实验:实现高可用的LVS-DR模型
1、准备两台RS服务器
![1542773559434686.png image.png](http://s1.51cto.com/images/20181121/1542773559434686.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
2、将两台lVS安装httpd或nginx,用来做sorry server
![1542773566500105.png image.png](http://s1.51cto.com/images/20181121/1542773566500105.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
3、定义RS服务器
在后端服务器RS1写配置脚本
![1542773615360376.png image.png](http://s1.51cto.com/images/20181121/1542773615360376.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
执行脚本后,ifconfig
![1542773621212739.png image.png](http://s1.51cto.com/images/20181121/1542773621212739.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
之后脚本传给RS2,执行此脚本,同样存在lo:0 10.0.56.10
4、LVS服务器安装ipvsadm,之后添加虚拟网络
ifconfig ens33:0 10.0.56.10 netmask 255.255.255.255 broadcast 10.0.56.10 up
![1542773629454761.png image.png](http://s1.51cto.com/images/20181121/1542773629454761.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
5、配置添加RS服务器被lvs调度
![1542773635620603.png image.png](http://s1.51cto.com/images/20181121/1542773635620603.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
6、测试,注意测试机加上到10.0.56.0/24的路由,此时基本的已完成
![1542773644475034.png image.png](http://s1.51cto.com/images/20181121/1542773644475034.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
7、LVS1下线,配置LVS2
LVS1:ifconfig ens33:0 down
LVS2:
ifconfig ens33:0 10.0.56.10 netmask 255.255.255.255 broadcast 10.0.56.10 up
ipvsadm -A -t 10.0.56.10:80 -s rr
ipvsadm -a -t 10.0.56.10:80 -r 192.168.239.72 -g
ipvsadm -a -t 10.0.56.10:80 -r 192.168.239.73 -g
![1542773658263441.png image.png](http://s1.51cto.com/images/20181121/1542773658263441.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
之后结果会等一个间隔时间后才会出现
![1542773662543926.png image.png](http://s1.51cto.com/images/20181121/1542773662543926.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
8、配置keepalived
清空ipvsadm的规则,ipvsadm -C
两个LVS主机上均有在/etc/keepalived/keepalived.conf:
virtual_ipaddress {
10.0.56.10/24 dev ens33 label ens33:1
}
virtual_server 10.0.56.10 80 {
delay_loop 2
lb_algo wrr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.239.72 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.239.73 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
之后两台LVS全部停止keepalived
先启动LVS1的keepalived
![1542773705826236.png image.png](http://s1.51cto.com/images/20181121/1542773705826236.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试1(如果光标闪烁,查看LVS服务器的iptables -vnL中是否有个DROP,由此规则原因是keepalive.conf中有vrrp_strict)
![1542773710167160.png image.png](http://s1.51cto.com/images/20181121/1542773710167160.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试2
![1542773717773078.png image.png](http://s1.51cto.com/images/20181121/1542773717773078.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试3
![1542773787421087.png image.png](http://s1.51cto.com/images/20181121/1542773787421087.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试4
![1542773794801406.png image.png](http://s1.51cto.com/images/20181121/1542773794801406.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
暂停片刻后恢复调度
附:整个LVS的keepalive.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lvs1
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.156.18
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass passwd
}
virtual_ipaddress {
10.0.56.10/24 dev ens33 label ens33:1
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 10.0.56.10 80 {
delay_loop 2
lb_algo wrr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.239.72 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.239.73 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
实验:keepalive实现高并发nginx代理nginx服务器(单主模型)
1、简易拓扑图
![1542773839903050.png image.png](http://s1.51cto.com/images/20181121/1542773839903050.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
2、在两台keepalive服务器中更改配置/etc/keepalive/keepalive.conf
![1542773850358659.png image.png](http://s1.51cto.com/images/20181121/1542773850358659.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
做一步测试一步,说明两台keepalive的nginx配置正确
![1542773856154948.png image.png](http://s1.51cto.com/images/20181121/1542773856154948.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
2、/etc/keepalive/keepalive.conf的配置
![1542773866114527.png image.png](http://s1.51cto.com/images/20181121/1542773866114527.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
systemclt restart keepalived
![1542773877873237.png image.png](http://s1.51cto.com/images/20181121/1542773877873237.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
3、测试1
![1542773882914902.png image.png](http://s1.51cto.com/images/20181121/1542773882914902.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试2
![1542773892556914.png image.png](http://s1.51cto.com/images/20181121/1542773892556914.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
此时依旧成功
![1542773898388974.png image.png](http://s1.51cto.com/images/20181121/1542773898388974.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试3
![1542773903849185.png image.png](http://s1.51cto.com/images/20181121/1542773903849185.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
加入nginx检测脚本,判断nginx进程是否存在
![1542773921893788.png image.png](http://s1.51cto.com/images/20181121/1542773921893788.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试4
![1542773930442039.png image.png](http://s1.51cto.com/images/20181121/1542773930442039.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
![1542773948811417.png image.png](http://s1.51cto.com/images/20181121/1542773948811417.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
实验:keepalive实现高并发nginx代理nginx服务器(双主模型)
1、简易拓扑图
![1542773987569292.png image.png](http://s1.51cto.com/images/20181121/1542773987569292.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
2、配置ka1
![1542773996439130.png image.png](http://s1.51cto.com/images/20181121/1542773996439130.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
配置ka2
![1542774006944414.png image.png](http://s1.51cto.com/images/20181121/1542774006944414.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
配置保存后重启keepalive
![1542774016765274.png image.png](http://s1.51cto.com/images/20181121/1542774016765274.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
3、配置RS服务器
4、配置ka1的nginx.conf
![1542774029502646.png image.png](http://s1.51cto.com/images/20181121/1542774029502646.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
![1542774038208421.png image.png](http://s1.51cto.com/images/20181121/1542774038208421.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
配置ka 2的nginx,和ka 1的基本一致,最好两个default的server_name和proxy_pass换到各自对应的RS主机位置
![1542774049689001.png image.png](http://s1.51cto.com/images/20181121/1542774049689001.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
5、客户机配置/etc/hosts解析
![1542774056665755.png image.png](http://s1.51cto.com/images/20181121/1542774056665755.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
6、测试
![1542774060161681.png image.png](http://s1.51cto.com/images/20181121/1542774060161681.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试结果
![1542774073189901.png image.png](http://s1.51cto.com/images/20181121/1542774073189901.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)
测试结果
![1542774081963550.png image.png](http://s1.51cto.com/images/20181121/1542774081963550.png?x-oss-process=image/watermark,size_16,text_QDUxQ1RP5Y2a5a6i,color_FFFFFF,t_100,g_se,x_10,y_10,shadow_90,type_ZmFuZ3poZW5naGVpdGk=)