2018-05-23 Linux Learning

18.11 LVS Dr Mode Setup (recommended)

Dr Mode Setup – Preparation work

Three machines
Dispatcher, also known as the Scheduler (dir)
133.130
Rs1
133.132
Rs2
133.133
Vip
133.200

Dr Mode Setup

Dir writes script vim/usr/local/sbin/lvs_dr.sh//content as follows
#! /bin/bash
Echo 1 >/proc/sys/net/ipv4/ip_forward
Ipv=/usr/sbin/ipvsadm
vip=192.168.133.200
rs1=192.168.133.132
rs2=192.168.133.133
#注意这里的网卡名字
Ifconfig ens33:2 $VIP broadcast $VIP netmask 255.255.255.255 up
Route add-host $vip Dev ens33:2
$IPV-C
$IPV-A-t $VIP: 80-s WRR
$IPV-A-t $vip: 80-r $rs 1:80-g-W 1
$IPV-A-t $vip: 80-r $rs 2:80-g-W 1

Two RS also write script vim/usr/local/sbin/lvs_rs.sh//content as follows
#/bin/bash
vip=192.168.133.200
#把vip绑定在lo上, is to implement RS directly return the results to the client
Ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
Route Add-host $vip lo:0
#以下操作为更改arp内核参数 to enable RS to send the MAC address to the client successfully
#参考文档www. cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
Execute these scripts on Dir and two RS respectively
Test

Operation Process

RS Gateway changed back to a normal connection to the external network

[[email protected] ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33IPADDR=192.168.106.165NETMASK=255.255.255.0GATEWAY=192.168.106.2DNS1=119.29.29.29[[email protected] ~]# systemctl restart network[[email protected] ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33IPADDR=192.168.106.166NETMASK=255.255.255.0GATEWAY=192.168.106.2DNS1=119.29.29.29[[email protected] ~]# systemctl restart network

[Email protected] ~]# vim/usr/local/sbin/lvs_dr.sh
#! /bin/bash
Echo 1 >/proc/sys/net/ipv4/ip_forward
Ipv=/usr/sbin/ipvsadm
vip=192.168.106.200
rs1=192.168.106.165
rs2=192.168.106.166
#注意这里的网卡名字
Ifdown Ens33
Ifup Ens33
Ifconfig ens33:2 $VIP broadcast $VIP netmask 255.255.255.255 up
Route add-host $vip Dev ens33:2
$IPV-C
$IPV-A-t $VIP: 80-s WRR
$IPV-A-t $vip: 80-r $rs 1:80-g-W 1
$IPV-A-t $vip: 80-r $rs 2:80-g-W 1

[[email protected] ~]# sh /usr/local/sbin/lvs_dr.sh成功断开设备 ‘ens33‘。连接已成功激活（D-Bus 活动路径：/org/freedesktop/NetworkManager/ActiveConnection/3

RS two Configure the same script

[Email protected] ~]# vim/usr/local/sbin/lvs_rs.sh
#/bin/bash
vip=192.168.106.200
#把vip绑定在lo上, is to implement RS directly return the results to the client
Ifdown Lo
Ifup Lo
Ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
Route Add-host $vip lo:0
#以下操作为更改arp内核参数 to enable RS to send the MAC address to the client successfully
#参考文档www. cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

[[email protected] ~]# sh /usr/local/sbin/lvs_rs.sh[[email protected] ~]# vim /usr/local/sbin/lvs_rs.sh[[email protected] ~]# sh /usr/local/sbin/lvs_rs.sh所有机器上都可以看到绑定的vip 192.168.106.200[[email protected] ~]# ip add

Test

Mikes-MacBook-Pro:~ mike$ curl http://192.168.106.200/aminglinux03Mikes-MacBook-Pro:~ mike$ curl http://192.168.106.200/aminglinux02Mikes-MacBook-Pro:~ mike$ curl http://192.168.106.200/aminglinux03Mikes-MacBook-Pro:~ mike$ curl http://192.168.106.200/aminglinux02[[email protected] ~]# ipvsadm -lnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnTCP  192.168.106.200:80 wrr  -> 192.168.106.165:80           Route   1      0          2           -> 192.168.106.166:80           Route   1      0          

