DR(直接访问)模型----lvs(vm1是调度器)
###进入yum源(vm1里面坐)
vim /etc/yum.repos.d/rhel-source.repo
##在源代码下加
[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.17.250/rhel6.5/LoadBalancer
gpgcheck=0
yum clean all
yum repolist
yum install -y ipvsadm
ip addr add 172.25.17.100/24 dev eth0
ip addr(发现增加了虚拟ip)
ipvsadm -A -t 172.25.17.100:80 -s rr
ipvsadm -a -t 172.25.17.100:80 -r 172.25.17.12:80 -g
ipvsadm -a -t 172.25.17.100:80 -r 172.25.17.13:80 -g
ipvsadm -ln
ipvsadm -lnc(可以看见轮询)
##vm2 vm3 做的步骤
/etc/init.d/httpd start(此时在真机curl 172.25.17.100 不通 因为2,3没加ip)
ipvsadm -lnc(可以看见轮询)##在vm1里面坐
###vm2 vm3 做的步骤
ip addr add 172.25.17.100/32 dev eth0
arp -an| grep 100##在真迹里面坐(有指定的地址,不轮询)
arp -d 172.25.17.100 ##在物理机删除
###vm2 vm3 做的步骤
yum install -y arptables_jf
arptables -L
arptables -A IN -d 172.25.17.100 -j DROP
arptables -A OUT -s 172.25.17.100 -j mangle --mangle-ip-s 172.25.17.12/13
/etc/init.d/arptables_jf save
#验证:curl 172.25.254.100 ##看是否轮询 在物理机中做
##lvs的健康检查
cd /etc/yum.repos.d
ls
vi rhel-source.repo
[HighAvailability]
name=HighAvailability ##在原有的基础上加
baseurl=http://172.25.17.250/rhel6.5/HighAvailability
gpgcheck=0
yum repolist
cd /pub (到你有包的文件下)###此时需要真实主机传到虚拟机中
ls
yum install ldirectord-3.9.5-3.1.x86_64.rpm
ipvsadm -l
ipvsadm -ln
rpm -ql ldirectord ##查找文件
cp /usr/share/doc/ldirectord-3.9.5/ldirectord.cf /etc/ha.d
cd /etc/ha.d
ls
vi ldirectord.cf
virtual=172.25.17.100:80 ##vip虚拟网络地址
real=172.25.17.12:80 gate ##真实服务地址
real=172.25.17.13:80 gate
fallback=127.0.0.1:80 gate ###如果真实的都挂掉了,执行调度器
service=http
scheduler=rr
#persistent=600
#netmask=255.255.255.255
protocol=tcp
checktype=negotiate
checkport=80
request="index.html"
#receive="Test Page" ##注销这个网页
virtualhost=www.x.y.z
/etc/init.d/ldirectord start
vi /etc/httpd/conf/httpd.conf(改为80端口)
vi /var/www/html/index.html(正在维护)##只有着一个文件。其他的打包放在backup里面
curl localhost
ipvsadm -l
ipvsadm -ln
#当2,3有一个down掉的时候,调度器就会刷新,变为一个,都down掉的时候,调度机自己上
###在vm2 vm3 里面坐
/etc/init.d/httpd stop
##在vm1里面坐
ipvsadm -ln
##在物理机中作
curl 172.25.17.100 ##只能轮询一个
高可用的lvs(dr模式)
keeppalived:什么是Keepalived呢,keepalived观其名可知,保持存活,在网络里面就是保持在线了,也就是所谓的高可用或热备,用来防止单点故障(单点故障是指一旦某一点出现故障就会导致整个系统架构的不可用)的发生,那说到keepalived时不得不说的一个协议就是VRRP协议,可以说这个协议就是keepalived实现的基础。
VRRP协议:
网络在设计的时候必须考虑到冗余容灾,包括线路冗余,设备冗余等,防止网络存在单点故障,那在路由器或三层交换机处实现冗余就显得尤为重要,在网络里面有个协议就是来做这事的,这个协议就是VRRP协议,Keepalived就是巧用VRRP协议来实现高可用性(HA)的。
1.用于实现路由器冗余的协议
2.解决静态路由单点故障问题
3.通过一种竞选(election)协议来实现虚拟路由器的功能
在vm1里面下载最新版本的keepalived包并解压安装
105 cd /pub
106 ls
107 tar zxf keepalived-2.0.6.tar.gz
108 ls
109 cd keepalived-2.0.6
yum install openssl-devel.x86_64 ##安装keepalived的依赖包:openssl-devel
yum install gcc
##编译keepalived的源码包
./configure --prefix=/usr/local/keepalived --with-init=SYSV
114 make(默认makefile文件)
115 ll Makefile
make install
###制作软连接方便keepalived的管理与设置,并给他的脚本执行权限
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/keepalived/ /etc/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/
chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
##将server1中源码编译好的keepalived发送到server4,在sever4中同样制作软连接:
vm4里面下载 yum install openssh-clients
scp -r /usr/local/keepalived/ [email protected]:/usr/local/
cd /usr/local/keepalived/
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/keepalived/ /etc/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/
ll /etc/init.d/keepalived
ll /usr/local/keepalived/etc/rc.d/init.d/keepalived
###在server1(主)中配置/keepalived的配置文件
yum install -y mailx
mail
vi /etc/keepalived//keepalived.conf
! Configuration File for keepalived
##全局配置
global_defs { ##全局定义块
notification_email { ##邮件通知
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
VRRPD配置
vrrp_instance VI_1 {
state MASTER ##vm4将master改为backup 大写
interface eth0 ##绑定虚拟ip的网络接口
