CentOS6下的 LB集群
程序员文章站
2022-05-07 15:42:15
...
先做初始化设置:https://blog.csdn.net/n_u_l_l_/article/details/103693449
要先做简单的规划:CentOS6RIP1 172.16.12.11RIP2 172.16.12.12PIP 172.16.12.21SIP 172.16.12.22VIP 172.16.12.20
RIP :
rip1、
[aaa@qq.comrip1 ~]# yum install httpd -y
[aaa@qq.comrip1 ~]# cd /var/www/html/
[aaa@qq.comrip1 html]# ls
[aaa@qq.comrip1 html]# echo -e "<h1>RIP1<h1>\n<h1>172.16.12.11<h1>" >> index.html
[aaa@qq.comrip1 html]# cat index.html
<h1>RIP1<h1>
<h1>172.16.12.11<h1>
[aaa@qq.comrip1 html]# /etc/init.d/httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for rip1
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[ OK ]
[aaa@qq.comrip1 html]# chkconfig httpd on //开机自启
rip2、
[aaa@qq.comrip2 ~]# yum install httpd -y
[aaa@qq.comrip2 ~]# cd /var/www/html/
[aaa@qq.comrip2 html]# ls
[aaa@qq.comrip2 html]# echo -e "<h1>RIP1<h1>\n<h1>172.16.12.12<h1>" >> index.html
[aaa@qq.comrip2 html]# cat index.html
<h1>RIP2<h1>
<h1>172.16.12.12<h1>
[aaa@qq.comrip2 html]# /etc/init.d/httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for rip2
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[ OK ]
[aaa@qq.comrip2 html]# chkconfig httpd on
绑定VIP和配置ARP防火墙:
装软件包
[aaa@qq.comrip1 html]# yum install openssh-clients -y
-
arptables 可以当作是linux下的ARP防火墙
-
arptables 是一个用户空间,用于管理内核中的ARP规则表,规则检查处理的是ARP数据帧。(arptables 类似 iptable,但比iptables简单,它需要载入内核模块arptable_filter)。
-
正常情况下,arptable_filter 只有一个表filter ,不指定-t 表名 时默认就是filter 表。
-
filter 表有两个链,一个是IN,表示外面发进来的ARP包;另外一个是OUT ,表示本机发出的ARP包。
-
内建的动作:ACCEPT 放行ARP包;DROP 丢掉ARP包;CONTINUE 继续下一规则;RETURN 不在这个链中继续进行匹配,返回到上一条链的下一条规则.
写个脚本具体实现:
分别发送给两个RIP,脚本里的IP切换成成具体RIP的的IP。
#!/bin/bash
VIP=172.16.x.x
RIP=172.16.x.x
arptables -F
arptables -A IN -d $VIP -j DROP
arptables -A OUT -s $VIP -j mangle --mangle-ip-s $RIP
/sbin/ifconfig eth0:1 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev eth0:1
我的就叫这个了。
[aaa@qq.comrip1 ~]# chmod +x arptables-config.sh
[aaa@qq.comrip1 ~]# ./arptables-config.sh
执行后输入指令就能看到了:
[aaa@qq.comrip1 ~]# arptables -L
Chain IN (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
DROP anywhere 172.16.12.20 anywhere anywhere any any any any
Chain OUT (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
mangle 172.16.12.20 anywhere anywhere anywhere any any any any --mangle-ip-s 172.16.12.11
Chain FORWARD (policy ACCEPT)
target source-ip destination-ip source-hw destination-hw hlen op hrd pro
ifconfig也能看到VIP。 eth0:1
[aaa@qq.comrip1 ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:F6:AA:FE
inet addr:172.16.12.11 Bcast:172.16.255.255 Mask:255.255.0.0
eth0:1 Link encap:Ethernet HWaddr 00:0C:29:F6:AA:FE
inet addr:172.16.12.20 Bcast:172.16.12.20 Mask:255.255.255.255
然后就可以设置开机自启了。
[aaa@qq.comrip1 ~]# echo "/root/arptables-config.sh" >> /etc/rc.local
[aaa@qq.comrip2 ~]# echo "/root/arptables-config.sh" >> /etc/rc.local
centos6 的rc.local本来就有执行权限所以不用再分配了。
两个RIP都这样配置。
PIP配置:
[aaa@qq.compip ~]# vim /etc/sysctl.conf
[aaa@qq.compip ~]# sysctl -p
net.ipv4.ip_forward = 1 <------这个改成1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 68719476736
kernel.shmall = 4294967296
[aaa@qq.compip ~]# yum install piranha -y
[aaa@qq.compip ~]# piranha-passwd
