lvs-dr+keepalived

Posted 北极菜鸟

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了lvs-dr+keepalived相关的知识,希望对你有一定的参考价值。

一、       环境准备

主机名

Ip地址

系统版本

           ha1

192.168.138.13

Centos7.3

ha2

192.168.138.14

Centos7.3

           Rs1

192.168.138.15

Centos7.3

           Rs2 

192.168.138.16

Centos7.3

测试机器

192.168.138.17

Ubuntu

 

  1. 关闭防火墙和selinux
  2. 时间同步
  3. 更改主机名

[[email protected] ~]# cat >> /etc/hosts << EOF

> 192.168.138.13     ha1

> 192.168.138.14     ha2

> 192.168.138.15     rs1

> 192.168.138.16     rs2

> EOF

重启之后才生效

当前生效: [[email protected] ~]# hostnamectl set-hostname ha1

  1. 在ha1和ha2 上安装 lvs,keepalived

#yum install ipvsadm keepalived –y

  1. 在rs1和rs2上安装httpd

#yum install httpd –y

二、       配置realserver(rs1,rs2上操作)

1.配置web测试主页

[[email protected] ~]# echo "web5 test page! " >> /var/www/html/index.html

[[email protected] ~]# echo "web6 test page! " >> /var/www/html/index.html

2.启动并设开机自启动

[[email protected] ~]# systemctl start httpd

[[email protected] ~]# systemctl eable httpd

3.测试访问web页面

[[email protected] ~]# curl http://192.168.138.15

[[email protected] ~]# curl http://192.168.138.16

           4.rs端arp抑制(DR 模式)

         如果不抑制, 广播消息会通过物理网卡到达真实服务器,而真实服务器上有VIP,所以,会响应此请求

          抑制后,前端路由将请求发往VIP时,只能是Dirctor上的VIP

   解决方法:修改Linux内核参数,将RS上的VIP配置为lo接口的别名,限制Linux仅对对应接口的ARP请求做响应

手动:

#Vim  /etc/sysctl.conf

net.ipv4.conf.lo.arp_ignore=1

net.ipv4.conf.lo.arp_announce=2

net.ipv4.conf.all.arp_ignore=1

net.ipv4.conf.all.arp_announce=2
脚本(自动):

[[email protected] ~]# vim /etc/init.d/lvs_rs

#!/bin/sh

 

# Startup script handle the initialisation of LVS

# chkconfig: - 28 72

# description: Initialise the Linux Virtual Server for DR

#

### BEGIN INIT INFO

# Provides: ipvsadm

# Required-Start: $local_fs $network $named

# Required-Stop: $local_fs $remote_fs $network

# Short-Description: Initialise the Linux Virtual Server

# Description: The Linux Virtual Server is a highly scalable and highly

#   available server built on a cluster of real servers, with the load

#   balancer running on Linux.

# description: start LVS of DR-RIP

LOCK=/var/lock/ipvsadm.lock

VIP=192.168.138.10

. /etc/rc.d/init.d/functions

start() {

     PID=`ifconfig | grep lo:10 | wc -l`

     if [ $PID -ne 0 ];

     then

         echo "The LVS-DR-RIP Server is already running !"

     else

         /sbin/ifconfig lo:10 $VIP netmask 255.255.255.255 broadcast $VIP up

         /sbin/route add -host $VIP dev lo:10

         echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore       # 1– 只回答目标IP地址是来访网络接口本地地址的ARP查询请求

         echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce   # 2-限制了使用本地的vip地址作为优先的网络接口

         echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

         echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

         /bin/touch $LOCK

            echo "starting LVS-DR-RIP server is ok !"

     fi

}

 

stop() {

         /sbin/route del -host $VIP dev lo:10

         /sbin/ifconfig lo:10 down  >/dev/null

         echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore

         echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce

         echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore

         echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce

         rm -rf $LOCK

         echo "stopping LVS-DR-RIP server is ok !"

