CentOS 6.3部署LVS(NAT)+keepalived实现高性能高可用负载均衡一、简介VS/NAT原理图：二、系统环境实验拓扑：系统平台：CentOS 6.3Kernel：2.6.32-279.el6.i686LVS版本：ipvsadm-1.26keepalived版本：keepalived-1.2.4三、安装0、安装LVS前系统需要安装popt-static，kernel-devel，make，gcc，openssl-devel，lftp，libnl*，popt*1、在两台Director Server上分别配置LVS+KeepalivedLVS install -------------[root@CentOS-LVS_MASTER ~]# wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz[root@CentOS-LVS_MASTER ~]# ln -s /usr/src/kernels/2.6.32-279.el6.i686//usr/src/linux/[root@CentOS-LVS_MASTER ~]# tar zxvf ipvsadm-1.26.tar.gz[root@CentOS-LVS_MASTER ~]# cd ipvsadm-1.26[root@CentOS-LVS_MASTER ipvsadm-1.26]# make && make installKeepalived install -------------[root@CentOS-LVS_MASTER ~]# wget http://www.keepalived.org/software/keepalived-1.2.4.tar.gz[root@CentOS-LVS_MASTER ~]# tar zxvf keepalived-1.2.4.tar.gz[root@CentOS-LVS_MASTER ~]# cd keepalived-1.2.4[root@CentOS-LVS_MASTER keepalive...

CentOS6.4 配置LVS（DR模式）DR模式中LVS主机与实际服务器都有一块网卡连在同一物理网段上。IP分配VIP:10.10.3.170RIP1:10.10.3.140RIP2:10.10.3.1411、安装所需的依赖包yum install -y wget make kernel-devel gcc gcc-c++ libnl* libpopt* popt-static2、创建一个软链接，防止后面编译安装ipvsadm时找不到系统内核ln -s /usr/src/kernels/2.6.32-358.18.1.el6.x86_64/ /usr/src/linux3、下载安装ipvsadmwget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz tar zxvf ipvsadm-1.26.tar.gz cd ipvsadm-1.26 make && make install4、编写并运行脚本（LVS服务器的脚本）vi lvs.sh#!/bin/bash # 2013-09-07 by kgdxpr VIP=10.10.3.170 RIP1=10.10.3.140 RIP2=10.10.3.141 /etc/rc.d/init.d/functions logger $0 called with $1 case "$1" in start) echo " start LVS of DirectorServer" /sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev eth0:0 echo "1" >/proc/sys/net/ipv4/ip_forward #Clear IPVS table /sbin/ip...

CentOS6.5 LVS + KeepAlived搭建步骤    测试环境架构：  废话不说，开始搭建：           1.创建内核文件的软链接，如果不创建此链接编译ipvsadm将报错            ln -s /usr/src/kernels/2.6.18-308.el5-x86_64/ /usr/src/linux   （2.6.18-308.el5-x86_64：内核版本）      2.下载ipvsadm            wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz       3.安装ipvsadm                        # tar xvf ipvsadm-1.24.tar.gz -C /usr/local/src/            # cd /usr/local/src/ipvsadm-1.24/   ...

SSH/OpenSSH/PortForwarding Parent page: Internet and Networking >> SSH ContentsIntroductionTypes of Port ForwardingLocal Port ForwardingRemote Port ForwardingDynamic Port ForwardingForwarding GUI ProgramsSingle ApplicationsPort Forwarding ExplainedTroubleshootingIntroductionPort forwarding via SSH (SSH tunneling) creates a secure connection between a local computer and a remote machine through which services can be relayed. Because the connection is encrypted, SSH tunneling is useful for transmitting information that uses an unencrypted protocol, such as IMAP, VNC, or IRC. Types of Port ForwardingSSH's port forwarding feature can smuggle various types of Internet traffic into or out of a network. This can be used to avoid network monitoring or sniffers, or bypass badly configured routers on the Internet. Note: You might also need to change the settings in other programs (like your web browser) in order to circumvent the...

XEN: "x0" re-spawning too fast message in DomU consoleThis document (7000048) is provided subject to the disclaimer at the end of this document. EnvironmentNovell SUSE Linux EnterpriseServer 10 Service Pack 1Novell SUSE Linux EnterpriseServer 10 Service Pack 2 SituationSLES 10 SP1 and other some otherLinux distributions may have the following errors.In/var/log/messages:init: Id "x0" respawning toofast: disabled for 5 minutesIn/var/log/messages:Apr 13 17:02:43 bhoward5agetty[8511]: /dev/xvc0: No such file or directoryApr 13 17:02:53 bhoward5agetty[8927]: /dev/xvc0: No such file or directoryApr 13 17:03:03 bhoward5agetty[8929]: /dev/xvc0: No such file or directoryOn the console:init: Id "x0" respawning toofast: disabled for 5 minutesResolutionBetween SLES 10 and SLES 10 SP1,the version of Xen changed. In 3.04. A new console device,/dev/xvc0 was introduced to handle the console. This error is typically seen on DomU's which support "xvc0" but have b...

