lvs + keepalived + nginx搭建集群无法通过vip访问
lvs-master 和 lvs-slave 能通过curl 访问 nginx1 和nginx2,通过vip无法访问;
Linux系统版本 Centos7.8
机器配置 
nginx1
yum -y install gcc gcc-c++ autoconf automake make
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel
yum -y install openssl-devel libnl libnl-devel libnfnetlink-devel
cd /etc/init.d
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/realserver
chmod a+x realserver
service realserver start
mkdir -p /soft/openresty
mkdir -p /data/nginx/cache
mkdir -p /data/nginx/logs
cd /soft
wget https://openresty.org/download/openresty-1.17.8.2.tar.gz
tar -zxf openresty-1.17.8.2.tar.gz
cd openresty-1.17.8.2
./configure -j2 --prefix=/soft/openresty
make -j2
make install
cd /soft/openresty/nginx/conf/
rm -f nginx.conf
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/nginx.conf
# 启动nginx
../sbin/nginx
nginx2
yum -y install gcc gcc-c++ autoconf automake make
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel
yum -y install openssl-devel libnl libnl-devel libnfnetlink-devel
cd /etc/init.d
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/realserver
chmod a+x realserver
service realserver start
mkdir -p /soft/openresty
mkdir -p /data/nginx/cache
mkdir -p /data/nginx/logs
cd /soft
wget https://openresty.org/download/openresty-1.17.8.2.tar.gz
tar -zxf openresty-1.17.8.2.tar.gz
cd openresty-1.17.8.2
./configure -j2 --prefix=/soft/openresty
make -j2
make install
cd /soft/openresty/nginx/conf/
rm -f nginx.conf
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/nginx.conf
# 启动nginx
../sbin/nginx
lvs-master
yum -y install gcc gcc-c++ autoconf automake make
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel
yum -y install openssl-devel libnl libnl-devel libnfnetlink-devel
yum -y install ipvsadm keepalived
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
echo "net.ipv4.ip_forward_use_pmtu=0" >> /etc/sysctl.conf
sysctl -p
cd /etc/keepalived
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/keepalived-nginx-master.conf
mv keepalived.conf keepalived.conf.bak
mv keepalived-nginx-backup.conf keepalived.conf
# 修改keepalived.conf文件vip rs ip
systemctl start keepalived
lvs-slave
yum -y install gcc gcc-c++ autoconf automake make
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel
yum -y install openssl-devel libnl libnl-devel libnfnetlink-devel
yum -y install ipvsadm keepalived
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
echo "net.ipv4.ip_forward_use_pmtu=0" >> /etc/sysctl.conf
sysctl -p
cd /etc/keepalived
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/keepalived-nginx-backup.conf
mv keepalived.conf keepalived.conf.bak
mv keepalived-nginx-backup.conf keepalived.conf
# 修改keepalived.conf文件vip rs ip
systemctl start keepalived
lvs-master 信息
> ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.23.199.100:80 rr
-> 172.23.199.18:80 Route 1 0 0
-> 172.23.199.20:80 Route 1 0 1
> lsmod | grep ip_vs
ip_vs_rr 12600 1
ip_vs 141092 3 ip_vs_rr
nf_conntrack 111302 1 ip_vs
libcrc32c 12644 1 ip_vs
> ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:16:3e:02:c4:33 brd ff:ff:ff:ff:ff:ff
inet 172.23.199.21/20 brd 172.23.207.255 scope global dynamic eth0
valid_lft 315359232sec preferred_lft 315359232sec
inet 172.23.199.100/32 scope global eth0
valid_lft forever preferred_lft forever
lvs-slave 信息
> ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.23.199.100:80 rr
-> 172.23.199.18:80 Route 1 0 0
-> 172.23.199.20:80 Route 1 0 0
> lsmod | grep ip_vs
ip_vs_rr 12600 1
ip_vs 141092 3 ip_vs_rr
nf_conntrack 111302 1 ip_vs
libcrc32c 12644 1 ip_vs
> ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:16:3e:0c:5e:8c brd ff:ff:ff:ff:ff:ff
inet 172.23.199.19/20 brd 172.23.207.255 scope global dynamic eth0
valid_lft 315359242sec preferred_lft 315359242sec
inet 172.23.199.100/32 scope global eth0
valid_lft forever preferred_lft forever
配置信息
realserver
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=172.23.199.100
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
keepalived-nginx-master.conf
global_defs {
router_id director1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.23.199.100
}
}
virtual_server 172.23.199.100 80 {
delay_loop 3
lb_algo rr
lb_kind DR
persistence_time 0
protocol TCP
real_server 172.23.199.18 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 172.23.199.20 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
keepalived-nginx-backup.conf
global_defs {
router_id director2
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 100
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.23.199.100
}
}
virtual_server 172.23.199.100 80 {
delay_loop 3
lb_algo rr
lb_kind DR
persistence_time 0
protocol TCP
real_server 172.23.199.18 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 172.22.199.20 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
展开
收起
版权声明:本文内容由阿里云实名注册用户自发贡献,版权归原作者所有,阿里云开发者社区不拥有其著作权,亦不承担相应法律责任。具体规则请查看《阿里云开发者社区用户服务协议》和《阿里云开发者社区知识产权保护指引》。如果您发现本社区中有涉嫌抄袭的内容,填写侵权投诉表单进行举报,一经查实,本社区将立刻删除涉嫌侵权内容。
相关问答
问答排行榜
最热
最新
推荐问答
相关文章
相关电子书
更多
