centos7如何保存ipvsadm规则
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了centos7如何保存ipvsadm规则相关的知识,希望对你有一定的参考价值。
ipvsadm -A -t 192.168.30.100:80 -s wlc
ipvsadm -a -t 192.168.30.100:80 -r 192.168.30.10 -g -w 1
ipvsadm -a -t 192.168.30.100:80 -r 192.168.30.20 -g -w 2
以上规则创建后,重启服务器就消失,无法永久保存,centos6上的保存命令service ipvsadm save无效
keepalived:10.10.10.30(CentOS 7)
lvs1:10.10.10.140(CentOS 6.4)
lvs2:10.10.10.150(CentOS 6.4)
二、在lvs1:10.10.10.140上配置
[root@LVS1 ~]# yum install -y httpd
[root@LVS1 ~]# /etc/init.d/httpd start
[root@LVS1 ~]# cd /var/www/html/
[root@LVS1 html]# echo "ok" > keep.html
[root@LVS1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:15:B7:DC
TYPE=Ethernet
UUID=93f4695a-8641-4360-9fce-5e3af0e32fc9
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=10.10.10.140
NETMASK=255.255.255.0
GATEWAY=10.10.10.30
[root@LVS1 ~]#/etc/init.d/network restart
[root@LVS1 ~]#/sbin/ifconfig eth0:0 10.10.10.140 broadcast 10.10.10.255 netmask 255.255.255.255 up
三、在lvs2:10.10.10.150上配置
[root@LVS2 ~]# yum install -y httpd
[root@LVS2 ~]# /etc/init.d/httpd start
[root@LVS2 ~]# cd /var/www/html/
[root@LVS2 html]# echo "ok" > keep.html
[root@LVS2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=00:0C:29:0D:33:AC
TYPE=Ethernet
UUID=e04f57dc-ef9d-4563-bfa4-9c8c1e8fc870
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=10.10.10.150
NETMASK=255.255.255.0
GATEWAY=10.10.10.30
[root@LVS2 ~]#/etc/init.d/network restart
[root@LVS2 ~]#/sbin/ifconfig eth0:0 10.10.10.140 broadcast 10.10.10.255 netmask 255.255.255.255 up
四、在keepalived:10.10.10.30上配置
[root@KEEP ~]# vim /etc/sysconfig/network-scripts/ifcfg-eno33554984
HWADDR=00:0C:29:DC:FE:1B
TYPE=Ethernet
BOOTPROTO=static
DEFROUTE=yes
PEERDNS=yes
PEERROUTES=yes
IPV4_FAILURE_FATAL=no
#IPV6INIT=yes
#IPV6_AUTOCONF=yes
#IPV6_DEFROUTE=yes
#IPV6_PEERDNS=yes
#IPV6_PEERROUTES=yes
#IPV6_FAILURE_FATAL=no
NAME=eno33554984
#UUID=56cae8b8-235f-471d-9051-2508ee149e48
ONBOOT=yes
NM_CONTROLLED=no
IPADDR=10.10.10.30
NETMASK=255.255.255.0
[root@KEEP ~]# /etc/init.d/network restart
[root@KEEP ~]# cd /data/keepalived/
[root@KEEP keepalived]# tar zxvf keepalived-1.2.12.tar.gz
[root@KEEP keepalived]# cd keepalived-1.2.12/
[root@KEEP keepalived-1.2.12]# ./configure --prefix=/usr/local/keepalived
[root@KEEP keepalived-1.2.12]# make
[root@KEEP keepalived-1.2.12]# make install
[root@KEEP keepalived-1.2.2]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@KEEP keepalived-1.2.2]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@KEEP keepalived-1.2.2]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@KEEP keepalived-1.2.2]# ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
[root@KEEP keepalived-1.2.12]# cd
##keepalived健康检查 HTTP_GET
