---恢复内容开始---
###lb01 操作
####1.关闭keepalived iptables selinux
####2.手工添加LVS转发
#####1)配置lvs 添加vip
ip addr add 10.0.0.3/24 dev eth0 label eth0:0
#####2)配置lvs规则
ipvsadm-save -n
ipvsadm -C
ipvsadm --set 30 5 60
ipvsadm -A -t 10.0.0.3:80 -s wrr -p 20
ipvsadm -a -t 10.0.0.3:80 -r 10.0.0.7:80 -g -w 1
ipvsadm -a -t 10.0.0.3:80 -r 10.0.0.8:80 -g -w 1
ipvsadm -ln --stats
#####3)手工在RS端绑定
####每台real server端执行
#####绑定vip
ip addr add 10.0.0.3/32 dev lo label lo:0
#####4)手工在RS端抑制ARP响应
cat >>/etc/sysctl.conf<<EOF
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
EOF
sysctl -p
####3.lb01 测试 web01 web02 是否可用
[root@lb01 ~]# curl 10.0.0.7/xiaoyu.html
web02 www
[root@lb01 ~]# curl -H Host:blog.etiantian.org 10.0.0.7/xiaoyu.html
web02 blog
[root@lb01 ~]# curl 10.0.0.8/xiaoyu.html
web01 www
[root@lb01 ~]# curl -H Host:blog.etiantian.org 10.0.0.8/xiaoyu.html
web01 blog
#####4.windows hosts 解析
10.0.0.3 www.etiantian.org blog.etiantian.org
lb01 keepalived配置文件
global_defs {
notification_email {
49000448-@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_01
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
}
virtual_server 10.0.0.3 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 10.0.0.7 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.0.0.8 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
1.1 lb02 keepalived 配置文件
global_defs {
notification_email {
49000448-@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
}
virtual_server 10.0.0.3 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 10.0.0.7 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.0.0.8 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
1.1 #####lvs高可用---keepalived
keepalived.conf
#1.global_defs 全局定义
#2.vrrp 实例配置 VIP
#3.lvs的配置
#配置keepalived管理 lvs
#1. 删除之前配置的VIP
ip addr del 10.0.0.3/24 dev eth0 label eth0:0
#2.配置lb01 lb02 上面的keepalived
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id LVS_01
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
}
virtual_server 10.0.0.3 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 10.0.0.7 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.0.0.8 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
[root@lb02 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id LVS_02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
}
virtual_server 10.0.0.3 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 10.0.0.7 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.0.0.8 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
##3.测试是否能管理lvs
ipvsadm-save -n >/tmp/ipvsadm.save
ipvsadm -C
ipvsadm -ln
/etc/init.d/keepalived restart
ipvsadm -ln
---恢复内容结束---