> CentOS > CentOS服务器 > 环境配置 >

CentOS部署Keepalived + LVS 构建高可用WEB环境

 实验部署软件清单

    CentOS 6.4 X64 mini

    Keepalived-1.2.7.tar.gz

    Ipvsadm 1.2.5-10

 

 

二、     实验目的

使用Keepalived实现基于LVS(DR)模式的集群方案,系统架构如下拓朴结构图,我们使用Keepalived 实现 VIP在两台LVS之间切换,LVS1作为缺省调度器,当LVS1调度器出现故障后,LVS2可以自动接管LVS1。当前的调度器负责把客户请求转发给后端真实的服务器(web1与web2),由于LVS工作在DR模式下,所有的真实服务器需要在自己的Non-ARP设备上设置VIP,最终由后端真实服务器将响应数据包通过路由传递给用户。

 

Keepalived + LVS 拓朴图

 

服务器网络信息

 

三、     实验过程

   

3.1   web1操作步骤如下:

 

临时关闭iptables 及selinux

[root@web1 ~]# iptables –F && iptables –X && service iptables save

[root@web1 ~]# setenforce 1 && echo “/usr/sbin/setenforce 1”>>/etc/rc.local

 

配置主机名及ip 地址

[root@web1 ~]# hostname web1.example.com

[root@web1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.16.21.111

PREFIX=24

GATEWAY=172.16.21.254

DNS1=8.8.8.8

 

添加虚拟接口地址

[root@web1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0

DEVICE=lo:0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.16.21.253

PREFIX=32

GATEWAY=172.16.21.254

 

由于网络中多个设备都设置了VIP地址,为了防止出现地址冲突的问题,需要做一些内核的更改:

[root@web1 ~]# vi /etc/sysctl.conf

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.lo.arp_announce = 2

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

 

修改sysctl.conf后执行sysctl –p 立即生效

[root@web1 ~]# sysctl –p

[root@web1 ~]# service network restart

 

安装httpd 软件包,并配置启动它。

[root@web1 ~]# yum –y install httpd

[root@web1 ~]# echo `uname –n` > /var/www/html/index.html

[root@web1 ~]# service httpd start && chkconfig httpd on

 

3.2   web2操作步骤与web1是几乎是一致的:

 

临时关闭iptables 及selinux

[root@web2 ~]# iptables –F && iptables –X && service iptables save

[root@web2 ~]# setenforce 1 && echo “/usr/sbin/setenforce 1”>>/etc/rc.local

 

配置主机名及ip 地址

[root@web2 ~]# hostname web2.example.com       //并在network  中添加

[root@web2 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.16.21.112

PREFIX=24

GATEWAY=172.16.21.254

DNS1=8.8.8.8

 

添加虚拟接口地址

[root@web2 ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0

DEVICE=lo:0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.16.21.253

PREFIX=32

GATEWAY=172.16.21.254

 

 [root@web2 ~]# vi /etc/sysctl.conf

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.lo.arp_announce = 2

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

 

修改sysctl.conf后执行sysctl –p 立即生效

[root@web2 ~]# sysctl –p

[root@web2 ~]# service network restart

 

安装httpd 软件包,并配置启动它。

[root@web2 ~]# yum –y install httpd

[root@web2 ~]# echo `uname –n` > /var/www/html/index.html

[root@web2 ~]# service httpd start && chkconfig httpd on

 

3.3   lvs1调度器操作步骤如下:

 

配置主机名及IP地址

[root@lvs1 ~]# hostname lvs1.example.com

[root@lvs1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.16.21.211

PREFIX=24

GATEWAY=172.16.21.254

DNS1=8.8.8.8

 

安装keepalived

[root@lvs1 ~]# yum –y install gcc make wget openssl-devel popt-devel libnl libnl-devel kernel-devel ipvsadm

[root@lvs1 ~]# wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz

[root@lvs1 ~]# tar zxvf keepalived-1.2.7.tar.gz

[root@lvs1 ~]# cd keepalived-1.2.7

[root@lvs1 ~]# ./configure

[root@lvs1 ~]# make && make install

[root@lvs1 ~]# ln –s /usr/local/etc/keepalived/ /etc

[[root@lvs1 ~]# ln –s /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/

[root@lvs1 ~]# ln –s /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

[root@lvs1 ~]# ln –s /usr/local/sbin/keepalived /usr/sbin/

 

  通过keepalived 实现服务的高可用性,我们此时需要修改keepalived 主配置文件――本实验lvs1为主设备,lvs2为从设备,并保证其中一台出现故障后,另一台设备可以及时、激活故障的设备,另需要在该配置文件添加虚拟服务IP,并为该虚拟服务添加后端真实的WEB组与对应的算法,本实验中的算法为rr(轮循).

