LVS+DR+apache+keepalived负载均衡

1、首先准备两台服务器

|-----|------------|
| ip | 10.0.1.32 |
| ip | 10.0.1.33 |
| vip | 10.0.1.100 |

2、关闭防火墙

```shell

systemctl stop firewalld

systemctl disable firewalld

sed -i '/^SELINUX=/s/enforcing/disabled/' /etc/selinux/config

grep '^SELINUX=' /etc/selinux/config

setenforce off

reboot

```

3、安装keepalived,两台机器都需要安装

```shell

yum -y install keepalived

```

4、打开keepalived的配置文件，首先配置主的文件

```shell

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 192.168.200.1

smtp_connect_timeout 30

router_id LVS_DEVEL

vrrp_skip_check_adv_addr

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_instance VI_1 {

state MASTER #这里要改成主的

interface ens33 #这个网卡名字一定要写自己的 我的是ens33

virtual_router_id 51

priority 100 #这个是优先级主的优先级一定要比从的优先级高

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

10.0.1.100 #vip地址

}

}

virtual_server 10.0.1.100 80 {

delay_loop 6

lb_algo rr

lb_kind DR

nat_mask 255.255.255.0

protocol TCP

real_server 10.0.1.32 80 {

weight 1

TCP_CHECK {

connect_timeout 3

connect_port 80

nb_get_retry 3

delay_before_retry 3

}

}

real_server 10.0.1.33 80 {

weight 1

TCP_CHECK {

connect_timeout 3

connect_port 80

nb_get_retry 3

delay_before_retry 3

}

}

}

vrrp_strict #centos7里的keepalived有一个广播 这个需要删除 切记

```

5、配置从的文件，比主的文件有一点差别

```shell

vim /etc/keepalived/keealived.con

! Configuration File for keepalived

global_defs {

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 192.168.200.1

smtp_connect_timeout 30

router_id LVS_DEVEL

vrrp_skip_check_adv_addr

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_instance VI_1 {

state BACKUP #这个要写从

interface ens33 #网卡名字要写成自己的

virtual_router_id 51

priority 90 #从的优先级一定要比主的优先级要低

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

10.0.1.100 #vip要和主的配置的一致

}

}

virtual_server 10.0.1.100 80 {

delay_loop 6

lb_algo rr

lb_kind DR

nat_mask 255.255.255.0

protocol TCP

real_server 10.0.1.33 80 {

weight 1

TCP_CHECK {

connect_timeout 3

connect_port 80

nb_get_retry 3

delay_before_retry 3

}

}

real_server 10.0.1.32 80 {

weight 1

TCP_CHECK {

connect_timeout 3

connect_port 80

nb_get_retry 3

delay_before_retry 3

}

}

}

vrrp_strict #centos7里的keepalived有一个广播 这个需要删除 切记

```

6、重启keepalived，两个机子都需要重启

```shell

systemctl restart keepalived

```

7、查看主的vip是否存在

```shell

root@node2 network-scripts\]# ip a 1: lo: \ mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 10.0.1.100/32 brd 10.0.1.100 scope global lo:0 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: \ mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:0e:cc:e5 brd ff:ff:ff:ff:ff:ff inet 10.0.1.32/24 brd 10.0.1.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 10.0.1.100/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::67a:22ad:a7c5:73/64 scope link noprefixroute valid_lft forever preferred_lft forever \`\`\` 8、关闭主的keepalived，查看vip是否漂移到从上 主：systemctl stop keepalived 从： \[root@localhost html\]# ip a 1: lo: \ mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 10.0.1.100/32 brd 10.0.1.100 scope global lo:0 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: \ mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:45:8a:35 brd ff:ff:ff:ff:ff:ff inet 10.0.1.32/24 brd 10.0.1.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 10.0.1.100/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::de48:34e2:d290:a46/64 scope link noprefixroute valid_lft forever preferred_lft forever 3: virbr0: \ mtu 1500 qdisc noqueue state DOWN group default qlen 1000 link/ether 52:54:00:65:fe:02 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: \ mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000 link/ether 52:54:00:65:fe:02 brd ff:ff:ff:ff:ff:ff 复制代码 如果成功，代表keepalived配置成功 主：开启keepalived systemctl restart keepalived 9、安装ipvsadm，两个服务器都需要安装、 yum -y install ipvsadm 10、增加服务器的接口 复制代码 \[root@localhost \~\]# cd /etc/sysconfig/network-scripts/ \[root@localhost network-scripts\]# ls ifcfg-ens33 ifdown-eth ifdown-post ifdown-TeamPort ifup-eth ifup-plip ifup-sit init.ipv6-global ifcfg-lo ifdown-ib ifdown-ppp ifdown-tunnel ifup-ib ifup-plusb ifup-Team network-functions ifcfg-lo:0 ifdown-ippp ifdown-routes ifup ifup-ippp ifup-post ifup-TeamPort network-functions-ipv6 ifdown ifdown-ipv6 ifdown-sit ifup-aliases ifup-ipv6 ifup-ppp ifup-tunnel ifdown-bnep ifdown-isdn ifdown-Team ifup-bnep ifup-isdn ifup-routes ifup-wireless \[root@localhost network-scripts\]# cp ifcfg-lo ifcfg-lo:0 复制代码 11、修改cp的接口 复制代码 \[root@localhost network-scripts\]# vim ifcfg-lo:0 \[root@localhost network-scripts\]# cat ifcfg-lo:0 DEVICE=lo:0 IPADDR=10.0.1.100 NETMASK=255.255.255.255 ONBOOT=yes \[root@localhost network-scripts\]# ifup ifcfg-lo:0 ifconfig 复制代码 12、另一台服务器做同样的操作 13、查看ifconfig看两台服务器的vip添加上没有 14、两台服务器执行操作 ipvsadm --save \> /etc/sysconfig/ipvsadm ipvsadm -A -t 10.0.1.100:80 -s rr ipvsadm -a -t 10.0.1.100:80 -r 10.0.1.33:80 -g ipvsadm -a -t 10.0.1.100:80 -r 10.0.1.32:80 -g echo "1" \>/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" \>/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" \>/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" \>/proc/sys/net/ipv4/conf/all/arp_announce route add -host 10.0.1.100 dev lo:0 systemctl restart ipvsadm systemctl status ipvsadm 复制代码 15、两台服务器执行ipvsadm查看是否成功 复制代码 \[root@localhost \~\]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -\> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 10.0.1.100:80 rr -\> 10.0.1.33:80 Route 1 0 0 -\> 10.0.1.32:80 Route 1 0 7 \[root@localhost \~\]# 复制代码 16、两台服务器查看vip是否存在 复制代码 \[root@localhost \~\]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.1.2 0.0.0.0 UG 100 0 0 ens33 10.0.1.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 10.0.1.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 \[root@localhost \~\]# 复制代码 17、两台服务器源码安装Apache yum -y install httpd 18、编写测试页面 第一台服务器 \[root@localhost \~\]# \[root@localhost \~\]# cat /var/www/html/index.html 1111 \[root@localhost \~\]# 第二台服务器 \[root@localhost \~\]# vim /var/www/html/index.html \[root@localhost \~\]# cat /var/www/html/index.html 2222 \[root@localhost \~\]# 19、两台服务器更改Apache配置文件 复制代码 #http的持久链接主要依靠keepalive KeepAlive OFF #关闭KeeoAlive长链接 KeepAliveTimeout 15 #长连接多久算是超时，超时之后自动断开长连接 MaxKeepAliveRequests 100 #长连接最多接受多少个请求，请求数量大于改值则自动断开 开启Apache systemctl restart httpd