
- 修改:主机名;yum源,network的ip(uid一定要删掉); 安装vim bash-* httpd;解析vim /etc/hosts,双向解析,这样连接的速度会快些;禁止防火墙,selinux是disable;最后poweroff或reboot
hostnamectl set-hostname server11
[root@server1 ~]# cd /etc/yum.repos.d/
vi dvd.repo
[dvd]
name=rhel7.6
baseurl=http://172.25.3.250/rhel7.6
gpgcheck=0
cd /etc/sysconfig/network-scripts/
systemctl disable --now NetworkManager
vi ifcfg-eth0
BOOTPROTO=static
DEVICE=eth0
ONBOOT=yes
IPADDR=172.25.3.11
PREFIX=24
GATEWAY=172.25.3.250
DNS1=114.114.114.114
systemctl restart network
ip addr
yum install vim bash-* httpd
vim /etc/hosts
添加:双向解析
172.25.3.250 zhenji #真机name
172.25.3.11 server11
172.25.3.12 server12
172.25.3.13 server13
172.25.3.14 server14
172.25.3.15 server15
172.25.3.16 server16
172.25.3.17 server17
%真机里,清理一下7.6,再压缩7.6
[root@zhenji ~]# cd /var/lib/libvirt/images/
[root@zhenji images]# ls
linux.qcow2 node2.qcow2 node4-1.qcow2 rhel7.6-linux.qcow2 test1 test3
node1.qcow2 node3.qcow2 node4.qcow2 rhel7.6.qcow2 test2 test4
[root@zhenji images]# virt-sysprep -d rhel7.6-linux#清理
[root@zhenji images]# virt-sparsify --compress rhel7.6-linux.qcow2 demo.qcow2#压缩,将rhel7.6-linux.qcow2压缩为demo.qcow2
[root@zhenji images]# mv demo.qcow2 linux7.6.qcow2
[root@zhenji images]# ls
[root@zhenji images]# rm -fr rhel7.6-linux.qcow2
新建虚拟机,改主机名,ip地址
2.负载均衡
%server11
[root@server11 ~]# yum instal ipvsadm
[root@server11 ~]# ip addr add 172.25.3.100/24 dev eth0
[root@server11 ~]# ipvsadm -A -t 172.25.3.100:80 -s rr
[root@server11 ~]# ipvsadm -a -t 172.25.3.100:80 -r 172.25.3.12:80 -g
[root@server11 ~]# ipvsadm -a -t 172.25.3.100:80 -r 172.25.3.13:80 -g
[root@server11 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.3.100:80 rr
-> 172.25.3.12:80 Route 1 0 0
-> 172.25.3.13:80 Route 1 0 0
%server12和server13里都需要
[root@server12 ~]# echo server12 > /var/www/html/index.html
[root@server12 ~]# systemctl enable --now httpd
[root@server12 ~]# curl localhost
server12
[root@server12 ~]# ip addr add 172.25.3.100/24 dev eth0
[root@server12 ~]# yum install -y arptables_jf
[root@server12 ~]# arptables -A INPUT -d 172.25.3.100 -j DROP
[root@server12 ~]# arptables -A OUTPUT -s 172.25.3.100 -j mangle --mangle-ip-s 172.25.3.12
[root@server13 ~]# echo server13 > /var/www/html/index.html
[root@server13 ~]# systemctl enable --now httpd
[root@server13 ~]# curl localhost
server13
[root@server13 ~]# ip addr add 172.25.3.100/24 dev eth0
[root@server13 ~]# yum install -y arptables_jf
[root@server13 ~]# arptables -A INPUT -d 172.25.3.100 -j DROP
[root@server13 ~]# arptables -A OUTPUT -s 172.25.3.100 -j mangle --mangle-ip-s 172.25.3.13
%真机里,检测负载均衡
[root@zhenji images]# arp -an | grep 100
? (172.25.3.100) at 52:54:00:37:64:a9 [ether] on br0
[root@zhenji images]# arp -d 172.25.3.100
[root@zhenji images]# curl 172.25.3.100
server13
[root@zhenji images]# curl 172.25.3.100
server12
[root@zhenji images]# curl 172.25.3.100
server13
[root@zhenji images]# curl 172.25.3.100
server12
3.写脚本:检测,等待5秒,如果没有,就删掉;如果有就添加
[root@server11 mnt]# vim lvscheck.sh
[root@server11 mnt]# cat lvscheck.sh
#!/bin/bash
VIP=172.25.3.100
PORT=80
RS=(172.25.3.12 172.25.3.13)
LOG=checklvs.log
addrs() {
ipvsadm -a -t $VIP:$PORT -r $1:$PORT -g
echo "add $1 to ipvs" >> $LOG
}
delrs() {
ipvsadm -d -t $VIP:$PORT -r $1
echo "del $1 to ipvs" >> $LOG
}
checkrs() {
