网络服务高可用及负载均衡2——CentOS7系统网络组
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了网络服务高可用及负载均衡2——CentOS7系统网络组相关的知识,希望对你有一定的参考价值。
前几天刚给大家分享过CentOS6系统下如何实现双网卡绑定同一IP以达到网络负载均衡以及高可用性。很多人肯定也在想,在CentOS7系统下如何实现了,那么今天就给大家大家分享一下如何使用CentOS7系统的网络组来实现同样的效果了。网络组是将多个网卡聚合在一起,从而实现冗错和提高吞吐量的一种技术手段,但它不同于旧版中bonding技术,提供更好的性能和扩展性,网络组由内核驱动和teamd守护进程实现。接下来就给大家展示一下如何实现。
一、环境需求
交换机设备:两台支持动态链聚合功能的交换机或者一台普通交换机
网卡设备:两张网卡
操作操作:Centos7.2
二、模式介绍
broadcast — Simple runner which directs the team device to transmit packets via all ports.
roundrobin — Simple runner which directs the team device to transmits packets in a round-robin fashion.
activebackup — Watches for link changes and selects active port to be used for data transfers.
loadbalance — To do passive load balancing, runner only sets up BPF hash function which will determine
port for packet transmit. To do active load balancing, runner moves hashes among available ports trying
to reach perfect balance.
lacp — Implements 802.3ad LACP protocol. Can use same Tx port selection possibilities as loadbalance
runner.
三、具体创建步骤
第一步:创建网络组文件team0
nmcli con add type team con-name team0 config ‘{"runner":{"name":"activebackup","hwaddr_policy":"by_active"}}‘
[[email protected] network-scripts]# nmcli dev status
DEVICE TYPE STATE CONNECTION
virbr0 bridge connected virbr0
eno16777728 ethernet connected eno16777728
eno33554960 ethernet connected Wired connection 1
virbr0-nic tap connected virbr0-nic
lo loopback unmanaged --
[[email protected] network-scripts]# nmcli con add type team con-name team0 config ‘{"runner":{"name":"activebackup","hwaddr_policy":"by_active"}}‘
Connection ‘team0‘ (527769ff-02de-411c-9b26-2725a74cd6e9) successfully added.
[[email protected] network-scripts]#
我这里创建的是活动-备份策略,但我这里额外指定了一个"hwaddr_policy":"by_active",我也看过很多博主都写过这个活动备份策略,但从来没看到有人指出过这个选项,事实上要想得到双网卡其中之一故障热替换,不添加这个选项是实现不了的。所以能看到本人博文的同仁们,你们是幸福的(因为本人研究这个选项花了一天半的时间才得出这个结论)
第二步:给team0配置静态IP以及网关,开机自启动
[[email protected] network-scripts]# nmcli con mod team0 connection.autoconnect yes ipv4.method manual ipv4.addresses "10.1.254.254/16" ipv4.gateway "10.1.0.1"
[[email protected] network-scripts]# cat ifcfg-team0
nmcli的配置会在/etc/sysconfig/network-scripts下面生产配置文件ifcfg-team*文件,可以直接查看配置结果
[[email protected] network-scripts]# cat ifcfg-team0
DEVICE=team0
TEAM_CONFIG="{\"runner\":{\"name\":\"activebackup\",\"hwaddr_policy\":\"by_active\"}}"
DEVICETYPE=Team
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=team0
UUID=c1726372-479f-4ebe-aa12-7e76d702ddd0
ONBOOT=yes
IPADDR=10.1.254.254
PREFIX=16
GATEWAY=10.1.0.1
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
[[email protected] network-scripts]#
第三步:为team0创建两个端口文件
nmcli con add type team-slave con-name team0-port# ifname eno######## master team0
创建port1文件
[[email protected] network-scripts]# nmcli con add type team-slave con-name team0-port1 ifname eno16777728 master team0
Connection ‘team0-port1‘ (a88c6e0c-5f0c-4d24-a285-2089f7a6e68b) successfully added.
创建port2文件
[[email protected] network-scripts]# nmcli con add type team-slave con-name team0-port2 ifname eno33554960 master team0
Connection ‘team0-port2‘ (a103239b-0980-4e63-a465-bc90a8b0958b) successfully added.
