LVS+KEEPALIVED(双实例双主模式)+NGINX反向代理

一、搭建要求

LVS+KEEPALIVED+NGINX(反向代理)+WEB01(NGINX)+WEB02(APACHE)

#以下以keepalived的端口形式配置LVS(keepalived双实例双主模式),而不用手工配置。

#以下机器忽略安装apache和nginx,只提供主要配置,当更新博客时会在这加上apache和nginx的安装与配置的博客地址。

#nginx安装版本为nginx-1.6.3.tar.gz,apache安装版本为httpd-2.2.31.tar.gz。


二、前提条件

21虚拟机硬件配置

Vmvare安装包为: Vmvare12-x64

wKiom1eo0LTDH2ftAACvvLYO17g056.jpg-wh_50

wKioL1eo0NrQqYr5AAEBgDoz9Hg925.jpg-wh_50


wKioL1eo0KmwhI80AAEhGCKD6QU995.jpg-wh_50



22所有节点的系统基本信息

[root@lb01 ~]# cat /etc/redhat-release

CentOS release 6.7 (Final)

[root@lb01 ~]# uname -r

2.6.32-573.el6.x86_64

 

23准备4台虚拟机器

wKioL1eo0SqxqdCGAAA0IUSjgQI981.jpg

231所有节点的系统基本信息

[root@lb01 ~]# cat /etc/redhat-release

CentOS release 6.7 (Final)

[root@lb01 ~]# uname -r

2.6.32-573.el6.x86_64

 

232LVS+负载均衡+NGINX反向代理的LB01主节点lb01基本信息

[root@lb01 ~]# ifconfig eth0|awk -F '[: ]+' 'NR==2{print$4}'    

10.0.0.5

[root@lb01 ~]# ifconfig eth1|awk -F '[: ]+' 'NR==2{print$4}'

172.16.1.5

[root@lb01 ~]# cat /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=lb01

 

233LVS+负载均衡+NGINX反向代理的LB02备节点lb02基本信息

[root@lb02 ~]# ifconfig eth0|awk -F '[: ]+' 'NR==2{print$4}'

10.0.0.6

[root@lb02 ~]# ifconfig eth1|awk -F '[: ]+' 'NR==2{print$4}'

172.16.1.6

[root@lb02 ~]# cat /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=lb02

 

234 WEB02(apache)节点基本信息

[root@web02 ~]# ifconfig eth0|awk -F '[: ]+' 'NR==2{print$4}'

10.0.0.7

[root@web02 ~]# ifconfig eth1|awk -F '[: ]+' 'NR==2{print$4}'

172.16.1.7

[root@web02 ~]# cat /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=web02

 

235 WEB01(nginx)节点基本信息

[root@web01 ~]# ifconfig eth0|awk -F '[: ]+' 'NR==2{print$4}'

10.0.0.8

[root@web01 ~]# ifconfig eth1|awk -F '[: ]+' 'NR==2{print$4}'

172.16.1.8

[root@web01 ~]# cat /etc/sysconfig/network

NETWORKING=yes

HOSTNAME=web01

 

三、安装keepalived

31lb01lb02两台机器都安装keepalived

311关掉这两台机器的nginx服务,避免出错。

[root@lb01 ~]# ps -ef|grep nginx|grep -v grep

#如果有nginx进程,那么需要关掉以下服务

[root@lb01 ~]# /application/nginx/sbin/nginx -s stop

 

312关掉这两台机器的iptables防火墙,防止裂脑

 

[root@lb01 tools]# /etc/init.d/iptables stop

[root@lb01 tools]# /etc/init.d/iptables status

iptables: Firewall is not running.

