LVS+DR+apache+keepalived负载均衡

1、首先准备两台服务器

|-----|------------|
| ip | 10.0.1.32 |
| ip | 10.0.1.33 |
| vip | 10.0.1.100 |

2、关闭防火墙

```shell

systemctl stop firewalld

systemctl disable firewalld

sed -i '/^SELINUX=/s/enforcing/disabled/' /etc/selinux/config

grep '^SELINUX=' /etc/selinux/config

setenforce off

reboot

```

3、安装keepalived,两台机器都需要安装

```shell

yum -y install keepalived

```

4、打开keepalived的配置文件，首先配置主的文件

```shell

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 192.168.200.1

smtp_connect_timeout 30

router_id LVS_DEVEL

vrrp_skip_check_adv_addr

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_instance VI_1 {

state MASTER #这里要改成主的

interface ens33 #这个网卡名字一定要写自己的 我的是ens33

virtual_router_id 51

priority 100 #这个是优先级主的优先级一定要比从的优先级高

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

10.0.1.100 #vip地址

}

}

virtual_server 10.0.1.100 80 {

delay_loop 6

lb_algo rr

lb_kind DR

nat_mask 255.255.255.0

protocol TCP

real_server 10.0.1.32 80 {

weight 1

TCP_CHECK {

connect_timeout 3

connect_port 80

nb_get_retry 3

delay_before_retry 3

}

}

real_server 10.0.1.33 80 {

weight 1

TCP_CHECK {

connect_timeout 3

connect_port 80

nb_get_retry 3

delay_before_retry 3

}

}

}

vrrp_strict #centos7里的keepalived有一个广播 这个需要删除 切记

```

5、配置从的文件，比主的文件有一点差别

```shell

vim /etc/keepalived/keealived.con

! Configuration File for keepalived

global_defs {

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 192.168.200.1

smtp_connect_timeout 30

router_id LVS_DEVEL

vrrp_skip_check_adv_addr

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_instance VI_1 {

state BACKUP #这个要写从

interface ens33 #网卡名字要写成自己的

virtual_router_id 51

priority 90 #从的优先级一定要比主的优先级要低

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

10.0.1.100 #vip要和主的配置的一致

}

}

virtual_server 10.0.1.100 80 {

delay_loop 6

lb_algo rr

lb_kind DR

nat_mask 255.255.255.0

protocol TCP

real_server 10.0.1.33 80 {

weight 1

TCP_CHECK {

connect_timeout 3

connect_port 80

nb_get_retry 3

delay_before_retry 3

}

}

real_server 10.0.1.32 80 {

weight 1

TCP_CHECK {

connect_timeout 3

connect_port 80

nb_get_retry 3

delay_before_retry 3

}

}

}

vrrp_strict #centos7里的keepalived有一个广播 这个需要删除 切记

```

6、重启keepalived，两个机子都需要重启

```shell

systemctl restart keepalived

```

7、查看主的vip是否存在

```shell

[root@node2 network-scripts]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet 10.0.1.100/32 brd 10.0.1.100 scope global lo:0

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

link/ether 00:0c:29:0e:cc:e5 brd ff:ff:ff:ff:ff:ff

inet 10.0.1.32/24 brd 10.0.1.255 scope global noprefixroute ens33

valid_lft forever preferred_lft forever

inet 10.0.1.100/32 scope global ens33

valid_lft forever preferred_lft forever

inet6 fe80::67a:22ad:a7c5:73/64 scope link noprefixroute

valid_lft forever preferred_lft forever

```

8、关闭主的keepalived，查看vip是否漂移到从上

主：systemctl stop keepalived

从：

[root@localhost html]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet 10.0.1.100/32 brd 10.0.1.100 scope global lo:0

