|
|
目录
1、概述
2、director脚本
3、real server脚本
4、总结
1、概述
LVS的DR类型是在生产环境中运用比较多的部署类型,后端real server服务器的上线、下线的配置比较繁琐,所以可利用bash脚本来完成。虚拟服务VS/DR类型实现”的部份整理了两个脚本,一个是在director上执行,一个在各real server上执行的脚本。
2、director脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
| [iyunv@HAPROXY scripts]# vim vs_dr
#!/bin/sh
#Program: This script set vs/dr.
#Author: zhaochj
#Date: 2015-05-11
#Version: 1.0
#chkconfig: 235 90 120
# Source function library.
source /etc/init.d/functions
# declare variables
VIP=192.168.0.222
RIP1=192.168.0.201
RIP2=192.168.0.202
PORT=80
RSWEIGHT1=1
RSWEIGHT2=1
# iptables set
iptables -F
iptables -X
iptables -Z
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth+ -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -d $VIP --dport 80 -j ACCEPT
# set director
case "$1" in
start)
echo "1" > /proc/sys/net/ipv4/ip_forward
ifconfig eth0:0 $VIP netmask 255.255.255.0 up
ipvsadm -C
ipvsadm -A -t $VIP:$PORT -s wlc
ipvsadm -a -t $VIP:$PORT -r $RIP1:$PORT -g -w $RSWEIGHT1
ipvsadm -a -t $VIP:$PORT -r $RIP2:$PORT -g -w $RSWEIGHT2
touch /var/lock/subsys/lvs-dr.lock & > /dev/null
echo "VS/DR is starting"
;;
stop)
echo "0" > /proc/sys/net/ipv4/ip_forward
ifconfig eth0:0 down
ipvsadm -C
rm /var/lock/subsys/lvs-dr.lock
echo "VS/DR is stoped"
;;
status)
[ -e /var/lock/subsys/lvs-dr.lock ] && ipvsadm -L -n || echo "VS/DR is not running"
;;
*)
echo "Usage $0 {start|stop|status}"
;;
esac
|
3、real server脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
| [iyunv@slave scripts]# vim dr_rs
#!/bin/sh
#Program: This script is set VS/DR real server
#Author: zhaochj
#Date: 2015-05-11
#Version: 1.0
#chkconfig: 235 86 130
# Source function library
source /etc/init.d/functions
# declare variables
VIP=192.168.0.222
PORT=80
# iptables set
iptables -F
iptables -X
iptables -Z
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
# set real server
case "$1" in
start)
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP up
route add -host $VIP dev lo:0
echo "VS/DR real server running"
;;
stop)
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
route del -host $VIP
ifconfig lo:0 down
echo "VS/DR/real server stoped"
;;
status)
Lostat=`ifconfig lo:0 | grep $VIP`
Return=`echo $?`
[ $Return != "0" ] && echo "VS/DR real server stoped" || echo "VS/DR real server running"
;;
*)
echo "Usage $0{start|stop|status}"
;;
esac
|
4、总结
利用脚本把繁琐的工作简单化,而且执行效率更高,只要把脚本测试好,还能避免一些误操作。
|
|
|
|
|
|
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2015-5-12 08:42:39
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