keepalived+lvs/nginx 实现调度器高可用
友情提醒:本文实验环境 centos 6.6 X86_64 + vmware 10,文中命令请谨慎使用一 关于keepalived的理论待补
二 实验拓扑和实验环境设定:
主机
主机名和IP
角色
Test06
Test06.lijun.com
eth2:172.16.100.6/24
后台web服务器,提供HTTPD服务
Test07
Test07.lijun.com
eth2:172.16.100.7/24
后台web服务器,提供HTTPD服务
Test03
Test03.lijun.com
eth1:192.168.100.3/24
eth2:172.16.100.3/24
前台调度器
Test04
Test04.lijun.com
eth1:192.168.100.4/24
eth2:172.16.100.4/24
前台调度器
client
192.168.100.100/24
测试机
IP:192.168.100.10/24 虚拟的后台web资源IP,是client访问的唯一地址
IP:172.16.100.10/24 下文lvs高可用时虚拟的DIP地址
实验拓扑:
三 keepalived实现LVS调度器高可用
*lvs使用NET网络模型
1)后台web服务器设定:
Test07上:
1
2
3
4
5
6
7
8
9
10
11
12
13
#关闭iptables和selinux防止干扰实验
#serivce iptables stop
#setenforce 0
#设定ip
#ip link set up dev eth2
#ip addr 172.16.100.7/24 dev eth2
#因做的lvs的nat模型,故设定该路由
#ip route add default via172.16.100.10
#安装httpd软件,并设定主页内容
#yum -y install httpd
#echo "<h1>Test07,ip address is 100.7</h1>">/var/www/html/index.html
#启动httpd服务
#service httpd start
Test06 上:
1
2
3
4
5
6
7
8
9
#同上不解释
#serivce iptables stop
#setenforce 0
#ip link set up dev eth2
#ip addr 172.16.100.6/24 dev eth2
#ip route add default via172.16.100.10
#yum -y install httpd
#echo "<h1>This is Test06,my ip address is 172.16.100.6</h1>">/var/www/html/index.html
#service httpd start
2)Test03调度器环境的设定:
1
2
3
4
5
6
7
8
9
10
11
#关闭iptables和selinux放置干扰实验,另做为lvs调度器必须清空input链规则
#service iptables stop
#setenforce 0
#因为做lvs nat模型调度器故设定IPv4的数据包转发
#echo 1>/proc/sys/net/ipv4/ip_forward
#设定IP地址
#ip addr add 172.16.100.3/24 dev eth2
#ip addr add 192.168.100.3/24 deveth1
#增加kpadmin用户,用来接受邮件使用
#useradd kpadmin
#echo 'redhat' | passwd --stdin kpadmin
测试同后台web服务器的连通性:
3)Test03上keepalived的设定:
1
2
3
4
5
#从centos6.4开始keepalive就成为系统安装树的成员,这样使用yum直接安装
#yum -y install keepalived
# cd /etc/keepalived/
#备份配置文件,这是一个好习惯
# cp keepalived.conf{,.bak}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
#vim keepalived.conf
! Configuration File for keepalived
#全局设定,关于警示邮件的发送设定
global_defs {
notification_email {
kpadmin@127.0.0.1
}
notification_email_from kaadmin@lijun.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVSFOR80
}
#定义对lvs调度器本身的检查方式
vrrp_script chk_mt_down {
script "[[ -f /var/lock/subsys/lvsdown ]] && exit 1 || exit 0"
interval 1
weight -5
}
#定义vrrp虚拟资源组,很明显这台机器做主节点
vrrp_instance VI_1 {
state MASTER
interface eth1
virtual_router_id 57
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass VI1pass
}
#因为是lvs nat模型,故这里的资源IP设定2个一个是vip一个是dip
virtual_ipaddress {
192.168.100.10/24 dev eth1 label eth1:0
172.16.100.10/24 deveth2 label eth2:0
}
track_script {
chk_mt_down
}
}
#这里定义lvs的集群
virtual_server 192.168.100.10 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
protocol TCP
real_server 172.16.100.6 80 {
weight 1
#使用HTTP_GET方式检查后台服务器的存活
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.16.100.7 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
}
#service keepalivedstart
观察资源Ip的设定:
4)Test04调度器上环境设定:
1
2
3
4
5
6
7
8
#同上2)不解释
#service iptables stop
#setenforce 0
#echo 1>/proc/sys/net/ipv4/ip_forward
#ip addr add 172.16.100.4/24 dev eth2
#ip addr add 192.168.100.4/24 deveth1
#useradd kpadmin
#echo 'redhat' | passwd --stdin kpadmin
5)Test04上keepalived的设定:
1
2
3
#yum -y install keepalived
#为保证配置文件中特殊部分的设定,这里直接copyTest03的配置,并进行更改
#scp 192.168.100.3:/etc/keepalived/keepalived.conf/etc/keepalived/
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
#vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
kpadmin@127.0.0.1
}
notification_email_from kaadmin@lijun.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVSFOR80
}
vrrp_script chk_mt_down {
script "[[ -f /var/lock/subsys/lvsdown ]] && exit 1 || exit 0"
interval 1
weight -5
}
#Test03是主节点,这台Test04做辅助节点使用
vrrp_instance VI_1 {
state BACKUP
interface eth1
virtual_router_id 57
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass VI1pass
}
virtual_ipaddress {
192.168.100.10/24 dev eth1 label eth1:0
172.16.100.10/24 deveth2 label eth2:0
}
track_script {
chk_mt_down
}
}
virtual_server 192.168.100.10 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
protocol TCP
real_server 172.16.100.6 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.16.100.7 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
}
#service keepalived start
6)客户端访问观察:
7)在主节点Test03上建立lvsdown文件观察资源IP的转移情况
8)客户端访问测试:
9)在主节点Test03上删除lvsdown文件,观察资源IP的是否会转移:
10)将后台web服务停止一台,看下客户端通过lvs能访问什么呢:
四 keepalived 实现nginx代理调度器的高可用
*这里nginx只实现简单的代理功能
实验环境接上文
11)设定nginx 的代理功能:
nginx的安装这里忽略,请自行准备,这里给出nginx的配置文件,莫喷我,懒!!!
