LVS+piranha(多实例配置）转载

更新时间：2022-09-30 20:28:55

一、负载均衡器端

1.安装（MASTER、BACKUP)

A、wget http://mirrors.163.com/.help/CentOS6-Base-163.repo -O /etc/yum.repos.d/CentOS-Base.repo

B、yum makecache

C、yum -y update

D、yum -y install ipvsadm modcluster piranha system-config-cluster php54 php54-cli php54-common

2.撰写配置文件

vi /etc/sysconfig/ha/lvs.cf

serial_no = 28

primary = 10.10.10.100

primary_private = 172.28.29.100

service = lvs

backup_active = 1

backup = 10.10.10.200

backup_private = 172.28.29.200

heartbeat = 1

heartbeat_port = 539

keepalive = 6

deadtime = 18

network = direct

debug_level = NONE

monitor_links = 0

syncdaemon = 0

virtual web_http {

active = 1

address = 10.10.10.250 eth0:1

vip_nmask = 255.255.255.0

port = 80

send = "GET / HTTP/1.0\r\n\r\n"

expect = "HTTP"

use_regex = 0

load_monitor = none

scheduler = wrr

protocol = tcp

timeout = 6

reentry = 15

quiesce_server = 0

server web_realserver1 {

address = 10.10.10.101

active = 1

port = 80

weight = 1

}

server web_realserver2 {

address = 10.10.10.102

active = 1

port = 80

weight = 1

}

server web_realserver3 {

address = 10.10.10.103

active = 1

port = 80

weight = 1

}

server web_realserver4 {

address = 10.10.10.104

active = 1

port = 80

weight = 1

}

virtual bbs_http {

active = 1

address = 172.28.29.250 eth1:1

vip_nmask = 255.255.255.0

port = 80

send = "GET / HTTP/1.0\r\n\r\n"

expect = "HTTP"

use_regex = 0

load_monitor = none

scheduler = wrr

protocol = tcp

timeout = 6

reentry = 15

quiesce_server = 0

server bbs_realserver1 {

address = 172.28.29.101

active = 1

port = 80

weight = 1

}

server bbs_realserver2 {

address = 172.28.29.102

active = 1

port = 80

weight = 1

}

server bbs_realserver3 {

address = 172.28.29.103

active = 1

port = 80

weight = 1

}

server bbs_realserver4 {

address = 172.28.29.104

active = 1

port = 80

weight = 1

}

3.启动LVS集群（先master后backup）

/etc/init.d/pulse start

二、后端的realserver端

1.撰写脚本

vi /etc/init.d/lvs_realserver

#!/bin/bash

#description: LVS realsever

. /etc/rc.d/init.d/functions

WEB_VIP="10.10.10.250 172.28.29.250"

start(){

num=0

echo -ne 'Start LVS of RealServer'

for loop in $WEB_VIP

ifconfig lo:$num $loop netmask 255.255.255.255 up

# /sbin/route add -host $loop dev lo:$num

num=$[num+1]

done

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

echo " OK"

}

stop(){

echo -ne 'Stop LVS of RealServer'

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce

num=0

for loop in $WEB_VIP

/sbin/ifconfig lo:$num down

# /sbin/route del -host $loop

num=$[num+1]

done

echo " OK"

}

restart(){

stop

start

}

case $1 in

start)

start

;;

stop)

stop

;;

restart)

restart

;;

status)

/sbin/ip add

;;

echo "Usage: $0 {start|stop|restart|status}"

exit 1

esac

2.添加执行权限

chmod +x /etc/init.d/lvs_realserver

3.启动脚本

sh /etc/init.d/lvs_realserver start

三、防火墙配置

vi /etc/sysconfig/iptables

*filter

:INPUT ACCEPT [0:0]

:FORWARD ACCEPT [0:0]

:OUTPUT ACCEPT [238237693:45658345413]

:RH-Firewall-1-INPUT - [0:0]

-A INPUT -j RH-Firewall-1-INPUT

-A FORWARD -j RH-Firewall-1-INPUT

-A RH-Firewall-1-INPUT -i lo -j ACCEPT

-A INPUT -s 10.10.10.0/24 -d 224.0.0.0/8 -i eth0 -j ACCEPT

-A INPUT -s 172.28.29.0/24 -d 224.0.0.0/8 -i eth1 -j ACCEPT

-A RH-Firewall-1-INPUT -p icmp -m icmp --icmp-type any -j ACCEPT

-A RH-Firewall-1-INPUT -p esp -j ACCEPT

-A RH-Firewall-1-INPUT -p ah -j ACCEPT

-A RH-Firewall-1-INPUT -d 224.0.0.251 -p udp -m udp --dport 5353 -j ACCEPT

-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT

-A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT

-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT

-A RH-Firewall-1-INPUT -s 172.28.29.0/255.255.255.0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

-A RH-Firewall-1-INPUT -s 10.10.10.0/255.255.255.0 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT

-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited

COMMIT

四、看一下运行情况

[root@rabbit1 ~]# ipvsadm

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 10.10.10.250:http wrr

-> 10.10.10.101:http Local 1 115 448

-> 10.10.10.102:http Route 1 137 452

-> 10.10.10.103:http Route 1 111 454

-> 10.10.10.104:http Route 1 141 440

TCP 172.28.29.250:http wrr

-> 172.28.29.101:http Local 1 84 145

-> 172.28.29.102:http Route 1 77 147

-> 172.28.29.103:http Route 1 83 152

-> 172.28.29.104:http Route 1 71 160

转载http://navyaijm.blog.51cto.com/4647068/893756

本文转自 liang3391 51CTO博客，原文链接:http://blog.51cto.com/liang3391/1246192

上一篇 : ：流水线上的思考——异步程序开发模型（3）下一篇 : linux学习：环境变量

LVS+piranha(多实例配置）转载

相关阅读

推荐文章

LVS+piranha(多实例配置） 转载

相关阅读

推荐文章

LVS+piranha(多实例配置）转载