|
CentOS6.4 LVS+keepalived高可用负载均衡服务配置 一:测试环境信息 服务器DELL-R720 虚拟化 KVM 虚拟机4台: ipvs01,ipvs02,web01,web02 [root@KVM01~]# virsh list Id Name State ---------------------------------------------------- 1 SN-web01 running 2 SN-web02 running 3 SN-ipvs01 running 4 SN-ipvs02 running 网络环境: Ipvs01:192.168.40.90 Ipvs02:192.168.40.91 Web01:192.168.40.86 Web02:192.168.40.87 Vip:192.168.40.6 系统版本: 物理机CentOS6.4 64bit 虚拟机CentOS6.4 64bit 二:服务配置 软件包6.4系统已经自带ipvs1.25和keepalived1.2.7 测试用yum自行安装。 主LVS服务器ipvs01配置: [root@ipvs01 ~]# yum list >yum.list [root@ipvs01 ~]# cat yum.list|grep ipvs ipvsadm.x86_64 1.25-10.el6 @base [root@ipvs01 ~]# cat yum.list |grep keepalived keepalived.x86_64 1.2.7-3.el6 @base [root@ipvs01 ~]#yum install ipvsadm keepalived [root@ipvs01 ~]#ipvsadm [root@ipvs01 ~]#lsmod |grep ip_vs 查看模块是否加载成功 ip_vs_rr 1420 1 ip_vs_wrr 2179 0 ip_vs 115643 5 ip_vs_rr,ip_vs_wrr libcrc32c 1246 1 ip_vs ipv6 321422 11 ip_vs [root@ipvs01 ~]#cd /etc/keepalived/ [root@ipvs01 ~]#cp -a keepalived.conf ./keepalived.bak [root@ipvs01 ~]#vi keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_MASTER } vrrp_instance VI_1 { state MASTER #角色主MASTER,备服务器改为BACKUP interface eth0 #HA侦听接口 virtual_router_id 51 #虚拟路由标记ID,同一组vrrp一致 priority 100 #优先级自定义,MASTER高于BACKUP即可 advert_int 1 #HA 侦听间隔:1秒 authentication { #认证形式 auth_type PASS #认证类型PASS:PASS/AH 2种可选 auth_pass 1111 #认证密码,同一组vrrp密码一致 } virtual_ipaddress { #虚拟服务地址,可以多个,分多行 192.168.40.6 } } virtual_server 192.168.40.6 80 { #虚拟服务地址和端口 delay_loop 6 #运行情况检查,单位秒 lb_algo rr #负载调度算法,RR为轮询 lb_kind DR #LVS负载工作模式为DR,三大模式NAT,TUN,DR nat_mask 255.255.255.0 #网络掩码 #persistence_timeout 50 #会话保持时间,50秒内分配同一节点,测试时候为了查看均衡效果可以先注释掉 protocol TCP #协议类型TCP/UDP real_server 192.168.40.86 80 { #配置真实服务器节点1 的IP和端口 weight 5 #权值大小,越大权值越高 TCP_CHECK { #realserver 状态检测时间,单位秒 connect_timeout 3 #连接超时时间3秒 nb_get_retry 3 #重试次数:3次 delay_before_retry 3 #重试间隔 connect_port 80 #连接端口 } } real_server 192.168.40.87 80 { weight 5 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } } 备服务器ipvs02上将主服务器配置文件复制过去,然后修改2处: state BACKUP priority 100 其他保持不变。 三:服务节点配置: Web01,web02 ,http服务安装略 [root@web01 ~]# cat /var/www/html/index.html <h1>WEB01/192.168.40.86</h1> [root@web02 ~]# cat /var/www/html/index.html <h1>WEB02/192.168.40.87</h1> 在web01和web02上分别运行脚本 ifconfig lo:0 192.168.40.6 netmask 255.255.255.0 up route add -host 192.168.40.6 dev lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce 执行完毕后查看路由有一条虚拟IP的路由指向lo接口 [root@web01 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.40.6 0.0.0.0 255.255.255.255 UH 0 0 0 lo 四:测试LVS 将ipvs01,ipvs02 ,keepalived服务启动 将web01,web02, http服务启动 在主LVS服务器上查看lvs状态如下 说明配置生效 [root@ipvs01 ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.40.6:80 rr persistent 50 -> 192.168.40.86:80 Route 5 0 0 -> 192.168.40.87:80 Route 5 0 0 从ip a 命令来看 虚拟IP现在是在ipvs01上的,而从服务器上ip a没有虚拟IP [root@ipvs01 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:06:88:f4 brd ff:ff:ff:ff:ff:ff inet 192.168.40.90/24 brd 192.168.40.255 scope global eth0 inet 192.168.40.6/32 scope global eth0 inet6 fe80::5054:ff:fe06:88f4/64 scope link valid_lft forever preferred_lft forever >测试负载均衡效果: 打开浏览器测试: ![clip_image002[4]](/uploads/allimg/150117/1-15011F2333BG.jpg "clip_image002[4]") 刷新一下 ![clip_image004[4]](/uploads/allimg/150117/1-15011F23353294.jpg "clip_image004[4]") >测试一下HA效果 将ipvs01 keepalived服务器停掉,然后查看ipvs02 ip a状态 [root@ipvs01 ~]# /etc/init.d/keepalived stop Stopping keepalived: [ OK ] [root@SN349_ipvs02 ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:45:f8:78 brd ff:ff:ff:ff:ff:ff inet 192.168.40.91/24 brd 192.168.40.255 scope global eth0 inet 192.168.40.6/32 scope global eth0 inet6 fe80::5054:ff:fe45:f878/64 scope link valid_lft forever preferred_lft forever 此时ipvs02绑定了虚拟IP 顶替了ipvs01的服务。 (责任编辑:IT) |