 

323安装keepalived

[root@lb01 ~]# rpm -qa keepalived

[root@lb01 ~]# yum install keepalived -y

[root@lb01 ~]# rpm -qa keepalived      

keepalived-1.2.13-5.el6_6.x86_64

[root@lb01 ~]# /etc/init.d/keepalived start

Starting keepalived:                                       [ OK  ]

[root@lb01 ~]# ps -ef|grep keepalived|grep -v grep

root      1539      1  0 00:45 ?        00:00:00 /usr/sbin/keepalived -D

root      1541   1539  0 00:45 ?        00:00:00 /usr/sbin/keepalived -D

root      1542   1539  0 00:45 ?       00:00:00/usr/sbin/keepalived -D

[root@lb01 ~]# /etc/init.d/keepalived stop

Stopping keepalived:                                       [  OK  ]

[root@lb01 ~]# ls -l /etc/keepalived/keepalived.conf

-rw-r--r-- 1 root root 3562 Mar 19  2015 /etc/keepalived/keepalived.conf

[root@lb01 ~]# cp /etc/keepalived/keepalived.conf/etc/keepalived/keepalived.conf.ori.20160808

 

324测试keepalivedIP漂移功能

[root@lb01 tools]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

 

global_defs {

   router_id lb01

}

vrrp_instance VI_1 {

    state MASTER

    interface eth0

   virtual_router_id 55

    priority 150

    advert_int 1

    authentication{

        auth_typePASS

        auth_pass1111

    }

   virtual_ipaddress {

        10.0.0.3/24dev eth0 label eth0:1

    }

}

 

 

[root@lb02 nginx]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

 

global_defs {

   router_id lb02

}

vrrp_instance VI_1 {

    state BACKUP

    interface eth0

   virtual_router_id 55

    priority 100

    advert_int 1

    authentication{

        auth_typePASS

        auth_pass1111

    }

   virtual_ipaddress {

        10.0.0.3/24dev eth0 label eth0:1

    }

}

 

[root@lb01 tools]# ip addr|egrep "10.0.0.3"

    inet10.0.0.3/24 scope global secondary eth0:1

[root@lb02 nginx]# ip addr|egrep "10.0.0.3"

 

[root@lb01 tools]# /etc/init.d/keepalived stop

Stopping keepalived:                                       [  OK  ]

[root@lb01 tools]# ip addr|egrep "10.0.0.3"

 

[root@lb02 nginx]# ip addr|egrep "10.0.0.3"

    inet10.0.0.3/24 scope global secondary eth0:1

 

[root@lb01 tools]# /etc/init.d/keepalived start

Starting keepalived:                                       [  OK  ]

[root@lb01 tools]# ip addr|egrep "10.0.0.3"

    inet10.0.0.3/24 scope global secondary eth0:1

 

[root@lb01 tools]# /etc/init.d/keepalived stop

Stopping keepalived:                                       [  OK  ]

[root@lb01 tools]# /etc/init.d/keepalived status

keepalived is stopped

[root@lb02 nginx]# /etc/init.d/keepalived stop

Stopping keepalived:                                       [  OK  ]

[root@lb02 nginx]# /etc/init.d/keepalived status

keepalived is stopped

 

32配置keepalived日志文件

[root@lb01 tools]# grep KEEPALIVED_OPTIONS/etc/sysconfig/keepalived

KEEPALIVED_OPTIONS="-D"

[root@lb01 tools]# sed -i.ori.20160808 '14s#KEEPALIVED_OPTIONS="-D"#KEEPALIVED_OPTIONS="-D -d -S0"#g' /etc/sysconfig/keepalived

[root@lb01 tools]# grep KEEPALIVED_OPTIONS/etc/sysconfig/keepalived                                                             

KEEPALIVED_OPTIONS="-D -d -S 0"

[root@lb01 tools]# cp /etc/rsyslog.conf/etc/rsyslog.conf.ori.20160808

[root@lb01 tools]# cat -n /etc/rsyslog.conf|grep"/var/log/messages"                                                                   42  *.info;mail.none;authpriv.none;cron.none                /var/log/messages

[root@lb01 tools]# cat -n /etc/rsyslog.conf|grep"/var/log/messages"

