LVS-DR+keepalive做高可用,实现负载均衡(主备模式)

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了LVS-DR+keepalive做高可用,实现负载均衡(主备模式)相关的知识,希望对你有一定的参考价值。

LVS:

    LVS是Linux Virtual Server的简写,意即Linux虚拟服务器,是一个虚拟的服务器集群系统。

    LVS集群采用IP负载均衡技术和基于内容请求分发技术。调度器具有很好的吞吐率,将请求均衡地转

移到不同的服务器上执行,且调度器自动屏蔽掉服务器的故障,从而将一组服务器构成一个高性能的、

高可用的虚拟服务器。整个服务器集群的结构对客户是透明的,而且无需修改客户端和服务器端的程

序。为此,在设计时需要考虑系统的透明性、可伸缩性、高可用性和易管理性。

    其中,LVS有三种工作模式:

    1、NAT模式(VS-NAT)

    把客户端发来的数据包的IP头的目的地址,在负载均衡器上换成其中一台RS的IP地址,并发至此RS

来处理,RS处理完成后把数据交给经过负载均衡器,负载均衡器再把数据包的原IP地址改为自己的IP,将

目的地址改为客户端IP地址即可期间,无论是进来的流量,还是出去的流量,都必须经过负载均衡器

    2、IP隧道模式(VS-TUN)

    由于互联网上的大多Internet服务的请求包很短小,而应答包通常很大,所以,隧道模式就是把客

户端发来的数据包,封装一个新的IP头标记(仅目的IP)发给RS,RS收到后,先把数据包的头解开,还原数据

包,处理后,直接返回给客户端,不需要再经过负载均衡器注意,由于RS需要对负载均衡器发过来的数据包

进行还原,所以必须支持IPTUNNEL协议,因此在RS的内核中,必须要编译IPTUNNEL这个选项。

    3、直接路由模式(VS-DR)

    负载均衡器和RS都使用同一个IP对外服务但只有DR对ARP请求进行响应,所有RS对本身这个IP的ARP

请求保持静默也就是说,网关会把对这个服务IP的请求全部定向给DR,而DR收到数据包后根据调度算法,

找出对应的RS,把目的MAC地址改为RS的MAC(因为IP一致)并将请求分发给这台RS这时RS收到这个数据

包,处理完成之后,由于IP一致,可以直接将数据返给客户,则等于直接从客户端收到这个数据包无异,

处理后直接返回给客户端由于负载均衡器要对二层包头进行改换,所以负载均衡器和RS之间必须在一个

广播域,也可以简单的理解为在同一台交换机上


keepalive:

    简单一点来说,keepalive就是一个在TCP中可以检测死连接的机制。


搭建环境(CentOS 7)


拓扑图如下:

技术分享

说明:

        主机         ip        角色
        LVS-1      10.0.0.11  LVS-DR+keepalive     (LVS主调度器)


 

   vip:10.0.0.100

        LVS-2      10.0.0.12  LVS-DR+keepalive     (LVS从调度器)
        web-1      10.0.0.13     web服务器
        web-2      10.0.0.14     web服务器


配置实验环境:


1、先分别给各台主机配好ip,关闭SELinux,在这里我把防火墙也关闭了,为防止时间不同步,我们也

可以同步一下时间。

     ##同步时间:

    yum install -y ntpdate
    crontab -e
    * * * * * ntpdate -u 0.pool.ntp.org >> /dev/null

接下来就是开始安装和配置服务了。


2、作为web服务器的两台主机,我用yum的方式装Apache作为web服务器,这里就不写配置httpd服务的具体过程了(两台机的配置都是一样的)。

    ##开启路由转发。

   echo "1">/proc/sys/net/ipv4/ip_forward

    ##绑定VIP(如果不想每次重启失效,可以选择写进网卡里

   ifconfig ens33:0 10.0.0.100 broadcast 10.0.0.100 netmask 255.255.255.255 up

    ##添加发送数据包到vip的路由

   route add -host 10.0.0.100 dev ens33:0

    ##抑制ARP请求

    echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
    echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce 
    echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
    echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

