一、安裝lamp

????1、安裝httpd（172.16.23.211）

[root@cs1?~]#?yum?install?-y?httpd

????2、安裝php（172.16.23.211）

[root@cs1?~]#?yum?install?-y?php

????3、安裝php-mysql（172.16.23.211）

[root@cs1?~]#?yum?install?-y?php-mysql

????4、安裝mariadb（172.16.23.211 CentOS7）

[root@cs1?~]#?yum?install?-y?mariadb-server

????5、配置MPM模型

????這里我啟用的是event模型

[root@cs1?~]#?cd?/etc/httpd/conf.modules.d/ [root@cs1?conf.modules.d]#?vim?00-mpm.conf #注釋掉prefork，開起event #LoadModule?mpm_prefork_module?modules/mod_mpm_prefork.so LoadModule?mpm_event_module?modules/mod_mpm_event.so

????MPM：多路處理模塊

????????prefork：是多進程模型，每個進程響應一個請求；

????????worker：是多進程多線程模型，一個主進程生成多個子進程，每個子進程負責生個多個線程，每個線程響應一個請求；

????????event：事件驅動模型，每個線程響應n個請求；

????6、配置fast-cgi模塊

????查看模塊是否存在，注意我安裝的是httpd2.4

[root@cs1?conf.modules.d]#?vim?/etc/httpd/conf.modules.d/00-proxy.conf? LoadModule?proxy_fcgi_module?modules/mod_proxy_fcgi.so

????查看模塊是否加載

[root@cs1?conf]#?vim?/etc/httpd/conf/httpd.conf? Include?conf.modules.d/*.conf

????7、修改httpd配置文件

[root@cs1?conf]#?vim?/etc/httpd/conf/httpd.conf? ServerRoot?"/etc/httpd"????#服務器根目錄位置配置文件中沒有使用絕對路徑的地方，都認為是在該目錄下Listen?80????#監聽在80端口Include?conf.modules.d/*.conf????#加載/etc/httd/conf.modules.d/下的.conf文件，所有的模塊都在其中User?apache????#訪問httpd是進程使用的用戶和組 Group?apacheServerAdmin?root@localhost????#管理員郵箱ServerName?cs1.xinfeng.com:80????#主機名<Directory?/>????#限制用戶的目錄訪問權限AllowOverride?noneRequire?all?denied </Directory>DocumentRoot?"/var/www/html"????#url對應的根目錄，這里cs1.xinfeng.com對應的就是這個目錄<Directory?"/var/www">AllowOverride?None#?Allow?open?access:Require?all?granted????#all?granted表示可無條件訪問該目錄 </Directory><Directory?"/var/www/html">????#用于設定在該目錄中哪些特性可用。默認這里有個Indexes選項，作用是當瀏覽器訪問該目錄如果該目錄下沒有默認網頁(如index.html)，那么此時就會返回該目錄下的文件名列表，所以建議取消掉Options?noneAllowOverride?NoneRequire?all?granted </Directory><IfModule?dir_module>????#對指定的模塊進行處理，DirectoryIndex?index.php?index.html </IfModule><Files?".ht*">????#任意目錄下，文件名符合.ht*的文件都會被禁止訪問。Require?all?denied </Files>ErrorLog?"logs/error_log"????#錯誤日志所在位置/etc/httpd/logs/error_log?LogLevel?warn????#錯誤日志級別<IfModule?log_config_module>LogFormat?"%h?%l?%u?%t?\"%r\"?%>s?%b?\"%{Referer}i\"?\"%{User-Agent}i\""?combinedLogFormat?"%h?%l?%u?%t?\"%r\"?%>s?%b"?common<IfModule?logio_module>#?You?need?to?enable?mod_logio.c?to?use?%I?and?%OLogFormat?"%h?%l?%u?%t?\"%r\"?%>s?%b?\"%{Referer}i\"?\"%{User-Agent}i\"?%I?%O"?combinedio</IfModule>CustomLog?"logs/access_log"?combined????#訪問日志的格式和紀錄位置 </IfModule><IfModule?alias_module>????#ScriptAlias會將URL路徑映射到指定目錄，并且讓該目錄具有CGI腳本執行權限（因此CGI腳本都可放置在該目錄下）。ScriptAlias?/cgi-bin/?"/var/www/cgi-bin/" </IfModule><Directory?"/var/www/cgi-bin">????#用于設定在該目錄中哪些特性可用AllowOverride?NoneOptions?NoneRequire?all?granted </Directory><IfModule?mime_module>????#關于mime模塊的設置TypesConfig?/etc/mime.typesAddType?application/x-compress?.ZAddType?application/x-gzip?.gz?.tgzAddType?text/html?.shtmlAddOutputFilter?INCLUDES?.shtmlAddType?application/x-httpd-php??.php????#讓apache能識別php格式的頁面AddType?application/x-httpd-php-source??.phps </IfModule>AddDefaultCharset?UTF-8????#支持的編碼格式為UTF-8<IfModule?mime_magic_module>????MIMEMagicFile?conf/magic </IfModule>EnableSendfile?on????#允許Apache使用系統核心支持的sendfile來傳送文件給客戶端?ProxyRequests?Off????#關閉正向代理 ProxyPassMatch?^/(.*\.php)$?fcgi://127.0.0.1:9000/var/www/html/$1????#把以.php結尾的文件請求發送到php-fpm進程IncludeOptional?conf.d/*.conf????#在/etc/httpd/conf.d目錄下以.conf結尾的配置文件也會被讀取[root@cs1?~]#?httpd?-t????#檢查語法 [root@cs1?conf.modules.d]#?vim?/var/www/html/index.php????#創建一個php文件 <?phpphpinfo(); ?> [root@cs1?conf.modules.d]#?systemctl?start?httpd