    42 *.info;mail.none;authpriv.none;cron.none;local0.none                /var/log/messages

[root@lb01 tools]# echo "local0.*                                               /var/log/keepalived.log" >> /etc/rsyslog.conf

 

#设置local0是由于下述文件的配置决定的

[root@lb01 tools]# cat -n /etc/sysconfig/keepalived|greplog-facility

11  #--log-facility       -S    0-7 Set local syslog facility(default=LOG_DAEMON)

 

[root@lb01 tools]# tail -1 /etc/rsyslog.conf

local0.*                                               /var/log/keepalived.log

[root@lb01 tools]# /etc/init.d/rsyslog restart

Shutting down system logger:                               [  OK  ]

Starting system logger:                                    [  OK  ]

 

#启动keepalived测试日志。两台机器都要测试。

[root@lb01 tools]# /etc/init.d/keepalived start

Starting keepalived:                                       [  OK  ]

[root@lb01 tools]# /etc/init.d/keepalived stop

Stopping keepalived:                                       [  OK  ]

[root@lb01 ~]# tailf /var/log/keepalived.log

Aug  9 01:29:43lb01 Keepalived[1894]: Starting Keepalived v1.2.13 (03/19,2015)

Aug  9 01:29:43lb01 Keepalived[1895]: Starting Healthcheck child process, pid=1897

Aug  9 01:29:43lb01 Keepalived[1895]: Starting VRRP child process, pid=1898

…………….

Aug  9 01:29:47lb01 Keepalived[1895]: Stopping Keepalived v1.2.13 (03/19,2015)

 

 

四、安装LVS

41lb01lb02两台机器都安装LVS

411关掉这两台机器的nginx服务,避免出错。

[root@lb01 ~]# ps -ef|grep nginx|grep -v grep

#如果有nginx进程,那么需要关掉以下服务

[root@lb01 ~]# /application/nginx/sbin/nginx -s stop

[root@lb01 tools]# pkill nginx

 

422安装LVS

[root@lb01 tools]# rpm -qa ipvsadm

[root@lb01 tools]# yum install ipvsadm -y

[root@lb01 tools]# rpm -qa ipvsadm

ipvsadm-1.26-4.el6.x86_64

##ipvsadm-1.26对内核有要求,要求内核版本在2.6.28及以后的版本,如果符合了系统环境,

#还要安装依赖包yum install libnlpopt -y

#编译有使用的路径为/usr/src/linux,可在Makefile中查看,如果不做链接,会编译失败

[root@lb01 tools]# ln -s/usr/src/kernels/2.6.32-573.el6.x86_64/ /usr/src/linux

#上述内核值对应下述配置

[root@lb01 tools]# uname -r

2.6.32-573.el6.x86_64

#如果没有,那么要安装

[root@lb01 tools]# yum install kernel-devel -y

[root@lb01 tools]# rpm -qa kernel

kernel-2.6.32-573.el6.x86_64

[root@lb01 tools]# ls -ld /usr/src/linux/

drwxr-xr-x. 22 root root 4096 Mar  6 16:24 /usr/src/linux/

#下述不显示结果是没启动keepalived或者直接命令行执行ipvsadm即可

[root@lb01 tools]# lsmod|grep ip_vs

ip_vs_rr               1420  0

ip_vs                126534  2 ip_vs_rr

libcrc32c              1246  1 ip_vs

ipv6                 335589  265 ip_vs

 

 

五、WEB02(apache)节点配置信息

51基本配置

[root@web02 tools]# sed -n '27,34p' /application/apache/conf/extra/httpd-vhosts.conf

<VirtualHost *:80>

    ServerAdminoldboy@oldboyedu.com

    DocumentRoot"/application/apache2.2.31/htdocs/www"

    ServerNamewww.etiantian.org

    ServerAliasetiantian.org

    ErrorLog"/app/logs/www-error_log"

    CustomLog"/app/logs/www-access_log" common

</VirtualHost>

 

