lvs+keepalived实现web负载及高可用
实验环境:lvs-master 192.168.1.236
lvs-backup 192.168.1.237
lvs-dr-vip 192.168.1.238
web1 192.168.1.239
web2 192.168.1.240
注:yum安装的软件包版本要一致
1.分别在两台服务器上安装lvs和keepalived
# yum -y install ipvsadm
# yum -y install keepalived
# yum -y install ipvsadm
# yum -y install keepalived
2.修改lvs-master的配置文件
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
kim@163.com #email 通知
}
notification_email_from kim@163.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER #设置lvs的状态,报错MASTER和BACKUP两种,必须大写
interface eth1 #设置对外服务的接口
virtual_router_id 51 #设置虚拟路由表示
priority 100 #设置优先级,数值越大,优先级越高
advert_int 1 #设置同步时间间隔
authentication { #设置验证类型和密码
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { #设置lvs vip
192.168.1.238
}
}
virtual_server 192.168.1.238 80 {
delay_loop 6 #健康检查时间间隔
lb_algo wrr #负载均衡调度算法
lb_kind DR #负载均衡转发规则
#persistence_timeout 20 #设置会话保持时间,对bbs等很有用
protocol TCP #协议
real_server 192.168.1.239 80 {
weight 3 #设置权重
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.1.240 80 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
修改lvs-backup的配置
! Configuration File for keepalived
global_defs {
notification_email {
kim@163.com
}
notification_email_from kim@163.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth1
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.238
}
}
virtual_server 192.168.1.238 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 20
protocol TCP
real_server 192.168.1.239 80 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.1.240 80 {
weight 3
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
3.在两台Realserver端增加配置(即web1和web2,配置一样)
配置web服务
# yum -y install httpd
# echo "web11 " > /var/www/html/index.html
# yum -y install httpd
# echo "web22 " > /var/www/html/index.html
# /etc/rc.d/init.d/realserver (web1与web2配置一样)
#!/bin/bash
# description: Config realserver lo and apply noarp
SNS_VIP=192.168.1.238
. /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
# chmod o+x /etc/rc.d/init.d/realserver
简单说明以上述脚本的作用:
1)vip(virtual ip)。直接路由模式的vip必须跟服务器对外提供服务的ip地址在同一个网段,并且lvs 负载均衡器和其他所有提供相同功能的服务器都使用这个vip;
2)vip被绑定在环回接口lo0:0上,其广播地址是其本身,子网掩码是255.255.255.255。这与标准的网络地址设置有很大的不同。采用这种可变长掩码方式把网段划分成只含一个主机地址的目的是避免ip地址冲突;
3)echo这段的作用是抑制arp广播。如果不做arp抑制,将会有众多的机器向其他宣称:“嗨!我是奥巴马,我在这里呢!”,这样就乱套了。
4.测试
在lvs-master上启动keepalived与ipvsadm
# /etc/init.d/ipvsadm start
# /etc/init.d/keepalived start
http://s3.运维网.com/wyfs02/M00/58/42/wKioL1StDXzgW9DvAAIGzvukwuQ859.jpg
http://s3.运维网.com/wyfs02/M00/58/45/wKiom1StDMqiscp9AAOzBLbsdkI991.jpg
在lvs-backup上启动keepalived与ipvsadm
# /etc/init.d/ipvsadm start
# /etc/init.d/keepalived start
http://s3.运维网.com/wyfs02/M01/58/42/wKioL1StDeTDUkOyAAGlio2CNGE117.jpg
http://s3.运维网.com/wyfs02/M01/58/45/wKiom1StDTPi40kgAANEYes8Tn4316.jpg
在web1上启动realserver
# /etc/init.d/realserver start
http://s3.运维网.com/wyfs02/M02/58/42/wKioL1StDhWBilgwAAIPtbB_Gw0224.jpg
在web2上启动realserver
# /etc/init.d/realserver start
http://s3.运维网.com/wyfs02/M02/58/45/wKiom1StDWeTCmK6AAIJuYK4xBs746.jpg
测试web访问
# /etc/init.d/httpd start #启动apache
# /etc/init.d/httpd start
http://s3.运维网.com/wyfs02/M00/58/45/wKiom1StDYrC8viTAAEi4E5pL78769.jpg
关闭web1
# /etc/init.d/httpd stop
http://s3.运维网.com/wyfs02/M02/58/42/wKioL1StDmPxtgaEAAEdvkAdpss880.jpg
高可用测试
关闭lvs-master的keepalived与ipvsadm
# /etc/init.d/keepalived stop
# /etc/init.d/ipvsadm stop
http://s3.运维网.com/wyfs02/M01/58/42/wKioL1StDoOAzLNZAAHjMdHtZDw074.jpg
http://s3.运维网.com/wyfs02/M01/58/45/wKiom1StDcTzl2I0AAMahb4Andk621.jpg
在lvs-backup上查看lvs的vip
http://s3.运维网.com/wyfs02/M02/58/42/wKioL1StDqyD-QbVAAHzpbuPogk752.jpg
http://s3.运维网.com/wyfs02/M02/58/45/wKiom1StDe2xOkSBAAOJWoU6zjk479.jpg
测试web访问是否依然正常
http://s3.运维网.com/wyfs02/M00/58/42/wKioL1StDs6zrAGZAAEaaXz8HaQ183.jpg
有上图可看出网站访问正常
页:
[1]