????8、安裝配置php-fpm

[root@cs1?~]#?yum?install?php-fpm?-y [root@cs1?~]#?vim?/etc/php-fpm.d/www.conf? listen?=?127.0.0.1:9000????#確保監聽在9000端口 listen.allowed_clients?=?127.0.0.1 [root@cs1?~]#?systemctl?start?php-fpm [root@cs1?conf.modules.d]#?getenforce????#確保selinux關閉 Disabled [root@cs1?conf.modules.d]#?iptables?-F????#清空防火墻規則 [root@cs1?conf.modules.d]#?iptables?-L

????9、安裝配置phpMyAdmin

[root@cs1?~]#?yum?install?-y?phpMyAdmin [root@cs1?~]#?yum?install?php-mbstring?-y [root@cs1?libraries]#?vim?/usr/share/phpMyAdmin/libraries/config.default.php #編輯配置文件 $cfg['PmaAbsoluteUri']?=?'http://172.16.23.211/phpMyAdmin/';??#這里要填入phpMyAdmin所在的路徑，這里也可以寫成'http://cs1.xinfeng.com/phpMyAdmin/'[root@cs1?html]#?vim?/etc/httpd/conf.d/phpMyAdmin.conf? #修改一下幾行 <Directory?/usr/share/phpMyAdmin/>AddDefaultCharset?UTF-8<IfModule?mod_authz_core.c>#?Apache?2.4<RequireAny> #???????Require?ip?127.0.0.1 #???????Require?ip?::1Require?all?granted <Directory?/usr/share/phpMyAdmin/setup/><IfModule?mod_authz_core.c>#?Apache?2.4<RequireAny> #???????Require?ip?127.0.0.1 #???????Require?ip?::1Require?all?granted[root@cs1?~]#?vim?/etc/phpMyAdmin/config.inc.php? $cfg['blowfish_secret']?=?'1342758687478692';????#這里必須要給一個隨機數[root@cs1?html]#?ln?-s?/usr/share/phpMyAdmin?/var/www/html/ #這是將phpMyAdmin鏈接至httpd的根目錄[root@cs1?~]#?systemctl?restart?php-fpm [root@cs1?~]#?systemctl?restart?httpd

進入http://172.16.23.211/phpMyAdmin/????測試能不能打開

進入http://172.16.23.211/index.php????測試能不能打開

????10、配置mysql

[root@cs1?~]#?systemctl?start?mariadb [root@cs1?~]#?mysql MariaDB?[(none)]>?create?database?php;????創建一個叫php的數據庫 Query?OK,?1?row?affected?(0.01?sec) MariaDB?[(none)]>?show?databases; +--------------------+ |?Database???????????| +--------------------+ |?information_schema?| |?mysql??????????????| |?performance_schema?| |?php????????????????| |?test???????????????| +--------------------+ MariaDB?[(none)]>?grant?all?privileges?on?php.*?to?xxoo@'%'?identified?by?'123';????#創建一個xxoo用戶密碼為123，授權給php庫，授權范圍為全網 Query?OK,?0?rows?affected?(0.01?sec) MariaDB?[(none)]>?grant?all?privileges?on?php.*?to?xxoo@localhost?identified?by?'123';????#授權范圍本地 Query?OK,?0?rows?affected?(0.00?sec) MariaDB?[(none)]>?flush?privileges;????#刷新權限 Query?OK,?0?rows?affected?(0.00?sec)

