網(wǎng)絡(luò)拓?fù)洌?/h1>
image
準(zhǔn)備工作
禁用selinux以及清空防火墻規(guī)則
getenforce 0
iptables -F
對各主機(jī)內(nèi)的配置文件:
對lvs1:
vim /etc/keepalived/keepalived.conf
Configuration File for keepalived
global_defs {
notification_email {
jevon@danran.com
}
notification_email_from ka_admin@danran.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id keepaliveA
vrrp_mcast_group4 224.103.13.13
}
vrrp_instance VI_A {
state MASTER
interface ens38
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass qr8hQHuL
}
virtual_ipaddress {
172.16.0.13/32
}
}
}
vrrp_instance VI_B {
state BACKUP
interface ens38
virtual_router_id 52
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass qr8hQH99
}
virtual_ipaddress {
172.16.13.13/32
}
}
virtual_server 172.16.0.13 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.252.59 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.16.251.240 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
image
禁用selinux以及清空防火墻規(guī)則
getenforce 0
iptables -F
vim /etc/keepalived/keepalived.conf
Configuration File for keepalived
global_defs {
notification_email {
jevon@danran.com
}
notification_email_from ka_admin@danran.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id keepaliveA
vrrp_mcast_group4 224.103.13.13
}
vrrp_instance VI_A {
state MASTER
interface ens38
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass qr8hQHuL
}
virtual_ipaddress {
172.16.0.13/32
}
}
}
vrrp_instance VI_B {
state BACKUP
interface ens38
virtual_router_id 52
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass qr8hQH99
}
virtual_ipaddress {
172.16.13.13/32
}
}
virtual_server 172.16.0.13 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.252.59 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.16.251.240 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
}
對lvs2:
Configuration File for keepalived
global_defs {
notification_email {
jevon@danran.com
}
notification_email_from ka_admin@danran.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id keepaliveA
vrrp_mcast_group4 224.103.13.13
}
}
vrrp_instance VI_A {
state BACKUP
interface ens37
virtual_router_id 51
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass qr8hQHuL
}
virtual_ipaddress {
172.16.0.13/32
}
}
}
vrrp_instance VI_B {
state BACKUP
interface ens37
virtual_router_id 52
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass qr8hQH99
}
virtual_ipaddress {
172.16.13.13/32
}
}
virtual_server 172.16.0.13 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.252.59 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.16.251.240 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
}
對后端2個httpd主機(jī)修改內(nèi)科參數(shù)并啟動httpd服務(wù)
腳本內(nèi)容
#!/bin/bash
vip=172.16.0.13
mask=255.255.255.255
iface="lo:0"
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
ifconfig $iface $vip netmask $mask broadcast $vip up
route add -host $vip dev $iface
;;
stop)
ifconfig $iface down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
測試效果:
只啟動lvs1時,得到2個虛擬ip
ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:06:5b:13 brd ff:ff:ff:ff:ff:ff
inet 172.16.250.217/16 brd 172.16.255.255 scope global dynamic ens38
valid_lft 81513sec preferred_lft 81513sec
inet 172.16.0.13/32 scope global ens38
valid_lft forever preferred_lft forever
inet 172.16.13.13/32 scope global ens38
valid_lft forever preferred_lft forever
inet6 fe80::d5bb:4675:529c:d8f2/64 scope link
valid_lft forever preferred_lft forever
啟動了lvs2之后,有一個ip被搶走(針對與lvs1)
實現(xiàn)了雙ip的轉(zhuǎn)移
ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:06:5b:13 brd ff:ff:ff:ff:ff:ff
inet 172.16.250.217/16 brd 172.16.255.255 scope global dynamic ens38
valid_lft 81379sec preferred_lft 81379sec
inet 172.16.0.13/32 scope global ens38
valid_lft forever preferred_lft forever
inet6 fe80::d5bb:4675:529c:d8f2/64 scope link
valid_lft forever preferred_lft forever
效果:
[root@lkbq ~]# for i in {1..10};do curl 172.16.0.13;done
22222222222222222222222222222
1111111111111111111111111
22222222222222222222222222222
1111111111111111111111111
22222222222222222222222222222
1111111111111111111111111
22222222222222222222222222222
1111111111111111111111111
22222222222222222222222222222
1111111111111111111111111
[root@lkbq ~]# for i in {1..10};do curl 172.16.13.13;done
22222222222222222222222222222
1111111111111111111111111
22222222222222222222222222222
1111111111111111111111111
22222222222222222222222222222
1111111111111111111111111
22222222222222222222222222222
1111111111111111111111111
22222222222222222222222222222
1111111111111111111111111