2、高效能web架構之DNS負載均衡(LVS-DR+keepalived實現DNS和web輪詢)
LVS-DR+keepalived+DNS實現DNS高可用性:
一、介紹:
結合上一章的DNS主從複製,按現在大多數公司的需求是滿足不了的。DNS配置雖然簡單易用,但是它在網路中起到了主導作用。
如果客戶端設定的這臺首選DNS伺服器剛好宕機,即使客戶端還設定了備用DNS。還是會影響使用者的上網速度,因為客戶端使用首選DNS去解析,當首選DNS解析不了時,它會等待3秒才會去使用備用DNS。所以這裡我要通過LVS-DR+keepalived實現DNS高可用性,也順便把web的輪詢也一起實現了:
LVS-DR+keepalived特點:
LVS負載均衡採用直連路由工作模式(LVS-DR),採用半開放的網路結構,結構與IP隧道模式類似,但各節點並不是分散在各地,而是與排程器位於同一個物理網路,負載調節器與各節點伺服器通過本地網路連線,不需要建立專用的IP隧道。
Keepalived採用VRRP熱備份協議,以軟體的方式實現服務機的多機熱備功能。其主要用來提供故障切換和健康檢查功能——判斷LVS負載排程器、節點伺服器的可能性,及時隔離並替換為新的伺服器,當故障主機恢復後將其重新加入群集。
- 部署:
1、網路拓撲:
2、環境描述:
|
系統描述 |
|
作用 |
|
|
LVS-master |
192.168.10.101 |
主備負載均衡器(同時做web和DNS排程) |
|
|
LVS-backup |
192.168.10.102 |
||
|
DNS-master |
192.168.10.103 |
vip:192.168.10.66(主處理DNS輪詢請求) |
|
|
DNS-backup |
192.168.10.104 |
||
|
Web節點組 |
192.168.10.105-106 |
vip:192.168.10.88(主處理web輪詢請求) |
環境準備(6臺CentOS7.2系統):
3、關閉防火牆\關閉SeLinux\設定時間同步(所有機器上操作
systemctl stop firewalld.service && systemctl disable firewalld.service
sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
setenforce 0
yum -y install wget net-tools ntp ntpdate lrzsz
systemctl restart ntpdate.service ntpd.service && systemctl enable ntpd.service ntpdate.service
4、配置主機對映/etc/hosts(下面是在LVS-master和LVS-backup操作):
echo 192.168.10.101 linux-node1.server.com >> /etc/hosts
echo 192.168.10.102 linux-node2.server.com >> /etc/hosts
echo 192.168.10.103 linux-node3.server.com >> /etc/hosts
echo 192.168.10.104 linux-node4.server.com >> /etc/hosts
echo 192.168.10.105 linux-node5.server.com >> /etc/hosts
echo 192.168.10.106 linux-node6.server.com >> /etc/hosts
echo nameserver 192.168.10.66 >> /etc/resolv.conf //這裡的DNS設定只是臨時的,如果是生產環境,一定要在配置檔案設定DNS
echo nameserver 192.168.10.103 >> /etc/resolv.conf
echo nameserver 192.168.10.104 >> /etc/resolv.conf
hostnamectl --static set-hostname linux-node1.server.com
bash
- 設定虛擬網絡卡(下面是在LVS-master和LVS-backup操作):
[[email protected] ~]# cd /etc/sysconfig/network-scripts/
[[email protected] network-scripts]# cp ifcfg-eno16777736 ifcfg-eno16777736:0
[[email protected] network-scripts]# cp ifcfg-eno16777736 ifcfg-eno16777736:1
[[email protected] network-scripts]# cat ifcfg-eno16777736:0
TYPE=Ethernet
BOOTPROTO=static
NAME=eno16777736:0
UUID=682b8dd6-92e8-4d7b-aec2-f6bbc85533f8
DEVICE=eno16777736:0
ONBOOT=yes
IPADDR=192.168.10.66
NETMASK=255.255.255.0
[[email protected] network-scripts]# cat ifcfg-eno16777736:1
TYPE=Ethernet
BOOTPROTO=static
NAME=eno16777736:0
UUID=682b8dd6-92e8-4d7b-aec2-f6bbc85533f8
DEVICE=eno16777736:0
ONBOOT=yes
IPADDR=192.168.10.88
NETMASK=255.255.255.0
[[email protected] network-scripts]# systemctl restart network
[[email protected] network-scripts]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:f9:b7:25 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.101/24 brd 192.168.10.255 scope global eno16777736
valid_lft forever preferred_lft forever
inet 192.168.10.66/24 brd 192.168.10.255 scope global secondary eno16777736:0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef9:b725/64 scope link
valid_lft forever preferred_lft forever
[[email protected] network-scripts]# tail -3 /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.eno16777736.send_redirects = 0
[[email protected] ~]# cd /etc/sysconfig/network-scripts/
[[email protected] network-scripts]# cp ifcfg-eno16777736 ifcfg-eno16777736:0
[[email protected] network-scripts]# cp ifcfg-eno16777736 ifcfg-eno16777736:1
[[email protected] network-scripts]# cat ifcfg-eno16777736:0
TYPE=Ethernet
BOOTPROTO=static
NAME=eno16777736:0