????11、重啟httpd,php-fpm，mariadb進入phpMyadmin測試

[root@cs1?~]#?service?php-fpm?restart [root@cs1?~]#?service?httpd?restart [root@cs1?~]#?service?mariadb?restart

二、基于lamp安裝wordpress

????1、安裝httpd（172.16.23.213）

[root@cs2?~]#?yum?install?httpd?-y

????2、安裝php（172.16.23.213）

[root@cs2?~]#?yum?install?php?-y

????3、安裝php-mysql（172.16.23.213）

[root@cs1?~]#?yum?install?-y?php-mysql

????4、安裝mariadb（172.16.23.213 CentOS7）

[root@cs1?~]#?yum?install?-y?mariadb-server

????5、安裝php-fpm

[root@cs1?~]#?yum?install?php-fpm?-y

????6、安裝phpMyAdmin

[root@cs1?~]#?yum?install?-y?phpMyAdmin [root@cs1?~]#?yum?install?php-mbstring?-y

????7、配置和上面的lamp相同，不創建index.php

????8、下載安裝配置wordpress

[root@cs2?~]#?wget? [root@cs2?~]#?tar?xvf?latest.tar.gz?? [root@cs2?~]#?ls anaconda-ks.cfg??latest.tar.gz??wordpress [root@cs2?~]#?chown?root:root?/root/wordpress????#改權限 [root@cs2?~]#?chown?root:root?/root/wordpress/* [root@cs2?html]#?cp?-a?/root/wordpress/*?/var/www/html/????#將所有文件都復制到documentroot下 [root@cs2?html]#?vim?wp-config-sample.php????#修改配置文件 #我直接使用了php數據庫，你也可以根據需要自己創建 define('DB_NAME',?'php');#數據庫用戶名xxoo define('DB_USER',?'xxoo');#數據庫密碼123 define('DB_PASSWORD',?'123');#數據庫位置，這里我安裝的是本地，也可以指向其他有數據庫的地址 define('DB_HOST',?'127.0.0.1');[root@cs2?html]#?cp?wp-config-sample.php?wp-config.php [root@cs2?html]#?service?httpd?restart [root@cs2?html]#?service?php-fpm?restart

????9、安裝wordpress

在phpmyadmin中給wordpress創建一個數據庫，這里我創建的數據庫是之前在mysql中創建的php，并且授權給了用戶xxoo的

三、基于lamp安裝DiscuzX

????1、安裝httpd（172.16.23.215）

[root@cs2?~]#?yum?install?httpd?-y

????2、安裝php（172.16.23.215）

[root@cs2?~]#?yum?install?php?-y

????3、安裝php-mysql（172.16.23.215）

[root@cs1?~]#?yum?install?-y?php-mysql

????4、安裝mariadb（172.16.23.215 CentOS7）

[root@cs1?~]#?yum?install?-y?mariadb-server

????5、安裝php-fpm

[root@cs1?~]#?yum?install?php-fpm?-y

????6、安裝phpMyAdmin

[root@cs1?~]#?yum?install?-y?phpMyAdmin [root@cs1?~]#?yum?install?php-mbstring?-y

????7、配置方法和lamp一樣，不創建index.php

????8、下載解壓配置DiscuzX

[root@cs3?~]#?wget? [root@cs3?~]#?ls anaconda-ks.cfg??Discuz_X3.2_SC_UTF8.zip [root@cs3?~]#?mkdir?Discuz [root@cs3?~]#?unzip?-d?/root/Discuz/?Discuz_X3.2_SC_UTF8.zip [root@cs3?~]#?cp?-a?/root/Discuz/*?/var/www/html/ [root@cs3?html]#?chmod?-R?777?/var/www/html/upload/*

????9、進入首頁進行配置，注意url

這里因為后續我要用lvs做負載均衡，所以需要把documentroot改一下

[root@cs3?html]#?vim?/etc/httpd/conf/httpd.conf? DocumentRoot?"/var/www/html/upload" <Directory?"/var/www/html/upload"> ProxyPassMatch?^/(.*\.php)$?fcgi://127.0.0.1:9000/var/www/html/upload/$1[root@cs3?html]#?httpd?-t Syntax?OK[root@cs3?html]#?rm?phpmyadmin [root@cs3?html]#?ln?-s?/usr/share/phpMyAdmin/?/var/www/html/upload/phpmyadmin [root@cs3?html]#?service?httpd?restart [root@cs3?html]#?service?php-fpm?restart [root@cs3?html]#?service?mariadb?restart

