keepalived+lvs实现高可用的负载均衡

lionhg 发表于 2013-10-11 09:18:49

###############################################

keepalived

keepalived+lvs实现高可用的负载均衡

测试

###############################################

keepalived

keepalived是一个类似于layer3, 4 & 5交换机制的软件，也就是我们平时说的第3层、第4层和第5层交换。Keepalived的作用是检测web服务器的状态，如果有一台web服务器死机，或工作出现故障，Keepalived将检测到，并使用ipvsadm将有故障的web服务器从ipvs规则中剔除，当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中，这些工作全部自动完成，不需要人工干涉，需要人工做的只是修复故障的web服务器。

Layer3,4&5工作在IP/TCP协议栈的IP层，TCP层，及应用层,原理分别如下：

Layer3：Keepalived使用Layer3的方式工作式时，Keepalived会定期向服务器群中的服务器发送一个ICMP的数据包（既我们平时用的Ping程序）,如果发现某台服务的IP地址没有激活，Keepalived便报告这台服务器失效，并将它从服务器群中剔除，这种情况的典型例子是某台服务器被非法关机。Layer3的方式是以服务器的IP地址是否有效作为服务器工作正常与否的标准。在本文中将采用这种方式。

Layer4：Layer4主要以TCP端口的状态来决定服务器工作正常与否。如web server的服务端口一般是80，如果Keepalived检测到80端口没有启动，则Keepalived将把这台服务器从服务器群中剔除。

Layer5：Layer5就是工作在具体的应用层了，比Layer3,Layer4要复杂一点，在网络上占用的带宽也要大一些。Keepalived将根据用户的设定检查服务器程序的运行是否正常，如果与用户的设定不相符，则Keepalived将把服务器从服务器群中剔除。

keepalived+lvs实现高可用的负载均衡

架构图：

realserver端脚本

#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
./etc/rc.d/init.d/functions
VIP=192.168.1.33
host=`/bin/hostname`
case "$1" in
start)
   # Start LVS-DR real server on this machine.
   /sbin/ifconfig lo down
   /sbin/ifconfig lo up
   echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
   echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
   echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
   echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
   /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
   /sbin/route add -host $VIP dev lo:0
;;
stop)
   # Stop LVS-DR real server loopback device(s).
   /sbin/ifconfig lo:0 down
   echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
   echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
   echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
   echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
   # Status of LVS-DR real server.
   islothere=`/sbin/ifconfig lo:0 | grep $VIP`
   isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
   if [ ! "$islothere" -o ! "isrothere" ];then
         # Either the route or the lo:0 device
         # not found.
         echo "LVS-DR real server Stopped."
   else
         echo "LVS-DR real server Running."
   fi
;;
*)
         # Invalid entry.
         echo "$0: Usage: $0 {start|status|stop}"
         exit 1
;;
esac
安装httpd并建立测试页面如下：

Director端配置

安装ipvsadm和keepalived

yum install ipvsadm
rpm -ivhkeepalived-1.2.7-5.el5.i386.rpm
director_master的配置vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived
global_defs {
notification_email {
   root@localhost #报警收件人地址
}
notification_email_from root@localhost#报警发件人地址
smtp_server 127.0.0.1                #设置smtp服务地址
smtp_connect_timeout 30             #设置连接smtp服务的超时时间
router_id LVS_DEVEL                   #发送邮件的主体信息
}
vrrp_script chk_schedown {             #自定义脚本
script "[ -e /etc/keepalived/down ] && exit 1 || exit 0"
interval 1 #重试时间间隔
weight -5 #减权重
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER          #制定keepalived角色
interface eth0       #制定检测网络接口
virtual_router_id 54 #虚拟路由标示码
priority 100          #权重，1-255之间
advert_int 1          #设置同步检查的时间间隔，单位是秒
authentication {
   auth_type PASS    #验证类型为PASS
   auth_pass soulboy #验证密码
}
virtual_ipaddress {
   192.168.1.33/24 dev eth0 label eth0:0#设置虚拟IP
}
track_script {
   chk_schedown
}
notify_master "/etc/keepalived/notify.sh -n master -a 192.168.1.33"
notify_backup "/etc/keepalived/notify.sh -n backup -a 192.168.1.33"
notify_fault "/etc/keepalived/notify.sh -n fault -a 192.168.1.33"