[root@web02 tools]# cat/application/apache/htdocs/www/index.html                                

10.0.0.7 web02 www apache

 

[root@web02 tools]# cat /etc/hosts|grep 172.16.1.7

172.16.1.7      web02  www.etiantian.org

 

52测试

[root@web02 tools]# /application/apache/bin/apachectl -t

Syntax OK

[root@web02 tools]# /application/apache/bin/apachectlstart

[root@web02 tools]# curl www.etiantian.org

10.0.0.7 web02 www apache

[root@web02 tools]# /application/apache/bin/apachectlstop

[root@web02 tools]# ps -ef|grep httpd|grep -v grep

 

 

六、WEB01(nginx)节点配置信息

61基本配置

 

[root@web01 tools]# cat/application/nginx/conf/nginx.conf

worker_processes 1;

error_log logs/error.log;

events {

   worker_connections  1024;

}

http {

    include       mime.types;

   default_type application/octet-stream;

    sendfile        on;

   keepalive_timeout  65;

    log_format  main '$remote_addr - $remote_user [$time_local] "$request" '

                      '$status $body_bytes_sent"$http_referer" '

                     '"$http_user_agent" "$http_x_forwarded_for"';

    server {

        listen       80;

       server_name  www.etiantian.org;

        location /{

           root   html/www;

           index  index.html index.htm;

        }

        access_loglogs/access_www.log main;

    }

}

[root@web01 tools]# cat/application/nginx/html/www/index.html

10.0.0.8 web01 www nginx

 

[root@web01 tools]# cat /etc/hosts|grep 172.16.1.8

172.16.1.8      web01   www.etiantian.org

 

62测试

[root@web01 tools]# /application/nginx/sbin/nginx -t

nginx: the configuration file/application/nginx-1.6.3//conf/nginx.conf syntax is ok

nginx: configuration file/application/nginx-1.6.3//conf/nginx.conf test is successful

[root@web01 tools]# /application/nginx/sbin/nginx

[root@web01 tools]# curl www.etiantian.org

10.0.0.8 web01 www nginx

 

 

七、WEB02(apache)WEB01(nginx)共同配置

#以下配置是临时生效的,重启机器失效。

[root@web02 tools]# ip addr add 10.0.0.3/32 dev lo labello:1

[root@web02 tools]# ip addr|grep 10.0.0.3

    inet10.0.0.3/32 scope global lo:1

[root@web02 tools]# echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore

[root@web02 tools]# cat/proc/sys/net/ipv4/conf/lo/arp_ignore

1

[root@web02 tools]# echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce

[root@web02 tools]# cat/proc/sys/net/ipv4/conf/lo/arp_announce

2

[root@web02 tools]# echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore

[root@web02 tools]# cat/proc/sys/net/ipv4/conf/all/arp_ignore

1

[root@web02 tools]# echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

[root@web02 tools]# cat/proc/sys/net/ipv4/conf/all/arp_announce

2

 

 

八、以keepalived的端口形式配置LVS(keepalived双实例双主模式)

81共同配置

#linux的hosts文件

[root@lb01 tools]# tail -1 /etc/hosts

10.0.0.3       www.etiantian.org

 

#windows的hosts文件

10.0.0.3  www.etiantian.org

 

82启动WEB02(apache)WEB01(nginx)

[root@web02 tools]# ps -ef|grep httpd

root      2070   1779  0 02:07 pts/0    00:00:00 grep httpd

[root@web02 tools]# /application/apache/bin/apachectlstart

[root@web02 tools]# ps -ef|grep httpd|grep -v grep        

root      2074      1  0 02:07 ?        00:00:00/application/apache2.2.31/bin/httpd -k start

www       2075   2074  0 02:07 ?        00:00:00/application/apache2.2.31/bin/httpd -k start

www       2076   2074  0 02:07 ?        00:00:00/application/apache2.2.31/bin/httpd -k start

www       2077   2074  0 02:07 ?        00:00:00/application/apache2.2.31/bin/httpd -k start