改了之后的效果

四、keepalive實現lvs-dr

????1、配置phpinfp（192.168.1.107）

#讓服務器忽略來自客戶端計算機的ARP廣播請求，防止服務器回答來自客戶端查找VIP的ARP廣播 #接口可根據實際情況來定義，我這里用的本地回環接口 [root@cs1?~]#?vim?set.sh #!/bin/bash case?$1?in start)echo?1?>?/proc/sys/net/ipv4/conf/all/arp_ignoreecho?1?>?/proc/sys/net/ipv4/conf/lo/arp_ignoreecho?2?>?/proc/sys/net/ipv4/conf/all/arp_announceecho?2?>?/proc/sys/net/ipv4/conf/lo/arp_announce;; stop)echo?0?>?/proc/sys/net/ipv4/conf/all/arp_ignoreecho?0?>?/proc/sys/net/ipv4/conf/lo/arp_ignoreecho?0?>?/proc/sys/net/ipv4/conf/all/arp_announceecho?0?>?/proc/sys/net/ipv4/conf/lo/arp_announce;; esac [root@cs1?~]#?bash?set.sh?start #將腳本傳給另外wordpress和Discuz [root@cs1?~]#?scp?set.sh?192.168.1.114:/root/ [root@cs1?~]#?scp?set.sh?192.168.1.113:/root/ #修改lo接口的ip地址為VIP [root@cs1?~]#?ifconfig?lo:0?192.168.1.33/32?broadcast?192.168.1.33?up #添加路由規則 [root@cs1?~]#?route?add?-host?192.168.1.33?dev?lo:0

????2、配置wordpress(192.168.1.114)

[root@cs2?~]#?bash?set.sh?start #修改lo接口的ip地址為VIP [root@cs2?~]#?ifconfig?lo:0?192.168.1.33/32?broadcast?192.168.1.33?up #添加路由規則 [root@cs2?~]#?route?add?-host?192.168.1.33?dev?lo:0

????3、配置Discuz（192.168.1.113）

[root@cs3?~]#?bash?set.sh?start #修改lo接口的ip地址為VIP [root@cs3?~]#?ifconfig?lo:0?192.168.1.33/32?broadcast?192.168.1.33?up #添加路由規則 [root@cs3?~]#?route?add?-host?192.168.1.33?dev?lo:0

????4、配置director1（192.168.1.112）

#安裝ipvsadm工具 [root@lvs1?~]#?yum?install?-y?ipvsadm#安裝配置keepalived [root@lvs1?~]#?yum?install?keepalived [root@lvs1?~]#?cp?/etc/keepalived/keepalived.conf{,.bak} [root@lvs1?~]#?vim?/etc/keepalived/keepalived.conf !?Configuration?File?for?keepalivedglobal_defs?{notification_email?{root@localhost????#修改郵箱地址}notification_email_from?admin@localhostsmtp_server?127.0.0.1????#修改smtp地址smtp_connect_timeout?30router_id?LVS_DEVEL }vrrp_instance?VI_1?{state?MASTER????#設為主服務器interface?eth0????#端口為et0virtual_router_id?51????#虛擬路由id為51priority?100????#優先級為100advert_int?1authentication?{auth_type?PASSauth_pass?68978103????#給以個隨機數}virtual_ipaddress?{192.168.1.33/32????#VIP地址} }virtual_server?192.168.1.33?80?{????#定義VIPdelay_loop?6lb_algo?rr????#lvs算法為rrlb_kind?DR????#lvs模式為DRnat_mask?255.255.255.255????#子網掩碼protocol?TCPreal_server?192.168.1.107?80?{????#phpinfo的地址weight?1????#權重為1TCP_CHECK?{???#使用HTTP方式測試connect_timeout?3????nb_get_retry?3delay_before_retry?3connect_port?80????#檢測80端口}}real_server?192.168.1.114?80?{????#wordpress的地址weight?1TCP_CHECK?{?connect_timeout?3nb_get_retry?3delay_before_retry?3connect_port?80}}real_server?192.168.1.113?80?{????#discuz的地址weight?1TCP_CHECK?{?connect_timeout?3nb_get_retry?3delay_before_retry?3connect_port?80}} }#將編輯好的keepalived.conf傳給lvs2（192.168.1.111） [root@lvs1?~]#?scp?/etc/keepalived/keepalived.conf?192.168.1.111:/etc/keepalived/ #啟動keepalived [root@lvs1?~]#?service?keepalived?start