virtual_router_id 17 ##设置验证信息。两个节点需要一致
priority 100 ##主节点的优先级,数值在1~254,注意从节点比主节点的优先级低
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.17.100 ##指定虚拟ip,两个节点须设置一样
}
}
##虚拟服务配置
virtual_server 172.25.17.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 50 ##持久连接设置,会话保持时间,再此处需要注释
protocol TCP ##指定转发协议为tcp协议
##后端实际tcp服务的配置
real_server 172.25.17.12 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.25.17.13 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
###开启keepzlived(1,4都开启)
/etc/init.d/keepalived start
###查看日志,判定是否更新了MASTER和BACKUP
cat /var/log/messages
####将配置好的keepalived文件发送给备机(server4),修改MASTER为BACKUP。优先级也要修改为50
cd /etc/keepalived/
scp keepalived.conf [email protected]:/etc/keepalived/
###删除server1和server4上子网掩码为24的ip172.25.1.100(虚拟服务器的vip)
ip addr del 172.25.254.100/24 dev eth0(因为次服务会自动加载vip,原来设定的应该删除)
###在物理机中测试
curl 172.25.254.100
破坏server1 echo c > /proc/sysrq-trigger查看server1和server4的日志:我们可以清楚的看到,server4变为MASTER,继续提供服务,测试端不会停止。当server1恢复正常后,server1立即竞选变为MASTER,servere4恢复为BACKUP /etc/keepalived/keepalived.conf stop server1坏掉,server4为master,当server1好了,立即他变成master
##将两种设备互为主备
##在后端2和3里面下载vsftpd 服务 并在/var/ftp/建立文件 添加vip
##2,3里面加vip ip addr add 172.25.254.200/32 dev eth0
server2 和 server3 安装vsftpd服务 并在/var/ftp/建立文件 添加vip
server2:
yum install vsftpd -y
/etc/init.d/vsftpd start
cd /var/ftp/
touch server2
ip addr add 172.25.24.200/32 dev eth0
vim /etc/sysconfig/arptables
添加:
[0:0] -A IN -d 172.25.24.100 -j DROP
[0:0] -A IN -d 172.25.24.200 -j DROP
[0:0] -A OUT -s 172.25.24.100 -j mangle --mangle-ip-s 172.25.24.2
[0:0] -A OUT -s 172.25.24.200 -j mangle --mangle-ip-s 172.25.24.2
/etc/init.d/arptables_jf restart
server3:
yum install vsftpd -y
/etc/init.d/vsftpd start
cd /var/ftp/
touch server3
ip addr add 172.25.24.200/32 dev eth0
vim /etc/sysconfig/arptables
添加:
[0:0] -A IN -d 172.25.24.100 -j DROP
[0:0] -A IN -d 172.25.24.200 -j DROP
[0:0] -A OUT -s 172.25.24.100 -j mangle --mangle-ip-s 172.25.24.3
[0:0] -A OUT -s 172.25.24.200 -j mangle --mangle-ip-s 172.25.24.3
/etc/init.d/arptables_jf restart
/etc/init.d/keepalived stop ##4的也要关闭
vi /etc/keepalived//keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 17
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.17.100
}
}
virtual_server 172.25.17.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 172.25.17.12 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.25.17.13 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
virtual_server 172.25.17.200 21 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 172.25.17.12 21 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.25.17.13 21{
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
vrrp_instance VI_2 { ##修改之处
state BACKUP ##修改之处
interface eth0
virtual_router_id 117 ##修改之处
priority 50 ##修改之处
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.17.200
}
}
virtual_server 172.25.17.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 172.25.17.12 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.25.17.13 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
virtual_server 172.25.17.200 21 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50 ##lftp可以持续发送,不需要注释
protocol TCP
real_server 172.25.17.12 21 {
weight 1
TCP_CHECK{ ###v4将master改为backup 将100 改为50
connect_timeout 3 将backup改为master 将50 改为100
retry 3
delay_before_retry 3
}
}
real_server 172.25.17.13 21{
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
/etc/init.d/keepalived start
scp keepalived.conf [email protected]:/etc/keepalived/(按上述要求进行更改)
/etc/init.d/keepalived start ##4的也要开启
yum install ipvsadm##同时更改yum源(要加负载平衡和高速缓存)4里面下载
ipvsadm -ln
ip addr (1里面是100 2里面是200)