for i in ${RS[*]}
do
num=`curl -I -s -o /dev/null -w %{http_code} http://$i` #返回直是200说明该命令执行正确。
if [ $num -eq 200 -a $(ipvsadm -ln|grep $i|wc -l) -eq 0 ];then #返回值是200且ipvsadm -ln里没有该ip;$i相当于上面的$1
addrs $i
elif [ $num -ne 200 -a $(ipvsadm -ln|grep $i|wc -l) -ne 0 ];then#返回值不是200且ipvsadm -ln里有该ip
delrs $i
fi
done
}
while true
do
checkrs
sleep 5#等待5s
done
[root@server11 mnt]# chmod + lvscheck.sh
[root@server11 mnt]# sh lvscheck.sh &
[1] 23006
[root@server11 mnt]# watch -n 3 ipvsadm -ln
#在server12中分别stop查看server11中的ipvsadm会删除server12;start查看server11中的ipvsadm会添加server12
[root@server12 ~]# systemctl stop httpd
[root@server12 ~]# systemctl start httpd
4.keepalived:LVS管理软件
#新建虚拟机node4,该主机名该ip
[root@server11 mnt]# yum install keepalived -y
[root@server11 ~]# ipvsadm -C #清除ipvsadm
[root@server11 ~]# cd /etc/keepalived/
[root@server11 keepalived]# ls
keepalived.conf
[root@server11 keepalived]# vim keepalived.conf
[root@server11 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@1ocalhost
}
notification_email_from keepalived@1ocalhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 54
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.3.100
}
}
virtual_server 172.25.3.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 172.25.3.12 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.3.13 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@server11 keepalived]# scp keepalived.conf server14:/etc/keepalived/
[root@server14 ~]# yum install ipvsadm -y
[root@server14 ~]# yum install keepalived -y
[root@server14 ~]# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP #改为BACKUP
interface eth0
virtual_router_id 54 #改成自己的
priority 50 #权限改为50,比master小
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
[root@server11 keepalived]# ip addr del 172.25.3.100/24 dev eth0
[root@server11 keepalived]# systemctl start keepalived.service
[root@server14 keepalived]# systemctl start keepalived.service
[root@server11 keepalived]# ipvsadm -ln #开启keepalived后会自动添加
[root@server11 keepalived]# systemctl stop keepalived.service
%停掉server11后,看日志会发现server14会变成Transition to MASTER STATE
[root@zhenji images]# arp -an | grep 100 #真机的100也会i发生相应变化
? (172.25.3.100) at 52:54:00:fd:3f:ac [ether] on br0
[root@server11 keepalived]# systemctl start keepalived.service
%开server11后,会发现server14会变成Entering BACKUP STATE
4层的负载均衡已经解决,下面解决7层的
[root@server11 keepalived]# yum install haproxy
[root@server11 keepalived]# vim /etc/haproxy/haproxy.cfg
添加更改
stats uri /status
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:80
# acl url_static path_beg -i /static /images /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
# use_backend static if url_static
default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 172.25.3.12:80 check
server app2 172.25.3.13:80 check
[root@server11 keepalived]# systemctl stop keepalived.service
[root@server11 keepalived]# systemctl stop httpd
[root@server11 keepalived]# systemctl start haproxy
[root@server12 ~]# arptables -F
[root@server12 ~]# ip addr del 172.25.3.100/24 dev eth0
[root@server11 keepalived]# yum install net-tools
[root@server11 keepalived]# netstat -antlp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 26071/haproxy
%在真机中查看负载均衡
[root@zhenji images]# for i in {1..10};do curl 172.25.3.11;done