????5、配置director2（192.168.1.111）

#安裝keepalived [root@lvs2?~]#?yum?install?keepalived #編輯剛才從director1傳來的配置文件中的2項即可 [root@lvs2?~]#?vim?/etc/keepalived/keepalived.conf vrrp_instance?VI_1?{state?BACKUP????#這里改為BACKUPinterface?eth0virtual_router_id?51priority?99????#這里將優先級改為99 #啟動keepalived [root@lvs2?~]#?service?keepalived?start

????6、使用tcpdump抓包查看

#使用tcpdump抓包查看是否成功 [root@lvs1?~]#?tcpdump?-i?eth0?-nn?host?192.168.1.111 tcpdump:?verbose?output?suppressed,?use?-v?or?-vv?for?full?protocol?decode listening?on?eth0,?link-type?EN10MB?(Ethernet),?capture?size?65535?bytes 05:57:17.255964?ARP,?Request?who-has?192.168.1.111?tell?192.168.1.113,?length?46 05:57:17.255975?ARP,?Reply?192.168.1.111?is-at?00:0c:29:63:cc:d8,?length?46 05:57:18.243218?IP?192.168.1.111.38941?>?192.168.1.113.80:?Flags?[S],?seq?468244056,?win?14600,?options?[mss?1460,sackOK,TS?val?17008837?ecr?0,nop,wscale?5],?length?0 05:57:18.243230?IP?192.168.1.113.80?>?192.168.1.111.38941:?Flags?[S.],?seq?137965257,?ack?468244057,?win?28960,?options?[mss?1460,sackOK,TS?val?45829659?ecr?17008837,nop,wscale?6],?length?0 05:57:18.243417?IP?192.168.1.111.38941?>?192.168.1.113.80:?Flags?[.],?ack?1,?win?457,?options?[nop,nop,TS?val?17008838?ecr?45829659],?length?0 05:57:18.243503?IP?192.168.1.111.38941?>?192.168.1.113.80:?Flags?[R.],?seq?1,?ack?1,?win?457,?options?[nop,nop,TS?val?17008838?ecr?45829659],?length?0 05:57:20.563328?IP?192.168.1.111.44763?>?192.168.1.107.80:?Flags?[S],?seq?1861279836,?win?14600,?options?[mss?1460,sackOK,TS?val?17011157?ecr?0,nop,wscale?5],?length?0 05:57:20.563338?IP?192.168.1.107.80?>?192.168.1.111.44763:?Flags?[S.],?seq?1361632953,?ack?1861279837,?win?28960,?options?[mss?1460,sackOK,TS?val?45255624?ecr?17011157,nop,wscale?6],?length?0 05:57:20.563500?IP?192.168.1.111.44763?>?192.168.1.107.80:?Flags?[.],?ack?1,?win?457,?options?[nop,nop,TS?val?17011158?ecr?45255624],?length?0 05:57:20.563504?IP?192.168.1.111.44763?>?192.168.1.107.80:?Flags?[R.],?seq?1,?ack?1,?win?457,?options?[nop,nop,TS?val?17011158?ecr?45255624],?length?0 05:57:20.917067?IP?192.168.1.111.57732?>?192.168.1.114.80:?Flags?[S],?seq?950098347,?win?14600,?options?[mss?1460,sackOK,TS?val?17011511?ecr?0,nop,wscale?5],?length?0 05:57:20.917506?IP?192.168.1.114.80?>?192.168.1.111.57732:?Flags?[S.],?seq?145530752,?ack?950098348,?win?28960,?options?[mss?1460,sackOK,TS?val?45926618?ecr?17011511,nop,wscale?6],?length?0 05:57:20.918642?IP?192.168.1.111.57732?>?192.168.1.114.80:?Flags?[.],?ack?1,?win?457,?options?[nop,nop,TS?val?17011512?ecr?45926618],?length?0 05:57:20.918650?IP?192.168.1.111.57732?>?192.168.1.114.80:?Flags?[R.],?seq?1,?ack?1,?win?457,?options?[nop,nop,TS?val?17011513?ecr?45926618],?length?0 #查看ip是否配置成功 [root@lvs1?~]#?ip?addr 1:?lo:?<LOOPBACK,UP,LOWER_UP>?mtu?16436?qdisc?noqueue?state?UNKNOWN?link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00inet?127.0.0.1/8?scope?host?loinet6?::1/128?scope?host?valid_lft?forever?preferred_lft?forever 2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000link/ether?00:0c:29:52:50:3e?brd?ff:ff:ff:ff:ff:ffinet?192.168.1.112/24?brd?192.168.1.255?scope?global?eth0inet?192.168.1.33/32?scope?global?eth0inet6?fe80::20c:29ff:fe52:503e/64?scope?link?valid_lft?forever?preferred_lft?forever #用ipvsadm查看規則是否添加成功 [root@lvs1?~]#?ipvsadm?-L?-n IP?Virtual?Server?version?1.2.1?(size=4096) Prot?LocalAddress:Port?Scheduler?Flags->?RemoteAddress:Port???????????Forward?Weight?ActiveConn?InActConn TCP??192.168.1.33:80?rr->?192.168.1.107:80?????????????Route???1??????0??????????0?????????->?192.168.1.113:80?????????????Route???1??????0??????????0?????????->?192.168.1.114:80?????????????Route???1??????0??????????0 #我停掉192.168.1.112這臺lvs1的keepalived服務實驗一下 [root@lvs1?~]#?service?keepalived?stop #進入192.168.1.111查看 [root@lvs2?~]#?ip?addr 1:?lo:?<LOOPBACK,UP,LOWER_UP>?mtu?16436?qdisc?noqueue?state?UNKNOWN?link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00inet?127.0.0.1/8?scope?host?loinet6?::1/128?scope?host?valid_lft?forever?preferred_lft?forever 2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000link/ether?00:0c:29:63:cc:d8?brd?ff:ff:ff:ff:ff:ffinet?192.168.1.111/24?brd?192.168.1.255?scope?global?eth0inet?192.168.1.33/32?scope?global?eth0inet6?fe80::20c:29ff:fe63:ccd8/64?scope?link?valid_lft?forever?preferred_lft?forever You?have?new?mail?in?/var/spool/mail/root#可以看到地址成功切換出去了