[[email protected] network-scripts]#
第四步:启动网络组 nmcli con up team#
nmcli con up team0——>nmcli con up team0-port1——>nmcli con up team0-port2
[[email protected] network-scripts]# nmcli con up team0
[[email protected] network-scripts]# nmcli con up team0
Connection successfully activated (master waiting for slaves) (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/5)
[[email protected] network-scripts]# nmcli con up team0-port1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/6)
[[email protected] network-scripts]# nmcli con up team0-port2
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/7)
[[email protected] network-scripts]#
第五步:查看配置后的最终效果
查看网络组的当前运行状态
[[email protected] Desktop]# teamdctl team0 state
setup:
runner: activebackup
ports:
eno16777728
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
eno33554960
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: eno16777728
[[email protected] Desktop]# ifconfig
查看网卡的配置详情
[[email protected] Desktop]# ifconfig
eno16777728: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:0c:29:06:f9:87 txqueuelen 1000 (Ethernet)
RX packets 1463 bytes 105137 (102.6 KiB)
RX errors 0 dropped 121 overruns 0 frame 0
TX packets 79 bytes 5744 (5.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eno33554960: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
ether 00:0c:29:06:f9:91 txqueuelen 1000 (Ethernet)
RX packets 1510 bytes 108863 (106.3 KiB)
RX errors 0 dropped 126 overruns 0 frame 0
TX packets 214 bytes 17571 (17.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 16 bytes 1072 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 16 bytes 1072 (1.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
team0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.1.254.254 netmask 255.255.0.0 broadcast 10.1.255.255
inet6 fe80::20c:29ff:fe06:f991 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:06:f9:87 txqueuelen 0 (Ethernet)
RX packets 2000 bytes 117274 (114.5 KiB)
RX errors 0 dropped 247 overruns 0 frame 0
TX packets 293 bytes 22841 (22.3 KiB)
TX errors 0 dropped 3 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether 52:54:00:3a:39:12 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[[email protected] Desktop]#
第六步:随意禁用其中一块网卡,测试网络是否具有高可用性
禁用port1(网卡一),查看ping的过程中是否丢包(正常情况下会丢3-4包)
[[email protected] network-scripts]# nmcli dev dis eno16777728
Device ‘eno16777728‘ successfully disconnected.
[[email protected] network-scripts]# teamdctl team0 state
setup:
runner: activebackup
ports:
eno33554960
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: eno33554960
[[email protected] network-scripts]#
启用port1,禁用port2(网卡二),继续观察ping的过程(正常情况下会丢3-4包)
[[email protected] network-scripts]# nmcli con up team0-port1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11)
[[email protected] network-scripts]# nmcli dev dis eno33554960
Device ‘eno33554960‘ successfully disconnected.
[[email protected] network-scripts]# teamdctl team0 state
setup:
runner: activebackup
ports:
eno16777728
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
runner:
active port: eno16777728
[[email protected] network-scripts]#
第七步:如果要想更改用其它策略,直接去修改一下ifcfg-team0文件最为简单(注意TEAM_CONFIG=...一行的改变)
[[email protected] network-scripts]# cat ifcfg-team0
DEVICE=team0
TEAM_CONFIG="{\"runner\":{\"name\":\"roundrobin\"}}"
DEVICETYPE=Team
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=team0
UUID=c1726372-479f-4ebe-aa12-7e76d702ddd0
ONBOOT=yes
IPADDR=10.1.254.254
PREFIX=16
GATEWAY=10.1.0.1
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
[[email protected] network-scripts]#
禁用网卡一——>禁用网卡二——>关闭team0连接——>重新启用team0——>启用port1——>启用port2
查看更改后的效果(这里修改成了roundrobin轮转策略,需要两张网卡分别接在两台支持动态链聚合的交换机上才能体验得出来轮转的效果,虚拟机是无法验证的)
[[email protected] network-scripts]# teamdctl team0 state
setup:
runner: roundrobin
ports:
eno16777728
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
eno33554960
link watches:
link summary: up
instance[link_watch_0]:
name: ethtool
link: up
down count: 0
[[email protected] network-scripts]#
四、注意事项
启动网络组接口不会自动启动网络组中的port接口
启动网络组接口中的port接口不会自动启动网络组接口
禁用网络组接口会自动禁用网络组中的port接口
没有port接口的网络组接口可以启动静态IP连接
启用DHCP连接时,没有port接口的网络组会等待port接口的加入
本文出自 “爱情防火墙” 博客,请务必保留此出处http://183530300.blog.51cto.com/894387/1851388
以上是关于网络服务高可用及负载均衡2——CentOS7系统网络组的主要内容,如果未能解决你的问题,请参考以下文章
Centos7+Nginx+Keepalived实现Apache服务的高可用&负载均衡
Centos7搭建HAproxy+Nginx+NFS负载均衡实现高可用集群