UUID=682b8dd6-92e8-4d7b-aec2-f6bbc85533f8
DEVICE=eno16777736:0
ONBOOT=yes
IPADDR=192.168.10.66
NETMASK=255.255.255.0
[[email protected] network-scripts]# cat ifcfg-eno16777736:1
TYPE=Ethernet
BOOTPROTO=static
NAME=eno16777736:1
UUID=682b8dd6-92e8-4d7b-aec2-f6bbc85533f8
DEVICE=eno16777736:1
ONBOOT=yes
IPADDR=192.168.10.88
NETMASK=255.255.255.0
[[email protected] network-scripts]# systemctl restart network
[[email protected] network-scripts]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eno16777736: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:f9:b7:25 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.101/24 brd 192.168.10.255 scope global eno16777736
valid_lft forever preferred_lft forever
inet 192.168.10.66/24 brd 192.168.10.255 scope global secondary eno16777736:0
valid_lft forever preferred_lft forever
inet 192.168.10.88/24 brd 192.168.10.255 scope global secondary eno16777736:1
valid_lft forever preferred_lft forever
inet6 fd05:fa56:9fbc::101/128 scope global tentative dynamic
valid_lft 86405sec preferred_lft 86405sec
inet6 fd05:fa56:9fbc:0:20c:29ff:fef9:b725/64 scope global tentative noprefixroute dynamic
valid_lft 7202sec preferred_lft 1802sec
inet6 fe80::20c:29ff:fef9:b725/64 scope link
valid_lft forever preferred_lft forever
[[email protected] network-scripts]# tail -3 /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.eno16777736.send_redirects = 0
最後都要sysctl -p
6、安裝ipvsadm和keepalived(下面是在LVS-master和LVS-backup操作):
[[email protected] ~]# yum install ipvsadm -y
[[email protected] ~]# yum install ipvsadm -y
[[email protected] ~]# yum install keepalived -y
[[email protected] ~]# yum install keepalived -y
[[email protected] ~]# lsmod |grep ^ip_vs
ip_vs 140944 0
[[email protected] ~]# lsmod |grep ^ip_vs
ip_vs 140944 0
[[email protected] ~]# ipvsadm --save > /etc/sysconfig/ipvsadm #需要手動去新增這條才能啟動
[[email protected] ~]# ipvsadm --save > /etc/sysconfig/ipvsadm
[[email protected] ~]# systemctl start ipvsadm && systemctl enable ipvsadm
[[email protected] ~]# systemctl start ipvsadm && systemctl enable ipvsadm
7、開啟路由轉發並配置ipvsadm規則(下面是在LVS-master和LVS-backup操作):
[[email protected] ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[[email protected] ~]# echo "options ip_vs conn_tab_bits=22" > /etc/modprobe.d/ip_vs.conf //lvs增加併發
[[email protected] ~]# systemctl stop ipvsadm //先關閉ipvsadm,再新增53和80埠的規則
[[email protected] ~]# ipvsadm -A -u 192.168.10.66:53 -s rr
[[email protected] ~]# ipvsadm -a -u 192.168.10.66:53 -r 192.168.10.103 -g -w 1
[[email protected] ~]# ipvsadm -a -u 192.168.10.66:53 -r 192.168.10.104 -g -w 1
[[email protected] ~]# ipvsadm -A -t 192.168.10.88:80 -s rr
[[email protected] ~]# ipvsadm -a -t 192.168.10.88:80 -r 192.168.10.105 -g -w 1
[[email protected] ~]# ipvsadm -a -t 192.168.10.88:80 -r 192.168.10.106 -g -w 1
[[email protected] ~]# ipvsadm --save > /etc/sysconfig/ipvsadm //儲存規則,否則重啟失效
[[email protected] ~]# cat /etc/sysconfig/ipvsadm
-A -t 192.168.10.88:http -s rr
-a -t 192.168.10.88:http -r linux-node5.server.com:http -g -w 1
-a -t 192.168.10.88:http -r linux-node6.server.com:http -g -w 1
-A -u 192.168.10.66:domain -s rr
-a -u 192.168.10.66:domain -r linux-node3.server.com:domain -g -w 1
-a -u 192.168.10.66:domain -r linux-node4.server.com:domain -g -w 1
[[email protected] ~]# systemctl start ipvsadm
[[email protected] ~]# ipvsadm -L //檢視排程規則
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.10.88:http rr
-> linux-node5.server.com:http Route 1 0 0
-> linux-node6.server.com:http Route 1 0 0