}

 

status() {

     if [ -e $LOCK ];

     then

        echo "The LVS-DR-RIP Server is already running !"

     else

        echo "The LVS-DR-RIP Server is not running !"

     fi

}

 

case "$1" in

  start)

        start

        ;;

  stop)

        stop

        ;;

  restart)

        stop

        start

        ;;

  status)

        status

        ;;

  *)

        echo "Usage: $1 {start|stop|restart|status}"

        exit 1

esac

exit 0

 增加执行权限

[[email protected] ~]# chmod +x /etc/init.d/lvs_rs

添加为系统服务

[[email protected] ~]# chkconfig --add lvs_rs

设置为开机自启动

[[email protected] ~]# chkconfig lvs_rs on

启动

[[email protected] ~]# systemctl start lvs_rs

查看状态

[[email protected] ~]# systemctl status lvs_rs

查看vip 是否绑定

[[email protected] ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet 192.168.138.10/32 brd 192.168.138.10 scope global lo:10

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:a6:ca:72 brd ff:ff:ff:ff:ff:ff

    inet 192.168.138.15/24 brd 192.168.138.255 scope global ens33

       valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fea6:ca72/64 scope link

       valid_lft forever preferred_lft forever

三、       配置keepalived

[[email protected] ~]# cd /etc/keepalived/

[[email protected] keepalived]# ls

keepalived.conf

备份

[[email protected] keepalived]# cp keepalived.conf{,.bak}

配置   /etc/keepalived/keepalived.conf 文件

  ! Configuration File for keepalived

global_defs {                               

  notification_email {

[email protected]

}

notification_email_from [email protected]

smtp_server 127.0.0.1

smtp_connect_timeout 30

 router_id LVS_1

}

vrrp_instance VI_1 {                 //实例配置

  state MASTER                        //MASTER或BACKUP

  interface ens33                       //网卡接口

  lvs_sync_daemon_interface ens33

  virtual_router_id 51                //虚拟路由id

  priority                           //优先级

  advert_int 1

  authentication {                    //认证

    auth_type PASS

    auth_pass 1111

}

virtual_ipaddress {                  //虚拟ip地址

192.168.138.10

}

}

virtual_server 192.168.138.10 80 {

  delay_loop 6                          //定义RS运行情况监测时间间隔

  lb_algo wrr                            //定义负载调度算法

  lb_kind DR                            //定义LVS的工作模式

  nat_mask 255.255.255.0                 //定义虚拟服务的mask

#  persistence_timeout 300                  //定义会话保持时间,S为单位

  protocol TCP                           //指定转发协议

  real_server 192.168.138.15 80 {             //真实服务器IP地址和端口

    weight 1                         //定义RS的权重

    TCP_CHECK {                   //RS server健康检查部分

      connect_timeout 8                  //连接超时

      nb_get_retry 3                      //定义重试次数

      delay_before_retry 3                 //定义重试时间间隔

      connect_port 80                   //定义健康检查端口

}

}

real_server 192.168.138.16 80 {

  weight 1

  TCP_CHECK {

    connect_timeout 8

    nb_get_retry 3

    delay_before_retry 3

connect_port 80

}

}

}

                                                                                         

[[email protected] keepalived]# systemctl start keepalived

查看VIP是否添加成功

[[email protected] keepalived]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

       valid_lft forever preferred_lft forever

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:7f:09:12 brd ff:ff:ff:ff:ff:ff

    inet 192.168.138.13/24 brd 192.168.138.255 scope global ens33

       valid_lft forever preferred_lft forever

    inet 192.168.138.10/32 scope global ens33

       valid_lft forever preferred_lft forever

    inet6 fe80::20c:29ff:fe7f:912/64 scope link

       valid_lft forever preferred_lft forever

查看lvs配置是否成功

[[email protected] keepalived]# ipvsadm -ln --stats

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes

  -> RemoteAddress:Port

TCP  192.168.138.10:80                   0        0        0        0        0

  -> 192.168.138.15:80                   0        0        0        0        0

  -> 192.168.138.16:80                   0        0        0        0        0

四、测试

1.测试lvs功能

[email protected]virtual-machine:~# for ((i=1;i<=10;i++)); do curl http://192.168.138.10; done

web6 test page!

web5 test page!

web6 test page!

web5 test page!

web6 test page!

web5 test page!

web6 test page!

web5 test page!

web6 test page!

web5 test page!

以上是关于lvs-dr+keepalived的主要内容,如果未能解决你的问题,请参考以下文章

Web服务器群集——LVS-DR+Keepalived高可用集群

[Linux]-构建LVS-DR模式+Keepalived高可用群集

LVS-DR集群

LVS-DR集群

MySQL+keepalivedkeepalived two node become master and have the same virtual ipaddr

Linux——LVS-DR+keeplived