高可用示例
两台nginx操作关闭防火墙及selinuxsystemctl stop firewalld setenforce 0创建ARP冲突检测脚本
vi /etc/init.d/realserver
#!/bin/bash# description:Script to start LVS DR real server.. /etc/rc.d/init.d/functionsVIP=192.168.32.100#修改相应的VIPcase "$1" in start) #启动 LVS-DR 模式,real server on this machine. 关闭ARP冲突检测。 echo "Start LVS of Real Server!" /sbin/ifconfig lo down /sbin/ifconfig lo up echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev lo:0 sudo sysctl -p ;; stop) #停止LVS-DR real server loopback device(s). echo "Close LVS Director Server!" /sbin/ifconfig lo:0 down echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce sudo sysctl -p ;; status) # Status of LVS-DR real server. islothere=`/sbin/ifconfig lo:0 | grep $VIP` isrothere=`netstat -rn | grep "lo:0" | grep $VIP` if [ ! "$islothere" -o ! "isrothere" ];then # Either the route or the lo:0 device # not found. echo "LVS-DR real server Stopped!" else echo "LVS-DR real server Running..." fi ;; *) # Invalid entry. echo "$0: Usage: $0 {start|status|stop}" exit 1 ;;esac关闭ARP冲突检测
chmod +x /etc/init.d/realserver chmod +x /etc/rc.d/init.d/functionsservice realserver start安装nginx
sudo rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpmyum install -y nginx修改页面及启动
echo 'ip: 192.168.32.137' > /usr/share/nginx/html/index.html systemctl start nginx两个keepalived主机关闭防火墙及selinux
systemctl stop firewalld setenforce 0下载安装包
yum install -y keepalived ipvsadm修改keepalive master配置
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bakvi /etc/keepalived/keepalived.conf
global_defs { smtp_server 127.0.0.1}vrrp_instance VI_1 { state MASTER #指定Keepalived的角色,MASTER为主,BACKUP为备 记得大写 interface ens33 #网卡id 不同的电脑网卡id会有区别 可以使用:ip a查看 virtual_router_id 51#虚拟路由编号,主备要一致 priority 100 #定义优先级,数字越大,优先级越高,主DR必须大于备用DR advert_int 1 #检查间隔,默认为1s authentication { #这里配置的密码最多为8位,主备要一致,否则无法正常通讯 auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.32.100 #定义虚拟IP(VIP)为192.168.1.200,可多设,每行一个 }}# 定义对外提供服务的LVS的VIP以及portvirtual_server 192.168.32.100 443 { delay_loop 6 # 设置健康检查时间,单位是秒 lb_algo wlc # 设置负载调度的算法为wlc lb_kind DR # 设置LVS实现负载的机制,有NAT、TUN、DR三个模式 nat_mask 255.255.255.0 persistence_timeout 0 protocol TCP real_server 192.168.32.137 443 {# 指定real server1的IP地址 weight 3 # 配置节点权值,数字越大权重越高 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 443 } } real_server 192.168.32.145 443 {# 指定real server2的IP地址 weight 3# 配置节点权值,数字越大权重越高 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 443 } }}修改keepalived backup配置
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bakvi /etc/keepalived/keepalived.conf
global_defs { smtp_server 127.0.0.1}vrrp_instance VI_1 { state BACKUP #指定Keepalived的角色,MASTER为主,BACKUP为备 记得大写 interface ens33#网卡id 不同的电脑网卡id会有区别 可以使用:ip a查看 virtual_router_id 51#虚拟路由编号,主备要一致 priority 50#定义优先级,数字越大,优先级越高,主DR必须大于备用DR advert_int 1#检查间隔,默认为1s authentication { #这里配置的密码最多为8位,主备要一致,否则无法正常通讯 auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.32.100#定义虚拟IP(VIP)为192.168.1.200,可多设,每行一个 }}# 定义对外提供服务的LVS的VIP以及portvirtual_server 192.168.32.100 443 { delay_loop 6 # 设置健康检查时间,单位是秒 lb_algo wlc# 设置负载调度的算法为wlc lb_kind DR # 设置LVS实现负载的机制,有NAT、TUN、DR三个模式 nat_mask 255.255.255.0 persistence_timeout 0 protocol TCP real_server 192.168.32.137 443 {# 指定real server1的IP地址 weight 3 # 配置节点权值,数字越大权重越高 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 443 } } real_server 192.168.32.145 443 {# 指定real server2的IP地址 weight 3# 配置节点权值,数字越大权重越高 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 443 } }}启动服务
systemctl start keepalived
dfsfs
页:
[1]