UDP 192.168.10.66:domain rr
-> linux-node3.server.com:domai Route 1 0 0
-> linux-node4.server.com:domai Route 1 0 0
[[email protected] ~]# echo 1 > /proc/sys/net/ipv4/ip_forward
[[email protected] ~]# systemctl stop ipvsadm //先關閉ipvsadm,再新增53和80埠的規則
[[email protected] ~]# ipvsadm -A -u 192.168.10.66:53 -s rr
[[email protected] ~]# ipvsadm -a -u 192.168.10.66:53 -r 192.168.10.103 -g -w 1
[[email protected] ~]# ipvsadm -a -u 192.168.10.66:53 -r 192.168.10.104 -g -w 1
[[email protected] ~]# ipvsadm -A -t 192.168.10.88:80 -s rr
[[email protected] ~]# ipvsadm -a -t 192.168.10.88:80 -r 192.168.10.105 -g -w 1
[[email protected] ~]# ipvsadm -a -t 192.168.10.88:80 -r 192.168.10.106 -g -w 1
[[email protected] ~]# ipvsadm --save > /etc/sysconfig/ipvsadm //儲存規則,否則重啟失效
[[email protected] ~]# cat /etc/sysconfig/ipvsadm
-A -t 192.168.10.88:http -s rr
-a -t 192.168.10.88:http -r linux-node5.server.com:http -g -w 1
-a -t 192.168.10.88:http -r linux-node6.server.com:http -g -w 1
-A -u 192.168.10.66:domain -s rr
-a -u 192.168.10.66:domain -r linux-node3.server.com:domain -g -w 1
-a -u 192.168.10.66:domain -r linux-node4.server.com:domain -g -w 1
[[email protected] ~]# systemctl start ipvsadm
[[email protected] ~]# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.10.88:http rr
-> linux-node5.server.com:http Route 1 0 0
-> linux-node6.server.com:http Route 1 0 0
UDP 192.168.10.66:domain rr
-> linux-node3.server.com:domai Route 1 0 0
-> linux-node4.server.com:domai Route 1 0 0
注意:例如ipvsadm -A -t 192.168.10.88:80 -s rr(-A是新增-t是tcp協議rr是輪詢。如果是udp協議,則-t換成-u:u代表udp的意思。)
8、配置LVS排程器keepalived的配置檔案(下面是在LVS-master和LVS-backup操作):
keepalived配置雙vrrp instance,分別為:WEB例項和DNS例項。
8.1主LVS上keepalived的配置檔案內容:
[[email protected] ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
[[email protected] ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs { # 全域性設定
notification_email { # 設定報警郵件地址
}
notification_email_from [email protected]xx.com # 設定郵件的傳送地址
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_TEST_R1 # 表示該臺服務的ID
# vrrp_skip_check_adv_addr
# vrrp_strict
# vrrp_garp_interval 0
# vrrp_gna_interval 0
}
#================WEB-Instance start=====================
vrrp_instance VI_WEB { # vrrp 例項
state MASTER #master狀態
interface eno16777736 #繫結vip在那個網絡卡
virtual_router_id 51 # master和backup的id一致
priority 100
advert_int 1 # master和backup之間的檢測時間
authentication {
auth_type PASS
auth_pass yanyb
}
virtual_ipaddress {
192.168.10.88/24 # 設定虛擬IP
}
}
#=================config LVS-WEB======================
virtual_server 192.168.10.88 80 { # 設定虛擬伺服器,ip埠以及花邊號用逗號隔開
delay_loop 6 # 設定執行情況檢查時間,單位是秒
lb_algo rr # 負載演算法,這裡是rr表示輪詢
lb_kind DR # LVS工作機制,這裡是DR模式
nat_mask 255.255.255.0
persistence_timeout 50 # 會話保持時間,單位是秒,這個選項對動態網頁非常有幫助,為集群系統中的session共享提供了一個很好的解決方案,有了這個會話保持功能,使用者的請求會被一直分發到某個服務節點,知道超過這個會話的保持時間,需要注意的是,這個會話保持時間是最大無響應的超時時間,in other words,使用者在動態頁面50秒以內沒有執行任何操作,那麼接下來的操作會重新排程到另一個節點上。如果一直在操作則不會影響
protocol TCP # 有TCP,UDP
real_server 192.168.10.105 80 { #設定真實伺服器地址以及埠
weight 1 # 設定權重,數字越低,排程的比例越小。
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.10.106 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
#================DNS-66 Instance start=====================
vrrp_instance VI_DNS {
state BACKUP
interface eno16777736
virtual_router_id 52
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass yanyb
}
virtual_ipaddress {
192.168.10.66/24
}
}
#==================config 66 LVS-DNS======================
virtual_server 192.168.10.66 53 {
delay_loop 3
lb_algo rr
