centos7下配置LVS+KeepAlived高可用主备+2台tomcat负载图文篇

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了centos7下配置LVS+KeepAlived高可用主备+2台tomcat负载图文篇相关的知识,希望对你有一定的参考价值。

环境描述:centos7最小化安装

1.环境说明:

名称 IP 说明
master ens33:192.168.0.61 vip:192.168.0.60
backup ens33:192.168.0.62 vip:192.168.0.60
tomcat1 ens33:192.168.0.63 负载
tomcat2 ens33:192.168.0.64 负载

测试机在同网段随意一台均可
tomcat安装详细步骤上一篇文章有详细描述,这里不做赘述。

2.安装ipvsadm(管理工具)+keepalived

[[email protected] ~]# yum -y install ipvsadm keepalived

3.创建lvs主备服务器运行脚本程序

[[email protected] ~]# vim /sbin/lvsdr.sh
#!/bin/bash 
VIP=192.168.0.60
RIP1=192.168.0.63
RIP2=192.168.0.64

/etc/rc.d/init.d/functions
case "$1" in
start)
       echo "start LVS of DirectorServer"
       #Set the Virtual IP Address
       /sbin/ifconfig ens33:1 $VIP broadcast $VIP netmask 255.255.255.255 up
       /sbin/route add -host $VIP dev ens33:1
       #Clear IPVS Table
       /sbin/ipvsadm -C
       #Set Lvs Add route link
       /sbin/ipvsadm -A -t $VIP:8080 -s wrr -p 60
       /sbin/ipvsadm -a -t $VIP:8080 -r $RIP1 -g
       /sbin/ipvsadm -a -t $VIP:8080 -r $RIP2 -g
  #      /sbin/ipvsadm -A -t $VIP:80 -s wrr -p 60
  #     /sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -g
  #     /sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g
       #Run Lvs
       /sbin/ipvsadm
;;
stop)
echo "Close LVS Directorserver"
/sbin/ifconfig ens33:1 down
/sbin/ipvsadm -C
;;
*)
echo "Usage0start|stop"
exit 1
esac

4.添加权限并执行

[[email protected] ~]# chmod 755 /sbin/lvsdr.sh 
[[email protected] ~]# /sbin/lvsdr.sh start

[[email protected] ~]# ipvsadm -ln
查看路由配置结果,如下图则OK
技术图片

5.添加到开机启动

[[email protected] ~]# vim /etc/rc.local
/sbin/lvsdr.sh start  #追加此纪录

6.将配置程序SCP到backup,并执行4、5步骤

[[email protected] ~]# scp /sbin/lvsdr.sh 192.168.0.62:/sbin/lvsdr.sh

7.tomcat1创建real服务器运行脚本程序

[[email protected] ~]# vim /sbin/realdr.sh 

#!/bin/bash
VIP=192.168.0.60
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo "1">/proc/sys/net/ipv4/conf/default/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/default/arp_announce
echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p

8.分配权限并执行

[[email protected] ~]# chmod 755 /sbin/realdr.sh 
[[email protected] ~]# /sbin/realdr.sh start

[[email protected] ~]# ifconfig
可查看到lo:0上已经有了vip地址
(注:最小化安装系统ifconfig命令没有,可yum -y install net-tools进行安装)
技术图片

9.设置此real运行程序自启动

[[email protected] ~]# vim /etc/rc.local
/sbin/realdr.sh start   #追加此内容

10.将此real运行程序scp到tomcat2,并执行8、9步骤

11.配置keepalived

有个好习惯,配置文件之前,将原有文件备份,以免将来需要还原旧文件,可cp一份,存放目录最自己习惯

[[email protected] ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

[[email protected] ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs 
   notification_email 
        [email protected]

   
   notification_email_from [email protected]
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0


vrrp_instance VI_1 
    state MASTER            #主名称
    interface ens33           #注意主机网卡名称
    virtual_router_id 51     #此id主备有所不同
    priority 100                  #backup优先级应小于master
    advert_int 1
    authentication 
        auth_type PASS
        auth_pass 1111
    
    virtual_ipaddress 
         192.168.0.60         #vip地址,多个的话往后续写即可

    


virtual_server 192.168.0.60 8080 
    delay_loop 6
    lb_algo rr                          #轮询算法
    lb_kind DR                       #模式为DR,最常用,效率高
    persistence_timeout 50
    protocol TCP

    real_server 192.168.0.63 8080 
        weight 1
        SSL_GET 
            url 
              path /
              digest ff20ad2481f97b1754ef3e12ecd3a9cc
            
            url 
              path /mrtg/
              digest 9b3a0c85a887a256d6939da88aabd8cd
            
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        
    
    real_server 192.168.0.64 8080 
        weight 1
        SSL_GET 
            url 
              path /
              digest ff20ad2481f97b1754ef3e12ecd3a9cc
            
            url 
              path /mrtg/
              digest 9b3a0c85a887a256d6939da88aabd8cd
            
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        
    


12.将master的keepalived配置文件scp到backup

[[email protected] ~]# scp /etc/keepalived/keepalived.conf 192.168.0.62:/etc/keepalived/keepalived.conf
修改名称、id以及优先级

13.开通防火墙端口,或者关闭防火墙

此为防火墙在开启状态,访问被阻,关闭防火墙或者允许页面端口通过都可以。
实验环境可关闭防火墙:

[[email protected] ~]# systemctl stop firewalld
[[email protected] ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

生产环境建议开启端口即可,增强服务器安全性:

[[email protected] tomcat8]# firewall-cmd --permanent --add-port=8080/tcp
success
[[email protected] tomcat8]# firewall-cmd --reload
success

14.在主备启动keepalived

[[email protected] ~]# systemctl restart keepalived

15.访问vip地址

由于是DR轮询,在访问时候会两个tomcat轮流返回页面,挂掉一台后还有一台承担负荷,不至于全网GG。
技术图片
技术图片

16.模拟master宕机

可关机、断网、停网卡服务、停keepalived服务、防火墙阻止服务/端口……任你飞
[[email protected] ~]# systemctl stop keepalived #这里停掉master上的keepalived服务
监测日志里可看见已经stop:
[[email protected] ~]# tail -f /var/log/messages
技术图片
如下图,页面访问不受影响
技术图片

模拟backup宕机效果一样

17.模拟tomcat1宕机

tomcat1关机后,192.168.0.63:8080已经访问不到,但192.168.0.60:8080页面依然坚挺
技术图片
技术图片
至此,搞定
将问题机器处理OK后启动即可。

以上是关于centos7下配置LVS+KeepAlived高可用主备+2台tomcat负载图文篇的主要内容,如果未能解决你的问题,请参考以下文章

CentOS7构建LVS+Keepalived高可用方案

搭建:LVS+Keepalived高可用Web服务群集环境

LVS+Keepalived高可用集群(CentOS7)

通过LVS+Keepalived实现exchagne2016访问高可用问题

LVS+keepalived 高可用群集

CentOS7.4 构建LVS+Keepalived高可用群集