 

[root@web01 tools]# /application/nginx/sbin/nginx -t

nginx: the configuration file /application/nginx-1.6.3//conf/nginx.confsyntax is ok

nginx: configuration file/application/nginx-1.6.3//conf/nginx.conf test is successful

[root@web01 tools]# /application/nginx/sbin/nginx

[root@web01 tools]# netstat -lntup|grep nginx

tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      1694/nginx    


 

82LVS+负载均衡+NGINX反向代理的LB01主节点

821配置

8211keepalived文件配置

[root@lb01 tools]# >/etc/keepalived/keepalived.conf

[root@lb01 tools]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

 

global_defs {

   router_id lb01

}

vrrp_instance VI_1 {

    state MASTER

    interface eth0

   virtual_router_id 51

    priority 150

    advert_int 1

    authentication{

        auth_typePASS

        auth_pass1111

    }

   virtual_ipaddress {

    10.0.0.3/24 deveth0 label eth0:3

    }

}

vrrp_instance VI_2 {

    state BACKUP

    interface eth0

   virtual_router_id 52

    priority 100

    advert_int 1

    authentication{

        auth_typePASS

        auth_pass1112

    }

   virtual_ipaddress {

    10.0.0.4/24 deveth0 label eth0:4

    }

}

#ipvsadm -A -t 10.0.0.3:80 -s wrr -p 20

virtual_server 10.0.0.3 80 {

    delay_loop6         

    lb_algowrr               

    lb_kind DR               

    nat_mask255.255.255.0

   persistence_timeout 50    

    protocolTCP 

             

#ipvsadm -a -t 10.0.0.3:80 -r 10.0.0.7:80 -g -w 1  

    real_server10.0.0.7 80 {

        weight1             

        TCP_CHECK {

       connect_timeout 8       

       nb_get_retry 3

       delay_before_retry 3

       connect_port 80

        }

    }

#ipvsadm -a -t 10.0.0.3:80 -r 10.0.0.8:80 -g -w 1  

    real_server10.0.0.8 80 {

        weight1             

        TCP_CHECK {

       connect_timeout 8       

       nb_get_retry 3

       delay_before_retry 3

       connect_port 80

        }

    }

}

 

8212nginx文件配置

[root@lb01 tools]# >/application/nginx/conf/nginx.conf

[root@lb01 tools]# cat /application/nginx/conf/nginx.conf

worker_processes 1;

error_log logs/error.log;

events {

   worker_connections  1024;

}

http {

    include       mime.types;

   default_type application/octet-stream;

    sendfile        on;

   keepalive_timeout  65;

    upstreamwww_server_pools{

        server172.16.1.7:80 weight=1;

        server172.16.1.8:80 weight=1;

    }

    server {

        listen       10.0.0.3:80;       

       server_name  www.etiantian.org;

        location /{

           proxy_pass http://www_server_pools;

           proxy_set_header Host $host;

           proxy_set_header X-Forwarded-For $remote_addr;

        }

    }

}

 

8213hosts文件配置

[root@lb01 tools]# tail -1 /etc/hosts

10.0.0.3       www.etiantian.org

 

822测试

[root@lb01 tools]# /application/nginx/sbin/nginx -t

nginx: the configuration file/application/nginx-1.6.3/conf/nginx.conf syntax is ok

nginx: [emerg] bind() to 10.0.0.3:80 failed (99: Cannotassign requested address)

nginx: configuration file/application/nginx-1.6.3/conf/nginx.conf test failed

#出现这个的原因是当不同的虚拟主机监听了同一个VIP时,如果lb01的keepalived服务关掉了,那么本机的nginx起不来,因为本地没这个10.0.0.3地址。改内核生效,再起nginx即可。

