keepalived+lvs 高可用
地址规划情况:主Director Servereth0 192.168.1.175
eth1 10.10.10.1
eth0:0192.168.1.54
备Director Servereth0 192.168.1.129
eth1 10.10.10.2
eth0:0192.168.1.54
Real server1eth0192.168.1.220
lo192.168.1.54
Real server1eth0192.168.1.130
lo192.168.1.54
查看内核是否已经支持LVS的IPVS模块
# modprobe -l | grep ipvs
kernel/net/netfilter/ipvs/ip_vs.ko
kernel/net/netfilter/ipvs/ip_vs_rr.ko
kernel/net/netfilter/ipvs/ip_vs_wrr.ko
kernel/net/netfilter/ipvs/ip_vs_lc.ko
kernel/net/netfilter/ipvs/ip_vs_wlc.ko
kernel/net/netfilter/ipvs/ip_vs_lblc.ko
kernel/net/netfilter/ipvs/ip_vs_lblcr.ko
kernel/net/netfilter/ipvs/ip_vs_dh.ko
kernel/net/netfilter/ipvs/ip_vs_sh.ko
kernel/net/netfilter/ipvs/ip_vs_sed.ko
kernel/net/netfilter/ipvs/ip_vs_nq.ko
kernel/net/netfilter/ipvs/ip_vs_ftp.ko
如果输出上面的内容,表明系统内核支持IPVS模块
yum install ipvsadm-1.25-10.el6.x86_64 -y
ipvsadm --help
有帮助信息输出说明安装成功
tar zxvf keepalived-1.2.3.tar.gz
cd keepalived-1.2.3
./configure --sysconf=/etc --with-kernel-dir=/usr/src/kernels/2.6.32-279.5.2.el6.x86_64/ #--sysconf指定配置文件的安装路径即/etc/keepalived/keepalived.conf.--with-kernel-dir指定使用内核源码中的头文件。
make
make install
ln -s /usr/local/sbin/keepalived /sbin/
keepalived --help
有帮助信息输出说明安装成功
修改配置文件
rm -rf /etc/keepalived/keepalived.conf
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
xxxxxxxx@139.com#监控到Real server无法工作是报警的邮箱,可以设备多个,每行一个。注意如果要开启邮件报警,需要开启本机的SMTP服务。
}
notification_email_from root@localhost#设置邮件的发送地址
smtp_server 127.0.0.1 #设置SMTP SERVER地址
smtp_connect_timeout 30#设置连接SMTP SERVER的超时时间
router_id LVS_DEVEL#表示Keepalived服务的一个标识,发邮件时显示在邮件主题中的信息。
}
vrrp_instance VI_1 {
state MASTER#指定Keepalived的角色,MASTER表示此主机是主服务器 BACKUP表示此主机是备用服务器,所以设置时注意
interface eth1#指定HA监测网络的接口
virtual_router_id 51#虚拟路由标识,同一个vrrp实例使用唯一的标识,同一个vrrp_instance下,MASTER和BACKUP必须一致。
priority 80#定义优先级,数字越大,优先级越高。在一个vrrp_instance下,MASTER的优先级必须大于BACKUP的优先级
advert_int 1#设定MASTER与BACKUP负载均衡器之间同步检查的时间间隔,单位是秒
authentication {
auth_type PASS#设置验证类型,主要有PASS和AH两种
auth_pass 1111#设置验证密码,同一个vrrp_instance下,MASTER和BACKUP的密码必须一致才能正常通信
}
virtual_ipaddress {#设置虚拟IP地址,可以设置多个虚拟IP地址,每行一个
192.168.1.54
}
}
virtual_server 192.168.1.54 80 {#设置虚拟服务器,需要指定虚拟IP地址和服务端口,IP与端口之间用空格隔开
delay_loop 6#设置运行情况检查时间,单位是秒
lb_algo wlc#设置负载调试算法,这里设置为wlc即最少链接算法
lb_kind DR#设置LVS实现负载均衡的机制,有NAT,TUN和DR三个模式可选
persistence_timeout 50#设置会话保持时间,单位是秒
protocol TCP#指定转发协议类型,有TCP和UDP两种
real_server 192.168.1.220 80 {#配置服务节点1,需要指定real server的真实IP地址和端口
weight 1#配置服务节点的权值,权值大小用数字表示,数字越大,权值超高。可以为性能高的服务器设置较高的权值,合理地利用和分配系统资源
TCP_CHECK {
connect_timeout 3#表示3秒无响应超时
nb_get_retry 3#表示重试次数
