徐冬丽 发表于 2019-1-5 08:45:52

Centos6.3 上实现LVS+Keepalive实现http服务的双机热备

  一、初始环境部署
  两台centos 6.3 均最小欢安装,初始化系统环境
  主机配置   master: 192.168.0.250 24
  backup: 192.168.0.249 24
  vip   : 192.168.0.6624
  测试端: 192.168.0.252 24
  在两台主上均以下操作,配置本地yum源
  cd /etc/yum.repos.d/
  mv CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Vault.repo /root/
  vi CentOS-Media.repo
  
  name=CentOS-$releasever - Media
  baseurl=file:///mnt/
  file:///media/cdrom/
  file:///media/cdrecorder/
  gpgcheck=0
      enabled=1
      mount /dev/cdrom /mnt/
      安装基本编译工具,以及其他工具包
     
  yum -y install make gcc openssl-devel
  yum -y install lrzsz ipvsadm sendmail httpd
  二、安装lVS 和 keepalived 软件包
  查看内核是否支持lvs
  modprobe -l |grep ipvs
  kernel/net/netfilter/ipvs/ip_vs.ko
  kernel/net/netfilter/ipvs/ip_vs_rr.ko
  kernel/net/netfilter/ipvs/ip_vs_wrr.ko
  kernel/net/netfilter/ipvs/ip_vs_lc.ko
  kernel/net/netfilter/ipvs/ip_vs_wlc.ko
  kernel/net/netfilter/ipvs/ip_vs_lblc.ko
  kernel/net/netfilter/ipvs/ip_vs_lblcr.ko
  kernel/net/netfilter/ipvs/ip_vs_dh.ko
  kernel/net/netfilter/ipvs/ip_vs_sh.ko
  kernel/net/netfilter/ipvs/ip_vs_sed.ko
  kernel/net/netfilter/ipvs/ip_vs_nq.ko
  kernel/net/netfilter/ipvs/ip_vs_ftp.ko
  出现以上信息表示支持,kernel2.6 以后支持
  在www.keepalived.org 下载keepalived-1.2.15.tar.gz
  tar -zxvf keepalived-1.2.15.tar.gz
  cd keepalived-1.2.15
  ./configure --sysconf=/etc --with-kernel-dir=/usr/src/kernels/2.6.32-279.el6.x86_64
  make && make install
  ln -s /usr/local/sbin/keepalived /sbin/   (将keepalived指向/sbin/)
  vi /etc/keepalived/keepalived.conf
  ! Configuration File for keepalived
  

  global_defs {
  notification_email {
  18792525964@139.com   (这里是发送报警邮件地址)
  acassen@firewall.loc
  failover@firewall.loc
  sysadmin@firewall.loc
  }
  notification_email_from Alexandre.Cassen@firewall.loc
  smtp_server 192.168.0.250(这是邮件服务器地址)
  smtp_connect_timeout 30(连接smtp服务超时时间)
  router_id LVS_DEVEL
  }
  

  vrrp_instance VI_1 {
  state MASTER            (制定服务器角色)
  interface eth0
  virtual_router_id 51      (虚拟路由id,一个集群id必须一样)
  priority 100            (角色优先级,数值越大优先级越高)
  advert_int 1            (master与backup同步检查的时间间隔,单位秒)
  authentication {
  auth_type PASS         (验证类型,有PASS和AH)
  auth_pass 1111         (验证密钥,两台机器必须一致)
  }
  virtual_ipaddress {
  192.168.0.66            (虚拟IP地址)
  }
  }
  

  virtual_server 192.168.0.66 80 {
  delay_loop 6               (运行情况检查时间间隔)
  lb_algo rr               (设置负载调度算法)
  lb_kind DR               (负载均衡机制,设置DR,还有NAT和TUN模式)
  nat_mask 255.255.255.0
  persistence_timeout 50
  protocol TCP               (设置传输协议为TCP)
  

  real_server 192.168.0.250 80 {
  weight 1                (服务器权值设置)
  TCP_CHECK {
  connect_timeout 3   (表示3秒无响应超市)
  nb_get_retry 3      (重试次数3次)
  delay_before_retry 3(重试时间间隔3秒)
  }
  }
  

  

  real_server 192.168.0.249 80 {
  weight 1
  TCP_CHECK {
  connect_timeout 3
  nb_get_retry 3
  delay_before_retry 3
  }
  }
  

  }
      在master主机上配置如上,在backup主机祝需要修改
      state BACKUP
      priority 90
      vi /etc/init.d/lvsrs(编写realserver启动脚本)
     
  #!/bin/bash
  NS_VIP=192.168.0.66
  

  /etc/rc.d/init.d/functions
  

  case "$1" in
  start)
  /sbin/ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP up
  /sbin/route add -host $SNS_VIP dev lo:0
  echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
  echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
  echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
  echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
  syscty -p > /dev/null 2>&1
  echo "RealServer Start Ok"
  ;;
  stop)
  ifconfig lo:0 down
  route del $SNS_VIP >/dev/null 2>&1
  echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
  echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
  echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
  echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
  echo "RealServer Stoped"
  ;;
  *)
  echo "Usage: $0 {start|stop}"
  exit 1
  esac
  exit 0
  

  chmod 755 /etc/init.d/lvsrs
  /etc/init.d/keepalived start
  /etc/init.d/lvsrs start
  三、测试配置正确
  在master上执行
  echo "This is master" > /var/www/html/index.html
  service httpd start
  在backup上执行
  echo "This is backup" > /var/www/html/index.html
  service httpd start
  两台机器均关闭防火墙
  service iptables stop
  在测试端浏览器输入http://192.168.0.66
http://s3.运维网.com/wyfs02/M02/5B/28/wKioL1UBIHPBkhzrAACPFtraDso656.jpg
  接着停掉master上的httpd服务
  service httpd stop
http://s3.运维网.com/wyfs02/M01/5B/2F/wKiom1UBJteh0-rYAACLSPc4QM0570.jpg
  我们可看到已经切换到backup服务器,检查backup的日志
  tail -f /var/log/messages
  Mar 12 03:35:22 backup Keepalived_healthcheckers: Removing service :80 from VS :80
  Mar 12 03:35:22 backup Keepalived_healthcheckers: SMTP connection ERROR to :25.
  Mar 12 03:39:46 backup Keepalived_healthcheckers: TCP connection to :80 success.
  Mar 12 03:39:46 backup Keepalived_healthcheckers: Adding service :80 to VS :80
  Mar 12 03:39:46 backup Keepalived_healthcheckers: Remote SMTP server :25 connected.
  Mar 12 03:39:46 backup Keepalived_healthcheckers: Error reading data from remote SMTP server :25.
  Mar 12 03:39:55 backup Keepalived_healthcheckers: TCP connection to :80 failed !!!
  Mar 12 03:39:55 backup Keepalived_healthcheckers: Removing service :80 from VS :80
  Mar 12 03:39:55 backup Keepalived_healthcheckers: Remote SMTP server :25 connected.
  Mar 12 03:39:55 backup Keepalived_healthcheckers: Error reading data from remote SMTP server :25.
  注意:这里master宕机backup接管,master恢复backup依然提供服务,当backup宕机master才会接管服务!不是master恢复 服务又从backup切回master!
  双机热备功能已实现,你会了吗?
  




页: [1]
查看完整版本: Centos6.3 上实现LVS+Keepalive实现http服务的双机热备