[root@lb01 tools]# echo 'net.ipv4.ip_nonlocal_bind = 1'>> /etc/sysctl.conf

[root@lb01 tools]# sysctl -p

[root@lb01 tools]# /application/nginx/sbin/nginx -t

nginx: the configuration file/application/nginx-1.6.3/conf/nginx.conf syntax is ok

nginx: configuration file/application/nginx-1.6.3/conf/nginx.conf test is successful

[root@lb01 tools]# /application/nginx/sbin/nginx

[root@lb01 tools]# netstat -lntup|grep nginx

tcp        0      0 10.0.0.3:80                 0.0.0.0:*                   LISTEN      2004/nginx  

[root@lb01 tools]# /etc/init.d/keepalived start

Starting keepalived:                                       [  OK  ]

 

[root@lb01 tools]# ip addr|egrep "10.0.0.3"

    inet10.0.0.3/24 scope global secondary eth0:3

[root@lb01 tools]# ipvsadm -Ln            

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  ->RemoteAddress:Port           ForwardWeight ActiveConn InActConn

TCP  10.0.0.3:80wrr persistent 50

  ->10.0.0.7:80                  Route   1     0          0        

  ->10.0.0.8:80                  Route   1     0          0  

 

 

83LVS+负载均衡+NGINX反向代理的LB02备节点

831配置

8311keepalived文件配置

[root@lb02 nginx]# cat/etc/keepalived/keepalived.conf  

! Configuration File for keepalived

 

global_defs {

   router_id lb02

}

vrrp_instance VI_1 {

    state BACKUP

    interface eth0

   virtual_router_id 51

    priority 100

    advert_int 1

    authentication{

        auth_typePASS

        auth_pass1111

    }

   virtual_ipaddress {

    10.0.0.3/24 deveth0 label eth0:3

    }

}

vrrp_instance VI_2 {

    state MASTER

    interface eth0

   virtual_router_id 52

    priority 150

    advert_int 1

    authentication{

        auth_typePASS

        auth_pass1112

    }

   virtual_ipaddress {

    10.0.0.4/24 deveth0 label eth0:4

    }

}

#ipvsadm -A -t 10.0.0.3:80 -s wrr -p 20

virtual_server 10.0.0.3 80 {

    delay_loop6         

    lb_algowrr                

    lb_kind DR               

    nat_mask255.255.255.0

   persistence_timeout 50    

    protocolTCP 

             

#ipvsadm -a -t 10.0.0.3:80 -r 10.0.0.7:80 -g -w 1  

    real_server10.0.0.7 80 {

        weight1             

        TCP_CHECK {

       connect_timeout 8      

       nb_get_retry 3

       delay_before_retry 3

       connect_port 80

        }

    }

#ipvsadm -a -t 10.0.0.3:80 -r 10.0.0.8:80 -g -w 1  

    real_server10.0.0.8 80 {

        weight1              

        TCP_CHECK {

       connect_timeout 8      

       nb_get_retry 3

       delay_before_retry 3

       connect_port 80

        }

    }

}

 

8312nginx文件配置

[root@lb02 nginx]# >/application/nginx/conf/nginx.conf

[root@lb02 nginx]# cat/application/nginx/conf/nginx.conf  

worker_processes 1;

error_log logs/error.log;

events {

   worker_connections  1024;

}

http {

    include       mime.types;

   default_type application/octet-stream;

    sendfile        on;

    keepalive_timeout  65;

    upstreamwww_server_pools{

        server172.16.1.7:80 weight=1;

        server172.16.1.8:80 weight=1;

    }

    server {

        listen       10.0.0.3:80;       

       server_name  www.etiantian.org;

        location /{

           proxy_pass http://www_server_pools;

           proxy_set_header Host $host;

           proxy_set_header X-Forwarded-For $remote_addr;

        }

    }

}

 