lb_kind DR #(注這裡有三種方式:NAT/DR/TUN)
nat_mask 255.255.255.0
persistence_timeout 50
protocol UDP
real_server 192.168.103 53 {
weight 100
MISC_CHECK {
connect_port 53
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
misc_path "/usr/bin/sh /etc/keepalived/check_dns_resolve.sh 192.168.10.103"
misc_timeout 5
}
}
real_server 192.168.104 53 {
weight 100
MISC_CHECK {
connect_port 53
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
misc_path "/usr/bin/sh /etc/keepalived/check_dns_resolve.sh 192.168.10.104"
misc_timeout 5
}
}
}
8.2、檢測DNS的指令碼:
[[email protected] ~]# cat /etc/keepalived/check_dns_resolve.sh
#!/bin/bash
# check dns resolve
a_check="check.healthcheck.check"
ns_ip=$1
port=53
timeout=2
function EchoHelp(){
echo "use: ./check_dns_resolve.sh [ip] {port}"
exit 1
}
if [ $2 ]; then
port=$2
fi
if [ $ns_ip -a $a_check ]; then
/usr/bin/nslookup -timeout=${timeout} -port=$port $a_check $ns_ip > /dev/null
else
EchoHelp
fi
exit $?
[[email protected] ~]# chmod +x /etc/keepalived/check_dns_resolve.sh
8.3、備LVS上keepalived的配置檔案內容:
[[email protected] ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
[[email protected] ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_TEST_R2
# vrrp_skip_check_adv_addr
# vrrp_strict
# vrrp_garp_interval 0
# vrrp_gna_interval 0
}
#================WEB-Instance start=====================
vrrp_instance VI_WEB {
state BACKUP
interface eno16777736
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass yanyb
}
virtual_ipaddress {
192.168.10.88/24
}
}
#=================config LVS-WEB======================
virtual_server 192.168.10.88 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.10.105 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.10.106 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
#================DNSInstance start=====================
vrrp_instance VI_DNS {
state MASTER
interface eno16777736
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass yanyb
}
virtual_ipaddress {
192.168.10.66/24
}
}
#==================config LVS-DNS======================
virtual_server 192.168.10.66 53 {
delay_loop 3
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
# persistence_timeout 50
protocol UDP
real_server 192.168.103 53 {
weight 100
MISC_CHECK {
connect_port 53
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
misc_path "/usr/bin/sh /etc/keepalived/check_dns_resolve.sh 192.168.10.103"
misc_timeout 5
}
}
real_server 192.168.104 53 {
weight 100
MISC_CHECK {
connect_port 53
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
misc_path "/usr/bin/sh /etc/keepalived/check_dns_resolve.sh 192.168.10.103"
misc_timeout 5
}
}
}
8.4、檢測DNS的指令碼:
[[email protected] ~]# cat /etc/keepalived/check_dns_resolve.sh
#!/bin/bash
# check dns resolve
a_check="check.healthcheck.check"
ns_ip=$1
port=53
timeout=2
function EchoHelp(){
echo "use: ./check_dns_resolve.sh [ip] {port}"
exit 1
}
if [ $2 ]; then
port=$2
fi
if [ $ns_ip -a $a_check ]; then
/usr/bin/nslookup -timeout=${timeout} -port=$port $a_check $ns_ip > /dev/null
else
EchoHelp
fi
exit $?
[[email protected] ~]# chmod +x /etc/keepalived/check_dns_resolve.sh
9、配置LVS節點伺服器指令碼(WEB節點與DNS節點都要配置)
9.1 DNS節點的配置內容(主備DNS配置vip,並啟動vip):
[[email protected] ~]# cat /etc/init.d/dns_vip.sh
#!/bin/bash
#description:config lvs-vip
vip=192.168.10.66
mask='255.255.255.255'
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
sysctl -p >/dev/null 2>&1
/usr/sbin/ifconfig lo:0 $vip netmask $mask broadcast $vip up
/usr/sbin/route add -host $vip dev lo:0
echo "start VIP OK!!"
