实例：LVS+Keepalived配置LVS的高可用

ab520025520025 · 发表于 2018-12-30 10:18:47

　　LVS+Keepalived配置LVS的高可用
　　我们这里LVS-DR模型的高可用集群：
　　实验环境：
vm1 LVS-DR1:
         eth0 172.16.3.2/16
         VIP :eth0:0 172.16.3.88
vm2 LVS-DR2:
         eth0 172.16.3.3/16
vm3 Server-web1
         RS1: eth0 172.16.3.1/16
         VIP: lo:0 172.16.3.88/16
vm4 Server-web2
         RS2: eth0 172.16.3.10/16
         VIP: lo:0 172.16.3.88/16
　　测试机：实体本机：IP： 172.16.3.100
1、vm3 Server-web1配置：
   # ifconfig eth0 172.16.3.1/16 up                            RIP1
   # echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
   # echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore (由于是一个网卡，也可以指定的接口为lo:0)
   # echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
   # echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
   # ifconfig lo:0 172.16.3.88 netmask 255.255.255.255 broadcast 172.16.3.88 VIP
   # route add -host 172.16.3.88 dev lo:0
web1主页面为
   # yum install nginx
   # echo "172.16.3.1" > /usr/share/nginx/html/index.html
2、vm4 Server-web2配置：
   # ifconfig eth0 172.16.3.10/16 up                      RIP2
   # echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
   # echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore (由于是一个网卡，也可以指定的接口为lo:0)
   # echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
   # echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce
   # ifconfig lo:0 172.16.3.88 netmask 255.255.255.255 broadcast 172.16.3.88 VIP
   # route add -host 172.16.3.88 dev lo:0
web2主页面为
   #yum install nginx
   # echo "172.16.3.10" > /usr/share/nginx/html/index.html
3、vm1 LVS-DR1 (我们这里的vm1为)配置
   # yum install keepalived
# vim /etc/keepalived/keepalived.conf
　　! Configuration File for keepalived
　　global_defs {
notification_email {
root@localhost
}
notification_email_from ning@qq.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
# router_id LVS_DEVEL
}
　　vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 88
priority 100
advert_int 1
authentication {
      auth_type PASS
      auth_pass ning
}
virtual_ipaddress {
172.16.3.88
}
}
　　virtual_server 172.16.3.88 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.0.0
# persistence_timeout 50
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.3.1 80 {
      weight 1
      HTTP_GET {
         url {
            path /
      status_code 200
         }
         connect_timeout 2
         nb_get_retry 3
         delay_before_retry 1
      }
}
　　real_server 172.16.3.10 80 {
      weight 1
      HTTP_GET {
         url {
            path /
      status_code 200
         }
         connect_timeout 2
         nb_get_retry 3
         delay_before_retry 1
      }
}
}
由于我们添加了sorry_service 所以我们在DR节点上也安装了nginx（方便测试）
  # yum install nginx
  # echo "172.16.3.2" > /usr/share/nginx/html/index.html
4、vm2 LVS-DR2 (我们这里的vm2配置文件)配置
# yum install keepalived
# vim  /etc/keepalived/keepalived.conf
! Configuration File for keepalived
　　global_defs {
notification_email {
   acassen@firewall.loc
   failover@firewall.loc
   sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
　　vrrp_instance VI_1 {
state BACKUP             主要是这里不同
interface eth0
virtual_router_id 88
priority 99                优先级不同
advert_int 1
authentication {
      auth_type PASS
      auth_pass ning
}
virtual_ipaddress {
172.16.3.88
}
}
　　virtual_server 172.16.3.88 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.0.0
# persistence_timeout 50
protocol TCP
sorry_server 127.0.0.1 80  这里我们添加了sorry_server，就是说，两个web服务器都不在线时，就给客户提供一个页面，（这里我们指向了自己的主机，，可以指定另外一台webserver）
real_server 172.16.3.1 80 {
      weight 1
      HTTP_GET {
         url {
            path /
      status_code 200
         }
         connect_timeout 2
         nb_get_retry 3
