开发者社区> 问答> 正文

lvs + keepalived + nginx搭建集群无法通过vip访问

lvs-master 和 lvs-slave 能通过curl 访问 nginx1 和nginx2,通过vip无法访问;

Linux系统版本 Centos7.8

机器配置 1602811248032.png

nginx1


yum -y install gcc gcc-c++ autoconf automake make      
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel
yum -y install openssl-devel libnl libnl-devel libnfnetlink-devel

cd /etc/init.d
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/realserver
chmod a+x realserver
service realserver start

mkdir -p /soft/openresty
mkdir -p /data/nginx/cache
mkdir -p /data/nginx/logs

cd /soft
wget https://openresty.org/download/openresty-1.17.8.2.tar.gz
tar -zxf openresty-1.17.8.2.tar.gz
cd openresty-1.17.8.2
./configure -j2 --prefix=/soft/openresty
make -j2
make install

cd /soft/openresty/nginx/conf/
rm -f nginx.conf
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/nginx.conf

# 启动nginx
../sbin/nginx

nginx2


yum -y install gcc gcc-c++ autoconf automake make      
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel
yum -y install openssl-devel libnl libnl-devel libnfnetlink-devel

cd /etc/init.d
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/realserver
chmod a+x realserver
service realserver start

mkdir -p /soft/openresty
mkdir -p /data/nginx/cache
mkdir -p /data/nginx/logs

cd /soft
wget https://openresty.org/download/openresty-1.17.8.2.tar.gz
tar -zxf openresty-1.17.8.2.tar.gz
cd openresty-1.17.8.2
./configure -j2 --prefix=/soft/openresty
make -j2
make install

cd /soft/openresty/nginx/conf/
rm -f nginx.conf
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/nginx.conf

# 启动nginx
../sbin/nginx

lvs-master

yum -y install gcc gcc-c++ autoconf automake make      
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel
yum -y install openssl-devel libnl libnl-devel libnfnetlink-devel
yum -y install ipvsadm keepalived

echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
echo "net.ipv4.ip_forward_use_pmtu=0" >> /etc/sysctl.conf
sysctl -p

cd /etc/keepalived
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/keepalived-nginx-master.conf
mv keepalived.conf keepalived.conf.bak
mv keepalived-nginx-backup.conf keepalived.conf

# 修改keepalived.conf文件vip rs ip

systemctl start keepalived

lvs-slave

yum -y install gcc gcc-c++ autoconf automake make      
yum -y install zlib zlib-devel openssl openssl-devel pcre pcre-devel
yum -y install openssl-devel libnl libnl-devel libnfnetlink-devel
yum -y install ipvsadm keepalived

echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
echo "net.ipv4.ip_forward_use_pmtu=0" >> /etc/sysctl.conf
sysctl -p

cd /etc/keepalived
wget https://res-bk.oss-cn-shenzhen.aliyuncs.com/keepalived-nginx-backup.conf
mv keepalived.conf keepalived.conf.bak
mv keepalived-nginx-backup.conf keepalived.conf

# 修改keepalived.conf文件vip rs ip

systemctl start keepalived

lvs-master 信息

> ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.23.199.100:80 rr
  -> 172.23.199.18:80             Route   1      0          0         
  -> 172.23.199.20:80             Route   1      0          1   
  
> lsmod | grep ip_vs
ip_vs_rr               12600  1 
ip_vs                 141092  3 ip_vs_rr
nf_conntrack          111302  1 ip_vs
libcrc32c              12644  1 ip_vs

> ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:16:3e:02:c4:33 brd ff:ff:ff:ff:ff:ff
    inet 172.23.199.21/20 brd 172.23.207.255 scope global dynamic eth0
       valid_lft 315359232sec preferred_lft 315359232sec
    inet 172.23.199.100/32 scope global eth0
       valid_lft forever preferred_lft forever

lvs-slave 信息

> ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.23.199.100:80 rr
  -> 172.23.199.18:80             Route   1      0          0         
  -> 172.23.199.20:80             Route   1      0          0
  