????7、分別停到phpinfo、wordpress、discuz的httpd服務測試一下

停掉192.168.1.107和192.168.1.113的httpd

停掉192.168.1.114和192.168.1.113的httpd

停掉192.168.1.107和192.168.1.114的httpd

測試成功

五、keepalive實現lvs-nat

????1、配置phpinfo（172.16.23.211）

#配置網關 [root@cs1?~]#?route?add?default?gw?172.16.23.10 [root@cs1?~]#?bash?set.sh?start

????2、配置wordpress（172.16.23.213）

#配置網關 [root@cs2?~]#?route?add?default?gw?172.16.23.10 [root@cs2?~]#?bash?set.sh?start

????3、配置discuz（172.16.23.215）

#配置網關 [root@cs3?~]#?route?add?default?gw?172.16.23.10 [root@cs3?~]#?bash?set.sh?start

????4、配置director1(172.16.25.24)

#打開路由轉發 [root@lvs1?~]#?echo?"1">/proc/sys/net/ipv4/ip_forward [root@lvs1?~]#?vim?/etc/sysctl.conf net.ipv4.ip_forward?=?1 [root@lvs1?~]#?sysctl?-p #開起第二個網卡 [root@lvs1?~]#ifconfig?eth1?up #配置keepalived [root@lvs1?~]#?vim?/etc/keepalived/keepalived.conf !?Configuration?File?for?keepalivedglobal_defs?{notification_email?{root@localhost}notification_email_from?admin@localhostsmtp_server?127.0.0.1smtp_connect_timeout?30router_id?LVS_1 } vrrp_sync_group?VG_1?{????#注意這里將DIP的別名和VIP定義為一個組，這樣才能使兩個地址同進退group?{VI_1VI_2} } vrrp_instance?VI_1?{????#這里定義VIPstate?MASTERinterface?eth1virtual_router_id?53priority?100advert_int?1authentication?{auth_type?PASSauth_pass?68978103}virtual_ipaddress?{172.16.23.33} } vrrp_instance?VI_2?{????#這里定義DIP別名state?MASTERinterface?eth0virtual_router_id?63priority?100advert_int?1authentication?{auth_type?PASSauth_pass?68978103}virtual_ipaddress?{172.16.23.10} } virtual_server?172.16.23.33?80?{delay_loop?6lb_algo?wrrlb_kind?NATnat_mask?255.255.255.255protocol?TCPreal_server?172.16.23.211?80?{weight?1TCP_CHECK?{connect_timeout?3nb_get_retry?3delay_before_retry?3connect_port?80}}real_server?172.16.23.213?80?{weight?1TCP_CHECK?{connect_timeout?3nb_get_retry?3delay_before_retry?3connect_port?80}}real_server?172.16.23.215?80?{weight?1TCP_CHECK?{connect_timeout?3nb_get_retry?3delay_before_retry?3connect_port?80}} } #啟動keepadlived [root@lvs1?~]#?service?keepalived?start