New Password: <------设置密码和确认密码
Verify:
Adding password for user piranha
启动web页面的那个服务:
注意:piranha这个软件有2个服务一个是web的页面,一个是真正的负载均衡服务。现在启动的是web页面。
[aaa@qq.compip ~]# /etc/init.d/piranha-gui start
然后在浏览器访问:
http://172.16.12.21:3636/ IP是PIP的
用户名:piranha
密码:就是上边设置的密码。
点击login登录。
输入用户名和密码。
就能看到首页了。
第二个模块。写PIP的,下边的默认就行。路由算法默认是DR
第三个模块,启用
写SIP的信息
第四个模块 添加
第四模块的第1子模块
第四模块的第2子模块
real server
有几个RIP就添加几个,我的是2个 ,最后是这样。
第四模块第3子模块,是用来做可用性检查的。
要写个检查脚本:
[aaa@qq.compip ~]# vim health-httpd.sh
#!/bin/bash
#检查 httpd 的健康状况
curl $1 &> /dev/null
if [ $? -eq 0 ]
then
echo "ok"
else
echo "filed"
fi
然后测试下。
[aaa@qq.compip ~]# chmod +x health-httpd.sh
[aaa@qq.compip ~]# ./health-httpd.sh 172.16.12.11
ok
[aaa@qq.compip ~]# ./health-httpd.sh 172.16.12.12
ok
[aaa@qq.compip ~]# ./health-httpd.sh 172.16.12.44
filed
这就ok了。
[aaa@qq.compip ~]# ln health-httpd.sh /bin/
然后链接到bin下。
发到SIP那里。
[aaa@qq.compip ~]# scp health-httpd.sh 172.16.12.22:/bin/
SIP测试脚本:
[aaa@qq.comsip ~]# health-httpd.sh 172.16.12.11
ok
[aaa@qq.comsip ~]# health-httpd.sh 172.16.12.12
ok
都通过的话就可以在网页输入了:
然后保存就可以了。
这里的配置文件不用写,但是是通过web网页来配置的。
就是下边这个。打开后就能看到在网页设置的东西了
[aaa@qq.compip ~]# vim /etc/sysconfig/ha/lvs.cf
serial_no = 15
primary = 172.16.12.21
service = lvs
backup_active = 1
backup = 172.16.12.22
heartbeat = 1
heartbeat_port = 539
keepalive = 6
deadtime = 18
network = direct
debug_level = NONE
monitor_links = 1
syncdaemon = 0
virtual LB-httpd {
active = 1
address = 172.16.12.20 eth0:1
vip_nmask = 255.255.0.0
port = 80
persistent = 50
pmask = 255.255.255.255
send = "GET / HTTP/1.0\r\n\r\n"
expect = "ok"
use_regex = 0
send_program = "/bin/health-httpd.sh %h"
load_monitor = none
scheduler = wlc
protocol = tcp
SIP配置:
[aaa@qq.comsip ~]# vim /etc/sysctl.conf
[aaa@qq.comsip ~]# sysctl -p
安装软件:
[aaa@qq.comsip ~]# yum install piranha -y
PIP将配置文件发给SIP:
[aaa@qq.compip ~]# scp /etc/sysconfig/ha/lvs.cf 172.16.12.22:/etc/sysconfig/ha/
PIP启动服务:
[aaa@qq.compip ~]# /etc/init.d/pulse start
Starting pulse: [ OK ]
[aaa@qq.compip ~]# chkconfig pulse on
SIP启动服务:
[aaa@qq.comsip ~]# /etc/init.d/pulse start
Starting pulse: [ OK ]
[aaa@qq.comsip ~]# chkconfig pulse on
PIP上能看到浮动IP 了:
[aaa@qq.compip ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:84:0C:FA
inet addr:172.16.12.21 Bcast:172.16.255.255 Mask:255.255.0.0
eth0:1 Link encap:Ethernet HWaddr 00:0C:29:84:0C:FA
inet addr:172.16.12.20 Bcast:172.16.255.255 Mask:255.255.0.0
SIP上没有浮动IP
访问测试:
能看到测试页。证明ok
测试高可用:
1、关掉PIP:
PIP:poweroff
SIP:浮动IP跑到SIP上了,这个会有延迟,要等一会
[aaa@qq.comsip ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:CA:E6:7D
inet addr:172.16.12.22 Bcast:172.16.255.255 Mask:255.255.0.0
eth0:1 Link encap:Ethernet HWaddr 00:0C:29:CA:E6:7D
inet addr:172.16.12.20 Bcast:172.16.255.255 Mask:255.255.0.0
服务没有停止。
2、现在访问的是RIP1 那里,然后停掉RIP1。
RIP1:
[aaa@qq.comrip1 ~]# /etc/init.d/httpd stop
Stopping httpd: [ OK ]
然后刷新网页发现到RIP2 了
到这里高可用和负载均衡基本完成了,关闭1台机器,总能保证服务不停止。
再加一组
nginx1:172.16.12.13
nginx2:172.16.12.14
VIP:172.16.12.20
RIP:
这里VIP是一样的,但是端口不同。nginx设置为8000
server {
listen 8000;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
启动服务8000端口
[aaa@qq.comrip3-nginx ~]# netstat -antlup | grep nginx
tcp 0 0 0.0.0.0:8000 0.0.0.0:* LISTEN 1404/nginx