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000

link/ether 00:0c:29:45:8a:35 brd ff:ff:ff:ff:ff:ff

inet 10.0.1.32/24 brd 10.0.1.255 scope global noprefixroute ens33

valid_lft forever preferred_lft forever

inet 10.0.1.100/32 scope global ens33

valid_lft forever preferred_lft forever

inet6 fe80::de48:34e2:d290:a46/64 scope link noprefixroute

valid_lft forever preferred_lft forever

3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000

link/ether 52:54:00:65:fe:02 brd ff:ff:ff:ff:ff:ff

inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0

valid_lft forever preferred_lft forever

4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000

link/ether 52:54:00:65:fe:02 brd ff:ff:ff:ff:ff:ff

复制代码

如果成功，代表keepalived配置成功

主：开启keepalived

systemctl restart keepalived

9、安装ipvsadm，两个服务器都需要安装、

yum -y install ipvsadm

10、增加服务器的接口

复制代码

[root@localhost ~]# cd /etc/sysconfig/network-scripts/

[root@localhost network-scripts]# ls

ifcfg-ens33 ifdown-eth ifdown-post ifdown-TeamPort ifup-eth ifup-plip ifup-sit init.ipv6-global

ifcfg-lo ifdown-ib ifdown-ppp ifdown-tunnel ifup-ib ifup-plusb ifup-Team network-functions

ifcfg-lo:0 ifdown-ippp ifdown-routes ifup ifup-ippp ifup-post ifup-TeamPort network-functions-ipv6

ifdown ifdown-ipv6 ifdown-sit ifup-aliases ifup-ipv6 ifup-ppp ifup-tunnel

ifdown-bnep ifdown-isdn ifdown-Team ifup-bnep ifup-isdn ifup-routes ifup-wireless

[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0

复制代码

11、修改cp的接口

复制代码

[root@localhost network-scripts]# vim ifcfg-lo:0

[root@localhost network-scripts]# cat ifcfg-lo:0

DEVICE=lo:0

IPADDR=10.0.1.100

NETMASK=255.255.255.255

ONBOOT=yes

[root@localhost network-scripts]# ifup ifcfg-lo:0

ifconfig

复制代码

12、另一台服务器做同样的操作

13、查看ifconfig看两台服务器的vip添加上没有

14、两台服务器执行操作

ipvsadm --save > /etc/sysconfig/ipvsadm

ipvsadm -A -t 10.0.1.100:80 -s rr

ipvsadm -a -t 10.0.1.100:80 -r 10.0.1.33:80 -g

ipvsadm -a -t 10.0.1.100:80 -r 10.0.1.32:80 -g

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

route add -host 10.0.1.100 dev lo:0

systemctl restart ipvsadm

systemctl status ipvsadm

复制代码

15、两台服务器执行ipvsadm查看是否成功

复制代码

[root@localhost ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 10.0.1.100:80 rr

-> 10.0.1.33:80 Route 1 0 0

-> 10.0.1.32:80 Route 1 0 7

[root@localhost ~]#

复制代码

16、两台服务器查看vip是否存在

复制代码

[root@localhost ~]# route -n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 10.0.1.2 0.0.0.0 UG 100 0 0 ens33

10.0.1.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33

10.0.1.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo

192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0

[root@localhost ~]#

复制代码

17、两台服务器源码安装Apache

yum -y install httpd

18、编写测试页面

第一台服务器

[root@localhost ~]#

[root@localhost ~]# cat /var/www/html/index.html

1111

[root@localhost ~]#

第二台服务器

[root@localhost ~]# vim /var/www/html/index.html

[root@localhost ~]# cat /var/www/html/index.html

2222

[root@localhost ~]#

19、两台服务器更改Apache配置文件

复制代码

#http的持久链接主要依靠keepalive

KeepAlive OFF #关闭KeeoAlive长链接

KeepAliveTimeout 15 #长连接多久算是超时，超时之后自动断开长连接

MaxKeepAliveRequests 100 #长连接最多接受多少个请求，请求数量大于改值则自动断开

开启Apache

systemctl restart httpd