}
virtual_server 192.168.1.33 80 {#定义虚拟服务器
delay_loop 6                #设置健康检查时间
lb_algo wrr                #设置负载调度算法
lb_kind DR                #设置LVS工作模式
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP                #设置转发协议的类型

sorry_server 127.0.0.1 80 #设置紧急服务器
real_server 192.168.1.10 80 {
   weight 1
   HTTP_GET {
         url {
         path /
            status_code 200
         }
         connect_timeout 2
         nb_get_retry 3
         delay_before_retry 1
   }
}
real_server 192.168.1.20 80 {
   weight 1
   HTTP_GET {
         url {
         path /
            status_code 200
         }
         connect_timeout 2
         nb_get_retry 3
         delay_before_retry 1
            }
   }
}
}
director_backup的配置vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived
global_defs {
notification_email {
   root@localhost
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_schedown {
script "[ -e /etc/keepalived/down ] && exit 1 || exit 0"
interval 1
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 54
priority 99
advert_int 1
authentication {
   auth_type PASS
   auth_pass soulboy
}
virtual_ipaddress {
   192.168.1.33/24 dev eth0 label eth0:0
}
track_script {
   chk_schedown
}
notify_master "/etc/keepalived/notify.sh -n master -a 192.168.1.33"
notify_backup "/etc/keepalived/notify.sh -n backup -a 192.168.1.33"
notify_fault "/etc/keepalived/notify.sh -n fault -a 192.168.1.33"
}
virtual_server 192.168.1.33 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP

sorry_server 127.0.0.1 80

real_server 192.168.1.10 80 {
   weight 1
   HTTP_GET {
         url {
         path /
            status_code 200
         }
         connect_timeout 2
         nb_get_retry 3
         delay_before_retry 1
   }
}
real_server 192.168.1.20 80 {
   weight 1
   HTTP_GET {
         url {
         path /
            status_code 200
         }
         connect_timeout 2
         nb_get_retry 3
         delay_before_retry 1
            }
   }
}
}
通知脚本vim /etc/keepalived/notify.sh

#!/bin/bash
#
ifalias=${2:-eth0:0}
interface=$(echo $ifalias | awk -F: '{print $1}')
vip=$(ip addr show $interface | grep $ifalias | awk '{print $2}')
contact='root@localhost'
workspace=$(dirname $0)
notify() {
subject="$ip change to $1"
body="$ip change to $1 $(date '+%F %H:%M:%S')"
echo $body | mail -s "$1 transition" $contact
}
case "$1" in
master)
   notify master
   exit 0
;;
backup)
   notify backup
   /etc/rc.d/init.d/httpd restart
   exit 0
;;
fault)
   notify fault
   exit 0
;;
*)
   echo 'Usage: $(basename $0) {master|backup|fault}'
   exit 1
;;
esac

测试
启动director_master的keepalive服务并查看ipvs规则

#####查看ipvs规则
# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port       Forward Weight ActiveConn InActConn
TCP192.168.1.33:80 wrr
-> 192.168.1.20:80          Route 1    0       0
-> 192.168.1.10:80          Route 1    0       0
#####查看网络信息
# ifconfig
eth0    Link encap:EthernetHWaddr 00:0C:29:C2:5E:01
      inet addr:192.168.1.61Bcast:192.168.1.255Mask:255.255.255.0
      inet6 addr: fe80::20c:29ff:fec2:5e01/64 Scope:Link
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      RX packets:67996 errors:0 dropped:0 overruns:0 frame:0
      TX packets:116217 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:15418633 (14.7 MiB)TX bytes:8387202 (7.9 MiB)
      Interrupt:67 Base address:0x2024
eth0:0 Link encap:EthernetHWaddr 00:0C:29:C2:5E:01
      inet addr:192.168.1.33Bcast:0.0.0.0Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      Interrupt:67 Base address:0x2024
启动director_backup的keepalive服务并查看ipvs规则

#####查看ipvs规则
# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port       Forward Weight ActiveConn InActConn
TCP192.168.1.33:80 wrr
-> 192.168.1.20:80          Route 1    0       0
-> 192.168.1.10:80          Route 1    0       0
#####查看网络信息
# ifconfig
eth0    Link encap:EthernetHWaddr 00:0C:29:FA:52:D6
      inet addr:192.168.1.62Bcast:192.168.1.255Mask:255.255.255.0
      inet6 addr: fe80::20c:29ff:fefa:52d6/64 Scope:Link
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      RX packets:115068 errors:0 dropped:0 overruns:0 frame:0
      TX packets:82940 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:19740061 (18.8 MiB)TX bytes:6476242 (6.1 MiB)
      Interrupt:67 Base address:0x2024
使用客户端访问VIP

停止director_master的keepalived服务发现VIP消失

# service keepalived stop
Stopping keepalived:
# ifconfig
eth0    Link encap:EthernetHWaddr 00:0C:29:C2:5E:01
      inet addr:192.168.1.61Bcast:192.168.1.255Mask:255.255.255.0
      inet6 addr: fe80::20c:29ff:fec2:5e01/64 Scope:Link
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      RX packets:69371 errors:0 dropped:0 overruns:0 frame:0
      TX packets:118587 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:15609985 (14.8 MiB)TX bytes:8588490 (8.1 MiB)
      Interrupt:67 Base address:0x2024
在director_backup查看网络信息，发现VIP已成功转移