832测试

[root@lb02 nginx]# /application/nginx/sbin/nginx -t

nginx: the configuration file/application/nginx-1.6.3//conf/nginx.conf syntax is ok

nginx: [emerg] bind() to 10.0.0.3:80 failed (99: Cannotassign requested address)

nginx: configuration file/application/nginx-1.6.3//conf/nginx.conf test failed

#出现这个的原因是当不同的虚拟主机监听了同一个VIP时,如果lb01的keepalived服务关掉了,那么本机的nginx起不来,因为本地没这个10.0.0.3地址。改内核生效,再起nginx即可。

[root@lb02 nginx]# echo 'net.ipv4.ip_nonlocal_bind = 1'>> /etc/sysctl.conf

[root@lb02 nginx]# sysctl -p

[root@lb02 nginx]# /application/nginx/sbin/nginx -t                      

nginx: the configuration file/application/nginx-1.6.3//conf/nginx.conf syntax is ok

nginx: configuration file/application/nginx-1.6.3//conf/nginx.conf test is successful

[root@lb02 nginx]# /application/nginx/sbin/nginx  

[root@lb02 nginx]# netstat -lntup|grep nginx

tcp        0      0 10.0.0.3:80                 0.0.0.0:*                   LISTEN      4229/nginx 

tcp        0      0 10.0.0.3:80                 0.0.0.0:*                   LISTEN      4229/nginx         

[root@lb02 nginx]# /etc/init.d/keepalived start

Starting keepalived:                                       [  OK  ]

[root@lb02 nginx]# ip addr|egrep "10.0.0.3"

#注意这里一定是没有值的,当lb01的keepalived服务关掉,那么IP漂移后是有值的。

[root@lb02 nginx]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  ->RemoteAddress:Port           ForwardWeight ActiveConn InActConn

TCP  10.0.0.3:80wrr persistent 50

  ->10.0.0.7:80                  Route   1     0          0        

  ->10.0.0.8:80                  Route   1      0         0 

 

九、浏览器测试

wKiom1eo0d3g_idWAABCku81AHg029.jpg-wh_50




本文出自 “你可以选择不平凡” 博客,请务必保留此出处http://ylcodes01.blog.51cto.com/5607366/1835939

本页内容版权归属为原作者,如有侵犯您的权益,请通知我们删除。
Linux下用于查看系统当前登录用户信息的4种方法 作为系统管理员,你可能经常会(在某个时候)需要查看系统中有哪些用户正在活动。有些时候,你甚至需要知道他(她)们正在做什么。本文为我们总结了4种查看系统用户信息(通过编号(ID))的方法。 1. 使用w命令查看登录用户正在使用的进程信息 w命令用于显示已经登录系统的用户的名称,以及他们正在做的事。该命令所使用的信息来源于/var/run/utmp文件。w命令输出的信息包括: ?用户名称 ?用户的机器名称或tty号 ?远程主机地址 ?用户登录系统的时间 ?空

Nagios 监控 SNMP 温度计 - 2016-08-22 14:08:41

老板给机房新买了个温度,湿度的感应器,问我能不能整合到Nagios里面。我的回答是No Problem. 首先看看他自带的界面 监控SNMP,首先得知道他的OID是啥,这个界面我可以直接下载MIB文件和对应的EXCEL文档。 下载以后,重命名MIB为txt文件,然后拷贝到我的nagios服务器的/usr/share/snmp/mibs 目录下,然后记得添加到配置文件中 [root@sydnagiosmibs]#pwd/usr/share/snmp/mibs[root@sydnagiosmibs]#lsg*

docker1.12版本的swarm集群特性 - 2016-08-22 14:08:37

docker1.12版本之后集成了swarm模块,直接使用dokcer-engin就能很方便地创建一个docker集群,不用再像以前那样第三方配置。 环境: manager/node1 : swarm_node1 node2 : swarm_node2 1:首先在各节点上安装最新版dokcer #curl-fsSLhttps://test.docker.com/|sh#docker-vDockerversion1.12.0-rc4,builde4a0dbc 2:在node1上初始化一个swarm集群 sw
什么是心脏出血漏洞? CVE-2014-0160,心脏出血漏洞,是一个非常严重的 OpenSSL 漏洞。这个漏洞使得攻击者可以从存在漏洞的服务器上读取64KB大小的内存信息。这些信息中可能包含非常敏感的信息,包括用户请求、密码甚至证书的私钥。 据称,已经有攻击者在某宝上尝试使用漏洞读取数据,在读取200次后,获取了40多个用户名和7个密码。 使用如下的命令查看服务器上的当前版本: openssl version [root@master ~]# openssl version OpenSSL 1.0.1e

