CentOS 7 LVS(包含UDP)安装

来源：互联网发布：多益网络客户端编辑：程序博客网时间：2024/06/05 08:25

一、介绍

本文介绍有CentOS 7上安装负载均衡器，并且用keepalived保持主备，用206，207二台电脑做负载均衡器，同时负载均衡TCP和UDP协议，201，202，203三台电脑做真实服务器，负载均衡的端口是10000，结构图如下：

负载均衡器上安装ipvsadm, keepalived，(TCP,UDP)都负载均衡10000端口

真实服务器上打开虚拟IP，安装TCP，UDP服务，打开10000端口

二、负载均衡器上安装ipvsadm

CentOS 7已经包含LVS内核，只要安装LVS控制器ipvsadm，206，207上都要安装

# yum -y install ipvsadm

或者下载rpm文件 ipvsadm-1.27-7.el7.x86_64.rpm

# rpm -ivh ipvsadm-1.27-7.el7.x86_64.rpm

查看ipvsadm安装结果

#ipvsadm

三、负载均衡器上安装keepalived

# yum -y install keepalived

或者下载rpm文件 keepalived-1.3.5-1.el7.x86_64.rpm

# rpm -ivh keepalived-1.3.5-1.el7.x86_64.rpm

查看keepalived安装情况，keepalived服务默认不是开机启动，

#systemctl status keepalived

激活keepalived服务开机自动启动（不是启动）

#systemctl enabled keepalived

先不启动keepalived服务，等配置完了再启动

三、负载均衡器上编辑UDP侦测脚本

(1) 安装nmap网络侦测软件

#yum -y install nmap

(2) 编辑/etc/keepalived/UDP_CHECK.sh

#vi /etc/keepalived/UDP_CHECK.sh

#!/bin/bash

# /usr/bin/nmap --system-dns -sU -p$2 $1 | grep 'udp open' >/dev/null

# exit $?

if [ $# -ne 2 ];then

echo "Warning: UDP_CHECK error."

exit 1

else

CMD=`/usr/bin/nmap --system-dns -sU -p$2 $1 | grep "udp open" | wc -l`

if [ ${CMD} -eq 1 ];then

exit 0

exit 1

(3) 更新UDP_CHECK.sh的执行权限

#chmod +x /etc/keepalived/UDP_CHECK.sh

四、配置keepalived

配置：206为MASTER，207为BACKUP,如果优先级不一样，级别高的master重启后会接管BACKUP，相当于客户端断开重连

#vi /etc/keepalived/keepalived.conf

注意红色字体以及TCP和UDP的不同配置，206上配置如下

global_defs {

notification_email {

zhangxz@189.cn

}

notification_email_from service@189.cn

smtp_server mail.189.cn

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_instance VI_1 {

state MASTER #206为MASTER

interface ens18 #我的机器网卡名称

virtual_router_id 51

priority 200 #优先级, MASTER优先级高些

advert_int 1

authentication {

auth_type PASS

auth_pass rxdai6688

}

virtual_ipaddress {

192.168.110.200

}

######## start #############################

virtual_server 192.168.110.200 10000 {

delay_loop 6

lb_algo rr

lb_kind DR

protocol TCP

real_server 192.168.110.201 10000{

weight 5

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

real_server 192.168.110.202 10000{

weight 5

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

real_server 192.168.110.203 10000{

weight 5

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

virtual_server 192.168.110.200 10000 {

delay_loop 6

lb_algo rr

lb_kind DR

protocol UDP

real_server 192.168.110.201 10000{

weight 5

MISC_CHECK {

misc_path "/etc/keepalived/UDP_CHECK.sh 192.168.110.201 10000"

misc_timeout 3

}

real_server 192.168.110.202 10000{

weight 5

MISC_CHECK {

misc_path "/etc/keepalived/UDP_CHECK.sh 192.168.110.201 10000"

misc_timeout 3

}

real_server 192.168.110.203 10000{

weight 5

MISC_CHECK {

misc_path "/etc/keepalived/UDP_CHECK.sh 192.168.110.201 10000"

misc_timeout 3

}

注意红色字体，207上配置如下

global_defs {

notification_email {

zhangxz@189.cn

}

notification_email_from service@189.cn

smtp_server mail.189.cn

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_instance VI_1 {

state BACKUP #207为BACKUP

interface ens18 #我的机器网卡名称

virtual_router_id 51

priority 100 #优先级, BACKUP优先级低些

advert_int 1

authentication {

auth_type PASS

auth_pass rxdai6688

}

virtual_ipaddress {

192.168.110.200

}

######## start #############################

virtual_server 192.168.110.200 10000 {

delay_loop 6

lb_algo rr

lb_kind DR

protocol TCP

real_server 192.168.110.201 10000{

weight 5

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

real_server 192.168.110.202 10000{

weight 5

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

real_server 192.168.110.203 10000{

weight 5

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

}

virtual_server 192.168.110.200 10000 {

delay_loop 6

lb_algo rr

lb_kind DR

protocol UDP

real_server 192.168.110.201 10000{

weight 5

MISC_CHECK {

misc_path "/etc/keepalived/UDP_CHECK.sh 192.168.110.201 10000"

misc_timeout 3

}

real_server 192.168.110.202 10000{

weight 5

MISC_CHECK {

misc_path "/etc/keepalived/UDP_CHECK.sh 192.168.110.201 10000"

misc_timeout 3

}

real_server 192.168.110.203 10000{

weight 5

MISC_CHECK {

misc_path "/etc/keepalived/UDP_CHECK.sh 192.168.110.201 10000"

misc_timeout 3

}

五、启动keepalived

#systemctl start keepalived

查看keepalived启动情况

#systemctl status keepalived

六、真实服务器在LoopBack网卡上配置虚拟IP

在三台真实服务器上执行同样的操作

(1)#vi /etc/init.d/lvsrealvip

#!/bin/bash

# chkconfig: 35 99 10

# description: tune lo:0 interface and arp response for lvs-real servers.

WEB_VIP=192.168.110.200

case "$1" in

start)

ifconfig lo:0 $WEB_VIP netmask 255.255.255.255 broadcast $WEB_VIP up

/sbin/route add -host $WEB_VIP dev lo:0

echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2">/proc/sys/net/ipv4/conf/all/arp_announce

sysctl -p >/dev/null 2>&1

echo "RealServer Start OK"

;;

stop)

ifconfig lo:0 down

route del $WEB_VIP >/dev/null 2>&1

echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "0">/proc/sys/net/ipv4/conf/lo/arp_announce

echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore

echo "0">/proc/sys/net/ipv4/conf/all/arp_announce

echo "RealServer Stoped"

;;

status)

# Status of LVS-DR real server.

islothere=`/sbin/ifconfig lo:0 | grep $WEB_VIP`

isrothere=`netstat -rn | grep "lo:0" | grep $web_VIP`

if [ ! "$islothere" -o ! "isrothere" ];then

# Either the route or the lo:0 device

# not found.

echo "LVS-DR real server Stopped."

else

echo "LVS-DR Running."

;;

# Invalid entry.

echo "$0: Usage: $0 {start|status|stop}"

exit 1

;;

esac

exit 0

(2)激活开机启动，并直接启动

#systemctl enable lvsrealvip

#systemctl start lvsrealvip

#systemctl status lvsrealvip

阅读全文

0 0