# ifconfig
eth0    Link encap:EthernetHWaddr 00:0C:29:FA:52:D6
      inet addr:192.168.1.62Bcast:192.168.1.255Mask:255.255.255.0
      inet6 addr: fe80::20c:29ff:fefa:52d6/64 Scope:Link
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      RX packets:116816 errors:0 dropped:0 overruns:0 frame:0
      TX packets:84293 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:19932196 (19.0 MiB)TX bytes:6597535 (6.2 MiB)
      Interrupt:67 Base address:0x2024
eth0:0 Link encap:EthernetHWaddr 00:0C:29:FA:52:D6
      inet addr:192.168.1.33Bcast:0.0.0.0Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      Interrupt:67 Base address:0x2024
停止realserver_one的httpd服务

# service httpd stop
Stopping httpd:
director_backup查看ipvs规则，发现realserver_one已经被踢出

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port       Forward Weight ActiveConn InActConn
TCP192.168.1.33:80 wrr
-> 192.168.1.20:80          Route 1    0       0
客户端访问VIP发现页面恒为node2

停止realserver_two的httpd服务

# service httpd stop
Stopping httpd:
director_backup查看ipvs规则，发现紧急站点生效

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port       Forward Weight ActiveConn InActConn
TCP192.168.1.33:80 wrr
-> 127.0.0.1:80             Local 1    0       0
客户端访问VIP发现页面为自定义警告页面

分别启动realserver_one和realserver_two的httpd服务

#####realserver_one
# service httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for realserver_one
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

#####realserver_two
# service httpd start
Starting httpd: httpd: apr_sockaddr_info_get() failed for realserver_two
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName

再次查看director_backup发现ipvs规则已经恢复

# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port       Forward Weight ActiveConn InActConn
TCP192.168.1.33:80 wrr
-> 192.168.1.20:80          Route 1    0       0
-> 192.168.1.10:80          Route 1    0       0
客户端访问VIP发现负载正常

启动director_master的keepalived服务并查看网络信息发现VIP成功转移

# service keepalived start
Starting keepalived:
# ifconfig
eth0    Link encap:EthernetHWaddr 00:0C:29:C2:5E:01
      inet addr:192.168.1.61Bcast:192.168.1.255Mask:255.255.255.0
      inet6 addr: fe80::20c:29ff:fec2:5e01/64 Scope:Link
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      RX packets:70394 errors:0 dropped:0 overruns:0 frame:0
      TX packets:118644 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:15679204 (14.9 MiB)TX bytes:8593207 (8.1 MiB)
      Interrupt:67 Base address:0x2024
eth0:0 Link encap:EthernetHWaddr 00:0C:29:C2:5E:01
      inet addr:192.168.1.33Bcast:0.0.0.0Mask:255.255.255.0
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      Interrupt:67 Base address:0x2024
在director_backup查看网络信息发现VIP消失

# ifconfig
eth0    Link encap:EthernetHWaddr 00:0C:29:FA:52:D6
      inet addr:192.168.1.62Bcast:192.168.1.255Mask:255.255.255.0
      inet6 addr: fe80::20c:29ff:fefa:52d6/64 Scope:Link
      UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
      RX packets:118485 errors:0 dropped:0 overruns:0 frame:0
      TX packets:87004 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:1000
      RX bytes:20112822 (19.1 MiB)TX bytes:6791097 (6.4 MiB)
      Interrupt:67 Base address:0x2024
lo    Link encap:Local Loopback
      inet addr:127.0.0.1Mask:255.0.0.0
      inet6 addr: ::1/128 Scope:Host
      UP LOOPBACK RUNNINGMTU:16436Metric:1
      RX packets:6781 errors:0 dropped:0 overruns:0 frame:0
      TX packets:6781 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:2122280 (2.0 MiB)TX bytes:2122280 (2.0 MiB)

水莹儿 发表于 2013-10-20 07:45:38

内练一口气，外练一口屁。

沈阳格力专卖店 发表于 2013-10-28 22:22:11

爱护环境，人人有病。

搜ijsio 发表于 2013-11-7 03:26:34

所有刻骨铭心的爱都灵魂游离于床上的瞬间！

xiguaqq20 发表于 2013-11-26 04:50:21

如果有一双眼睛陪我一同哭泣，就值得我为生命受苦。

hongmeigui22027 发表于 2013-12-11 02:49:08

害怕再一次的奋不顾身，背后无可预知的万一。

mmdbcn 发表于 2013-12-21 02:34:39

从长远来看，没有人会失恋。我们只不过是在走向最后的恋情途中

页: [1]

运维网's Archiver

keepalived+lvs实现高可用的负载均衡