Apache运维架构之Apache+PHP - 2016-08-22 14:08:37

当前互联网主流web服务器说明 1、IIS 微软的web服务器 2、apache 中小web服务器主流,web服务器中的老大哥 3、nginx 新兴的web服务器主流 4、tomcat 中小企业动态服务器,互联网java容器主流 5、resin 大型企业动态服务器,互联网java容器主流 apache的特点及应用场合 特点:功能强大,配置简单,速度快,应用广泛,性能稳定可靠,并可做代理服务器和负载均衡 应用场合: 1、使用apache来运行静态html网页,图片,处理静态小文件能力不及nginx 2、使用
shyis最近微软中国Azure更新速度似乎已经超越任何时期了,前两天刚刚更新的Azure云助理,让众多Azure用户实现在移动端灵活的管理Azure资源,相信对于云服务来讲这也是未来不可或缺的管理方式之一。说到管理方式,不得不说微软中国Azure近期更新的另一大神器预览版门户。 说到Azure预览版门户,其实已经不是什么新玩意,毕竟在国际版Azure中已经预览了非常之久了。但对于中国版Azure来说毕竟是一个非常重要的更新,今天给大家带来的就是中国版Azure的预览版介绍以及通过配置固定公网IP作为实例
首先到Github上下载Pyenv相应的一键安装脚本, $curl-Lhttps://raw.githubusercontent.com/yyuu/pyenv-installer/master/bin/pyenv-installer|bash 安装完毕,设置环境变量,设置环境变量,可以添加到个人家目录的.bashrc或.bash_profile及系统的全 局的/etc/profile, #Loadpyenvautomaticallybyadding#thefollowingto~/.bash_profil
nginx网站被持续攻击1个月后最终防攻策略 上上个月架构全部迁移上云以后,总的来说比较稳定,业务量也上来,可爱的坏人也来了,7X24小时不停恶意攻击我的网站, 第一次收到报警是网站流入流量1分钟以内连续3次超过1000000bps,换算下1M/s秒 ,平时没那么大流量的啊,当时刚好在朋友家玩,于赶紧开本本连vpn检查,发现全是访问同一个页面的请求,而且是正常访问http 200,应该是被恶意攻击了。 发现问题 : 发现问题第一反应,赶紧将请求地址截图发给开发们看看,问问这个具体是什么? 最后得知是为短信
这章介绍如何在之前单台后端数据库的基础上建立镜像数据库 Lync Server 后端就是SQL Server 数据库,后端高可用在跟Lync集成后跟以往的高可用配置有所不同, 高可用是一种架构,高可用的架构中,硬件或软件出现故障的情况下继续能够对外提供服务, 高可用分为两种,第一种是故障转移群集(Failover Cluster),主服务器宕机后,切换备用服务器 第二种是网络负载均衡(NLB),NLB最常见的案例就是Web服务器,多台服务器同时分摊用户访问流量 首先说明一下部署条件,我们之前已经介绍过SQ
用户组和权限管理 一、了解和使用批量新建用户和批量修改用户密码: ##用户创建的模板和配置文件的存放位置:/etc/default/useradd;/etc/skel/* ;/etc/login.defs## 批量新建用户(newusers):适合用于新老机器转换时,迁移系统上的用户。 使用格式: newusers passwd filename(.txt格式) ——批量创建用户 命令格式:newuser filename 使用该方法批量创建的新用户其实并没有设置密码的,但使用命令#getent shad