这里使用NAT工作模式,lvs指向两台后端web访问
检查是否支持ipvs
从Linux内核版本2.6起,ip_vs code已经被整合进了内核中
modprobe -l |grep ipvs
安装LVS管理工具
# 安装依赖包
yum install -y wget make kernel-devel gcc gcc-c++ libnl* libpopt* popt-static
# 安装ipvsadm
yum install ipvsadm
创建虚IP
需要为应用配置单独的IP地址,以达到主机与应用的分离,在应用切换与迁移过程中可以做到动态切换
查看本机ip:
[root@LVS01 ~]# ifconfig
docker0 Link encap:Ethernet HWaddr 56:EB:44:A1:37:90
inet addr:10.0.3.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: fe80::104e:6cff:fe8f:8fb/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:399575 errors:0 dropped:0 overruns:0 frame:0
TX packets:7396456 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:157678112 (150.3 MiB) TX bytes:444976200 (424.3 MiB)
eth0 Link encap:Ethernet HWaddr FA:16:3E:AB:CA:6C
inet addr:10.99.196.55 Bcast:10.99.196.255 Mask:255.255.255.0
inet6 addr: fe80::f816:3eff:feab:ca6c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:47783042 errors:0 dropped:0 overruns:0 frame:0
TX packets:47441145 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:13525970743 (12.5 GiB) TX bytes:10718236327 (9.9 GiB)
...
新增虚ip:
会在重启后失效(可以写入network-script配置文件中)
ifconfig eth0:1 10.99.196.56 netmask 255.255.255.0
ifconfig eth0:1 up # 启动网卡eth0的子接口
# 移除方法
# ip addr del 192.168.109.108/24 dev eth0
# ifconfig eth0:1 up
联通测试:
[root@LVS01 ~]# ping 10.99.196.56
PING 10.99.196.56 (10.99.196.56) 56(84) bytes of data.
64 bytes from 10.99.196.56: icmp_seq=1 ttl=64 time=0.028 ms
64 bytes from 10.99.196.56: icmp_seq=2 ttl=64 time=0.039 ms
64 bytes from 10.99.196.56: icmp_seq=3 ttl=64 time=0.055 ms
后端机搭建web访问
这里起了两台后端机,用docker启了两个web服务
mkdir -p /home/wwwroot/test/
echo "RS01" > /home/wwwroot/test/index.html
docker run -i -t -p 8085:80 -v /home/wwwroot/test/:/home/wwwroot/ registry.qianmo.baidu.com/qianmo/msgqa/mawmd/981/public/qt_baidu_com
测试:
[root@LVS01 ~]# curl 10.99.200.241:8085
RS01
[root@LVS01 ~]# curl 10.101.43.103:8085
RS02
[root@LVS01 ~]#
配置LVS
启动Linux的路由转发功能
echo 1 > /proc/sys/net/ipv4/ip_forward
定义一个集群服务
ipvsadm -A -t 10.99.196.56:8050 -s rr
添加RealServer
[root@LVS01 ~]# ipvsadm -a -t 10.99.196.56:8050 -r 10.99.200.241:8085 -m
[root@LVS01 ~]# ipvsadm -a -t 10.99.196.56:8050 -r 10.101.43.103:8085 -m
查看规则列表
[root@LVS01 ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.99.196.56:8050 rr
-> 10.99.200.241:8085 Masq 1 0 0
-> 10.101.43.103:8085 Masq 1 0 0
测试LVS
请求vip验证是否能够返回两个后端
[root@LVS01 ~]# curl 10.99.196.56:8050
RS02
[root@LVS01 ~]# curl 10.99.196.56:8050
RS01
[root@LVS01 ~]# curl 10.99.196.56:8050
RS02
[root@LVS01 ~]# curl 10.99.196.56:8050
RS01
[root@LVS01 ~]# curl 10.99.196.56:8050
RS02
[root@LVS01 ~]# curl 10.99.196.56:8050
RS01
其他
Heartbeat提供了 ldiretor检测
首先架构应该是前面有2台lvs机器,2个都安装heartbeat,做主备,后面接1个以上实际的访问主机
ldirected是heartbeat的一个插件,如果其中一个机器坏了,会自动从lvs中剔除,如果lvs机器坏了,会切换到备机
参考资料
- http://www.cnblogs.com/MacoLee/p/5856858.html
- http://superproxy.github.io/docs/lvs/
- http://blog.csdn.net/samxx8/article/details/50618110