|
实验部署软件清单 CentOS 6.4 X64 mini Keepalived-1.2.7.tar.gz Ipvsadm 1.2.5-10
二、 实验目的 使用Keepalived实现基于LVS(DR)模式的集群方案,系统架构如下拓朴结构图,我们使用Keepalived 实现 VIP在两台LVS之间切换,LVS1作为缺省调度器,当LVS1调度器出现故障后,LVS2可以自动接管LVS1。当前的调度器负责把客户请求转发给后端真实的服务器(web1与web2),由于LVS工作在DR模式下,所有的真实服务器需要在自己的Non-ARP设备上设置VIP,最终由后端真实服务器将响应数据包通过路由传递给用户。 
Keepalived + LVS 拓朴图 
服务器网络信息
三、 实验过程
3.1 web1操作步骤如下:
临时关闭iptables 及selinux [root@web1 ~]# iptables –F && iptables –X && service iptables save [root@web1 ~]# setenforce 1 && echo “/usr/sbin/setenforce 1”>>/etc/rc.local
配置主机名及ip 地址 [root@web1 ~]# hostname web1.example.com [root@web1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0
ON BOOTPROTO=static IPADDR=172.16.21.111 PREFIX=24 GATEWAY=172.16.21.254 DNS1=8.8.8.8
添加虚拟接口地址 [root@web1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0 DEVICE=lo:0
ON BOOTPROTO=static IPADDR=172.16.21.253 PREFIX=32 GATEWAY=172.16.21.254
由于网络中多个设备都设置了VIP地址,为了防止出现地址冲突的问题,需要做一些内核的更改: [root@web1 ~]# vi /etc/sysctl.conf net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2
修改sysctl.conf后执行sysctl –p 立即生效 [root@web1 ~]# sysctl –p [root@web1 ~]# service network restart
安装httpd 软件包,并配置启动它。 [root@web1 ~]# yum –y install httpd [root@web1 ~]# echo `uname –n` > /var/www/html/index.html [root@web1 ~]# service httpd start && chkconfig httpd on
3.2 web2操作步骤与web1是几乎是一致的:
临时关闭iptables 及selinux [root@web2 ~]# iptables –F && iptables –X && service iptables save [root@web2 ~]# setenforce 1 && echo “/usr/sbin/setenforce 1”>>/etc/rc.local
配置主机名及ip 地址 [root@web2 ~]# hostname web2.example.com //并在network 中添加 [root@web2 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0
ON BOOTPROTO=static IPADDR=172.16.21.112 PREFIX=24 GATEWAY=172.16.21.254 DNS1=8.8.8.8
添加虚拟接口地址 [root@web2 ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0 DEVICE=lo:0
ON BOOTPROTO=static IPADDR=172.16.21.253 PREFIX=32 GATEWAY=172.16.21.254
[root@web2 ~]# vi /etc/sysctl.conf net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2
修改sysctl.conf后执行sysctl –p 立即生效 [root@web2 ~]# sysctl –p [root@web2 ~]# service network restart
安装httpd 软件包,并配置启动它。 [root@web2 ~]# yum –y install httpd [root@web2 ~]# echo `uname –n` > /var/www/html/index.html [root@web2 ~]# service httpd start && chkconfig httpd on
3.3 lvs1调度器操作步骤如下:
配置主机名及IP地址 [root@lvs1 ~]# hostname lvs1.example.com [root@lvs1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0
ON BOOTPROTO=static IPADDR=172.16.21.211 PREFIX=24 GATEWAY=172.16.21.254 DNS1=8.8.8.8
安装keepalived [root@lvs1 ~]# yum –y install gcc make wget openssl-devel popt-devel libnl libnl-devel kernel-devel ipvsadm [root@lvs1 ~]# wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz [root@lvs1 ~]# tar zxvf keepalived-1.2.7.tar.gz [root@lvs1 ~]# cd keepalived-1.2.7 [root@lvs1 ~]# ./configure [root@lvs1 ~]# make && make install [root@lvs1 ~]# ln –s /usr/local/etc/keepalived/ /etc [[root@lvs1 ~]# ln –s /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ [root@lvs1 ~]# ln –s /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ [root@lvs1 ~]# ln –s /usr/local/sbin/keepalived /usr/sbin/
通过keepalived 实现服务的高可用性,我们此时需要修改keepalived 主配置文件――本实验lvs1为主设备,lvs2为从设备,并保证其中一台出现故障后,另一台设备可以及时、激活故障的设备,另需要在该配置文件添加虚拟服务IP,并为该虚拟服务添加后端真实的WEB组与对应的算法,本实验中的算法为rr(轮循). [root@lvs1 ~]# vi /etc/keepalived/keepalived.conf global_defs { notification_email { root@localhost } notification_email_from root@example.com smtp_server localhost smtp_connect_timeout 30 router_id LVS_01 }