         delay_before_retry 1
      }
}
　　real_server 172.16.3.10 80 {
      weight 1
      HTTP_GET {
         url {
            path /
      status_code 200
         }
         connect_timeout 2
         nb_get_retry 3
         delay_before_retry 1
      }
}
}
　　由于我们添加了sorry_service 所以我们在DR节点上也安装了nginx（方便测试）
  # yum install nginx
  # echo "172.16.3.3" > /usr/share/nginx/html/index.html
　　5、测试
http://172.16.3.88
  (1)我们测试keepalived集群负责能不能用？（这里不做太多说明）
      用到的命令：
      # service keepalived stop|start
      # ip addr show
  (2)测试是否可以轮训
   直接在实体机：
http://172.16.3.88测试即可
（3）测试sorry_server
关掉所有的 web-server(vm3、vm4)
   # service nginx stop
http://172.16.3.88测试即可
=====================================================================================
双主模型案例：
在上面的基础上lvs-dr双主模型的配置文件
这里我们没有配置，VIP1得地址和禁用同步MAC
1、vm3 添加 VIP2
# ifconfig lo:1 172.16.3.188 netmask 255.255.255.255 broadcast 172.16.3.188 up
# route add -host 172.16.3.188 dev lo:1
2、vm4 添加 VIP2
# ifconfig lo:1 172.16.3.188 netmask 255.255.255.255 broadcast 172.16.3.188 up
# route add -host 172.16.3.188 dev lo:1
3、vm1 LVS-DR1 (我们这里的vm1为)配置
# cat keepalived.conf
! Configuration File for keepalived
　　global_defs {
   notification_email {
      root@localhost
   }
   notification_email_from ning@qq.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
}
vrrp_instance VI_1 {       vm1主
      state MASTER
      interface eth0
      virtual_router_id 88
      priority 100
      advert_int 1
      authentication {
         auth_type PASS
         auth_pass ning
      }
      virtual_ipaddress {
      172.16.3.88                               VIP1
      }
}
vrrp_instance VI_2 {       vm2 从
      state BACKUP                      注意的地方
      interface eth0
      virtual_router_id 90                   注意地方
      priority 99                         注意地方
      advert_int 1
      authentication {
         auth_type PASS
         auth_pass ning1
      }
      virtual_ipaddress {
      172.16.3.188                         VIP2
      }
}
　　virtual_server 172.16.3.88 80 {          vm1 web-server  VIP1
      delay_loop 6
      lb_algo rr
      lb_kind DR
      nat_mask 255.255.0.0
# persistence_timeout 50
      protocol TCP
   sorry_server 127.0.0.1 80
      real_server 172.16.3.1 80 {
         weight 1
         HTTP_GET {
            url {
               path /
         status_code 200
            }
            connect_timeout 2
            nb_get_retry 3
            delay_before_retry 1
         }
      }
　　real_server 172.16.3.10 80 {
         weight 1
         HTTP_GET {
            url {
               path /
         status_code 200
            }
            connect_timeout 2
            nb_get_retry 3
            delay_before_retry 1
         }
      }
virtual_server 172.16.3.188 80 {                   vm2 web-servr VIP2
      delay_loop 6
      lb_algo rr
      lb_kind DR
      nat_mask 255.255.0.0
# persistence_timeout 50
      protocol TCP
   sorry_server 127.0.0.1 80
      real_server 172.16.3.1 80 {
         weight 1
         HTTP_GET {
            url {
               path /
         status_code 200
            }
            connect_timeout 2
            nb_get_retry 3
            delay_before_retry 1
         }
      }
　　real_server 172.16.3.10 80 {
         weight 1
         HTTP_GET {
            url {
               path /
         status_code 200
            }
            connect_timeout 2
            nb_get_retry 3
            delay_before_retry 1
         }
      }
}
}
　　4、vm2 LVS-DR2 (我们vm2的配置文件配置)配置
# cat keepalived.conf
! Configuration File for keepalived
　　global_defs {
   notification_email {
      root@localhost
   }
   notification_email_from ning@qq.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
