19 lvs操作执行步骤
1 在lvs主机master 上配置虚拟ip
- 1 将编写好的lvs_dr.sh 以及lvs_rs.sh都发送到两台lv主机以及real server上 (错误的做法,在window上编写的shell脚本很有可能在UNIX上无法执行
scp lvs_dr.sh ubuntu@192.168.138.129:/usr/local/bin/
scp lvs_rs.sh ubuntu@192.168.138.129:/usr/local/bin/
![]()
- 2 在lvs主机上执行
cd /usr/local/bin/
sudo sh ./lvs_dr.sh start
bash: ./lvs_dr.sh: /bin/bash^M: bad interpreter: No such file or directory
shell脚本报错/bin/bash^M: bad interpreter: No such file or directory,通过查阅资料得知,shell脚本格式必须是unix才行,但我这个脚本是在windows上编写完成传到Linux服务器上的,所以一执行就报错:
https://blog.csdn.net/weixin_39309402/article/details/99732688
因此,删掉重新来吧
cd /usr/local/bin
rm -f lvs_dr.sh
vi lvs_dr.sh
#! /bin/bash
echo 1 > /proc/sys/net/ipv4/ip_forward
ipv=/sbin/ipvsadm
vip=192.168.138.138
rs1=192.168.138.131
rs2=192.168.138.132
case $1 in
start)
echo "Start LVS"
ifconfig ens33:0 $vip broadcast $vip netmask 255.255.255.255 up #添加虚拟网卡
route add -host $vip dev ens33:0 #添加到虚拟主机的路由
$ipv -A -t $vip:80 -s lc #添加虚拟服务器,-s:调度算法
$ipv -a -t $vip:80 -r $rs1:80 -g -w 1 #添加真实服务器,-g:DR,-w:权重
$ipv -a -t $vip:80 -r $rs2:80 -g -w 1
;;
stop)
echo "Stop LVS"
route del -host $vip dev ens33:0 #删除虚拟网卡
ifconfig ens33:0 down #删除路由
$ipv -C #删除虚拟主机
;;
*)
echo "Usage:$0 {start|stop}"
exit 1
esac- 然后启动
sudo sh /usr/local/bin/lvs_dr.sh start
![]()
2 在real server中配置
sudo vi /usr/local/bin/lvs_rs.sh
#!/bin/bash
vip=192.168.138.138
case $1 in
start)
echo "Start LVS"
ifconfig ens33:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev ens33:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p > /dev/null 2>&1
;;
stop)
echo "Stop LVS"
route del -host $vip dev ens33:0
/sbin/ifconfig ens33:0 down
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p > /dev/null 2>&1
;;
*)
echo "Usage:$0 {start|stop}"
exit 1
esac然后启动
sudo sh lvs_rs.sh start
3 回到lvs master主机,即129主机上查看配置的路由
- sudo ipvsadm
![]()
- sudo ipvsadm -ln
![]()
4 去real server(192.168.138.131)中开启nginx和tomcat
ssh ubuntu@192.168.138.131
cd /usr/local/nginx/sbin
sudo ./nginx
sudo sh /usr/local/tomcat8080/bin/shutdown.sh
sudo sh /usr/local/tomcat8080/bin/startup.sh
sudo sh /usr/local/tomcat8081/bin/shutdown.sh
sudo sh /usr/local/tomcat8081/bin/startup.sh
ps -ef | grep nginx
5 测试一下我们配的虚拟ip 192.168.138.138能不能将请求发送给192.168.138.131
可以看到在131的两台tomcat都有被访问到
- 这样子看好像太麻烦了,于是我们去每一台tomcat上这样子将自己的信息写死
ssh ubuntu@192.168.138.131
sudo vi /usr/local/tomcat8080/webapps/ROOT/index.html
#添加 this is 192.168.138.131:8080
sudo vi /usr/local/tomcat8081/webapps/ROOT/index.html
#添加 this is 192.168.138.131:8081
# 重启一下tomcat
sudo sh /usr/local/tomcat8080/bin/shutdown.sh
sudo sh /usr/local/tomcat8080/bin/startup.sh
sudo sh /usr/local/tomcat8081/bin/shutdown.sh
sudo sh /usr/local/tomcat8081/bin/startup.sh
# 启动nginx
cd /usr/local/nginx/sbin
sudo ./nginx
sduo /usr/local/nginx/sbin/nginx -s reload
效果
5 使用keepalive, 配置master
- 备份 ./etc/keepalived/keepalived.conf
# master
cd /usr/local/keepalived
sudo mv ./etc/keepalived/keepalived.conf ./etc/keepalived/keepalived.conf.backup
sudo vim ./etc/keepalived/keepalived.conf# master
global_defs {
notification_email {
Joshua@163.com # 发送给谁
}
notification_email_from admin@163.com # 由谁发送出来
smtp_server 220.181.12.11
smtp_connect_timeout 30
router_id LVS_DEVEL # 起名字
}
vrrp_instance VI_1 {
state MASTER
interface ens33 # 本地的网卡
virtual_router_id 51 # id号 主从必须一致
priority 100 #优先级,选举master用
advert_int 1 #master与backup节点间同步检查的时间间隔,单位为秒
authentication {#验证类型和验证密码,通常使用PASS类型,同一vrrp实例MASTER与BACKUP使用相同的密码才能正常通信
auth_type PASS
auth_pass 123
}
virtual_ipaddress { # vip
192.168.138.138
}
}
virtual_server 192.168.138.138 80 {
delay_loop 6 ##每隔 6 秒查询RealServer状态
lb_algo rr #负载均衡算法
lb_kind DR #DR转发模式