    到此web服务器就已经配置完毕了,接下来就是配置LVS调度器了。


3、LVS调度器的配置

   两台LVS调度器除了keepalive配置文件和ip地址不一样之外,其他配置都是一样的。

   ##开启路由转发。

   echo "1">/proc/sys/net/ipv4/ip_forward

    ##安装相关软件包

   yum install -y keepalived ipvsadm

    ##配置keepalive(因为keepalived是为了lvs而生的,所以我们可以直接用keepalived直接配置lvs

的DR模型)

##主LVS调度器的keepalive配置文件

[[email protected] ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {                ##全局设置 
   notification_email {      ##设置报警邮件地址 
     [email protected]  
   }  
   notification_email_from [email protected]  ##设置邮件的发送地址
   smtp_server localhost  
   smtp_connect_timeout 30  
   router_id  LVS-1         ##表示该台服务的ID
} 

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51      ##master和backup的id一致
    priority 150              ##优先级,master的一定比backup的高
    advert_int 1              ##master和backup之间的检测时间
    authentication {
        auth_type PASS        ##认证方式
        auth_pass 123456      ##认证密码
    }
    virtual_ipaddress {
        10.0.0.100            ##设置vip
    }
}

virtual_server 10.0.0.100 80 { 
   delay_loop 6                 ##设置运行情况检查时间,单位是秒
   lb_algo rr                   ##负载算法,这里是rr表示轮询  
   lb_kind DR                   ##定义模式,这里是Direct route
   persistence_timeout 0        ##会话保存时长(秒),0表示不使用stickyness会话
   protocol TCP                 
   sorry_server 127.0.0.1 80    ##假如后端服务器都不能使用了,则访问本机的80端口
   real_server 10.0.0.13 80 {   
       weight 1                      
        HTTP_GET {               ##以http模式检查该服务器监控状态
            url { 
              path /index.html   ##检测的网页路径
            }
            connect_timeout 3     ##连接超时时间
            nb_get_retry 3        ##重试次数
            delay_before_retry 3  ##每次重试前等待延迟时间
        }       
   }
   real_server 10.0.0.14 80 {    
       weight 1
        HTTP_GET {
            url { 
              path /index.html
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }        
   }
}
##从LVS调度器的keepalive配置文件

[[email protected] ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {                ##全局设置 
   notification_email {      ##设置报警邮件地址 
     [email protected]  
   }  
   notification_email_from [email protected]  ##设置邮件的发送地址
   #smtp_server localhost  
   #smtp_connect_timeout 30  
   router_id  LVS-2         ##表示该台服务的ID
} 
vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51      ##master和backup的id一致
    priority 100              ##优先级,master的一定比backup的高
    advert_int 1              ##master和backup之间的检测时间
    authentication {
        auth_type PASS        ##认证方式
        auth_pass 123456      ##认证密码
    }
    virtual_ipaddress {
        10.0.0.100            ##设置vip
    }
}
virtual_server 10.0.0.100 80 { 
   delay_loop 6                 ##设置运行情况检查时间,单位是秒
   lb_algo rr                   ##负载算法,这里是rr表示轮询  
   lb_kind DR                   ##定义模式,这里是Direct route
   persistence_timeout 0        ##会话保存时长(秒),0表示不使用stickyness会话
   protocol TCP                 
   sorry_server 127.0.0.1 80    ##假如后端服务器都不能使用了,则访问本机的80端口
   real_server 10.0.0.13 80 {   
       weight 1                      
        HTTP_GET {               ##以http模式检查该服务器监控状态
            url { 
              path /index.html   ##检测的网页路径
            }
            connect_timeout 3     ##连接超时时间
            nb_get_retry 3        ##重试次数
            delay_before_retry 3  ##每次重试前等待延迟时间
        }       
   }
   real_server 10.0.0.14 80 {    
       weight 1
        HTTP_GET {
            url { 
              path /index.html
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }        
   }
}

注:如果要配置非抢占模式,则两个都为BACKUP:
    state BACKUP
    nopreempt   ##这一句一定要加上去


4、启动keepalive服务,由于主调度器的优先级比从调度器的要高,所以vip在主机LVS-1上。


主机LVS-1(主LVS调度器

[[email protected] ~]# systemctl restart keepalived

[[email protected] ~]# systemctl status keepalived

keepalived.service - LVS and VRRP High Availability Monitor

   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)