vrrp_instance HA { state MASTER #主节点,备用节点上为BACKUP interface eth0 #绑定虚拟IP的网络接口 virtual_router_id 51 #VRRP组名,两个节点必须一致 priority 100 #优先级(1-254之间),数值大越高,备用低于100 advert_int 1 #组播信息发送间隔,两个节点设置必须一样 authentication { #验证信息,两个节点必须一致 auth_type PASS auth_pass 1111
}
virtual_ipaddress { #虚拟IP 172.16.21.253 } } virtual_server 172.16.21.253 80 { delay_loop 6 #健康检查时间间隔 lb_algo rr #负载均衡调度算法 lb_kind DR #负载均衡转发规则 #persistence_timeout 20 #设置会话保持时间 protocol TCP #协议 real_server 192.168.1.105 80 { weight 3 #设置权重 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 172.16.21.111 80 { weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 172.16.21.112 80 { weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
将 keepalived启动并加入到开机列表 [root@lvs1 ~]# service keepalived start && chkconfig keepalived on
关闭iptables 及 selinux [root@lvs1 ~]# iptables –F && iptables –X && service iptables save [root@lvs1 ~]# setenforce 1 && echo “/usr/sbin/setenforce 1”>>/etc/rc.local
3.4 因为都是调度器,lvs2调度器操作流程及步骤与lvs1调试器一致,不一致的地方keepalived 配置文件(红色标记):
配置主机名及IP地址 [root@lvs2 ~]# hostname lvs2.example.com [root@lvs2 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0
ON BOOTPROTO=static IPADDR=172.16.21.212 PREFIX=24 GATEWAY=172.16.21.254 DNS1=8.8.8.8
安装keepalived [root@lvs2 ~]# yum –y install gcc make wget openssl-devel popt-devel libnl libnl-devel kernel-devel ipvsadm [root@lvs2 ~]# wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz [root@lvs2 ~]# tar zxvf keepalived-1.2.7.tar.gz [root@lvs2 ~]# cd keepalived-1.2.7 [root@lvs2 ~]# ./configure [root@lvs2 ~]# make && make install [root@lvs2 ~]# ln –s /usr/local/etc/keepalived/ /etc [[root@lvs2 ~]# ln –s /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ [root@lvs2 ~]# ln –s /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ [root@lvs2 ~]# ln –s /usr/local/sbin/keepalived /usr/sbin/
配置keepalived,并将此服务器设置为从节点 [root@lvs1 ~]# vi /etc/keepalived/keepalived.conf global_defs { notification_email { root@localhost } notification_email_from root@example.com smtp_server localhost smtp_connect_timeout 30 router_id HA_02 }
vrrp_instance HA { state BAKCUP #主节点为MASTER interface eth0 #绑定虚拟IP的网络接口 virtual_router_id 51 #VRRP组名,两个节点必须一致 priority 50 #优先级(1-254之间),数值大越高 advert_int 1 #组播信息发送间隔,两个节点设置必须一样 authentication { #验证信息,两个节点必须一致 auth_type PASS auth_pass 1111
}
virtual_ipaddress { #虚拟IP 172.16.21.253 } } virtual_server 172.16.21.253 80 { delay_loop 6 #健康检查时间间隔 lb_algo rr #负载均衡调度算法 lb_kind DR #负载均衡转发规则 #persistence_timeout 20 #设置会话保持时间 protocol TCP #协议 real_server 192.168.1.105 80 { weight 3 #设置权重 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 172.16.21.111 80 { weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 172.16.21.112 80 { weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
将 keepalived启动并加入到开机列表 [root@lvs2 ~]# service keepalived start && chkconfig keepalived on
关闭iptables 及 selinux [root@lvs2 ~]# iptables –F && iptables –X && service iptables save [root@lvs2 ~]# setenforce 1 && echo “/usr/sbin/setenforce 1”>>/etc/rc.local
3.5 配置client
在实际生产环境中,此设备应该是一个路由器,我们就用此设备来测试我们的实验架构: [root@client ~]# hostname client.example.com [root@ client ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0
ON BOOTPROTO=static IPADDR=172.16.21. 254 PREFIX=24 GATEWAY=172.16.21.254 DNS1=8.8.8.8
四、 实验测试
1、用不同的client 访问 http://172.16.21.253,LVS会根据算法轮流返回后端的服务器资源; 2、模拟宕掉主LVS1(关机或挂起),服务器照常工作,再宕掉Web1,这时只会显示Web2,这样就实现ip负载均衡、高可用集群; 3、当主LVS恢复后,会切换成主动服务器,如果Keepalived监控模块检测web服务器故障恢复后,恢复的主机又将此节点加入集群系统中。 常用命令 [root@lvs1 ~]# ip addr show #查看虚拟IP [root@lvs1 ~]# ipvsadm –Ln #查看当前LVS规则 (责任编辑:IT) |