|
环境:虚拟机
操作系统:
# uname -a
Linux master 2.6.18-238.el5 #1 SMP Sun Dec 19 14:24:47 EST 2010 i686 i686 i386 GNU/Linux
#lsb_release -a
LSB Version::core-4.0-ia32:core-4.0-noarch:graphics-4.0-ia32:graphics-4.0-noarch:printing-4.0-ia32:printing-4.0-noarch
Distributor ID:RedHatEnterpriseServer
Description:Red Hat Enterprise Linux Server release 5.6 (Tikanga)
Release:5.6
Codename:Tikanga 一、keepalived+LVS-NAT模式配置高可用负载均衡
拓扑如下
二、服务器IP配置信息
四台服务器均有VMware虚拟机实现,两台HA主机、两台Apache服务器。网络方式都设置为Bridged方式。
master:eth0:192.168.10.101(模拟公网)
eth1:192.168.80.20(模拟私网)
gw:由eth0设置
slaver:eth0:192.168.10.102(模拟公网)
eth1:192.168.80.10(模拟私网)
gw:由eth0设置
web1: IP:192.168.80.90
gw:192.168.80.100
web2: IP:192.168.80.80
gw:192.168.80.100
VIP1:IP:192.168.10.120(外网VIP)
VIP2:IP:192.168.80.100(内网VIP)
三、安装配置keepalived
1、主辅服务器部署keepalived
yum install gcc gcc-c++ autoconf automake wget openssl-devel kernel-devel -y
tar -zxf keepalived-1.1.20.tar.gz -C /usr/src
cd /usr/src/keepalived-1.1.20
./configure --prefix=/usr/local/keepalived --sysconf=/etc --with-kernel-dir=/usr/src/kernels/2.6.18-238.el5
make && make install
cp /usr/local/keepalived/sbin/keepalived /usr/sbin
cp /usr/local/keepalived/bin/genhash /usr/sbin/
/etc/init.d/keepalived start
chkconfig keepalived on注:主要难点解决依赖关系
2、分别设置web服务器1和2
yum install httpd -y
echo "web1/web2 ok!!!">/var/www/html/index.html
echo "check web1 ok!!! /check web2 ok !!!">/var/www/html/check_web1.html
/etc/init.d/httpd start 3、主辅服务器部署ipvsadm
tar -zxf ipvsadm-1.24.tar.gz -C /usr/src
cd /usr/src/ipvsadm-1.24
make && make install 注:安装前检查内核是否支持ipvsadm
# cat /boot/config-2.6.18-238.el5 |grep -i ipvs
# IPVS transport protocol load balancing support
# IPVS scheduler
# IPVS application helper
# modprobe -l |grep ipvs
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_dh.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_ftp.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_lblc.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_lblcr.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_lc.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_nq.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_rr.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_sed.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_sh.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_wlc.ko
/lib/modules/2.6.18-238.el5/kernel/net/ipv4/ipvs/ip_vs_wrr.ko 4、配置主辅keepalived配置文件
! Configuration File for keepalived
global_defs {
notification_email {
mds@cdpc.com
}
notification_email_from master@cdpc.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id httpd
}
vrrp_script check_http {
script "/root/bash/check_httpd.sh"
weight -5
interval 1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 240
priority 100
advert_int 1
# track_script {
# check_http
# }
authentication {
auth_type PASS
auth_pass 3333
}
virtual_ipaddress {
192.168.10.120/24 dev eth0
}
}
vrrp_instance VI_2 {
state MASTER
interface eth1
virtual_router_id 241
priority 100
advert_int 1
# track_script {
# check_http
# }
authentication {
auth_type PASS
auth_pass 4444
}
virtual_ipaddress {
192.168.80.100/24 dev eth1
}
}
virtual_server 192.168.10.120 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 0
protocol TCP
real_server 192.168.80.90 80 {
weight 1
HTTP_GET {
url {
path /check_web1.html
digest 68f36ac34591233a3ca3b5def1bace34
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.80.80 80 {
weight 1
HTTP_GET {
url {
path /check_web2.html
digest 9880ace9322481a0f7cf58a653a29049
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
注:(1)、主辅设置优先级
(2)、genhash值的计算、web1、web2的httpd服务开启时才能获得MD5值、服务器和MD5值对应关系勿弄错
(3)、使用的是HTTP_GET检查web服务器的健康状态
(4)、lvs模式设定
(5)、虚拟IP地址绑定网卡设置
(6)、persistence_timeout 设置为0 方便后面测试
5、检查部署情况
检查ipvsadm 情况
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.10.120:80 rr
-> 192.168.80.90:80 Masq 1 0 53
-> 192.168.80.80:80 Masq 1 0 546、主服务器重启keepalived服务
master
tail -f /var/log/messages
May 18 20:35:27 master Keepalived: Terminating on signal
May 18 20:35:27 master Keepalived_vrrp: Terminating VRRP child process on signal
May 18 20:35:28 master Keepalived_vrrp: VRRP_Instance(VI_1) removing protocol VIPs.
May 18 20:35:28 master Keepalived_healthcheckers: Netlink reflector reports IP 192.168.10.120 removed
May 18 20:35:28 master avahi-daemon[3680]: Withdrawing address record for 192.168.10.120 on eth0.
May 18 20:35:28 master Keepalived_vrrp: VRRP_Instance(VI_2) removing protocol VIPs.
