LVS(DR) + keepalived

该测试共使用4台虚机,配置如下

Hostname IP CPU Memory 网络 作用
test1

实际地址:172.16.186.139/24

集群地址:172.16.186.200/24

1 2 NAT 负载调度器
test2

实际地址:172.16.186.141/24

集群地址:172.16.186.200/24

1 2 NAT NFS
test3

实际地址:172.16.186.142/24

集群地址:172.16.186.200/24

1 2 NAT web1
test5

实际地址:172.16.186.143/24

集群地址:172.16.186.200/24

1 2 NAT web2
test6   1 2 NAT keepalived

 

1、配置NFS服务器

yum -y install  nfs-utils && systemctl start rpcbind

创建共享目录:

mkdir /share && cd /share

vim index.html                         随便输入点什么即可,这里我输入<h1> it's web1 </h1>来做一个标识

修改配置文件,设置个NFS共享

vim /etc/exports

  /share 172.16.186.0/24(rw,sync)

systemctl start nfs

 

2、web1节点上配置

yum -y install  nfs-utils httpd && systemctl start rpcbind

cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0

vim /etc/sysconfig/network-scripts/ifcfg-lo:0

开启子网:ifup lo:0

修改内核参数

vim /etc/sysctl.conf

net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

sysctl -p    #刷新内核参数

 

web1节点上查看:showmount -e 172.16.186.141

web1节点挂载:mount  -t nfs 172.16.186.141:/share   /var/www/html/

卸载:umount /var/www/html

 systemctl start httpd

 

web2节点上配置

yum -y install httpd

cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0

vim /etc/sysconfig/network-scripts/ifcfg-lo:0

开启子网:ifup lo:0

修改内核参数

vim /etc/sysctl.conf

net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

sysctl -p    #刷新内核参数

 

手动配置web2端页面:

echo '<h1> it's web2 </h1>' >>/var/www/html/index.html

systemctl start httpd

 

 

3、负载调度器配置

systemctl stop firewalld && systemctl disable firewalld && iptables -F

setenforce 0 && sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config

cp /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-ens33:0

vim /etc/sysconfig/network-scripts/ifcfg-ens33:0    #ens33网卡原样不动

TYPE="Ethernet"
NAME="ens33:0"
DEVICE="ens33:0"
BOOTPROTO=static
ONBOOT="yes"
IPADDR=172.16.186.200    #186.200是集群地址
PREFIX=24

 

启动ifup ens33:0网卡:ifup ens33:0

报错:

 解决:vim /etc/sysconfig/network-scripts/ifup-eth    #将如下几行注释

 

修改内核参数,用于关闭其他转发机制

echo "net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0">>/etc/sysctl.conf

 

sysctl -p    #刷新一下内核文件

 

安装ipvsadm

ls /mnt/usb1/Packages/|grep ipvsadm    #/mnt/usb1为光盘挂载点

rpm -ivh /mnt/usb1/Packages/ipvsadm-1.27-7.el7.x86_64.rpm

添加集群地址:ipvsadm -A -t 172.16.186.200:80 -s rr  #-t为添加集群地址,-s是设置成轮询

添加节点地址:

ipvsadm -a -t 172.16.186.200:80 -r 172.16.186.142 -g
ipvsadm -a -t 172.16.186.200:80 -r 172.16.186.143 -g

释义:172.16.186.142:80是节点地址和端口,-g是DR模式,没写权重默认是1,权重格式:-w 1

保存上面的策略:ipvsadm -S > 1.ipvs

 

测试:(因为我的宿机是mint系统,所以可以直接打开窗口进行测试)

 

 

 

 

高可用集群LVS + keepalived

keepalived是备份上面配置的负载调度器的, LVS+KEEPALIVED的集群说白了就是当LVS集群宕机后 KEEPALIVED会把所有的请求拿过来继续为客户服务,能让我们的网站或者其他永不间断工作。

