Shulou(Shulou.com)06/03 Report--

LVS+keepalived High availability Cluster experiment purpose:

Use keepalived to realize LVS dual-computer hot backup.

Experimental environment: host operating system IP address main software LVS load scheduler CentOS 7.3 x86_64192.168.217.128keepalivedLVS load scheduler CentOS 7.3 x86_64192.168.217.129keepalivedweb server 1CentOS 7.3 x86_64192.168.217.130httpweb server 2CentOS 7.3 x86_64192.168.217.131httpNFS shared storage CentOS 7.3x86x64192.168.217.132 client Windows 7192.168.217.133 configuration LVS load scheduler installation required software Add virtual network card: yum install keepalived ipvsadm-y # install lvs management tools and keepalivedcd / etc/sysconfig/network-scripts/ cp ifcfg-ens32 ifcfg-ens32:0 # copy the existing network card as virtual network card Add the following content DEVICE=ens32:0ONBOOT=yesIPADDR=192.168.217.10 # virtual network card address VIP NETMASK=255.255.255.255ifup ens32:0 # enable virtual network card enable route forwarding function: vim / etc/sysctl.confnet.ipv4.ip_forward=1 # enable route forwarding function # proc response shutdown and reset Create an ipvsadm startup script to the function net.ipv4.conf.all.send_redirects = 0net.ipv4.conf.default.send_redirects = 0net.ipv4.conf.ens32.send_redirects = 0: modprobe ip_vs # loads the LVS template cd / etc/init.d/vim dr.shrunken Binram GWBN 192.168.217.1 # Gateway VIP=192.168.217.10 # Virtual IPRIP1=192.168.217.130 # web server 1 address RIP2=192.168.217.131 # web server 2 address case "$1" instart) / sbin/ipvsadm-- save > / etc/sysconfig/ipvsadm # versions above centos 7 need to save policy to enable service systemctl start ipvsadm # enable service / sbin/ifconfig ens32:0$ VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up / sbin/route add-host $VIP dev ens32:0 # add network segment / sbin/ipvsadm-A-t $VIP:80-s rr # add virtual server / sbin/ipvsadm-a-t $VIP:80-r $RIP1:80-g # add a real server using DR cluster mode / sbin/ipvsadm-a-t $VIP:80-r $RIP2:80-g echo "ipvsadm starting-[ok]" Stop) / sbin/ipvsadm-C # clear node server systemctl stop ipvsadm # shut down service ifconfig ens32:0 down # close virtual network card Route del $VIP # Delete the network segment echo "ipvsamd stoped-- [ok]" ; status) if [!-e / var/lock/subsys/ipvsadm]; then # stoped otherwise runing echo "ipvsadm stoped-" exit 1 else echo "ipvsamd Runing-[ok]" fi if the file / var..../ipvsadm is not matched *) echo "Usage: $0 {start | stop | status}" exit 1 esac exit 0chmod + x dr.sh # add permissions service dr.sh start # enable the service

Note: you can not do keepalived, do web server, test whether it can be scheduled.

Configure keepalived: vim / etc/keepalived/keepalived.confglobal_defs {... smtp_server 127.0.0.1 # points to the local router_id LVS_01 # master scheduling server name To have a different name from the slave scheduling server.} vrrp_instance VI_1 {state MASTER # Slave scheduling server is BACKUPvirtual_router_id 10 # group number master and slave group number should be the same... auth_pass abc123 # verify password master-slave same priority 100 # priority master The slave priority cannot be greater than the master. Virtual_ipaddress {# virtual IP address pool 192.168.217.10}... virtual_server 192.168.217.10 80 {# virtual IP address delay_loop 6lb_algo rr # load scheduling algorithm lb_kind DR # cluster mode. Real_server 192.168.217. 13080 {# web server address weight 1 # weight TCP_CHECK {# check method connect_port 80 # listening port connect_timeout 3 # link timeout (seconds) nb_get_retry 3 # retries Delay_before_retry 3 # retry interval}} real_server 192.168.1217.131 80 {weight 1 TCP_CHECK {connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3}} systemctl start keepalived # enable service ip addr show dev ens32:0 # check Look at the virtual network card systemctl stop firewalld.service # turn off the firewall

Note: the master and slave scheduler names should be different, the group number should be the same, the authentication password should be the same, and the priority should not be greater than the master.

Except for the above differences, the configuration of the master-slave scheduler is the same, the IP address is different, and the virtual IP is the same.

Configure the web server installation service, enable, disable, mount: yum install http-ysystemctl start httpd.service systemctl stop firewalld.servicemount.nfs 192.168.217.132:/opt/benet / var/www/html # Mount the file cd / var/www/html/echo "this is accp web" > index.html # provided by nfs to add different test home pages to facilitate the difference. Configure the virtual IP: cd / etc/sysconfig/network-scriptscp ifcfg-lo ifcfg-lo:0 # copy the loopback address as the virtual IPvim ifcfg-lo:0DEVICE=lo:0IPADDR=192.168.217.10NETMASK=255.255.255.255ONBOOT=yesifup lo:0 # starting the virtual address overwrites the original address to make the script for the receiving scheduling server: cd / etc/init.d/vim web.shemaking server bin / BashVIP=192.168.217.10 case "$1" in start) ifconfig lo:0$ VIP netmask 255.255.255.255 broadcast $VIP # enable virtual IP / sbin/route add-host $VIP dev lo:0 # add network segment echo "1" > / proc/sys/net/ipv4/conf/lo/arp_ignore Echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce echo "1" > / proc/sys/net/ipv4/conf/all/arp_ignore echo "2" > / proc/sys/net/ipv4/conf/all/arp_announce sysctl-p > / dev/null 2 > & 1 Echo "RealServer Start OK" # the above content only accepts feedback from the scheduling server stop) ifconfig lo:0 down route del $VIP / dev/null 2 > & 1 echo "0" > / proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" > / proc/sys/net/ipv4/conf/lo/arp_announce echo "0" > / proc/ Sys/net/ipv4/conf/all/arp_ignore echo "0" > / proc/sys/net/ipv4/conf/all/arp_announce echo "RealServer Stopd" ; *) echo "Usage: $0 {start | stop}" exit 1 esac exit 0chmod + x web.sh service web.sh start

Note: the web server configuration is the same.

The test uses win to access the virtual IP. If there is no problem, turn off the virtual gateway of LVS load scheduler 1, ifdown ens32:0, and continue the test. If the virtual gateway can still be accessed, the cluster is built successfully. Note: if it does not flush, you can restart the ipvsadm service or clear the browser cache. Note: if there is any mistake, welcome to point it out. Thanks for watching

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.