delay_before_retry 3#表示重试间隔
}
}
real_server 192.168.1.130 80 {#配置服务节点2
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
启动服务
service keepalived stop
查看keepalived的进程
# ps -ef | grep keepalived
root 29329 10 05:09 ? 00:00:00 keepalived -D
root 29331 293290 05:09 ? 00:00:00 keepalived -D
root 29332 293290 05:09 ? 00:00:00 keepalived -D
说明服务正常启动
配置real server
安装web服务
yum install httpd
service httpd start
netstat -tnulp
编写增加VIP地址的脚本
#!/bin/bash
SNS_VIP=192.168.1.54
. /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
cp lvsrs /etc/init.d/lvsrs
chmod 755 /etc/init.d/lvsrs#修改lvsrs使其具有可执行权限
service lvsrs start/stop#关闭和启动lvsrs
在主Director Server里查看
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.1.54:http rr persistent 50
-> 192.168.1.130:http Route 1 0 0
-> 192.168.1.220:http Route 1 0 0
说明服务已经启动正常可以
在real server1中添加网页
echo "this is real server1" > /var/www/html/index.html
在real server2中添加网页
echo "this is real server2" > /var/www/html/index.html
在PC电脑上通过浏览器查看http://192.168.1.54是否能访问到页面
关闭192.168.1.130的web服务查看主Director Server的日志是否有邮件发出
Aug 31 05:38:26 localhost Keepalived_healthcheckers: TCP connection to :80 success.
Aug 31 05:38:26 localhost Keepalived_healthcheckers: Adding service :80 to VS :80
Aug 31 05:38:26 localhost Keepalived_healthcheckers: Remote SMTP server :25 connected.
Aug 31 05:38:26 localhost Keepalived_healthcheckers: SMTP alert successfully sent.
查看你的邮箱是否收到邮件
查看LVS是否把有故障的Real server从列表中踢出
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.1.54:http rr persistent 50
-> 192.168.1.220:http Route 1 0 0
说明已经踢出
开启192.168.1.130的web服务查看主Director Server的日志是否有邮件发出
Aug 31 05:09:56 localhost Keepalived_healthcheckers: TCP connection to :80 failed !!!
Aug 31 05:09:56 localhost Keepalived_healthcheckers: Removing service :80 from VS :80
Aug 31 05:09:56 localhost Keepalived_healthcheckers: Remote SMTP server :25 connected.
Aug 31 05:09:56 localhost Keepalived_healthcheckers: SMTP alert successfully sent.
查看你的邮箱是否收到邮件
查看LVS是否又把恢复的Real server添加到列表中
# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.1.54:http rr persistent 50
-> 192.168.1.130:http Route 1 0 0
-> 192.168.1.220:http Route 1 0 0
说明已经添加
在主Director Server中关闭keepalived服务
service keepalived stop
查备Director Server的日志
tail -f /var/log/messages
查看Director Server是否发生切换
在PC电脑上通过浏览器查看http://192.168.1.54是否能访问到页面看是否正常
如果正常在主Director Server中开启keepalived服务
service keepalived start
查备Director Server的日志
tail -f /var/log/messages
查看Director Server是否发生切换
在PC电脑上通过浏览器查看http://192.168.1.54是否能访问到页面看是否正常
LVS+keepalived完毕
页:
[1]