18.12 keepalived LVs

完整架构需要两台服务器（角色为dir）分别安装keepalived软件，目的是实现高可用，但keepalived本身也有负载均衡的功能，所以本次实验可以只安装一台keepalivedkeepalived内置了ipvsadm的功能，所以不需要再安装ipvsadm包，也不用编写和执行那个lvs_dir的脚本三台机器分别为：dir（安装keepalived）133.130rs1 133.132rs2 133.133vip 133.200

Dir writes script vim/usr/local/sbin/lvs_dr.sh//content as follows
#! /bin/bash
Echo 1 >/proc/sys/net/ipv4/ip_forward
The following four lines are not sure if you want to * * *
Ipv=/usr/sbin/ipvsadm
vip=192.168.133.200
rs1=192.168.133.132
rs2=192.168.133.133

Two RS also write script vim/usr/local/sbin/lvs_rs.sh//content as follows
#/bin/bash
vip=192.168.133.200
#把vip绑定在lo上, is to implement RS directly return the results to the client
Ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
Route Add-host $vip lo:0
#以下操作为更改arp内核参数 to enable RS to send the MAC address to the client successfully
#参考文档www. cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
Execute these scripts on Dir and two RS respectively

编辑keepalived配置文件 vim /etc/keepalived/keepalived.conf//内容请到https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D21Z/lvs_keepalived.conf 获取需要更改里面的ip信息执行ipvsadm -C  把之前的ipvsadm规则清空掉systemctl restart network 可以把之前的vip清空掉两台rs上，依然要执行/usr/local/sbin/lvs_rs.sh脚本keepalived有一个比较好的功能，可以在一台rs宕机时，不再把请求转发过去测试

Operation Process

[[email protected] ~]# vim/etc/keepalived/keepalived.conf
vrrp_instance vi_1 {
#备用服务器上为 BACKUP
State MASTER
#绑定vip的网卡为ens33, your network card and Amin may not be the same, here you need to change
interface ens33
virtual_router_id
#备用服务器上为90
Priority $
Advert_int 1
Authentication {
Auth_type PASS
auth_pass aminglinux
}
Virtual_ IPAddress {
192.168.106.200
}
}
Virtual_server 192.168.106.200 {
# (query realserver status every 10 seconds)
Delay _loop
# (LVS algorithm)
Lb_algo WLC
# (dr Mode)
Lb_kind Dr
# (connection of the same IP is assigned to the same realserver within 60 seconds)
Persistence_ Timeout
# (check realserver status with TCP protocol)
protocol TCP
Real_server 192.168.106.165 {
# (weight)
Weight +
Tcp_check {
# (10 seconds No response timeout)
Connect_timeout
Nb_get_retry 3
Delay_before_retry 3
Connect_port
}
}
Real_server 192.168.106.166 {
Weight
Tcp_check {
Connect_timeout ten
Nb_get_retry 3
Delay_before_retry 3
Connect_port
}
}
}

[[email protected] ~]# systemctl stop keepalived.service [[email protected] ~]# ipvsadm -lnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn[[email protected] ~]# systemctl start keepalived[[email protected] ~]# ipvsadm -lnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnTCP  192.168.106.200:80 wlc persistent 60  -> 192.168.106.165:80           Route   100    0          0           -> 192.168.106.166:80           Route   100    0          0     

Test

[[email protected] ~]# systemctl stop nginx.service[[email protected] ~]# ipvsadm -lnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnTCP  192.168.106.200:80 wlc persistent 60  -> 192.168.106.165:80           Route   100    0          0 [[email protected] ~]# systemctl start nginx.service[[email protected] ~]# ipvsadm -lnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnTCP  192.168.106.200:80 wlc persistent 60  -> 192.168.106.165:80           Route   100    0          0           -> 192.168.106.166:80           Route   100    0          0

Access test

Mikes-MacBook-Pro:~ mike$ curl http://192.168.106.200/aminglinux03[[email protected] ~]# ipvsadm -lnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port           Forward Weight ActiveConn InActConnTCP  192.168.106.200:80 wlc persistent 60  -> 192.168.106.165:80           Route   100    0          0           -> 192.168.106.166:80           Route   100    0          9

2018-05-23 Linux Learning