????5、配置director2(172.16.25.83)

[root@lvs2?~]#?echo?"1">/proc/sys/net/ipv4/ip_forward [root@lvs2?~]#?vim?/etc/sysctl.conf net.ipv4.ip_forward?=?1 [root@lvs2?~]#?sysctl?-p [root@lvs2?~]#ifconfig?eth2?up [root@lvs2?~]#?vim?/etc/keepalived/keepalived.conf !?Configuration?File?for?keepalivedglobal_defs?{notification_email?{root@localhost}notification_email_from?admin@localhostsmtp_server?127.0.0.1smtp_connect_timeout?30router_id?LVS_2 } vrrp_sync_group?VG_1?{group?{VI_1VI_2} } vrrp_instance?VI_1?{state?BACKUPinterface?eth2virtual_router_id?53priority?99advert_int?1authentication?{auth_type?PASSauth_pass?68978103}virtual_ipaddress?{172.16.23.33} } vrrp_instance?VI_2?{state?BACKUPinterface?eth0virtual_router_id?63priority?99advert_int?1authentication?{auth_type?PASSauth_pass?68978103}virtual_ipaddress?{172.16.23.10} } virtual_server?172.16.23.33?80?{delay_loop?6lb_algo?wrrlb_kind?NATnat_mask?255.255.255.255protocol?TCPreal_server?172.16.23.211?80?{weight?1TCP_CHECK?{connect_timeout?3nb_get_retry?3delay_before_retry?3connect_port?80}}real_server?172.16.23.213?80?{weight?1TCP_CHECK?{connect_timeout?3nb_get_retry?3delay_before_retry?3connect_port?80}}real_server?172.16.23.215?80?{weight?1TCP_CHECK?{connect_timeout?3nb_get_retry?3delay_before_retry?3connect_port?80}} }#啟動keepalived [root@lvs2?~]#?service?keepalived?start

????6、查看是否配置成功

[root@lvs2?~]#?ipvsadm?-L?-n IP?Virtual?Server?version?1.2.1?(size=4096) Prot?LocalAddress:Port?Scheduler?Flags->?RemoteAddress:Port???????????Forward?Weight?ActiveConn?InActConn TCP??172.16.23.33:80?wrr->?172.16.23.211:80?????????????Masq????1??????0??????????0?????????->?172.16.23.213:80?????????????Masq????1??????0??????????0?????????->?172.16.23.215:80?????????????Masq????1??????0??????????0 [root@lvs1?~]#?ip?addr 1:?lo:?<LOOPBACK,UP,LOWER_UP>?mtu?16436?qdisc?noqueue?state?UNKNOWN?link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00inet?127.0.0.1/8?scope?host?loinet6?::1/128?scope?host?valid_lft?forever?preferred_lft?forever 2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000link/ether?00:0c:29:52:50:3e?brd?ff:ff:ff:ff:ff:ffinet?172.16.25.24/16?brd?172.16.255.255?scope?global?eth0inet?172.16.23.33/32?scope?global?eth0inet6?fe80::20c:29ff:fe52:503e/64?scope?link?valid_lft?forever?preferred_lft?forever 3:?eth1:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000link/ether?00:0c:29:52:50:48?brd?ff:ff:ff:ff:ff:ffinet?172.16.23.10/32?scope?global?eth1inet6?fe80::20c:29ff:fe52:5048/64?scope?link?valid_lft?forever?preferred_lft?forever [root@lvs2?~]#?ip?addr 1:?lo:?<LOOPBACK,UP,LOWER_UP>?mtu?16436?qdisc?noqueue?state?UNKNOWN?link/loopback?00:00:00:00:00:00?brd?00:00:00:00:00:00inet?127.0.0.1/8?scope?host?loinet6?::1/128?scope?host?valid_lft?forever?preferred_lft?forever 2:?eth0:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000link/ether?00:0c:29:63:cc:d8?brd?ff:ff:ff:ff:ff:ffinet?172.16.25.83/16?brd?172.16.255.255?scope?global?eth0inet?172.16.23.33/32?scope?global?eth0inet6?fe80::20c:29ff:fe63:ccd8/64?scope?link?valid_lft?forever?preferred_lft?forever 3:?eth2:?<BROADCAST,MULTICAST,UP,LOWER_UP>?mtu?1500?qdisc?pfifo_fast?state?UP?qlen?1000link/ether?00:0c:29:63:cc:e2?brd?ff:ff:ff:ff:ff:ffinet?172.16.23.10/32?scope?global?eth2inet6?fe80::20c:29ff:fe63:cce2/64?scope?link?valid_lft?forever?preferred_lft?forever #可以看到已經可以自由轉換了

