IPvs的高可用性+LVS的DR模式+ldirectord
ldirectord简介:为了从主Director将LVS负载均衡资源故障转移到备用Director,并从集群中自动移除节点,我们需要使用ldirectord程序,这个程序在启动时自动建立IPVS表,然后监视集群节点的健康情况,在发现失效节点时将其自动从IPVS表中移除。ldirectord监视集群(真实服务器):ldirectord守护进程通过向每台真实服务器真实IP(RIP)上的集群资源发送访问请求来实现对真实服务器的监控,这对所有类型的LVS集群都是成立的:LVS-DR,LVS-NAT和LVS-TUN。正常情况下,为每个Director上的VIP地址运行一个ldirectord守护进程,当真实服务器不响应运行在Director上的ldirectord守护进程时,ldirectord守护进程运行适当的ipvsadm命令将VIP地址从IPVS表中移除。(以后,当真实服务器回到在线状态时,ldirectord使用适当的ipvsadm命令将真实服务器重新添加到IPVS表中)
案例:在前端架设两台director主机,互为备份,实现ipvs群集的高可用性。后端架设两台web服务器实现负载均衡LB,在realserver上使用DR模式
ip地址规划:
VIP:192.168.145.101
director1:eth0:192.168.145.99
eth1:192.168.10.1 (心跳线)
director2:eth0:192.168.145.100
eth1:192.168.10.2(心跳线)
realserver1:eth0:192.168.145.200
realserver2:eth0:192.168.145.201
拓扑方案:
http://blog.运维网.com/attachment/201210/214448822.png
配置director1部分:
一:修改director1的主机名:
# vim /etc/sysconfig/network
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567695niXo.png
二:给director1配置静态ip地址
http://5493845.blog.运维网.com/attachment/201210/18/5493845_135056769676ge.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_13505676984BJW.png
三:编译本地yum:
# vim /etc/yum.repos.d/rhel-debuginfo.repo
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567703zxxu.png
四:安装相关关键包:
# mkdir /mnt/cdrom
# mount /dev/cdrom /mnt/cdrom/ #挂载光盘,在使用
yum localinstall中需要用到光盘上的软件包
# yum localinstall -y heartbeat-2.1.4-9.el5.i386.rpm heartbeat-pils-2.1.4-10.el5.i386.rpm heartbeat-stonith-2.1.4-
10.el5.i386.rpmlibnet-1.1.4-3.el5.i386.rpm perl-MailTools-1.77-1.el5.noarch.rpm--nogpgcheck #使用localinstall可以安装外部软件包以及调用系统光盘软件包,—nogpgcheck取消签名测
五:安装ipvs的管理工具ipvsadm:
# yum install ipvsadm -y
# ipvsadm -A -t 192.168.145.101:80 -s rr #定义群集,rr表示
采用轮询调度,监听httpd服务的80端口
# ipvsadm -a -t 192.168.145.101:80 -r 192.168.145.200 –g
#当监听到有访问80端口的,转换到真实的ip地址上,-g表示DR模型
# ipvsadm -a -t 192.168.145.101:80 -r 192.168.145.201 –g
#当监听到有访问80端口的,转换到真实的ip地址上,-g表示DR模型
# service ipvsadm save #保存配置的规则
# service ipvsadm stop #将ipvsadm停止
六:编辑配置心跳参数,群集资源等文件
# cd /usr/share/doc/heartbeat-2.1.4/
# cp ha.cf /etc/ha.d/#将ha.cf调整心跳探测参数
# cp haresources /etc/ha.d/ #haresources
文件定义群集资源的资源管理器
# cp authkeys /etc/ha.d/ #authkeys实现
心跳线双方的身份验证
# cp /etc/init.d/ipvsadm /etc/ha.d/resource.d/ #将ipvsadm的控制脚本拷贝到resource.d目录下
# cd /etc/ha.d/
# vim ha.cf #编辑定义心跳探测参数的文件
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567704QVy2.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_13505677053xrB.png
# dd if=/dev/random bs=512 count=1 |openssl md5 #利用随机文件random产生一段字符,一块512字节,数量是1,通过md5加密后输出
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567707DC5w.png
# vim authkeys #编辑心跳双方的身份验证文件
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567708H4Bt.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_13505677090kxC.png
# chmod 600 authkeys #根据文件内提示将authkeys的
权限改为600
# vim haresources #定义群集的抢夺资源
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567710XCiS.png
# service heartbeat start #启动heartbeat服务
# chkconfig heartbeat on #将该服务设置为开机自动启动
# ifconfig #使用该命令查看ip地址情况
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567712T7Xj.png
配置director2部分:
一:修改director2的主机名:
# vim /etc/sysconfig/network
http://5493845.blog.运维网.com/attachment/201210/18/5493845_13505677138obg.png
二:给director2配置静态ip地址:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567714w87u.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567715hILE.png
三:编辑本地yum:
# vim /etc/yum.repos.d/rhel-debuginfo.repo
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567718JqNK.png
四:安装相关软件包:
# mkdir /mnt/cdrom
# mount /dev/cdrom /mnt/cdrom/ #挂载光盘,在下一步中需要使用自带的光盘软件,解决依赖性问题
# yum localinstall heartbeat-2.1.4-9.el5.i386.rpm heartbeat-pils-2.1.4-10.el5.i386.rpm heartbeat-stonith-2.1.4-10.el5.i386.rpm
libnet-1.1.4-3.el5.i386.rpm perl-MailTools-1.77-1.el5.noarch.rpm -y –nogpgcheck #使用localinstall可以安装外部软件包以及调用系统光盘软件
包,—nogpgcheck取消签名检测
五:安装ipvs的管理工具ipvsadm:
# yum install ipvsadm -y
# ipvsadm -A -t 192.168.145.101:80 -s rr #定义群集,rr表示采用轮询调度,监听httpd服务的80端口
# ipvsadm -a -t 192.168.145.101:80 -r 192.168.145.200 –g #当监听到有访问80端口的,转换到真实的ip地址上,-g表示DR模型
# ipvsadm -a -t 192.168.145.101:80 -r 192.168.145.201 –g #当监听到有访问80端口的,转换到真实的ip地址上,-g表示DR模型
# service ipvsadm save #保存配置的规则
# service ipvsadm stop #将ipvsadm停止
六:编辑配置心跳参数,群集资源等文件
