CentOs7实现lvs+nginx+keepalived负载均衡(DR模式)

实验操作环境:CentOS7机器两台

操作目的:实现飘逸ip,测试页面不断刷新可以显示不同ip的web页面

1、关闭防火墙,关闭selinux

2、下载相关依赖包,实验用nginx测试

3、上传nginx包

4、编译安装nginx

5、修改nginx测试页面

 

一、准备实验所需依赖环境

systemctl stop firewalld && setenforce 0
yum -y install gcc gcc-c++ pcre-devel zlib-devel 
yum -y install keepalived ipvsadm

  

二、编译安装nginx

三、配置keepalived ,用以实现飘逸, 并启动keepalived

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
#  vrrp_strict   //关闭广播
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER    //设置主从身份
    interface ens33   // 设置网络名称
    virtual_router_id 51
    priority 100    //优先级
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.37.100    //设置飘逸IP
    }
}

virtual_server 192.168.37.100 80 {    //虚拟服务器地址
    delay_loop 6
    lb_algo rr
    lb_kind DR    //DR模式
    nat_mask 255.255.255.0  //网卡
    persistence_timeout 50
    protocol TCP

    real_server 192.168.37.139 80 {   //主服务器地址
        weight 1
        TCP_CHECK {
            connect_timeout 3
            connect_port 80
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 192.168.37.140 80 {   //从服务器地址
        weight 1
        TCP_CHECK {
            connect_timeout 3
            connect_port 80
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

  

四、配置nginx的配置文件

    keepalive_timeout  0;   //由于无需权重等,只修改此处

  修改nginx测试页面,并开启nginx

<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
    body {
        width: 35em;
        margin: 0 auto;
        font-family: Tahoma, Verdana, Arial, sans-serif;
    }
</style>
</head>
<body>
<h1>Welcome to nginx!11111</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>

<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>

<p><em>Thank you for using nginx.</em></p>
</body>
</html>

  

五、配置ipvsadm

  首先添加网卡

DEVICE=lo:0
IPADDR=192.168.37.100
NETMASK=255.255.255.255
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
ONBOOT=yes

  其次配置ipvsadm

[root@localhost ~]# ipvsadm -C
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
[root@localhost ~]# ipvsadm -A -t 192.168.37.100:80 -s rr
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.37.100:80 rr
[root@localhost ~]# ipvsadm -a -t 192.168.37.100:80 -r 192.168.37.139:80 -g
[root@localhost ~]# ipvsadm -a -t 192.168.37.100:80 -r 192.168.37.140:80 -g
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.37.100:80 rr
  -> 192.168.37.139:80            Route   1      0          0         
  -> 192.168.37.140:80            Route   1      0          0         
[root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_ignore 
1
[root@localhost ~]# echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
[root@localhost ~]# echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
[root@localhost ~]# echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
[root@localhost ~]# echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
[root@localhost ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.37.2    0.0.0.0         UG    100    0        0 ens33
192.168.37.0    0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.37.100  0.0.0.0         255.255.255.255 UH    0      0        0 lo
[root@localhost ~]# route add -host 192.168.37.100 dev lo:0
SIOCADDRT: 文件已存在
[root@localhost ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.37.2    0.0.0.0         UG    100    0        0 ens33
192.168.37.0    0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.37.100  0.0.0.0         255.255.255.255 UH    0      0        0 lo
[root@localhost ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.37.100:80 rr
  -> 192.168.37.139:80            Route   1      0          0         
  -> 192.168.37.140:80            Route   1      0          0         
[root@localhost ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
0.0.0.0         192.168.37.2    0.0.0.0         UG    100    0        0 ens33
192.168.37.0    0.0.0.0         255.255.255.0   U     100    0        0 ens33
192.168.37.100  0.0.0.0         255.255.255.255 UH    0      0        0 lo
     
[root@localhost ~]# ipvsadm-save 
-A -t localhost.localdomain:http -s rr
-a -t localhost.localdomain:http -r localhost.localdomain:http -g -w 1
-a -t localhost.localdomain:http -r 192.168.37.140:http -g -w 1
[root@localhost ~]#

  

 

 

 

posted @ 2020-02-06 19:45  Security  阅读(508)  评论(0)    收藏  举报