1、需要增加443端口调度
ipvsadm -A -t 172.16.1.100:443 -s rr
ipvsadm -a -t 172.16.1.100:443 -r 172.16.1.5:443
ipvsadm -a -t 172.16.1.100:443 -r 172.16.1.6:443
ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.1.100:80 rr
-> 172.16.1.5:80 Route 1 1 1
-> 172.16.1.6:80 Route 1 1 1
TCP 172.16.1.100:443 rr
-> 172.16.1.5:443 Route 1 0 0
-> 172.16.1.6:443 Route 1 0 0
2、路由进行443端口映射
iptables -t nat -A PREROUTING -d 10.0.0.200 -p tcp --dport 443 -j DNAT --to 172.16.1.100:443
3、keepalived+master
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
priority 200
interface eth1
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.1.100
}
}
# 配置集群地址访问的IP+Port
virtual_server 172.16.1.100 80 {
# 健康检查的时间,单位:秒
delay_loop 6
# 配置负载均衡的算法
lb_algo rr
# 设置LVS的模式 NAT|TUN|DR
lb_kind DR
# 设置会话持久化的时间
#persistence_timeout 30
# 设置协议
protocol TCP
# 负载均衡后端的真实服务节点RS-1
real_server 172.16.1.5 80 {
# 权重配比设置为1
weight 1
# 设置健康检查
TCP_CHECK {
# 检测后端80端口
connect_port 80
# 超时时间
connect_timeout 3
# 重试次数2次
nb_get_retry 2
# 间隔时间3s
delay_beefore_retry 3
}
}
# 负载均衡后端的真实服务节点RS-2
real_server 172.16.1.6 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 2
delay_beefore_retry 3
}
}
}
# 配置集群地址访问的IP+Port
virtual_server 172.16.1.100 443 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.16.1.5 443 {
weight 1
TCP_CHECK {
connect_port 443
connect_timeout 3
nb_get_retry 2
delay_beefore_retry 3
}
}
real_server 172.16.1.6 443 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 2
delay_beefore_retry 3
}
}
}
4、keepalived+backup
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
priority 150
interface eth1
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.1.100
}
}
# 配置集群地址访问的IP+Port
virtual_server 172.16.1.100 80 {
# 健康检查的时间,单位:秒
delay_loop 6
# 配置负载均衡的算法
lb_algo wlc
# 设置LVS的模式 NAT|TUN|DR
lb_kind DR
# 设置协议
protocol TCP
# 负载均衡后端的真实服务节点RS-1
real_server 172.16.1.5 80 {
# 权重配比设置为1
weight 1
# 设置健康检查
TCP_CHECK {
# 检测后端80端口
connect_port 80
# 超时时间
connect_timeout 3
# 重试次数2次
nb_get_retry 2
# 间隔时间3s
delay_beefore_retry 3
}
}
# 负载均衡后端的真实服务节点RS-2
real_server 172.16.1.6 80 {
# 权重配比设置为1
weight 1
# 设置健康检查
TCP_CHECK {
# 检测后端80端口
connect_port 80
# 超时时间
connect_timeout 3
# 重试次数2次
nb_get_retry 2
# 间隔时间3s
delay_beefore_retry 3
}
}
}
# 配置集群地址访问的IP+Port
virtual_server 172.16.1.100 443 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.16.1.5 443 {
weight 1
TCP_CHECK {
connect_port 443
connect_timeout 3
nb_get_retry 2
delay_beefore_retry 3
}
}
real_server 172.16.1.6 443 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 2
delay_beefore_retry 3
}
}
}
