keeplived+lvs部署-全端口映射

时间:2024-03-01 19:04:02

 

参考nginx+keeplived

https://www.cnblogs.com/kevingrace/p/6146031.html#4437839

1.keeplived安装

rpm -ivh /mnt/Packages/ipvsadm-1.27-7.el7.x86_64.rpm

yum install -y ipvsadm

yum install -y keepalived

 

编辑配置文件如下红色部分是需要注意的参数

vi  /etc/keepalived/keepalived.conf

! Configuration File for keepalived

 

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id 112

}

 

vrrp_instance VI_1 {

    state MASTER

    interface ens33

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        192.168.100.214

    }

}

 

virtual_server 192.168.100.214 80 {

    delay_loop 6

    lb_algo rr

    lb_kind DR

    # persistence_timeout 50 #测试的时候注释掉

protocol TCP

 

    real_server 192.168.100.215 80 {

        weight 1

       TCP_CHECK {

connect_timeout 3

            nb_get_retry 3

            delay_before_retry 3

            connect_port 80

    }

}

 

real_server 192.168.100.217 80 {

        weight 1

       TCP_CHECK {

       connect_timeout 3

            nb_get_retry 3

            delay_before_retry 3

            connect_port 80

    }

}

}

 

 

启动keepalived 并设置开机启动

systemctl restart keepalived

systemctl enable keepalived

ipvsadm -L -n

 

 

 

如果两台keeplived需要修改的对应参数

vi /etc/keepalived/keepalived.conf

   router_id 113

   vrrp_skip_check_adv_addr

   vrrp_strict

   vrrp_garp_interval 0

   vrrp_gna_interval 0

}

vrrp_instance apache {

    state BACKUP

    interface ens33

    virtual_router_id 51

    priority 90

    advert_int 1

 

 

 

2.负载主机回环ip修改

 

yum install net-tools -y

编写下面脚本

vi /etc/init.d/lvsrsdr

#!/bin/bash

#description:start relserver

VIP=192.168.42.111

source /etc/init.d/functions                #加载环境变量(可以加载所有的环境变量)

case $1 in

start)

        echo \'start LVS of Realserver DR\'

        /sbin/ifconfig lo:1 $VIP broadcast $VIP netmask 255.255.255.255 up

        /sbin/route add -host $VIP dev lo:1

        echo \'1\' > /proc/sys/net/ipv4/conf/lo/arp_ignore

        echo \'2\' > /proc/sys/net/ipv4/conf/lo/arp_announce

        echo \'1\' > /proc/sys/net/ipv4/conf/all/arp_ignore

        echo \'2\' > /proc/sys/net/ipv4/conf/all/arp_announce

        ;;

stop)

        /sbin/ifconfig lo:1 down

        echo \'Close LVS of Realserver DR\'

        echo \'0\' > /proc/sys/net/ipv4/conf/lo/arp_ignore

        echo \'0\' > /proc/sys/net/ipv4/conf/lo/arp_announce

        echo \'0\' > /proc/sys/net/ipv4/conf/all/arp_ignore

        echo \'0\' > /proc/sys/net/ipv4/conf/all/arp_announce

        ;;

*)

        echo "Usage:$0 (start|stop)"

exit 1

esac

 

chmod +x /etc/init.d/lvsrsdr

/etc/init.d/lvsrsdr start

echo "/etc/init.d/lvsrsdr start" >> /etc/rc.local

 

 

 

scp /etc/init.d/lvsrsdr 192.168.100.217: /etc/init.d/

然后一样执行

yum install net-tools -y

chmod +x /etc/init.d/lvsrsdr

/etc/init.d/lvsrsdr start

echo "/etc/init.d/lvsrsdr start" >> /etc/rc.local

 

 

 

3.http web测试

yum install -y httpd

 

systemctl restart httpd 

iptabled -nvL #清空防火墙三台都要操作一下

iptables -F

 

 

 

echo “100.215” > /var/www/html/index.html

echo “100.217” > /var/www/html/index.html

systemctl restart httpd

 

 

 

 

 

4.docker环境部署

 systemctl stop firewalld.service && systemctl disable firewalld.service && iptables -F &&setenforce 0
yum install -y yum-utils device-mapper-persistent-data lvm2

yum-config-manager --add-repo http://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo

yum install docker-ce docker-ce-cli containerd.io -y

systemctl start docker && systemctl enable docker.service && systemctl status docker

 

cat >> /etc/docker/daemon.json <<EOF
{ "registry-mirrors": ["https://rncxm540.mirror.aliyuncs.com"] }
EOF

 

systemctl daemon-reload && systemctl restart docker

 

5.tomcat部署

docker pull tomcat

docker run --name tomcat1 -p 8080:8080 -v /data/tomcat1/:/usr/local/tomcat/webapps/ROOT -d tomcat

 

vi /data/tomcat1/index.jsp

 

<html>

    <body bgcolor="yellow">

    <center>

    <%=  request.getSession().getId()  %>

    <h1>192.168.100.215</h1>

    <h1>port:8080</h1>

    <h1>this is Tomcat-node1! </h1>

    </center>

    </body>

</html>

 

<%@ page contentType="text/html;charset=UTF-8" isELIgnored="false"%>

SessionID:<%=session.getId()%><BR>

SessionIP:<%=request.getServerName()%> <BR>

SessionPort:<%=request.getServerPort()%>

<%     out.println("This is Tomcat server 215 !");     %>

 

 

 

 

http://192.168.100.215:8080/

http://192.168.100.217:8080/

 

 

 

 

同样操作217

 

 

 

6.负载均衡端口修改

vi /etc/keepalived/keepalived.conf #修改80端口为8080

 

systemctl restart keepalived

ipvsadm -L -n

 

 

 

 

yum install -y httpd-tools

 curl 192.168.100.214:8080

 curl 192.168.100.217:8080

 

开始压力测试

ab -n 100 -c 100 192.168.100.214:8080

ab -n 100 -c 100 192.168.100.217:8080

 

ab -n 100 -c 100 http://192.168.100.217:8080/index.jsp

 

7.测试前打开数优化 所有主机的

[root@localhost ~]# ulimit -n 65536

[root@localhost ~]# echo "* soft nofile 65536" >> /etc/security/limits.conf

[root@localhost ~]# echo "* hard nofile 65536" >> /etc/security/limits.conf

 

#用户打开数优化

vi /etc/security/limits.d/20-nproc.conf

* soft nproc 66666

* hard nproc 66666

 

客户端的time超时连接注意没有了再测试

[root@localhost ~]# netstat -anput |wc -l

压力测试开始 单台1W连接和1w客户端并发测试

5000的测试 开始瞬间1w会不稳定

 

 

keepalived配置说明参考

https://www.cnblogs.com/ivictor/p/5261445.html

 

全网映射
https://www.cnblogs.com/hixiaowei/p/9913448.html

 

 

 

 

相关文章