Centos7 LVS+Keepalived+Nginx基于NAT模式构建高可用方案
1、准备机器
| 名称 | 网卡0 | 网卡1 | VIP |
| lvsmaster | 58.218.92.185(网关:58.218.92.1) | 10.77.1.20(不配置网关) | 58.218.92.187 |
| lvsbackup | 58.218.92.186(网关:58.218.92.1) | 10.77.1.21(不配置网关) | 58.218.92.187 |
| lvsnginx1 | 10.88.1.22(网关:10.88.1.1) | 10.77.1.22(网关:10.77.1.200) | |
| lvsnginx2 | 10.88.1.23(网关:10.88.1.1) | 10.77.1.23(网关:10.77.1.200) |
2、lvsmaster和lvsbackup安装ipvsadm
yum install ipvsadm
3、lvsmaster和lvsbackup安装Keepalived
yum install keepalived
systemctl status keepalived
systemctl start keepalived
systemctl enable keepalived 加入开机启动
4、lvsnginx1和lvsnginx2安装nginx
yum install yum-utils
vim /etc/yum.repos.d/nginx.repo
[nginx-stable] name=nginx stable repo baseurl=http://nginx.org/packages/centos/$releasever/$basearch/ gpgcheck=1 enabled=1 gpgkey=https://nginx.org/keys/nginx_signing.key [nginx-mainline] name=nginx mainline repo baseurl=http://nginx.org/packages/mainline/centos/$releasever/$basearch/ gpgcheck=1 enabled=0 gpgkey=https://nginx.org/keys/nginx_signing.key
yum clean all
yum install nginx
安装完后,rpm -qa | grep nginx 查看
加入开机启动:systemctl enable nginx
启动nginx:systemctl start nginx
查看nginx的状态:systemctl status nginx
重启nginx服务:systemctl restart nginx
停止nginx服务:systemctl stop nginx
5、修改lvsnginx1和lvsnginx2双网关双IP的配置,实现原路返回路由
修改10.88.1.22中
vim /etc/iproute2/rt_tables 添加
252 1
251 2
vim /etc/rc.d/init.d/network 最后添加 (在exit $rc 上添加)
ip route flush table 1
ip route add default via 10.88.1.1 dev eth0 src 10.88.1.22 table 1
ip rule add from 10.88.1.22 table 1
ip route flush table 2
ip route add default via 10.77.1.200 dev eth1 src 10.77.1.22 table 2
ip rule add from 10.77.1.22 table 2
修改10.88.1.23中
vim /etc/iproute2/rt_tables 添加
252 1
251 2
vim /etc/rc.d/init.d/network 最后添加 (在exit $rc 上添加)
ip route flush table 1
ip route add default via 10.88.1.1 dev eth0 src 10.88.1.23 table 1
ip rule add from 10.88.1.23 table 1
ip route flush table 2
ip route add default via 10.77.1.200 dev eth1 src 10.77.1.23 table 2
ip rule add from 10.77.1.23 table 2
6、配置lvsmaster(58.218.92.185)和lvsbackup(58.218.92.186)
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
zhanghuan@youxiang.com
}
notification_email_from lvsadmin@youxiang.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_Server_1
}
vrrp_instance VI_1 {
state MASTER #指定Keepalived的角色,MASTER为主,BACKUP为备 记得大写
interface eth0 #网卡id 不同的电脑网卡id会有区别 可以使用:ip a查
virtual_router_id 101 #虚拟路由编号,主备要一致
priority 100 #定义优先级,数字越大,优先级越高,主DR必须大于备用DR
advert_int 1 #检查间隔,默认为1s
authentication { #这里配置的密码最多为8位,主备要一致,否则无法正常通讯
auth_type PASS
auth_pass E2CSLVS20
}
virtual_ipaddress {
58.218.92.187 #定义虚拟IP(VIP)为58.218.92.187,可多设,每行一个
}
}
vrrp_instance VI_2 {
state MASTER #指定Keepalived的角色,MASTER为主,BACKUP为备 记得大写
interface eth1 #网卡id 不同的电脑网卡id会有区别 可以使用:ip a查
virtual_router_id 101 #虚拟路由编号,主备要一致
priority 100 #定义优先级,数字越大,优先级越高,主DR必须大于备用DR
advert_int 1 #检查间隔,默认为1s
authentication { #这里配置的密码最多为8位,主备要一致,否则无法正常通讯
auth_type PASS
auth_pass E2CSLVS20
}
virtual_ipaddress {
10.77.1.200 #定义虚拟IP(VIP)为10.77.1.200,可多设,每行一个
}
}
virtual_server 58.218.92.187 80 {
delay_loop 3 # 设置健康检查时间,单位是秒
lb_algo sh # 设置负载调度的算法为wlc 加权最小连接调度(wlc) rr轮询算法 sh session lvs调度算法rr|wrr|lc|wlc|lblc|sh|dh
lb_kind NAT # 设置LVS实现负载的机制,有NAT、TUN、DR三个模式
protocol TCP
real_server 10.77.1.22 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
}
}
real_server 10.77.1.23 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
}
}
}lvsbackup只是state、priority、router_id不同
此部署方法 lb_kind 必须为 NAT
7、lvsmaster、lvsbackup开启IP转发
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf sysctl -p touch /etc/sysconfig/ipvsadm
8、lvsmaster、lvsbackup重启 keepalived 查看 是否配置成功
systemctl restart keepalived
ip a