修改测试页:
[aaa@qq.comrip3-nginx html]# cat index.html
<h1>RIP3 nginx 172.16.12.13<h1>
[aaa@qq.comrip4-nginx html]# cat index.html
<h1>RIP4 nginx 172.16.12.14<h1>
PIP:
写健康探测脚本:
[aaa@qq.compip ~]# vim health-nginx.sh
#!/bin/bash
#检查 nginx 的健康状况
curl $1:8000 &> /dev/null
if [ $? -eq 0 ]
then
echo "ok"
else
echo "filed"
fi
就复制httpd的改就好了
[aaa@qq.compip ~]# chmod +x health-nginx.sh
[aaa@qq.compip ~]# ./health-nginx.sh 172.16.12.13
ok
[aaa@qq.compip ~]# ./health-nginx.sh 172.16.12.14
ok
[aaa@qq.compip ~]# ln health-nginx.sh /bin/
[aaa@qq.compip ~]# scp health-nginx.sh 172.16.12.22:/bin/
SIP:
[aaa@qq.comsip ~]# health-nginx.sh 172.16.12.13
ok
[aaa@qq.comsip ~]# health-nginx.sh 172.16.12.14
ok
然后直接进网页进行配置:
加一组,别的不用动,里边记得修改端口IP还有健康监测脚本就好了。
配置完保存,然后再配置文件中就能看到已经新增加了nginx的那些。
}
server rip2-httpd {
address = 172.16.12.12
active = 1
port = 80
weight = 10
}
}
virtual LB-nginx {
active = 1
address = 172.16.12.20 eth0:1
vip_nmask = 255.255.0.0
port = 8000
persistent = 50
pmask = 255.255.255.255
send = "GET / HTTP/1.0\r\n\r\n"
expect = "ok"
use_regex = 0
send_program = "/bin/health-nginx.sh %h"
load_monitor = none
PIP发给SIP
[aaa@qq.compip ~]# scp /etc/sysconfig/ha/lvs.cf 172.16.12.22:/etc/sysconfig/ha/
PIP和SIP重启服务:
[aaa@qq.compip ~]# /etc/init.d/pulse restart
Shutting down pulse: [ OK ]
Starting pulse: [ OK ]
查看状态。有2组。
[aaa@qq.comsip ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.12.20:80 wlc persistent 50
-> 172.16.12.11:80 Route 1 0 0
-> 172.16.12.12:80 Route 10 0 0
TCP 172.16.12.20:8000 wlc persistent 50
-> 172.16.12.13:8000 Route 10 0 0
-> 172.16.12.14:8000 Route 10 0 0
访问测试:加端口8000
看到测试页。OK
加集中存储NFS
NFS:172.16.12.23
安装nfs
yum install nfs-* -y
配置共享
[aaa@qq.comjq-c6-nfs lbnginx]# vim /etc/exports
/lbnfs 172.16.0.0/16(rw,sync)
/lbnginx 172.16.0.0/16(rw,sync)
httpd测试页:
[aaa@qq.comjq-c6-nfs /]# cd lbnfs/
[aaa@qq.comjq-c6-nfs lbnfs]# cat index.html
<h1>NFS<h1>
<h1>172.16.12.23<h1>
<h1>httpd<h1>
nginx测试页:
[aaa@qq.comjq-c6-nfs /]# cd lbnginx/
[aaa@qq.comjq-c6-nfs lbnginx]# cat index.html
<h1>NFS<h1>
<h1>172.16.12.23<h1>
<h1>nginx<h1>
[aaa@qq.comjq-c6-nfs /]# /etc/init.d/rpcbind restart
Stopping rpcbind: [ OK ]
Starting rpcbind: [ OK ]
[aaa@qq.comjq-c6-nfs /]# /etc/init.d/nfs restart
Shutting down NFS daemon: [ OK ]
Shutting down NFS mountd: [ OK ]
Shutting down NFS services: [ OK ]
Shutting down RPC idmapd: [ OK ]
Starting NFS services: [ OK ]
Starting NFS mountd: [ OK ]
Starting NFS daemon: [ OK ]
Starting RPC idmapd: [ OK ]
[aaa@qq.comjq-c6-nfs /]# chkconfig rpcbind on
[aaa@qq.comjq-c6-nfs /]# chkconfig nfs on
RIP1:httpd
[aaa@qq.comrip1 www]# mount 172.16.12.23:/lbnfs html/
[aaa@qq.comrip1 www]# cd html/
[aaa@qq.comrip1 html]# ls
index.html
[aaa@qq.comrip1 html]# cat index.html
<h1>NFS<h1>
<h1>172.16.12.23<h1>
<h1>httpd<h1>
能看到nfs共享出来的内容。
[aaa@qq.comrip1 www]# echo "mount 172.16.12.23:/lbnfs html/" >> /etc/rc.local
直接写到这里实现开机自动挂载。
RIP2 :类似
[aaa@qq.comrip2 ~]# mount 172.16.12.23:/lbnfs /var/www/html
[aaa@qq.comrip2 ~]# cat /var/www/html/index.html
<h1>NFS<h1>
<h1>172.16.12.23<h1>
<h1>httpd<h1>
[aaa@qq.comrip2 ~]#
nginx也一样。
然后直接测试:
然后进行健壮性测试,重启关机等等,都能访问。
上一篇: STL 第4章 序列式容器
下一篇: CS_MonogoDB_Basic
推荐阅读