[root@KEEP ~]# /usr/local/keepalived/bin/genhash -s 10.10.10.140 -p 80 -u /keep.html
MD5SUM = eff5bc1ef8ec9d03e640fc4370f5eacd
[root@KEEP ~]# /usr/local/keepalived/bin/genhash -s 10.10.10.150 -p 80 -u /keep.html
MD5SUM = eff5bc1ef8ec9d03e640fc4370f5eacd
[root@KEEP ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs
router_id LVS_DEVEL
vrrp_instance VI_1
state MASTER
interface eno33554984
virtual_router_id 51
priority 100
advert_int 1
authentication
auth_type PASS
auth_pass 1111
virtual_ipaddress
10.10.10.250
virtual_server 10.10.10.250 80
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 10.10.10.140 80
weight 1
HTTP_GET
url
path /keep.html
digest eff5bc1ef8ec9d03e640fc4370f5eacd
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
real_server 10.10.10.150 80
weight 1
HTTP_GET
url
path /keep.html
digest eff5bc1ef8ec9d03e640fc4370f5eacd
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
[root@KEEP ~]# /etc/init.d/keepalived restart
五、在keepalived:10.10.10.30上用ipvsadm 命令测试
[root@KEEP ~]# yum install -y ipvsadm
[root@KEEP ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.10.250:80 wrr persistent 50
-> 10.10.10.140:80 Route 1 0 0
-> 10.10.10.150:80 Route 1 0 0
在10.10.10.140执行
[root@LVS1 html]# echo "" > keep.html
[root@KEEP ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.10.250:80 wrr persistent 50
-> 10.10.10.150:80 Route 1 0 0
再在10.10.10.140执行
[root@LVS1 html]# echo "ok" > keep.html
[root@KEEP ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.10.250:80 wrr persistent 50
-> 10.10.10.140:80 Route 1 0 0
-> 10.10.10.150:80 Route 1 0 0 参考技术A
我印象中好像ipvsadm是没有保存命令的。我一般都是写在一个shell文件里,比如lvs.sh。然后把它写在/etc/rc.local文件里,写成:
sh /root/lvs.sh这样每次从启的时候,服务器会执行一次这里的脚本。
lvs的配置
一、lvs的语法:
- 添加:
ipvsadm -A -t 192.168.8.252 -s wrr - 删除:
ipvsadm -D -t 192.168.8.252 -s wrr - 修改:
ipvsadm -E -t 192.168.8.252 -s rr - 查看规则:
ipvsadm -Ln - 清空规则:
ipvsadm -C - 添加真实服务器:
ipvsadm -a -t 192.168.8.252 -r 192.168.8.83 -g - 删除真实服务器:
ipvsadm -d -t 192.168.8.252 -r 192.168.8.83 - 备份:
ipvsadm -S > ipvsadm.txt - 还原:
ipvsadm -R < ipvsadm.txt二、NAT模式的部署:
- 服务器列表:
角色 内网ip 外网ip lvs服务器 192.168.8.81 192.168.8.252 web1服务器 192.168.8.83 - web2服务器 192.168.8.84 - - lvs服务器配置:
a. 内网ip:
b. 外网ip:
c. 开启路由转发:
- web1服务器配置:
#. 内网配置(网关指向lvs服务器):
- web2服务器配置:
#. 内网配置(网关指向lvs服务器):
三、DR模式的部署:
- 服务器列表:
角色 内网ip 外网ip 路由器 192.168.8.82 192.168.8.253 lvs服务器 192.168.8.81 192.168.8.252 web1服务器 192.168.8.83 192.168.8.252 web2服务器 192.168.8.84 192.168.8.252 - 路由器配置:
a. 内网配置:
b. 外网配置:
c. 开启路由转发:
d. 防火墙设置路由转发规则(可选):
- lvs服务器配置:
a. 内网配置:
b. 外网配置:
c. 在lvs上添加规则:
- web1服务器配置:
a. 内网配置:
b. 外网配置:
c. 避免地址冲突:
- web2服务器配置(参照web1配置)
- 浏览器访问(192.168.8.252):
a. 页面一:
b. 页面二:
以上是关于centos7如何保存ipvsadm规则的主要内容,如果未能解决你的问题,请参考以下文章