;;
stop)
/usr/sbin/ifconfig lo:0 down
/usr/sbin/route del $vip >/dev/null 2>&1
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "stop VIP !!"
;;
*)
echo "Usage $(basename $0) start|stop"
exit 1
;;
esac
[[email protected] ~]# chmod +x /etc/init.d/dns_vip.sh
[[email protected] ~]# /etc/init.d/dns_vip.sh start
start VIP OK!!
[[email protected] ~]# ifconfig
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.10.103 netmask 255.255.255.0 broadcast 192.168.10.255
inet6 fd05:fa56:9fbc::884 prefixlen 128 scopeid 0x0<global>
inet6 fe80::20c:29ff:fe67:a281 prefixlen 64 scopeid 0x20<link>
inet6 fd05:fa56:9fbc:0:20c:29ff:fe67:a281 prefixlen 64 scopeid 0x0<global>
ether 00:0c:29:67:a2:81 txqueuelen 1000 (Ethernet)
RX packets 25913 bytes 25518120 (24.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 20641 bytes 1782415 (1.6 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 56 bytes 5854 (5.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 56 bytes 5854 (5.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.10.66 netmask 255.255.255.255
loop txqueuelen 0 (Local Loopback
[[email protected] ~]# /etc/init.d/dns_vip.sh start
start VIP OK!!
[[email protected] ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 10.0.87.1 netmask 255.255.255.0 broadcast 0.0.0.0
ether 02:42:40:1f:12:0c txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno16777736: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.10.104 netmask 255.255.255.0 broadcast 192.168.10.255
inet6 fd05:fa56:9fbc::eb8 prefixlen 128 scopeid 0x0<global>
inet6 fd05:fa56:9fbc:0:20c:29ff:feb4:91ca prefixlen 64 scopeid 0x0<global>
inet6 fe80::20c:29ff:feb4:91ca prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:b4:91:ca txqueuelen 1000 (Ethernet)
RX packets 17149 bytes 15115091 (14.4 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 14432 bytes 1217454 (1.1 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 65 bytes 6923 (6.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 65 bytes 6923 (6.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.10.66 netmask 255.255.255.255
loop txqueuelen 0 (Local Loopback)
9.2、在區域配置檔案新增A記錄(主備DNS配置操作,如果DNS安裝部署請看上一章):
[[email protected] ~]# cat /var/named/server.com.zone
$TTL 3600
@ SOA server.com. admin.server.com. (
2000 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS linux-node3.server.com.
IN NS linux-node4.server.com.
linux-node3 IN A 192.168.10.103
linux-node4 IN A 192.168.10.104
abc IN A 192.168.10.104
vip IN A 192.168.10.66
[[email protected] ~]# cat /var/named/10.168.192.arpa
$TTL 3600
@ SOA server.com. admin.server.com. (
2000 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS linux-node3.server.com.
IN NS linux-node4.server.com.
103 IN PTR linux-node3.server.com.
104 IN PTR linux-node4.server.com.
104 IN PTR abc.server.com.
66 IN PTR vip.server.com.
[[email protected] ~]#
[[email protected] ~]# rndc reload #這裡主從都reload
server reload successful
9.3、 WEB節點的配置內容(web的所有節點都配置vip,並啟動vip):
[[email protected] ~]# cat /etc/init.d/web_vip.sh
#!/bin/bash
#description:config lvs-vip
vip=192.168.10.88
mask='255.255.255.255'
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
sysctl -p >/dev/null 2>&1
/usr/sbin/ifconfig lo:0 $vip netmask $mask broadcast $vip up
/usr/sbin/route add -host $vip dev lo:0
echo "start VIP OK!!"
;;
stop)
/usr/sbin/ifconfig lo:0 down
/usr/sbin/route del $vip >/dev/null 2>&1
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "stop VIP !!"
;;
*)
echo "Usage $(basename $0) start|stop"
exit 1
;;
esac
[[email protected] ~]# chmod +x /etc/init.d/web_vip.sh
[[email protected] ~]# /etc/init.d/web_vip.sh start
start VIP OK!!
[[email protected] ~]# ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 10.0.20.1 netmask 255.255.255.0 broadcast 0.0.0.0
ether 02:42:49:62:01:b2 txqueuelen 0 (Ethernet)