您所在的组无权查看该日志

LINUX btmp 记录错误登陆日志今天查看了一下服务器，发现/var/log/btmp日志文件比较大，搜索一下，此文件是记录错误登录的日志，就是说有很多人试图使用密码字典登录ssh服务，此日志需要使用lastb程序打开通过此文件发现有几个ip总是试图登录，可以使用防火墙把它屏蔽掉命令如下：iptables -A INPUT -i eth0 -s *.*.*.0/24 -j DROP查看恶意ip试图登录次数：lastb | awk ‘{ print $3}’ | sort | uniq -c | sort -n删除这个日志：rm -rf /var/log/btmptouch /var/log/btmp

Centos7内核的编译升级 在centos7下，内核从3.10.0编译升级到3.16.4的过程。1.安装所需编译工具：# yum install make gcc gcc-c++ openssl openssl--devel ncurses ncurses-devel 2.官网https://www.kernel.org/下载Linux内核包，并解压：# wget -c https://www.kernel.org/pub/linux/kernel/v3.x/linux-3.16.4.tar.xz # tar xvf linux-3.16.4.tar.xz # cd linux-3.16.4 3.清除以前编译产生的文件，如果第一次编译可不用：# make mrproper 4.复制原系统内核配置文件，也可以自定义：# cp /boot/config-3.10.0-123.el7.x86_64 .config 5.内核配置：# make menuconfig scripts/kconfig/mconf Kconfig 配置结束后，保存配置并退出。6.编译内核和模块：# make bzImage # make modules # make modules_install # make install 7.更新grub2：# vim /etc/default/grub GRUB_DEFAULT=yes 修改为 GRUB_DEFAULT=0 # grub2-mkconfig -o /boot/grub2/grub.cfg # reboot 8.重启系统后，检查内核版本：# uname -a Linux centos7 3.16.4 #1 SMP Thu Oct 9 18:42:06 CST 2014 x86_64 x86_64 x86_64 GNU/Linux

 基于DRBD实现高可用MariaDB     一、DRBD简介    DRBD全称Distributed Replicated Block （分布式的复制块设备），开源项目。它是一款基于块设备的文件复制解决方案，速度比文件级别的软件如NFS，samba快很多，而且不会出现单点故障，是很多中小企业的共享存储首选解决方案。    二、DRBD的工作模式   从上图中我们可以清楚的看到DRBD是工作在内核中，将协议建立在buffer cache（内核缓存）与Disk scheduler（磁盘调度器）之间，将上下文传输的二进制数据复制一份，通过tcp/ip协议封装后由网卡发送至另一台DRBD节点上进行数据同步的。   DRBD可以工作在主备（一个节点运行，另一个节点备份）模式，也可以工作在双主（上个节点同时运行）模式，在双主模式下要求必须建立在高可用集群的基础上工作。实现DRBD的必要条件是多个节点上必须准备相同大小相同名称的磁盘或分区。    三、搭建DRBD主备模型    1.准备环境        1）.系统centos6.6；内核2.6.32-504.el6.x86_64        2）.两个节点          &nb...

本文主要讲述如何在Linux（以CentOS6.7为例）环境中搭建VPN（OpenVPN）服务器。  搭建实验环境：实验环境可以通过VMware等虚拟化软件软件模拟，OpenVPN服务端可以单网卡也可以双网卡，单网卡无非就是在原先网卡的基础上配置一个虚拟网卡，此处以双网卡为例。实验环境拓扑图如下： (1)VPN客户端A：Windows 8 + OpenVPN 2.3.4 x86_64-w64-mingw32 [SSL (OpenSSL)] [LZO] [PKCS11] [IPv6] built on Jun  5 2014网卡1:192.168.1.228(2)VPN服务器B：CentOS release 6.7 (Final)Linux localhost.localdomain 2.6.32-573.3.1.el6.x86_64 #1 SMP Thu Aug 13 22:55:16 UTC 2015 x86_64 x86_64 x86_64 GNU/LinuxOpenVPN版本：OpenVPN 2.3.8 (git source)网卡1：192.168.1.182网卡2：10.20.0.129(3)服务器C（用于进一步测试VPN连通性）：网卡1:192.168.1.113（假设没有此地址，此地址与本次实验无关，之所以列出是为了不使读者阅读下面的内容时感到困惑）网卡2：10.20.0.130OpenVPN安装步骤：S1.安装基本软件包，用于编译安装openvpn和解决openvpn相关的依赖包1234567yum -y install gcc gcc-c++    yum -y install a...