六、keepalive實現lvs-tun

????lvs-tun特點：

????????不修改請求報文的ip首部，而是通過在原有的ip首部（cip<-->vip）之外，再封裝一個ip首部(dip<-->rip)

????????????(1) RIP, DIP, VIP全得是公網地址

????????????(2) RS的網關的不能指向DIP

????????????(3) 請求報文必須經由director調度，但響應報文必須不能經由director

????????????(4) 不支持端口映射

????????????(5) RS的OS必須支持隧道功能

七、keepalive實現lvs-fullnat

????lvs-fullnat特點：

????????director通過同時修改請求報文的目標地址和源地址進行轉發

????????????(1) VIP是公網地址；RIP和DIP是私網地址，二者無須在同一網絡中

????????????(2) RS接收到的請求報文的源地址為DIP，因此要響應給DIP

????????????(3) 請求報文和響應報文都必須經由Director

????????????(4) 支持端口映射機制

????????????(5) RS可以使用任意OS

八、lvs調度算法

????lvs調度算法分為兩類，一類為靜態算法，一類為動態算法。

????????靜態算法：根據算法本身進行調度

????????????RR：輪詢

????????????WRR：加權的輪詢

????????????SH：實現session保持的機制；將來自于同一個IP的請求始終調度至同一RS

????????????DH：將對同一個目標的請求始終發往同一個RS

????????動態算法：根據算法及各RS的當前負載狀態進行調度

? ? ? ? ? ? LC：最少連接數，那臺連接數最少就調度哪臺

????????????WLC：加權最少連接數

????????????SED：最短期望延遲

????????????NQ：SED算法的改進；

????????????LBLC：動態的DH算法；

????????????LBLCR：帶復制功能的LBLC算法；

九、tcpdump的使用

????tcpdump是一款抓包工具，用來監聽指定網絡接口的數據包流向

????直接使用tcpdump會監聽第一個網絡接口的數據流向

????選項：

????????-nn：直接以IP和端口號顯示，而非主機名與服務名稱
????????-i ：后面接要監聽的網絡端口，例如eth0,lo等
????????-w ：將監聽的數據包結果儲存下來，后面文件名
????????-c ：監聽的數據包數量，如果不接這個參數，tcpdump會持續不斷的監聽，直到輸入ctrl+c為止
????????-A ：數據包的內容以ASCII碼顯示，通常用來捉取網頁數據包
????????-e ：用mac地址來顯示數據包
????????-q ：僅列出較為簡短的數據包結果，每一行的內容比較精簡
????????-X ：可以列出十六進制以及ASCII碼的數據包內容，對于監聽數據包內容很有用
????????-r ：將之前存好的數據包文件讀出來

????關鍵字：

????????第一種是要監聽的目標類型的關鍵字，主要包括host，net，port，如果不指定默認是host

????????第二種是確定傳輸方向的關鍵字，主要包括src（來源），dst（目標）

????????第三種是協議的關鍵字，主要包括fddi，ip，arp，rarp，tcp，udp

????????其他重要的關鍵字：gateway， broadcast，less， greater，

????????三種邏輯運算：

? ? ? ? ? ? 非：可以用not也可以用 !?

? ? ? ? ? ? 與：可以用and也可以用&&

? ? ? ? ? ? 或：用or

#tcpdump?-i?eth0?-nn?host?192.168.1.111 分析之前使用的這個命令 監聽主機192.168.1.111的th0網卡所流過的所有數據包，顯示數據包的ip和端口

十、總結

????1、創建基于lamp的RS服務器

????2、在DR服務器上用keepalived配置ipvs規則

????keepalived是用來實現lvs高可用的，而lvs是用來實現RS服務器負載均衡的

????3、利用tcpdump抓包來查看keepalived下lvs服務器的數據包的流向

轉載于:https://blog.51cto.com/xsllqs/1774181

總結

以上是生活随笔為你收集整理的keepalived实现lvs高可用并负载均衡lamp的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。