> lsmod | grep ip_vs
ip_vs_rr               12600  1 
ip_vs                 141092  3 ip_vs_rr
nf_conntrack          111302  1 ip_vs
libcrc32c              12644  1 ip_vs

> ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:16:3e:0c:5e:8c brd ff:ff:ff:ff:ff:ff
    inet 172.23.199.19/20 brd 172.23.207.255 scope global dynamic eth0
       valid_lft 315359242sec preferred_lft 315359242sec
    inet 172.23.199.100/32 scope global eth0
       valid_lft forever preferred_lft forever

配置信息

realserver

#!/bin/bash  
#   
# Script to start LVS DR real server.   
# description: LVS DR real server   
#   
.  /etc/rc.d/init.d/functions
VIP=172.23.199.100
host=`/bin/hostname`
case "$1" in
start)
       # Start LVS-DR real server on this machine.   
        /sbin/ifconfig lo down
        /sbin/ifconfig lo up
        echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore   
        echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce   
        echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore   
        echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
        /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up  
        /sbin/route add -host $VIP dev lo:0
;;
stop)
        # Stop LVS-DR real server loopback device(s).
        /sbin/ifconfig lo:0 down
        echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore   
        echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce   
        echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore   
        echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
        # Status of LVS-DR real server.  
        islothere=`/sbin/ifconfig lo:0 | grep $VIP`   
        isrothere=`netstat -rn | grep "lo:0" | grep $VIP`   
        if [ ! "$islothere" -o ! "isrothere" ];then   
            echo "LVS-DR real server Stopped."
        else
            echo "LVS-DR real server Running."
        fi
;;
*)
            # Invalid entry.
            echo "$0: Usage: $0 {start|status|stop}"
            exit 1
;;   
esac

keepalived-nginx-master.conf

global_defs {
    router_id director1
}

vrrp_instance VI_1 {
	state MASTER
	interface eth0
    virtual_router_id 100
	priority 100
	advert_int 1
	authentication {
		auth_type PASS
		auth_pass 123456
	}

	virtual_ipaddress {
		172.23.199.100
	}
}

virtual_server 172.23.199.100 80 {
	delay_loop 3
	lb_algo rr
	lb_kind DR
	persistence_time 0
	protocol TCP
	
	real_server 172.23.199.18 80 {
		weight 1
		TCP_CHECK {
			connect_timeout 10
			nb_get_retry 3
			delay_before_retry 3
			connect_port 80
		}
	}

	real_server 172.23.199.20 80 {
		weight 1
        TCP_CHECK {
                 connect_timeout 10
                 nb_get_retry 3
                 delay_before_retry 3
				connect_port 80
        }
	}

}

keepalived-nginx-backup.conf

global_defs {
    router_id director2
}

vrrp_instance VI_2 {
	state BACKUP
	interface eth0
    virtual_router_id 100
	priority 90
	advert_int 1

	authentication {
		auth_type PASS
		auth_pass 123456
	}

	virtual_ipaddress {
		172.23.199.100
	}
}

virtual_server 172.23.199.100 80 {
	delay_loop 3
	lb_algo rr
	lb_kind DR
	persistence_time 0
	protocol TCP
	
	real_server 172.23.199.18 80 {
		weight 1
		TCP_CHECK {
			connect_timeout 10
			nb_get_retry 3
			delay_before_retry 3
			connect_port 80
		}
	}

	real_server 172.22.199.20 80 {
		weight 1
        TCP_CHECK {
              connect_timeout 10
              nb_get_retry 3
              delay_before_retry 3
			  connect_port 80
         }
	}

}

展开
收起
游客lhyn7kbqoso5u 2020-10-20 18:17:46 1839 0
0 条回答
写回答
取消 提交回答
问答排行榜
最热
最新

相关电子书

更多
《Nginx 代理系统常用手册》 立即下载
CentOS Nginx PHP JAVA 多语言镜像使用手 立即下载
CentOS Nginx PHP JAVA多语言镜像使用手册 立即下载