persistence_timeout 10 #会话保持时间
protocol TCP
real_server 192.168.138.131 80 { #RS
weight 1
TCP_CHECK {
connect_timeout 10
connect_port 80
}
}
real_server 192.168.138.132 80 {
weight 1
TCP_CHECK {
connect_timeout 10
connect_port 80
}
}
}6 在lvs master和backup都设置内核参数,开启ip转发
sudo vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
- 检查一下
sudo sysctl -p
![]()
- 关闭防火墙
sudo iptables -F
7 启动keepalive
cd /usr/local/keepalived
./sbin/keepalived --help:列出所有的选项
sudo ./sbin/keepalived -f /usr/local/keepalived/etc/keepalived/keepalived.conf -D
# 查看进程
ps -ef | grep keepalive
# 查看日志
# sudo tail -f /var/log/messages
# 查看 ipvsadm
sudo ipvsadm
- ip a
- watch ipvsadm -L -n -c - 查看进程 ps -ef | grep keepalive
![]()
- sudo ipvsadm
![]()
- ip a
- 查看浏览器输出
![]()
- watch ipvsadm -L -n -c
![]()
8 使用keepalive, 配置backup
cd /usr/local/keepalived
sudo mv ./etc/keepalived/keepalived.conf ./etc/keepalived/keepalived.conf.backup
sudo vim ./etc/keepalived/keepalived.conf
# backup
global_defs {
notification_email {
Joshua@163.com # 发送给谁
}
notification_email_from admin@163.com # 由谁发送出来
smtp_server 220.181.12.11
smtp_connect_timeout 30
router_id LVS_DEVEL # 起名字
}
vrrp_instance VI_1 {
state BACKUP # ========
interface ens33 # 本地的网卡
virtual_router_id 51 # id号 主从必须一致
priority 80 #优先级,选举BACKUP用
advert_int 1 #master与backup节点间同步检查的时间间隔,单位为秒
authentication {#验证类型和验证密码,通常使用PASS类型,同一vrrp实例MASTER与BACKUP使用相同的密码才能正常通信
auth_type PASS
auth_pass 123
}
virtual_ipaddress { # vip
192.168.138.138
}
}
virtual_server 192.168.138.138 80 {
delay_loop 6 ##每隔 6 秒查询RealServer状态
lb_algo rr #负载均衡算法
lb_kind DR #DR转发模式
persistence_timeout 10 #会话保持时间
protocol TCP
real_server 192.168.138.131 80 { #RS
weight 1
TCP_CHECK {
connect_timeout 10
connect_port 80
}
}
real_server 192.168.138.132 80 {
weight 1
TCP_CHECK {
connect_timeout 10
connect_port 80
}
}
}启动keepalive
cd /usr/local/keepalived
./sbin/keepalived --help:列出所有的选项
sudo ./sbin/keepalived -f /usr/local/keepalived/etc/keepalived/keepalived.conf -D
# 查看进程
ps -ef | grep keepalive
# 查看日志
# sudo tail -f /var/logs/messages
# 查看 ipvsadm
sudo ipvsadm
- ip a
- watch -n 0.1 sudo ipvsadm -L -n -c
<img src="2a47f830-26f3-43dd-b9b9-2fc12c398d76_files/fc66ece1-b5d4-4fe7-b78d-a35ff0a0ced1.png" style="vertical-align: bottom; max-width: 100%;">
### 9 查看进程
<img src="2a47f830-26f3-43dd-b9b9-2fc12c398d76_files/1e887b58-750a-4655-b61d-585f2a01949b.png" style="vertical-align: bottom; max-width: 100%;">
可以看出,这些请求都发送到了master主机上了
### 10 将master主机的keepalive进程杀掉,看看能不能将进程打回给bakcup上
ps -ef | grep keepalive
<img src="2a47f830-26f3-43dd-b9b9-2fc12c398d76_files/7367b3e4-1967-42d0-8012-696863d42c6f.png" style="">
kill -9 pid
<img src="2a47f830-26f3-43dd-b9b9-2fc12c398d76_files/5ab320a7-791c-4510-9656-2843b96647e7.jpg" style="vertical-align: bottom; max-width: 100%;">
- 在master中重新启动keepalive,发现请求又打回去给master了(master优先级更高)cd /usr/local/keepalived
sudo ./sbin/keepalived -f /usr/local/keepalived/etc/keepalived/keepalived.conf -D
<img src="2a47f830-26f3-43dd-b9b9-2fc12c398d76_files/70d8b428-299f-45c8-aa3a-be526750bfd5.png" style="vertical-align: bottom; max-width: 100%;">
### 11 负载均衡
可以控制会话时间的配置有
- 1 /usr/local/keepalived/etc/keepalived/keepalived.confcd /usr/local/keepalived
sudo vim /usr/local/keepalived/etc/keepalived/keepalived.conf
```
persistence_timeout 10
- 2 sudo ipvsadm -L --timeout
![]()
![]()
- 3 设置ipvsadm会话过期时间
sudo ipvsadm --set 1 2 1 - 4 nginx 配置
cd /usr/local/nginx/conf
sudo vi nginx.conf
里面: keepalive_timeout 65s # 长连接的超时时间
重启
cd /usr/local/nginx/
sudo ./sbin/nginx -s reload
- NOTE: lvs 8 种负载均衡算法,3中转发模式???
8.测试双机热备高可用
两台DR,同样的VIP:
state MASTER | BACKUP
priority 100 | 80
浙公网安备 33010602011771号