   Active: active (running) since Wed 2017-10-25 23:09:44 CST; 6s ago

  Process: 1173 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)

 Main PID: 1174 (keepalived)

   CGroup: /system.slice/keepalived.service

           ├─1174 /usr/sbin/keepalived -D

           ├─1175 /usr/sbin/keepalived -D

           └─1176 /usr/sbin/keepalived -D


Oct 25 23:09:46 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:46 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:46 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:46 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

[[email protected] ~]# ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:1d:7a:63 brd ff:ff:ff:ff:ff:ff

    inet 10.0.0.11/24 brd 10.0.0.255 scope global ens33

       valid_lft forever preferred_lft forever

    inet 10.0.0.100/32 scope global ens33

       valid_lft forever preferred_lft forever

    inet6 fe80::f87c:449f:eb4a:ba03/64 scope link 

       valid_lft forever preferred_lft forever



主机LVS-2(从LVS调度器)

[[email protected] ~]# systemctl restart keepalived   

[[email protected] ~]# systemctl status keepalived   

keepalived.service - LVS and VRRP High Availability Monitor

   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)

   Active: active (running) since Wed 2017-10-25 23:13:46 CST; 2s ago

  Process: 1189 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)

 Main PID: 1190 (keepalived)

   CGroup: /system.slice/keepalived.service

           ├─1190 /usr/sbin/keepalived -D

           ├─1191 /usr/sbin/keepalived -D

           └─1192 /usr/sbin/keepalived -D


Oct 25 23:13:46 lvs-2 Keepalived_healthcheckers[1191]: Activating healthchecker for service [10.0.0.100]:80

Oct 25 23:13:46 lvs-2 Keepalived_healthcheckers[1191]: Activating healthchecker for service [10.0.0.100]:80

Oct 25 23:13:46 lvs-2 Keepalived_vrrp[1192]: Registering Kernel netlink reflector

Oct 25 23:13:46 lvs-2 Keepalived_vrrp[1192]: Registering Kernel netlink command channel

Oct 25 23:13:46 lvs-2 Keepalived_vrrp[1192]: Registering gratuitous ARP shared channel

Oct 25 23:13:46 lvs-2 Keepalived_vrrp[1192]: Opening file ‘/etc/keepalived/keepalived.conf‘.

Oct 25 23:13:46 lvs-2 Keepalived_vrrp[1192]: VRRP_Instance(VI_1) removing protocol VIPs.

Oct 25 23:13:46 lvs-2 Keepalived_vrrp[1192]: Using LinkWatch kernel netlink reflector...

Oct 25 23:13:46 lvs-2 Keepalived_vrrp[1192]: VRRP_Instance(VI_1) Entering BACKUP STATE

Oct 25 23:13:46 lvs-2 Keepalived_vrrp[1192]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]

[[email protected] ~]# ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:76:bf:48 brd ff:ff:ff:ff:ff:ff

    inet 10.0.0.12/24 brd 10.0.0.255 scope global ens33

       valid_lft forever preferred_lft forever

    inet6 fe80::8ec5:50ac:d71:20d7/64 scope link 

       valid_lft forever preferred_lft forever

    inet6 fe80::f87c:449f:eb4a:ba03/64 scope link tentative dadfailed 

       valid_lft forever preferred_lft forever



5、正常访问web网页测试


    在这里我另外开了一台虚拟机用来做访问web服务的,当两台LVS调度器都正常的时候,能够正常访

问到web页面

[[email protected] ~]# curl 10.0.0.100                   
It is web1
[[email protected] ~]# curl 10.0.0.100
It is web2
[[email protected] ~]# curl 10.0.0.100
It is web1
[[email protected] ~]# curl 10.0.0.100
It is web2
[[email protected] ~]# curl 10.0.0.100
It is web1
[[email protected] ~]# curl 10.0.0.100
It is web2