[root@lvs1 ~]# vi /etc/keepalived/keepalived.conf

global_defs {

   notification_email {

     root@localhost

   }

   notification_email_from root@example.com

   smtp_server localhost

   smtp_connect_timeout 30

   router_id  LVS_01

}

 

vrrp_instance HA {

    state MASTER            #主节点,备用节点上为BACKUP

    interface eth0             #绑定虚拟IP的网络接口

    virtual_router_id 51     #VRRP组名,两个节点必须一致

    priority 100                 #优先级(1-254之间),数值大越高,备用低于100

    advert_int 1                 #组播信息发送间隔,两个节点设置必须一样

    authentication {           #验证信息,两个节点必须一致

    auth_type PASS

    auth_pass 1111

 

    }

 

    virtual_ipaddress {                    #虚拟IP

        172.16.21.253

    }

}

virtual_server 172.16.21.253 80 {

        delay_loop 6                      #健康检查时间间隔

        lb_algo rr                           #负载均衡调度算法

        lb_kind DR                         #负载均衡转发规则

        #persistence_timeout 20   #设置会话保持时间

        protocol TCP                            #协议

        real_server 192.168.1.105 80 {

        weight 3                             #设置权重

        TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

        connect_port 80

}

}

        real_server 172.16.21.111 80 {

        weight 3

        TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

        connect_port 80

}

}

        real_server  172.16.21.112 80 {

        weight 3

        TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

        connect_port 80

}

}

}

 

将 keepalived启动并加入到开机列表

[root@lvs1 ~]# service keepalived start && chkconfig keepalived on

 

关闭iptables 及 selinux

[root@lvs1 ~]# iptables –F && iptables –X && service iptables save

[root@lvs1 ~]# setenforce 1 && echo “/usr/sbin/setenforce 1”>>/etc/rc.local

 

   3.4   因为都是调度器,lvs2调度器操作流程及步骤与lvs1调试器一致,不一致的地方keepalived 配置文件(红色标记):

 

配置主机名及IP地址

[root@lvs2 ~]# hostname lvs2.example.com

[root@lvs2 ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.16.21.212

PREFIX=24

GATEWAY=172.16.21.254

DNS1=8.8.8.8

 

安装keepalived

[root@lvs2 ~]#  yum –y install gcc make wget openssl-devel popt-devel libnl libnl-devel kernel-devel ipvsadm

[root@lvs2 ~]#  wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz

[root@lvs2 ~]#  tar zxvf keepalived-1.2.7.tar.gz

[root@lvs2 ~]#  cd keepalived-1.2.7

[root@lvs2 ~]# ./configure

[root@lvs2 ~]# make && make install

[root@lvs2 ~]# ln –s /usr/local/etc/keepalived/ /etc

[[root@lvs2 ~]# ln –s /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/

[root@lvs2 ~]# ln –s /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

[root@lvs2 ~]# ln –s /usr/local/sbin/keepalived /usr/sbin/

 

配置keepalived,并将此服务器设置为从节点

[root@lvs1 ~]# vi /etc/keepalived/keepalived.conf

global_defs {

   notification_email {

     root@localhost

   }

   notification_email_from root@example.com

   smtp_server localhost

   smtp_connect_timeout 30

   router_id  HA_02

}

 

vrrp_instance HA {

    state BAKCUP           #主节点为MASTER

    interface eth0             #绑定虚拟IP的网络接口

    virtual_router_id 51     #VRRP组名,两个节点必须一致

    priority 50                  #优先级(1-254之间),数值大越高

    advert_int 1                 #组播信息发送间隔,两个节点设置必须一样

    authentication {           #验证信息,两个节点必须一致

    auth_type PASS

    auth_pass 1111

 

    }

 

    virtual_ipaddress {                    #虚拟IP

        172.16.21.253

    }

}

virtual_server 172.16.21.253 80 {

        delay_loop 6                      #健康检查时间间隔

        lb_algo rr                           #负载均衡调度算法

        lb_kind DR                         #负载均衡转发规则

        #persistence_timeout 20   #设置会话保持时间

        protocol TCP                            #协议

        real_server 192.168.1.105 80 {

        weight 3                             #设置权重

        TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

        connect_port 80

}

}

        real_server 172.16.21.111 80 {

        weight 3

        TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

        connect_port 80

}

}

        real_server  172.16.21.112 80 {

        weight 3

        TCP_CHECK {

        connect_timeout 3

        nb_get_retry 3

        delay_before_retry 3

        connect_port 80

}

}

}

 

将 keepalived启动并加入到开机列表

[root@lvs2 ~]# service keepalived start && chkconfig keepalived on

 

关闭iptables 及 selinux

[root@lvs2 ~]# iptables –F && iptables –X && service iptables save

[root@lvs2 ~]# setenforce 1 && echo “/usr/sbin/setenforce 1”>>/etc/rc.local

 

3.5 配置client

 

     在实际生产环境中,此设备应该是一个路由器,我们就用此设备来测试我们的实验架构:

[root@client ~]# hostname client.example.com

[root@ client ~]# vi /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

ONBOOT=yes

BOOTPROTO=static

IPADDR=172.16.21. 254

PREFIX=24

GATEWAY=172.16.21.254

DNS1=8.8.8.8

 

  

四、     实验测试

 

 

1、用不同的client 访问 http://172.16.21.253,LVS会根据算法轮流返回后端的服务器资源; 

2、模拟宕掉主LVS1(关机或挂起),服务器照常工作,再宕掉Web1,这时只会显示Web2,这样就实现ip负载均衡、高可用集群;

3、当主LVS恢复后,会切换成主动服务器,如果Keepalived监控模块检测web服务器故障恢复后,恢复的主机又将此节点加入集群系统中。

     常用命令

[root@lvs1 ~]# ip addr show                  #查看虚拟IP

[root@lvs1 ~]# ipvsadm –Ln                   #查看当前LVS规则


 

(责任编辑:IT)