CentOs7实现lvs+nginx+keepalived负载均衡(DR模式)
实验操作环境:CentOS7机器两台
操作目的:实现飘逸ip,测试页面不断刷新可以显示不同ip的web页面
1、关闭防火墙,关闭selinux
2、下载相关依赖包,实验用nginx测试
3、上传nginx包
4、编译安装nginx
5、修改nginx测试页面
一、准备实验所需依赖环境
systemctl stop firewalld && setenforce 0 yum -y install gcc gcc-c++ pcre-devel zlib-devel
yum -y install keepalived ipvsadm
二、编译安装nginx
三、配置keepalived ,用以实现飘逸, 并启动keepalived
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr # vrrp_strict //关闭广播 vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state MASTER //设置主从身份 interface ens33 // 设置网络名称 virtual_router_id 51 priority 100 //优先级 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.37.100 //设置飘逸IP } } virtual_server 192.168.37.100 80 { //虚拟服务器地址 delay_loop 6 lb_algo rr lb_kind DR //DR模式 nat_mask 255.255.255.0 //网卡 persistence_timeout 50 protocol TCP real_server 192.168.37.139 80 { //主服务器地址 weight 1 TCP_CHECK { connect_timeout 3 connect_port 80 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.37.140 80 { //从服务器地址 weight 1 TCP_CHECK { connect_timeout 3 connect_port 80 nb_get_retry 3 delay_before_retry 3 } } }
四、配置nginx的配置文件
keepalive_timeout 0; //由于无需权重等,只修改此处
修改nginx测试页面,并开启nginx
<!DOCTYPE html> <html> <head> <title>Welcome to nginx!</title> <style> body { width: 35em; margin: 0 auto; font-family: Tahoma, Verdana, Arial, sans-serif; } </style> </head> <body> <h1>Welcome to nginx!11111</h1> <p>If you see this page, the nginx web server is successfully installed and working. Further configuration is required.</p> <p>For online documentation and support please refer to <a href="http://nginx.org/">nginx.org</a>.<br/> Commercial support is available at <a href="http://nginx.com/">nginx.com</a>.</p> <p><em>Thank you for using nginx.</em></p> </body> </html>
五、配置ipvsadm
首先添加网卡
DEVICE=lo:0 IPADDR=192.168.37.100 NETMASK=255.255.255.255 # If you're having problems with gated making 127.0.0.0/8 a martian, # you can change this to something else (255.255.255.255, for example) ONBOOT=yes
其次配置ipvsadm
[root@localhost ~]# ipvsadm -C [root@localhost ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn [root@localhost ~]# ipvsadm -A -t 192.168.37.100:80 -s rr [root@localhost ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.37.100:80 rr [root@localhost ~]# ipvsadm -a -t 192.168.37.100:80 -r 192.168.37.139:80 -g [root@localhost ~]# ipvsadm -a -t 192.168.37.100:80 -r 192.168.37.140:80 -g [root@localhost ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.37.100:80 rr -> 192.168.37.139:80 Route 1 0 0 -> 192.168.37.140:80 Route 1 0 0 [root@localhost ~]# cat /proc/sys/net/ipv4/conf/lo/arp_ignore 1 [root@localhost ~]# echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore [root@localhost ~]# echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce [root@localhost ~]# echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore [root@localhost ~]# echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce [root@localhost ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.37.2 0.0.0.0 UG 100 0 0 ens33 192.168.37.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 192.168.37.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo [root@localhost ~]# route add -host 192.168.37.100 dev lo:0 SIOCADDRT: 文件已存在 [root@localhost ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.37.2 0.0.0.0 UG 100 0 0 ens33 192.168.37.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 192.168.37.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo [root@localhost ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.37.100:80 rr -> 192.168.37.139:80 Route 1 0 0 -> 192.168.37.140:80 Route 1 0 0 [root@localhost ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.37.2 0.0.0.0 UG 100 0 0 ens33 192.168.37.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 192.168.37.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo [root@localhost ~]# ipvsadm-save -A -t localhost.localdomain:http -s rr -a -t localhost.localdomain:http -r localhost.localdomain:http -g -w 1 -a -t localhost.localdomain:http -r 192.168.37.140:http -g -w 1 [root@localhost ~]#