Construction of LVS DR Model
Dead work
- Three machines
Distributor, also known as dispatcher (abbreviated as dir)
The gateway of the previous rs machine needs to be changed back
85.132
rs1
85.129
rs2
85.128
vip
85.200
DR Model Building
- Write the script vim/usr/local/sbin/lvs_dr.sh on dir
The contents are as follows
#! /bin/bash
echo 1 > /proc/sys/net/ipv4/ip_forward
ipv=/usr/sbin/ipvsadm
vip=192.168.85.200
rs1=192.168.85.129
rs2=192.168.85.128
#Notice the name of the network card here.
ifdown ens37 #Intranet NIC
ifup ens37
ifconfig ens37:2 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev ens37:2
$ipv -C
$ipv -A -t $vip:80 -s wrr
$ipv -a -t $vip:80 -r $rs1:80 -g -w 1
$ipv -a -t $vip:80 -r $rs2:80 -g -w 1- The script vim/usr/local/sbin/lvs_rs.sh is also written on both rs.
The contents are as follows
#/bin/bash
vip=192.168.85.200
#The purpose of binding vip to lo is to implement rs to return the result directly to the client
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
#The following is to change the arp kernel parameters in order to enable rs to smoothly send mac addresses to the client
#Reference document www.cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announceExecute these scripts on dir and two rs respectively
- The intranet card ens37 on dir binds VIP 192.168.85.200, and lo on rs binds VIP.
Visiting VIP through browser can play the same role of load balancing as NAT mode.
keepalived lvs
The complete architecture requires two servers (role dir) to install keepalived software separately in order to achieve high availability, but keepalived itself also has the function of load balancing, so only one keepalived software can be installed in this experiment.
keepalived has built-in ipvsadm functionality, so there is no need to install the ipvsadm package, nor to write and execute the lvs_dir script
The three machines are:
dir (installation keepalived) 85.132
rs1 85.129
rs2 85.128
vip 85.200Edit the keepalived configuration file vim/etc/keepalived/keepalived.conf
content
vrrp_instance VI_1 {
#BACKUP on the standby server
state MASTER
#The network card bound to vip is ens37
interface ens37
virtual_router_id 51
#90 on standby server
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass aminglinux
}
virtual_ipaddress { #Address of VIP
192.168.85.200
}
}
virtual_server 192.168.85.200 80 { #Address of VIP
#(Query realserver status every 10 seconds)
delay_loop 10
#(lvs algorithm)
lb_algo wlc
#(DR mode)
lb_kind DR
#(The same IP connection is assigned to the same RealServer within 60 seconds)
persistence_timeout 60
#(Check realserver status with TCP protocol)
protocol TCP
real_server 192.168.85.129 80 { #IP of rs
#(weight)
weight 100
TCP_CHECK {
#(10 seconds no response timeout)
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.85.128 80 { #IP of rs
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}Execute ipvsadm-C to clear previous ipvsadm rules
System CTL restart network can empty the previous vip
On both rs, the / usr/local/sbin/lvs_rs.sh script still needs to be executed
The dir does not need to execute scripts, but it needs to execute the command of forwarding routing:
echo 1 > /proc/sys/net/ipv4/ip_forwardKeeping alived has a better function that can stop forwarding requests when an rs downtime occurs.
test
Start keepalived on dir, system CTL start keepalived
Ipvsadm-ln checks which rs are connected and if any Nginx is turned off, it will be rejected
extend
haproxy+keepalived http://blog.csdn.net/xrt95050/article/details/40926255
Comparison of nginx, lvs and haproxy http://www.csdn.net/article/2014-07-24/2820837
Custom script vrrp_script in keepalived http://my.oschina.net/hncscwc/blog/158746
Implementation of lvs dr mode using only one public network ip http://storysky.blog.51cto.com/628458/338726