在上面配置的基础上在增加一台服务器

wget -c https://www.keepalived.org/software/keepalived-2.0.20.tar.gz

scp keepalived-2.0.20.tar.gz root@172.16.186.139:~      #将包发送到主节点(186.139)上

主节点上配置

yum -y install libnl libnl-devel openssl-devel gcc gcc-c++

tar -zxvf keepalived-2.0.20.tar.gz

cd keepalived-2.0.20

./configure --prefix=/usr/local/keepalived && make && make install

mkdir /etc/keepalived

cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

cp /usr/local/keepalived/sbin/keepalived /etc/init.d

cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
    router_id test_r1                 //本服务器的名称,可自定义
}

vrrp_instance VI_1 {      //定义vrrp热备实例
    state MASTER           //master表示主服务器
    interface ens33                       //承载vip地址的物理接口
    virtual_router_id 51             //虚拟路由器的ID号
    priority 100         //优先级,数值越大优先级越高
    advert_int 1                             //通告间隔秒数(心跳频率)
    authentication {     
        auth_type PASS       //认证类型
        auth_pass 123456   //密码字串
    }
    virtual_ipaddress {
        172.16.186.200    //指定集群的地址
    }
}

virtual_server 172.16.186.200 80 {
    delay_loop 15     //健康检查间隔
    lb_algo rr       //使用轮询调度算法
    lb_kind DR       //DR模式的集群
    persistence_timeout 50  //连接保持的时间
    protocol TCP

    real_server 172.16.186.142 80 {    //各节点的IP+port
        weight 1
    TCP_CHECK {
        connect_port 80
            connect_timeout 3
            retry 3
            delay_before_retry 3
        }
    }
    real_server 172.16.186.143 80 {
        weight 1
    TCP_CHECK {
        connect_port 80
            connect_timeout 3
            retry 3
            delay_before_retry 3
        }
    }
  }
}

启动keepalived:systemctl start keepalived       { restart | stop | status }

查看状态:systemctl status keepalived

 

设置备节点

cp /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-ens33:0

vim /etc/sysconfig/network-scripts/ifcfg-ens33:0

TYPE="Ethernet"
BOOTPROTO="static"
NAME="ens33:0"
DEVICE="ens33:0"
ONBOOT="yes"
IPADDR="172.16.186.200"
PREFIX="24"

 

启动ens33:0 :ifup ens33:0   #如启动时报错,需参考上述修改

修改内核参数信息:
echo "net.ipv4.ip_forward = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0">>/etc/sysctl.conf && sysctl -p

添加集群

安装工具:rpm -ivh /mnt/usb1/Packages/ipvsadm-1.27-7.el7.x86_64.rpm

添加集群:ipvsadm -A -t 172.16.186.200:80 -s rr

添加节点:

ipvsadm -a -t 172.16.186.200:80 -r 172.16.186.142 -g

ipvsadm -a -t 172.16.186.200:80 -r 172.16.186.143 -g

 

配置Keepalived

yum -y install libnl libnl-devel openssl-devel gcc gcc-c++

tar -zxvf keepalived-2.0.20.tar.gz

cd keepalived-2.0.20

./configure --prefix=/usr/local/keepalived && make && make install

mkdir /etc/keepalived

cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

cp /usr/local/keepalived/sbin/keepalived /etc/init.d

cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id test_r2
}

vrrp_instance VI_1 {
    state SLAVE
    interface ens33
    virtual_router_id 66  //ID号和主的一样
    priority 90    //优先级一定要比主的低,数值越大优先级越高
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        172.16.186.200    //集群的地址
    }
}

virtual_server 172.16.186.200 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 50
    protocol TCP

    real_server 172.16.186.142 80 {      //节点的IP+port
        weight 1
    TCP_CHECK {
        connect_port 80
            connect_timeout 3
            retry 3
            delay_before_retry 3
        }
    }
    real_server 172.16.186.143 80 {
        weight 1
    TCP_CHECK {
        connect_port 80
            connect_timeout 3
            retry 3
            delay_before_retry 3
        }
    }
}

 

启动keepalived:systemctl start keepalived

 

现在访问集群IP,都没问题,现在断掉一台服务器的网络在访问集群的IP看能否还能访问.

 

 

 

    欢迎加入QQ群一起讨论Linux、开源等技术

posted @ 2020-09-05 13:29  Linux大魔王  阅读(166)  评论(0编辑  收藏  举报