}
vrrp_instance VI_1 {
      state BACKUP                   注意
      interface eth0
      virtual_router_id 88             注意
      priority 99                      注意
      advert_int 1
      authentication {
         auth_type PASS
         auth_pass ning                注意
      }
      virtual_ipaddress {
      172.16.3.88                   注意
      }
}
vrrp_instance VI_2 {
      state MASTER                注意
      interface eth0
      virtual_router_id 90       注意
      priority 100             注意
      advert_int 1
      authentication {
         auth_type PASS
         auth_pass ning1       注意
      }
      virtual_ipaddress {
      172.16.3.188                注意
      }
}
　　virtual_server 172.16.3.88 80 {
      delay_loop 6
      lb_algo rr
      lb_kind DR
      nat_mask 255.255.0.0
# persistence_timeout 50
      protocol TCP
   sorry_server 127.0.0.1 80
      real_server 172.16.3.1 80 {
         weight 1
         HTTP_GET {
            url {
               path /
         status_code 200
            }
            connect_timeout 2
            nb_get_retry 3
            delay_before_retry 1
         }
      }
　　real_server 172.16.3.10 80 {
         weight 1
         HTTP_GET {
            url {
               path /
         status_code 200
            }
            connect_timeout 2
            nb_get_retry 3
            delay_before_retry 1
         }
      }
virtual_server 172.16.3.188 80 {
      delay_loop 6
      lb_algo rr
      lb_kind DR
      nat_mask 255.255.0.0
# persistence_timeout 50
      protocol TCP
   sorry_server 127.0.0.1 80
      real_server 172.16.3.1 80 {
         weight 1
         HTTP_GET {
            url {
               path /
         status_code 200
            }
            connect_timeout 2
            nb_get_retry 3
            delay_before_retry 1
         }
      }
　　real_server 172.16.3.10 80 {
         weight 1
         HTTP_GET {
            url {
               path /
         status_code 200
            }
            connect_timeout 2
            nb_get_retry 3
            delay_before_retry 1
         }
      }
}
}
5 、测试：
(1)双主模型是否开启（我们这里只开启vm1）
   # service keepalived start
   # ip addr show
   3: eth0:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
      link/ether 00:0c:29:d7:f7:9c brd ff:ff:ff:ff:ff:ff
      inet 172.16.3.2/16 brd 172.16.255.255 scope global eth0
      inet 172.16.3.88/32 scope global eth0             -----------VIP1
      inet 172.16.3.188/32 scope global eth0             ------------VIP2
      inet6 fe80::20c:29ff:fed7:f79c/64 scope link
   valid_lft forever preferred_lft forever
(2)再次启动vm2
      # service keepalived start
      在vm1上查看
      # ip addr show
      3: eth0:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
      link/ether 00:0c:29:d7:f7:9c brd ff:ff:ff:ff:ff:ff
      inet 172.16.3.2/16 brd 172.16.255.255 scope global eth0
      inet 172.16.3.88/32 scope global eth0          ---------------VIP1
      inet6 fe80::20c:29ff:fed7:f79c/64 scope link
   valid_lft forever preferred_lft forever
   在vm2上查看‘
   # ip addr show
   2: eth0:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
      link/ether 00:0c:29:0b:35:6a brd ff:ff:ff:ff:ff:ff
      inet 172.16.3.3/16 brd 172.16.255.255 scope global eth0
      inet 172.16.3.188/32 scope global eth0       -----------------VIP2
      inet6 fe80::20c:29ff:fe0b:356a/64 scope link
   valid_lft forever preferred_lft forever
(3)测试主页
      本机上测试：都会轮训
http://172.16.3.88
http://172.16.3.188

账号		自动登录	找回密码
密码			立即注册

大疆运维招人啦，

C++ :try 语句块和异常处理

C++的多态

Red Hat RHCE 8 (EX294) Cert Guide

Java/C++ 区别：看完这一篇，就够用！

别再用过时库了！这 13 个顶级 C++ 库才是

c++ size_t 和 int 的区别

[经验分享] 实例：LVS+Keepalived配置LVS的高可用

浏览过的版块

扫码加入运维网微信交流群