LVS(DR) + keepalived
该测试共使用4台虚机,配置如下
Hostname | IP | CPU | Memory | 网络 | 作用 |
test1 |
实际地址:172.16.186.139/24 集群地址:172.16.186.200/24 |
1 | 2 | NAT | 负载调度器 |
test2 |
实际地址:172.16.186.141/24 集群地址:172.16.186.200/24 |
1 | 2 | NAT | NFS |
test3 |
实际地址:172.16.186.142/24 集群地址:172.16.186.200/24 |
1 | 2 | NAT | web1 |
test5 |
实际地址:172.16.186.143/24 集群地址:172.16.186.200/24 |
1 | 2 | NAT | web2 |
test6 | 1 | 2 | NAT | keepalived |
1、配置NFS服务器
yum -y install nfs-utils && systemctl start rpcbind
创建共享目录:
mkdir /share && cd /share
vim index.html 随便输入点什么即可,这里我输入<h1> it's web1 </h1>来做一个标识
修改配置文件,设置个NFS共享
vim /etc/exports
/share 172.16.186.0/24(rw,sync)
systemctl start nfs
2、web1节点上配置
yum -y install nfs-utils httpd && systemctl start rpcbind
cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
vim /etc/sysconfig/network-scripts/ifcfg-lo:0
开启子网:ifup lo:0
修改内核参数
vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
sysctl -p #刷新内核参数
web1节点上查看:showmount -e 172.16.186.141
web1节点挂载:mount -t nfs 172.16.186.141:/share /var/www/html/
卸载:umount /var/www/html
systemctl start httpd
web2节点上配置
yum -y install httpd
cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
vim /etc/sysconfig/network-scripts/ifcfg-lo:0
开启子网:ifup lo:0
修改内核参数
vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
sysctl -p #刷新内核参数
手动配置web2端页面:
echo '<h1> it's web2 </h1>' >>/var/www/html/index.html
systemctl start httpd
3、负载调度器配置
systemctl stop firewalld && systemctl disable firewalld && iptables -F
setenforce 0 && sed -i "s/SELINUX=enforcing/SELINUX=disabled/" /etc/selinux/config
cp /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-ens33:0
vim /etc/sysconfig/network-scripts/ifcfg-ens33:0 #ens33网卡原样不动
TYPE="Ethernet"
NAME="ens33:0"
DEVICE="ens33:0"
BOOTPROTO=static
ONBOOT="yes"
IPADDR=172.16.186.200 #186.200是集群地址
PREFIX=24
启动ifup ens33:0网卡:ifup ens33:0
报错:
解决:vim /etc/sysconfig/network-scripts/ifup-eth #将如下几行注释
echo "net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0">>/etc/sysctl.conf
sysctl -p #刷新一下内核文件
安装ipvsadm
ls /mnt/usb1/Packages/|grep ipvsadm #/mnt/usb1为光盘挂载点
rpm -ivh /mnt/usb1/Packages/ipvsadm-1.27-7.el7.x86_64.rpm
添加集群地址:ipvsadm -A -t 172.16.186.200:80 -s rr #-t为添加集群地址,-s是设置成轮询
添加节点地址:
ipvsadm -a -t 172.16.186.200:80 -r 172.16.186.142 -g
ipvsadm -a -t 172.16.186.200:80 -r 172.16.186.143 -g
释义:172.16.186.142:80是节点地址和端口,-g是DR模式,没写权重默认是1,权重格式:-w 1
保存上面的策略:ipvsadm -S > 1.ipvs
测试:(因为我的宿机是mint系统,所以可以直接打开窗口进行测试)
高可用集群LVS + keepalived
keepalived是备份上面配置的负载调度器的, LVS+KEEPALIVED的集群说白了就是当LVS集群宕机后 KEEPALIVED会把所有的请求拿过来继续为客户服务,能让我们的网站或者其他永不间断工作。
在上面配置的基础上在增加一台服务器
wget -c https://www.keepalived.org/software/keepalived-2.0.20.tar.gz
scp keepalived-2.0.20.tar.gz root@172.16.186.139:~ #将包发送到主节点(186.139)上
主节点上配置
yum -y
install
libnl libnl-devel openssl-devel gcc gcc-c++
tar -zxvf keepalived-2.0.20.tar.gz
cd keepalived-2.0.20
./configure --prefix=/usr/local/keepalived && make
&&
make
install
mkdir
/etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/sbin/keepalived /etc/init.d
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id test_r1 //本服务器的名称,可自定义
}
vrrp_instance VI_1 { //定义vrrp热备实例
state MASTER //master表示主服务器
interface ens33 //承载vip地址的物理接口
virtual_router_id 51 //虚拟路由器的ID号
priority 100 //优先级,数值越大优先级越高
advert_int 1 //通告间隔秒数(心跳频率)
authentication {
auth_type PASS //认证类型
auth_pass 123456 //密码字串
}
virtual_ipaddress {
172.16.186.200 //指定集群的地址
}
}
virtual_server 172.16.186.200 80 {
delay_loop 15 //健康检查间隔
lb_algo rr //使用轮询调度算法
lb_kind DR //DR模式的集群
persistence_timeout 50 //连接保持的时间
protocol TCP
real_server 172.16.186.142 80 { //各节点的IP+port
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.16.186.143 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
}
启动keepalived:systemctl start keepalived { restart | stop | status }
查看状态:systemctl status keepalived
设置备节点
cp /etc/sysconfig/network-scripts/ifcfg-ens33 /etc/sysconfig/network-scripts/ifcfg-ens33:0
vim /etc/sysconfig/network-scripts/ifcfg-ens33:0
TYPE="Ethernet"
BOOTPROTO="static"
NAME="ens33:0"
DEVICE="ens33:0"
ONBOOT="yes"
IPADDR="172.16.186.200"
PREFIX="24"
启动ens33:0 :ifup ens33:0 #如启动时报错,需参考上述修改
修改内核参数信息:
echo "net.ipv4.ip_forward = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0">>/etc/sysctl.conf && sysctl -p
添加集群
安装工具:rpm -ivh /mnt/usb1/Packages/ipvsadm-1.27-7.el7.x86_64.rpm
添加集群:ipvsadm -A -t 172.16.186.200:80 -s rr
添加节点:
ipvsadm -a -t 172.16.186.200:80 -r 172.16.186.142 -g
ipvsadm -a -t 172.16.186.200:80 -r 172.16.186.143 -g
配置Keepalived
yum -y
install
libnl libnl-devel openssl-devel gcc gcc-c++
tar -zxvf keepalived-2.0.20.tar.gz
cd keepalived-2.0.20
./configure --prefix=/usr/local/keepalived && make
&&
make
install
mkdir
/etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/sbin/keepalived /etc/init.d
cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id test_r2
}
vrrp_instance VI_1 {
state SLAVE
interface ens33
virtual_router_id 66 //ID号和主的一样
priority 90 //优先级一定要比主的低,数值越大优先级越高
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
172.16.186.200 //集群的地址
}
}
virtual_server 172.16.186.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 172.16.186.142 80 { //节点的IP+port
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.16.186.143 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
启动keepalived:systemctl start keepalived
现在访问集群IP,都没问题,现在断掉一台服务器的网络在访问集群的IP看能否还能访问.
欢迎加入QQ群一起讨论Linux、开源等技术