Test03,Test04上均安装nginx,均使用下面的配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# grep -E -v '(^[[:space:]]{0,}#|^$)' /usr/local/nginx/conf/nginx.conf
worker_processes1;
events {
worker_connections1024;
}
http {
upstream backwebserver {
server 172.16.100.6 weight=1;
server 172.16.100.7 weight=1;
}
include mime.types;
default_typeapplication/octet-stream;
sendfile on;
keepalive_timeout65;
server {
listen 80;
server_namelocalhost;
location / {
proxy_pass http://backwebserver/;
}
error_page 500 502 503 504/50x.html;
location = /50x.html {
root html;
}
}
}
#/usr/local/nginx/sbin/nginx
12)Test03上的设定keepalived
1
2
3
4
5
6
7
8
#恢复机器环境
#echo 0 > /proc/sys/net/ipv4/ip_forward
#ifconfig down eth1
#ifconfig eth1 192.168.100.3 netmask 255.255.255.0 up
#ifconfig down eth2
#ifconfig eth2 172.16.100.3 netmask 255.255.255.0 up
#service keepalived stop
# ipvsadm -C
1
2
3
4
#恢复keepalive的主机环境
#cd/etc/keepalived/
#rm -rf keepalived.conf
#cp keepalived.conf.bak keepalived.conf
#从新定义keepalived
# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
kpadmin@localhost
}
notification_email_from kaadmin@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVSFOR80
}
#这是定义对nginx的检测,并做为资源IP是否转移的依据
vrrp_script chk_nginx {
script "killall -0 nginx &> /dev/null"
interval 1
weight -5
}
vrrp_instance no1 {
state MASTER
interface eth1
virtual_router_id 57
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass VI1pass
}
virtual_ipaddress {
192.168.100.10/24 dev eth1 label eth1:0
}
track_script {
chk_nginx
}
#这里定义了2个命令,根据nginx的检查结果来执行,使用的脚本见下文
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
}
#定义脚本,实现当nginx状态改变后,发送邮件通知
#touch notify.sh && chmod +x notify.sh
# vim notify.sh
#!/bin/bash
#The scripts userd for send mail when nginx change the state
vip=192.168.100.10
contact='kpadmin@localhost'
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
master)
notify master
exit 0
;;
backup)
notify backup
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup}'
exit 1
;;
esac
# service keepalived start
13)Test04上的设定
#恢复环境设定
1
2
3
4
5
6
7
8
9
10
#echo 0 > /proc/sys/net/ipv4/ip_forward
#ifconfig down eth1
#ifconfig eth1 192.168.100.4 netmask 255.255.255.0 up
#ifconfig down eth2
#ifconfig eth2 172.16.100.4 netmask 255.255.255.0 up
#service keepalived stop
# ipvsadm -C
#cd/etc/keepalived/
#rm -rf keepalived.conf
#cp keepalived.conf.bak keepalived.conf
#从新定义keepalived
# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
kpadmin@localhost
}
notification_email_from kaadmin@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVSFOR80
}
vrrp_script chk_nginx {
script "killall -0 nginx &> /dev/null"
interval 1
weight -5
}
vrrp_instance no1 {
state BACKUP
interface eth1
virtual_router_id 57
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass VI1pass
}
virtual_ipaddress {
192.168.100.10/24 dev eth1 label eth1:0
}
track_script {
chk_nginx
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
}
# vim notify.sh
#!/bin/bash
#The scripts userd for send mail when nginx change the state
vip=192.168.100.10
contact='kpadmin@localhost'
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
master)
notify master
exit 0
;;
backup)
notify backup
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup}'
exit 1
;;
esac
# service keepalived start
14)客户端测试:
15)停止主节点上nginx服务,观察资源IP的转移:
16)观察是否有邮件提醒:
17)启动Test03上的nginx看资源IP的情况
这两天在搞python的面向对象的编程,文章写的有点糙,见谅!!
页:
[1]