這篇文章給大家分享的是搭建LVS的DR模式和配置keepalived+LVS的方法。小編覺(jué)得挺實(shí)用的，因此分享給大家學(xué)習(xí)。如下資料是關(guān)于keepalived和lvs-DR的內(nèi)容。

成都創(chuàng)新互聯(lián)公司主要從事網(wǎng)頁(yè)設(shè)計(jì)、PC網(wǎng)站建設(shè)（電腦版網(wǎng)站建設(shè)）、wap網(wǎng)站建設(shè)（手機(jī)版網(wǎng)站建設(shè)）、成都響應(yīng)式網(wǎng)站建設(shè)、程序開發(fā)、網(wǎng)站優(yōu)化、微網(wǎng)站、重慶小程序開發(fā)等，憑借多年來(lái)在互聯(lián)網(wǎng)的打拼，我們?cè)诨ヂ?lián)網(wǎng)網(wǎng)站建設(shè)行業(yè)積累了豐富的成都網(wǎng)站制作、成都網(wǎng)站建設(shè)、網(wǎng)站設(shè)計(jì)、網(wǎng)絡(luò)營(yíng)銷經(jīng)驗(yàn)，集策劃、開發(fā)、設(shè)計(jì)、營(yíng)銷、管理等多方位專業(yè)化運(yùn)作于一體。

什么是Keepalived

keepalived采用VRRP熱備份協(xié)議實(shí)現(xiàn)Linux服務(wù)器的多機(jī)熱備功能
VRRP,虛擬路由冗雜協(xié)議，是針對(duì)路由器的一種備份解決方案

keepalived可以實(shí)現(xiàn)多機(jī)熱備，每個(gè)熱備組可有多臺(tái)服務(wù)器，最常用的就是雙機(jī)熱備
雙擊熱備的故障切換是由虛擬IP地址的飄逸來(lái)實(shí)現(xiàn)，適用于各種應(yīng)用服務(wù)器

LVS-DR的ARP問(wèn)題

在LVS-DR的負(fù)載均衡群集中，負(fù)載均衡器與節(jié)點(diǎn)服務(wù)器都要配置相同的VIP地址
在局域網(wǎng)中具有相同的IP地址，勢(shì)必會(huì)造成服務(wù)器APR通信的紊亂
當(dāng)一個(gè)ARP廣播發(fā)送到LVS-DR集群時(shí)，因?yàn)樨?fù)載均衡器和節(jié)點(diǎn)服務(wù)器都是連接到相同的網(wǎng)絡(luò)上，它們都會(huì)接收到ARP廣播
此時(shí)只有前端的負(fù)載均衡器進(jìn)行響應(yīng)。其他節(jié)點(diǎn)服務(wù)器不應(yīng)該響應(yīng)ARP廣播

LVS-DR的ARP問(wèn)題解決方案

對(duì)節(jié)點(diǎn)服務(wù)器進(jìn)行處理，使其不響應(yīng)針對(duì)VIP的ARP請(qǐng)求
使用虛接口lo:0承載VIP地址
設(shè)置內(nèi)核參數(shù)arp_ignore=1:系統(tǒng)只響應(yīng)目的IP為本地IP的ARP請(qǐng)求

下面我們來(lái)做實(shí)驗(yàn)

實(shí)驗(yàn)規(guī)劃

我們需要五臺(tái)虛擬機(jī)
DR1  主服務(wù)器 192.168.100.201
DR4  備份服務(wù)器 192.168.100.202
web 5  192.168.100.221
web 7  192.168.100.222
vip     192.168.100.10
clent   192.168.100.50

把需要的LVS模塊，keepalived,http分別裝好

#1，4
[root@localhost ~]# yum install ipvsadm keepalived -y
#5，7
[root@localhost ~]# yum install httpd -y

第一臺(tái)主負(fù)載均衡調(diào)度器選擇僅主機(jī)模式，配置網(wǎng)卡

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 
BOOTPROTO=static #靜態(tài)
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes

IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=849aa04e-1874-490f-8cb0-b2fde4b9a6f8
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.201 #地址
NETMASK=255.255.255.0 #子網(wǎng) 掩碼
GATEWAY=192.168.100.1 #網(wǎng)關(guān)
[root@localhost ~]# systemctl restart network #ch重啟網(wǎng)絡(luò)服務(wù)
[root@localhost ~]# ifconfig #查看固定地址是否生效

