目錄
1、概述
2、director腳本
3、real server腳本
4、總結
1、概述
LVS的DR類型是在生產環境中運用比較多的部署類型,後端real server服務器的上線、下線的配置比較繁瑣,所以可利用bash腳本來完成。本博客基於http://zhaochj.blog.51cto.com/368705/1650198中“虛擬服務VS/DR類型實現”的部份整理了兩個腳本,一個是在director上執行,一個在各real server上執行的腳本。
2、director腳本
[root@HAPROXY scripts]# vim vs_dr
#!/bin/sh
#Program: This script set vs/dr.
#Author: zhaochj
#Date: 2015-05-11
#Version: 1.0
#chkconfig: 235 90 120
# Source function library.
source /etc/init.d/functions
# declare variables
VIP=192.168.0.222
RIP1=192.168.0.201
RIP2=192.168.0.202
PORT=80
RSWEIGHT1=1
RSWEIGHT2=1
# iptables set
iptables -F
iptables -X
iptables -Z
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i eth+ -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp -d $VIP --dport 80 -j ACCEPT
# set director
case "$1" in
start)
echo "1" > /proc/sys/net/ipv4/ip_forward
ifconfig eth0:0 $VIP netmask 255.255.255.0 up
ipvsadm -C
ipvsadm -A -t $VIP:$PORT -s wlc
ipvsadm -a -t $VIP:$PORT -r $RIP1:$PORT -g -w $RSWEIGHT1
ipvsadm -a -t $VIP:$PORT -r $RIP2:$PORT -g -w $RSWEIGHT2
touch /var/lock/subsys/lvs-dr.lock & > /dev/null
echo "VS/DR is starting"
;;
stop)
echo "0" > /proc/sys/net/ipv4/ip_forward
ifconfig eth0:0 down
ipvsadm -C
rm /var/lock/subsys/lvs-dr.lock
echo "VS/DR is stoped"
;;
status)
[ -e /var/lock/subsys/lvs-dr.lock ] && ipvsadm -L -n || echo "VS/DR is not running"
;;
*)
echo "Usage $0 {start|stop|status}"
;;
esac3、real server腳本
[root@slave scripts]# vim dr_rs
#!/bin/sh
#Program: This script is set VS/DR real server
#Author: zhaochj
#Date: 2015-05-11
#Version: 1.0
#chkconfig: 235 86 130
# Source function library
source /etc/init.d/functions
# declare variables
VIP=192.168.0.222
PORT=80
# iptables set
iptables -F
iptables -X
iptables -Z
iptables -P INPUT DROP
iptables -P OUTPUT ACCEPT
iptables -P FORWARD DROP
iptables -A INPUT -i lo -j ACCEPT
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -p icmp --icmp-type 8 -j ACCEPT
iptables -A INPUT -p tcp --dport 22 -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
# set real server
case "$1" in
start)
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP up
route add -host $VIP dev lo:0
echo "VS/DR real server running"
;;
stop)
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
route del -host $VIP
ifconfig lo:0 down
echo "VS/DR/real server stoped"
;;
status)
Lostat=`ifconfig lo:0 | grep $VIP`
Return=`echo $?`
[ $Return != "0" ] && echo "VS/DR real server stoped" || echo "VS/DR real server running"
;;
*)
echo "Usage $0{start|stop|status}"
;;
esac4、總結
利用腳本把繁瑣的工作簡單化,而且執行效率更高,只要把腳本測試好,還能避免一些誤操作。