博客园  :: 首页  :: 管理

SAP-APP-服务器组-004-pacemaker集群-在AWS平台里-NLB网络负载均衡的创建

Posted on 2023-12-14 15:39  520_1351  阅读(30)  评论(0编辑  收藏  举报

对于APP服务器组、内部是使用的自己定义的VIP,也即是选用的一个VPC之外的VIP

对于外部,是访问的NLB的IP地址,然后由NLB的再转发到VIP之中,至于转发到那一台EC2中,由路由表决定

如果是基于aws cli 命令的方式,那么可以先临时添加 《ELB v2 的所有操作》

根据ASCS提供的端口号,创建目标组,及注册上外部私有的VIP这个IP地址

1、创建空的目标组,注意VPC要与NLB所在的VPC一样,后续才能绑定上,注意需要捕获住如下命令的返回结果,得到目标组的arn

[root@qq-5201351 ~]# for i in {3200..3206} {3300..3306} {3600..3606} {3900..3906} {4800..4806} 8443 ;do
    aws elbv2 create-target-group --target-type ip --protocol TCP --name project-prd-ascs-$i --port $i --vpc-id vpc-0239a6c6f540a3c72 --health-check-protocol TCP --profile 229012345678
done

2、向每一个目标组,注册目标 VIP 这个外部的私有IP地址,当然最终是转发到那一台机器,由各个子网的路由表决定

for i in arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3200/38baecd4294e8940 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3201/6d392a5c3b368dfc arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3202/a7a4bddf0520e903 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3203/0ecde9d7accd2f50 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3204/9e7ca316116e2472 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3205/7b22d4d5b221f5eb arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3206/75322ed6d366934d arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3300/10a1d759d6c1ae76 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3301/8e31af428c000584 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3302/c63ffa6a5ce1a94c arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3303/d6edf8c35f9f7dba arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3304/3c88373c68c7aa56 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3305/bd68ead951dd6d4a arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3306/36fa792bc658ec9a arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3600/887932a8ab5e1e34 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3601/f3274ddff663664e arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3602/3280dfc69ef288d4 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3603/78f1d2d97e786f97 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3604/2acda189a818f23e arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3605/981241ca54d7acdc arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3606/eaf07639b6220a78 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3900/a69a7db3b5a8f5a1 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3901/4f87ef77d0e976f7 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3902/3b6e53e1a8e2c715 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3903/2422ed87b951c2f7 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3904/838b2ae442bf6d81 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3905/d5dfd109d5fc1903 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3906/6629ad8e8ecf334c arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4800/3ed9332f082b0b7a arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4801/e8c67bd98213c0bb arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4802/5fd93413eb4f0ccd arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4803/b9fd25cb80a255d4 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4804/e2b615b51a096cf6 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4805/5fdff690d5edf370 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4806/91ffeab97cc0893d arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-8443/31cd64c5533b79ef ;do

port=$(echo $i |grep -E  "ascs-[0-9]+/" -o |grep "[0-9]*" -o)

aws elbv2 register-targets --targets Id=172.18.15.106,Port=$port,AvailabilityZone=all --profile 229012345678 --target-group-arn  $i 

done

3、创建一个NLB  ,名称 project-Prd-ASCS  内部  IP 地址类型(IPV4)   还得先准备一个安全组:SG-For-project-Prd-ASCS ,

最多可以选择5个安全组,创建NLB后,要创建时记录NLB的arn,在接下来添加侦听器,需要用到

4、向NLB中添加入Listener / 侦听器 , 将上面的36个侦听器全部加入到NLB中

for i in arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3200/38baecd4294e8940 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3201/6d392a5c3b368dfc arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3202/a7a4bddf0520e903 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3203/0ecde9d7accd2f50 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3204/9e7ca316116e2472 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3205/7b22d4d5b221f5eb arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3206/75322ed6d366934d arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3300/10a1d759d6c1ae76 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3301/8e31af428c000584 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3302/c63ffa6a5ce1a94c arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3303/d6edf8c35f9f7dba arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3304/3c88373c68c7aa56 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3305/bd68ead951dd6d4a arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3306/36fa792bc658ec9a arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3600/887932a8ab5e1e34 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3601/f3274ddff663664e arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3602/3280dfc69ef288d4 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3603/78f1d2d97e786f97 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3604/2acda189a818f23e arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3605/981241ca54d7acdc arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3606/eaf07639b6220a78 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3900/a69a7db3b5a8f5a1 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3901/4f87ef77d0e976f7 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3902/3b6e53e1a8e2c715 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3903/2422ed87b951c2f7 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3904/838b2ae442bf6d81 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3905/d5dfd109d5fc1903 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-3906/6629ad8e8ecf334c arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4800/3ed9332f082b0b7a arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4801/e8c67bd98213c0bb arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4802/5fd93413eb4f0ccd arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4803/b9fd25cb80a255d4 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4804/e2b615b51a096cf6 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4805/5fdff690d5edf370 arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-4806/91ffeab97cc0893d arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:targetgroup/project-prd-ascs-8443/31cd64c5533b79ef ;do

port=$(echo $i |grep -E  "ascs-[0-9]+/" -o |grep "[0-9]*" -o)

aws --profile 229012345678 elbv2 create-listener --load-balancer-arn arn:aws-cn:elasticloadbalancing:cn-north-1:229012345678:loadbalancer/net/project-Prd-ASCS/7da14140d9b9f38a --protocol TCP --port $port  --default-actions Type=forward,TargetGroupArn=$i

done

 

修正部分:

1、8443号端口,需要转发到后面目标组EC2的真实IP地址,而非VIP地址

2、NLB属性中开启《跨区域负载均衡》功能 

3、 如果目标组中是多个可用区的EC2,那么NLB也需要有多个可用区的子网IP,才能对目标组中的EC2实例进行健康检查(与2没有关系)

 

 

尊重别人的劳动成果 转载请务必注明出处:https://www.cnblogs.com/5201351/p/17901305.html