第二臺(tái)4備份負(fù)載均衡調(diào)度器，綁定僅主機(jī)模式，配置網(wǎng)卡

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 

BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=c3f0a196-6819-4702-9b54-7cad18402591
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.202
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig

第三臺(tái)5web服務(wù)器綁定僅主機(jī)模式，配置網(wǎng)卡

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 

BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=a6cf69fe-eb42-4a99-9239-0da4cdeae0c7
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.221
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig

第四臺(tái)7web服務(wù)器綁定僅主機(jī)模式，配置網(wǎng)卡

[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33 
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=447e510f-fea3-4b6c-8f47-d0c6319ead28
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.222
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
[root@localhost ~]# systemctl restart network
[root@localhost ~]# ifconfig

配置第一臺(tái)1主服務(wù)器

[root@localhost ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward=1
#proc響應(yīng)關(guān)閉重定向功能
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]# sysctl -p #生效
net.ipv4.ip_forward = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

創(chuàng)建虛擬網(wǎng)卡

[root@localhost ~]# cd /etc/sysconfig/network-scripts/

[root@localhost network-scripts]# cp -p ifcfg-ens33 ifcfg-ens33:0
[root@localhost network-scripts]# vim ifcfg-ens33:0
100dd

DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0

[root@localhost network-scripts]# ifup ens33:0 #開啟網(wǎng)卡，這個(gè)網(wǎng)關(guān)是用來(lái)做虛擬IP的，相當(dāng)于一給訪問(wèn)入口

[root@localhost network-scripts]# ifconfig
[root@localhost network-scripts]# cd /etc/init.d/
[root@localhost init.d]# vim dr.sh
#!/bin/bash
GW=192.168.100.1
VIP=192.168.100.10
RIP1=192.168.100.221
RIP2=192.168.100.222
case "$1" in
start)
     /sbin/ipvsadm --save > /etc/sysconfig/ipvsadm
     systemctl start ipvsadm
     /sbin/ifconfig ens33:0 $VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up
     /sbin/route add -host $VIP dev ens33:0
     /sbin/ipvsadm -A -t $VIP:80 -s rr
     /sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
     /sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
     echo "ipvsadm starting --------------------[ok]"
     ;;
     stop)
     /sbin/ipvsadm -C
     systemctl stop ipvsadm
     ifconfig ens33:0 down
     route del $VIP
     echo "ipvsadm stoped---------------------[ok]"
     ;;
     status)
     if [ ! -e /var/lock/subsys/ipvsadm ];then
     echo "ipvsadm stoped---------------"
     exit 1
         else
         echo "ipvsamd Runing ---------[ok]"
     fi
     ;;
     *)
     echo "Usage: $0 {start|stop|status}"
   exit 1
     esac
     exit 0
  [root@localhost init.d]# service dr.sh start
ipvsadm starting --------------------[ok]
[root@localhost init.d]# systemctl status ipvsadm

配置第一臺(tái)5web服務(wù)器

[root@localhost ~]# systemctl start httpd.service 
[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# echo "this is accp web" > index.html
[root@localhost html]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.10
NETMASK=255.255.255.0
ONBOOT=yes

[root@localhost network-scripts]# cd /etc/init.d/
[root@localhost init.d]# vim web.sh
#寫一個(gè)腳本讓它能響應(yīng)調(diào)度服務(wù)器的控制，服務(wù)的啟動(dòng)和關(guān)閉
#!/bin/bash
VIP=192.168.100.10
     case "$1" in
     start)
         ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
         /sbin/route add -host $VIP dev lo:0
         echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
         echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
         echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
         echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
         sysctl -p >/dev/null 2>&1
         echo "RealServer Start OK "
         ;;
     stop)
         ifconfig lo:0 down
         route del $VIP /dev/null 2>&1
         echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
         echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
         echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
         echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
         echo "RealServer Stopd"
         ;;
     *)
         echo "Usage: $0 {start|stop}"
         exit 1
     esac
     exit 0

[root@localhost init.d]# chmod +x web.sh
[root@localhost init.d]# service web.sh start
RealServer Start OK 
[root@localhost init.d]# ifup lo:0 #開啟虛擬網(wǎng)卡
[root@localhost network-scripts]# ifconfig
lo:0: flags=73  mtu 65536
     inet 192.168.100.10  netmask 255.255.255.0
     loop  txqueuelen 1  (Local Loopback)

[root@localhost network-scripts]# firefox "http://127.0.0.1/" & #用火狐瀏覽器去訪問(wèn)回訪地址，放在后臺(tái)運(yùn)行
[2] 17973