6、当把主LVS调度器(即主机LVS-1)的keepalive服务停掉了之后,我们可以看到vip飘到了从调度器

(主机LVS-2)上去了。


从LVS调度器(主机LVS-2)

[[email protected] ~]# systemctl status keepalived 

keepalived.service - LVS and VRRP High Availability Monitor

   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)

   Active: active (running) since Wed 2017-10-25 23:13:46 CST; 13min ago

  Process: 1189 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)

 Main PID: 1190 (keepalived)

   CGroup: /system.slice/keepalived.service

           ├─1190 /usr/sbin/keepalived -D

           ├─1191 /usr/sbin/keepalived -D

           └─1192 /usr/sbin/keepalived -D


Oct 25 23:27:10 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:10 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:10 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:10 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:15 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:15 lvs-2 Keepalived_vrrp[1192]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 10.0.0.100

Oct 25 23:27:15 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:15 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:15 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:15 lvs-2 Keepalived_vrrp[1192]: Sending gratuitous ARP on ens33 for 10.0.0.100

[[email protected] ~]# ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:76:bf:48 brd ff:ff:ff:ff:ff:ff

    inet 10.0.0.12/24 brd 10.0.0.255 scope global ens33

       valid_lft forever preferred_lft forever

    inet 10.0.0.100/32 scope global ens33

       valid_lft forever preferred_lft forever

    inet6 fe80::8ec5:50ac:d71:20d7/64 scope link 

       valid_lft forever preferred_lft forever

    inet6 fe80::f87c:449f:eb4a:ba03/64 scope link tentative dadfailed 

       valid_lft forever preferred_lft forever


主LVS调度器(主机LVS-1)

[[email protected] ~]# systemctl stop keepalived

[[email protected] ~]# systemctl status keepalived

keepalived.service - LVS and VRRP High Availability Monitor

   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)

   Active: inactive (dead)


Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:09:51 lvs-1 Keepalived_vrrp[1176]: Sending gratuitous ARP on ens33 for 10.0.0.100

Oct 25 23:27:09 lvs-1 Keepalived[1174]: Stopping

Oct 25 23:27:09 lvs-1 systemd[1]: Stopping LVS and VRRP High Availability Monitor...

Oct 25 23:27:09 lvs-1 Keepalived_vrrp[1176]: VRRP_Instance(VI_1) sent 0 priority

Oct 25 23:27:09 lvs-1 Keepalived_vrrp[1176]: VRRP_Instance(VI_1) removing protocol VIPs.

Oct 25 23:27:10 lvs-1 systemd[1]: Stopped LVS and VRRP High Availability Monitor.

[[email protected] ~]# ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:1d:7a:63 brd ff:ff:ff:ff:ff:ff

    inet 10.0.0.11/24 brd 10.0.0.255 scope global ens33

       valid_lft forever preferred_lft forever

    inet6 fe80::f87c:449f:eb4a:ba03/64 scope link 

       valid_lft forever preferred_lft forever


当vip从主调度器飘到从调度器上时,还能正常访问web页面

[[email protected] ~]# curl 10.0.0.100
It is web1
[[email protected] ~]# curl 10.0.0.100
It is web2
[[email protected] ~]# curl 10.0.0.100
It is web1
[[email protected] ~]# curl 10.0.0.100
It is web2
[[email protected] ~]# curl 10.0.0.100
It is web1
[[email protected] ~]# curl 10.0.0.100
It is web2


    这次有关LVS-DR+keepalive做高可用,实现负载均衡的实验就写到这了,如果有写得不好的地方请

见谅。。。







本文出自 “YuQuan” 博客,请务必保留此出处http://3381847248.blog.51cto.com/13408601/1976219

以上是关于LVS-DR+keepalive做高可用,实现负载均衡(主备模式)的主要内容,如果未能解决你的问题,请参考以下文章

LVS-NAT与LVS-DR群集+keepalive部署(含LVS+Keepalived+ipvsadm理论概述)

LVS+Keepalived实现高可用

双主模型高可用负载均衡集群的实现(keepalived+lvs-dr)

基于LVS-DR模型实现keepalived的主从架构

nginx+keepalive实现负载均衡高可用

nginx+keepalive 实现高可用负载均衡方案