Solution of LVS Dr + preserved

Keywords: firewall Linux Vmware network

Reference resources

https://www.cnblogs.com/liaojiafa/p/6087276.html

Four hosts are in a LAN. The ip of LVS_master is 192.168.1.196, LVS backup is 192.168.1.197, the ip of two web servers is 192.168.1.200192.168.1.201, and the virtual ip is 192.168.1.198. It can be seen from the keepalived configuration file.

The experimental environment is vmware, which virtual out four linux host network cards are all bridge mode. The system version is: CentOS Linux release 7.3.1611 (Core)

[1] Install ipvsadm and maintained
 

[2] Configure master-slave LVS server

a. Turn on route forwarding function

b. LVS? Master kept profile

[root@localhost keepalived]# cat keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_MASTER
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.198
        }
}


virtual_server 192.168.1.198 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
#    persistence_timeout 50
    protocol TCP

    real_server 192.168.1.200 80 {
        weight 1
        TCP_CHECK {

            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }

    real_server 192.168.1.201 80 {
        weight 1
        TCP_CHECK {

            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}

c. LVS? Backup profile

[root@localhost ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_BACK
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.198
        }
}


virtual_server 192.168.1.198 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
#    persistence_timeout 50
    protocol TCP

    real_server 192.168.1.200 80 {
        weight 1
        TCP_CHECK {

            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }

    real_server 192.168.1.201 80 {
        weight 1
        TCP_CHECK {

            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}

d. Running the keepalived service on two LVS

e. Configure two WEB services

Perform the following operations on the two servers respectively:

Edit sysctl.conf file

[root@localhost ~]# cat /etc/sysctl.conf 
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.conf.ens33.arp_ignore = 1
net.ipv4.conf.ens33.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

restart

[root@localhost ~]# sysctl -p
net.ipv4.conf.ens33.arp_ignore = 1
net.ipv4.conf.ens33.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

Configure lo interface ip

ifconfig lo 192.168.1.198 netmask 255.255.255.255 broadcast 192.168.1.198 up

Add a route

 route add -host 192.168.1.198 dev lo

It is recommended not to forget to write the add command of adding VIP in rc.local to save the trouble of manual configuration after power on:

[root@localhost ~]# cat /etc/rc.local 
#!/bin/bash
# THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES
#
# It is highly advisable to create own systemd services or udev rules
# to run scripts during boot instead of using this file.
#
# In contrast to previous versions due to parallel execution during boot
# this script will NOT be run after all other services.
#
# Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure
# that this script will be executed during boot.

touch /var/lock/subsys/local
ifconfig lo 192.168.1.198 netmask 255.255.255.255 broadcast 192.168.1.198 up
route add -host 192.168.1.198 dev lo

Posted by voitek on Fri, 31 Jan 2020 07:53:49 -0800