配置第二臺(tái)7web服務(wù)器

[root@localhost ~]# systemctl start httpd

[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0

[root@localhost ~]# cd /var/www/html/
[root@localhost html]# echo "this is kgv web" > index.html
[root@localhost html]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.10
NETMASK=255.255.255.0
ONBOOT=yes
[root@localhost network-scripts]# cd /etc/init.d/
[root@localhost init.d]# vim web.sh

#!/bin/bash
VIP=192.168.100.10
     case "$1" in
     start)
         ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
         /sbin/route add -host $VIP dev lo:0
         echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
         echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
         echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
         echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
         sysctl -p >/dev/null 2>&1
         echo "RealServer Start OK "
         ;;
     stop)
         ifconfig lo:0 down
         route del $VIP /dev/null 2>&1
         echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
         echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
         echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
         echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
         echo "RealServer Stopd"
         ;;
     *)
         echo "Usage: $0 {start|stop}"
         exit 1
     esac
     exit 0
[root@localhost init.d]# chmod +x web.sh 
[root@localhost init.d]# ifup lo:0
[root@localhost init.d]# service web.sh start
RealServer Start OK 
[root@localhost init.d]# firefox "http://127.0.0.1/" &
[1] 17916

去客戶端去測(cè)試一下，先設(shè)置同一網(wǎng)段的地址

去1主服務(wù)器測(cè)試能不能Ping通兩個(gè)web服務(wù)器

[root@localhost init.d]# ping 192.168.100.221
PING 192.168.100.221 (192.168.100.221) 56(84) bytes of data.
64 bytes from 192.168.100.221: icmp_seq=1 ttl=64 time=0.416 ms
64 bytes from 192.168.100.221: icmp_seq=2 ttl=64 time=0.420 ms
[root@localhost init.d]# ping 192.168.100.222
PING 192.168.100.222 (192.168.100.222) 56(84) bytes of data.
64 bytes from 192.168.100.222: icmp_seq=1 ttl=64 time=0.348 ms
64 bytes from 192.168.100.222: icmp_seq=2 ttl=64 time=0.490 ms

再去客戶端測(cè)試一下，我們的LVS沒(méi)問(wèn)題

（我們刷新一下就跳出第二個(gè)網(wǎng)頁(yè)了）

去主服務(wù)器1配置keepalive

[root@localhost keepalived]# vim keepalived.conf

 10   smtp_server 127.0.0.1
 12   router_id LVS_01
22   virtual_router_id 10
 27     auth_pass abc123
30     192.168.100.10  #把原來(lái)的刪掉我們只需要一個(gè)

36 virtual_server 192.168.100.10 80 {
 39   lb_kind DR
45     TCP_CHECK {

43   real_server 192.168.100.221 80 {
 44     weight 1
 45     TCP_CHECK {
 46       connect_port 80
 47       connect_timeout 3
 48       nb_get_retry 3
 49       delay_before_retry 3
 50     }  
 51   }     
 52   real_server 192.168.100.222 80 {
 53     weight 1
 54     TCP_CHECK {
 55       connect_port 80
 56       connect_timeout 3

[root@localhost keepalived]# systemctl start keepalived.service 
[root@localhost keepalived]# systemctl status keepalived.service #查看狀態(tài)，如果沒(méi)起來(lái)在開啟一次
[root@localhost keepalived]# ip addr show dev ens33:0 #查看網(wǎng)卡有沒(méi)有被啟動(dòng)起來(lái)
2: ens33:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
   link/ether 00:0c:29:c9:dd:05 brd ff:ff:ff:ff:ff:ff
   inet 192.168.100.201/24 brd 192.168.100.255 scope global ens33
    valid_lft forever preferred_lft forever
   inet 192.168.100.10/24 brd 192.168.100.255 scope global secondary ens33:0
    valid_lft forever preferred_lft forever
   inet6 fe80::e3c7:14af:6e4d:7216/64 scope link 
    valid_lft forever preferred_lft forever

同樣的配置第二臺(tái)備份的4服務(wù)器

[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# setenforce 0
[root@localhost ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward=1
#proc響應(yīng)關(guān)閉重定向功能
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]# sysctl -p #生效
net.ipv4.ip_forward = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

創(chuàng)建虛擬網(wǎng)卡

[root@localhost ~]# cd /etc/sysconfig/network-scripts/

[root@localhost network-scripts]# cp -p ifcfg-ens33 ifcfg-ens33:0
[root@localhost network-scripts]# vim ifcfg-ens33:0
100dd

DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0
[root@localhost network-scripts]# service network restart
Restarting network (via systemctl):             [  確定  ]

[root@localhost network-scripts]# ifup ens33:0 #開啟網(wǎng)卡，這個(gè)網(wǎng)關(guān)是用來(lái)做虛擬IP的，相當(dāng)于一給訪問(wèn)入口

[root@localhost network-scripts]# ifconfig
[root@localhost network-scripts]# cd /etc/init.d/
[root@localhost init.d]# vim dr.sh
#!/bin/bash
GW=192.168.100.1
VIP=192.168.100.10
RIP1=192.168.100.221
RIP2=192.168.100.222
case "$1" in
start)
     /sbin/ipvsadm --save > /etc/sysconfig/ipvsadm
     systemctl start ipvsadm
     /sbin/ifconfig ens33:0 $VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up
     /sbin/route add -host $VIP dev ens33:0
     /sbin/ipvsadm -A -t $VIP:80 -s rr
     /sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
     /sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
     echo "ipvsadm starting --------------------[ok]"
     ;;
     stop)
     /sbin/ipvsadm -C
     systemctl stop ipvsadm
     ifconfig ens33:0 down
     route del $VIP
     echo "ipvsadm stoped---------------------[ok]"
     ;;
     status)
     if [ ! -e /var/lock/subsys/ipvsadm ];then
     echo "ipvsadm stoped---------------"
     exit 1
         else
         echo "ipvsamd Runing ---------[ok]"
     fi
     ;;
     *)
     echo "Usage: $0 {start|stop|status}"
   exit 1
     esac
     exit 0

[root@localhost init.d]# chmod +x dr.sh
[root@localhost init.d]# service dr.sh start
ipvsadm starting --------------------[ok]
[root@localhost init.d]# cd /etc/keepalived/
[root@localhost keepalived]# vim keepalived.conf 
 10   smtp_server 127.0.0.1
 12   router_id LVS_02
 20   state BACKUP
 22   virtual_router_id 10
 23   priority 99
27     auth_pass abc123
30     192.168.100.10

[root@localhost keepalived]# systemctl start keepalived.service 
[root@localhost keepalived]# systemctl status keepalived.service #查看狀態(tài)，如果沒(méi)起來(lái)在開啟一次

我們把主服務(wù)器1關(guān)掉，去客戶端去測(cè)試一下是不是還能Ping通

[root@localhost keepalived]# ifdown ens33:0
C:\Users\CHEN>ping 192.168.100.10
正在 Ping 192.168.100.10 具有 32 字節(jié)的數(shù)據(jù):
來(lái)自 192.168.100.10 的回復(fù): 字節(jié)=32 時(shí)間<1ms TTL=64
來(lái)自 192.168.100.10 的回復(fù): 字節(jié)=32 時(shí)間<1ms TTL=64
來(lái)自 192.168.100.10 的回復(fù): 字節(jié)=32 時(shí)間<1ms TTL=64
來(lái)自 192.168.100.10 的回復(fù): 字節(jié)=32 時(shí)間<1ms TTL=6

以上就是搭建LVS的DR模式和配置keepalived+LVS的方法介紹，詳細(xì)使用情況還得要大家自己使用過(guò)才能知道具體要領(lǐng)。如果想閱讀更多相關(guān)內(nèi)容的文章，歡迎關(guān)注創(chuàng)新互聯(lián)行業(yè)資訊頻道！

另外有需要云服務(wù)器可以了解下創(chuàng)新互聯(lián)cdcxhl.cn，海內(nèi)外云服務(wù)器15元起步，三天無(wú)理由+7*72小時(shí)售后在線，公司持有idc許可證，提供“云服務(wù)器、裸金屬服務(wù)器、高防服務(wù)器、香港服務(wù)器、美國(guó)服務(wù)器、虛擬主機(jī)、免備案服務(wù)器”等云主機(jī)租用服務(wù)以及企業(yè)上云的綜合解決方案，具有“安全穩(wěn)定、簡(jiǎn)單易用、服務(wù)可用性高、性價(jià)比高”等特點(diǎn)與優(yōu)勢(shì)，專為企業(yè)上云打造定制，能夠滿足用戶豐富、多元化的應(yīng)用場(chǎng)景需求。

分享名稱：搭建LVS的DR模式和配置keepalived+LVS-創(chuàng)新互聯(lián)
轉(zhuǎn)載源于：http://weahome.cn/article/ipici.html