# cd /usr/share/doc/heartbeat-2.1.4/
# cp ha.cf /etc/ha.d/ #将ha.cf调整心跳探测参数
# cp haresources /etc/ha.d/ #haresources文件定义群集资源的资源管理器
# cp authkeys /etc/ha.d/ #authkeys实现心跳线双方的身份验证
# cp/etc/init.d/ipvsadm /etc/ha.d/resource.d/ #将ipvsadm的控制脚本拷贝到resource.d目录下
# cd/etc/ha.d/
# vim ha.cf #编辑心跳探测的配置文件
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567719lAVK.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567720C8sK.png
# vim authkeys #心跳双方的身份验证文件
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567720G6BR.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567721XWBm.png
# chmod 600 authkeys #根据文件内提示将authkeys的权限改为600
# vim haresources #定义群集的抢夺资源
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567710XCiS.png
# service heartbeat start
# chkconfig heartbeat on #将该服务设置为开机自动启动
# ifconfig #使用该命令并没有查看到抢占的VIP
配置realserver 1:
一:配置内核参数:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567723yZQV.png
# echo "net.ipv4.conf.eth0.arp_announce = 2">>/etc/sysctl.conf
# echo "net.ipv4.conf.all.arp_announce = 2">>/etc/sysctl.conf
# echo "net.ipv4.conf.eth0.arp_ignore = 1">>/etc/sysctl.conf
# echo "net.ipv4.conf.all.arp_ignore = 1">>/etc/sysctl.conf
# sysctl –p #使新编辑的内核文件生效
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567724zzta.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567724I79R.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567726Rzxc.png
# service network restart #重启网络服务
# route add -host 192.168.145.101 dev lo:0 #添加一条路由,保证数据包返回时使用VIP地址192.168.145.101,出口是lo:0
二:安装web服务器:
# mkdir /mnt/cdrom
# mount /dev/cdrom /mnt/cdrom/
# cd /mnt/cdrom/Server/
# rpm -ivh httpd-2.2.3-31.el5.i386.rpm #安装httpd
# service httpd start
# chkconfig httpd on
# echo "realserver1 web1">/var/www/html/index.html #编辑网页文件index.html
配置realserver 2:
一:配置内核参数:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567727eRnI.png
# echo "net.ipv4.conf.eth0.arp_announce = 2">>/etc/sysctl.conf
# echo "net.ipv4.conf.all.arp_announce = 2">>/etc/sysctl.conf
# echo "net.ipv4.conf.eth0.arp_ignore = 1">>/etc/sysctl.conf
# echo "net.ipv4.conf.all.arp_ignore = 1">>/etc/sysctl.conf
# sysctl –p #使刚配置的内核参数生效
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567728zX1H.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567732GEj9.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_135056773627LI.png
# service network restart
# route add -host 192.168.145.101 dev lo:0 #添加一条路由,使返回的数据包从VIP—192.168.145.101出去,出口是lo:0
二:安装web服务器
# mkdir /mnt/cdrom
# mount /dev/cdrom /mnt/cdrom/
# cd /mnt/cdrom/Server/
# rpm -ivh httpd-2.2.3-31.el5.i386.rpm #安装httpd服务器
# service httpd start #启动httpd
# chkconfig httpd on #开机自动启动
# echo "realserver2 web2">/var/www/html/index.html #编辑网页文件
测试:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567738yonf.png
在director1上查看:
# ipvsadm –ln
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567741jiL4.png
在director2上查看:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567746DLRI.png
# cd /usr/lib/heartbeat/ #在node1.a.com上切换目录
# ./hb_standby #将node1.a.com设置为备份
在director1上查看:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567748y9gY.png
在director2上查看:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567751OAVr.png
# ./hb_takeover #将node1.a.com设置为主节点
在director1上查看:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567753Xrau.png
在director2上查看:
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567755GJ4S.png
在上个案例中实现的手工方式建立ipvs表,也可以使用ldirectord自动创建ipvs表,当节点失效时,自动清除ipvs表。在上个案例中,如果要实现ldirectord,可以作如下修改:
节点一node1.a.com
# yum localinstall heartbeat-ldirectord-2.1.4-9.el5.i386.rpm -y --nogpgcheck #安装ldirectord
# rpm -ql heartbeat-ldirectord #查看安装路径
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567763pof5.png
# cp /usr/share/doc/heartbeat-ldirectord-2.1.4/ldirectord.cf /etc/ha.d/
# cd /etc/ha.d/
# vim ldirectord.cf #编辑资源
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567764aZvH.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567765GjP6.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_13505677702L35.png
# vim haresources
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567772JWql.png
节点二:node.a.com
# yum localinstall heartbeat-ldirectord-2.1.4-9.el5.i386.rpm-y --nogpgcheck
# cp /usr/share/doc/heartbeat-ldirectord-2.1.4/ldirectord.cf/etc/ha.d/
# cd /etc/ha.d/
# vim haresources
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567773wALe.png
# vim ldirectord.cf #编辑资源
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567774PKS7.png
http://5493845.blog.运维网.com/attachment/201210/18/5493845_1350567777xn7w.png
页:
[1]