May 18 20:35:28 master Keepalived_healthcheckers: Netlink reflector reports IP 192.168.80.100 removed
May 18 20:35:28 master avahi-daemon[3680]: Withdrawing address record for 192.168.80.100 on eth1.
May 18 20:35:28 master Keepalived_healthcheckers: Terminating Healthchecker child process on signal
May 18 20:35:28 master Keepalived: Stopping Keepalived v1.1.20 (05/16,2014)
May 18 20:35:38 master dhclient: DHCPREQUEST on eth0 to 192.168.10.1 port 67
May 18 20:35:57 master dhclient: DHCPREQUEST on eth0 to 192.168.10.1 port 67
May 18 20:35:57 master Keepalived: Starting Keepalived v1.1.20 (05/16,2014)
May 18 20:35:57 master Keepalived_healthcheckers: Netlink reflector reports IP 192.168.10.101 added
May 18 20:35:57 master Keepalived_healthcheckers: Netlink reflector reports IP 192.168.80.20 added
May 18 20:35:57 master Keepalived_healthcheckers: Registering Kernel netlink reflector
May 18 20:35:57 master Keepalived_healthcheckers: Registering Kernel netlink command channel
May 18 20:35:57 master Keepalived: Starting Healthcheck child process, pid=32142
May 18 20:35:57 master Keepalived: Starting VRRP child process, pid=32143
May 18 20:35:57 master Keepalived_vrrp: Netlink reflector reports IP 192.168.10.101 added
May 18 20:35:57 master Keepalived_vrrp: Netlink reflector reports IP 192.168.80.20 added
May 18 20:35:57 master Keepalived_vrrp: Registering Kernel netlink reflector
May 18 20:35:57 master Keepalived_vrrp: Registering Kernel netlink command channel
May 18 20:35:57 master Keepalived_vrrp: Registering gratutious ARP shared channel
May 18 20:35:58 master Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
May 18 20:35:58 master Keepalived_vrrp: Configuration is using : 41460 Bytes
May 18 20:35:58 master Keepalived_vrrp: Using LinkWatch kernel netlink reflector...
May 18 20:35:58 master Keepalived_vrrp: VRRP sockpool: [ifindex(2), proto(112), fd(10,11)]
May 18 20:35:58 master Keepalived_vrrp: VRRP sockpool: [ifindex(3), proto(112), fd(12,13)]
May 18 20:35:59 master Keepalived_vrrp: VRRP_Instance(VI_2) Transition to MASTER STATE
May 18 20:35:59 master Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
May 18 20:36:00 master Keepalived_vrrp: VRRP_Instance(VI_2) Entering MASTER STATE
May 18 20:36:00 master Keepalived_vrrp: VRRP_Instance(VI_2) setting protocol VIPs.
May 18 20:36:00 master Keepalived_vrrp: VRRP_Instance(VI_2) Sending gratuitous ARPs on eth1 for 192.168.80.100
May 18 20:36:00 master Keepalived_vrrp: Netlink reflector reports IP 192.168.80.100 added
May 18 20:36:00 master avahi-daemon[3680]: Registering new address record for 192.168.80.100 on eth1.
May 18 20:36:00 master Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
May 18 20:36:00 master Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
May 18 20:36:00 master Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.10.120
May 18 20:36:00 master avahi-daemon[3680]: Registering new address record for 192.168.10.120 on eth0.
May 18 20:36:00 master Keepalived_vrrp: Netlink reflector reports IP 192.168.10.120 added
May 18 20:36:03 master Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'.
May 18 20:36:03 master Keepalived_healthcheckers: Configuration is using : 15185 Bytes
May 18 20:36:03 master Keepalived_healthcheckers: Using LinkWatch kernel netlink reflector...
May 18 20:36:03 master Keepalived_healthcheckers: Activating healtchecker for service [192.168.80.90:80]
May 18 20:36:03 master Keepalived_healthcheckers: Activating healtchecker for service [192.168.80.80:80]
May 18 20:36:03 master Keepalived_healthcheckers: Netlink reflector reports IP 192.168.80.100 added
May 18 20:36:03 master Keepalived_healthcheckers: Netlink reflector reports IP 192.168.10.120 added
May 18 20:36:05 master Keepalived_vrrp: VRRP_Instance(VI_2) Sending gratuitous ARPs on eth1 for 192.168.80.100
May 18 20:36:05 master Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.10.12
slaver
tail -f /var/log/messages
May 18 20:35:07 slaver last message repeated 3 times
May 18 20:35:10 slaver Keepalived_vrrp: VRRP_Instance(VI_2) Transition to MASTER STATE
May 18 20:35:10 slaver Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
May 18 20:35:11 slaver Keepalived_vrrp: VRRP_Instance(VI_2) Entering MASTER STATE
May 18 20:35:11 slaver Keepalived_vrrp: VRRP_Instance(VI_2) setting protocol VIPs.
May 18 20:35:11 slaver Keepalived_vrrp: VRRP_Instance(VI_2) Sending gratuitous ARPs on eth1 for 192.168.80.100
May 18 20:35:11 slaver Keepalived_vrrp: Netlink reflector reports IP 192.168.80.100 added
May 18 20:35:11 slaver Keepalived_healthcheckers: Netlink reflector reports IP 192.168.80.100 added
May 18 20:35:11 slaver avahi-daemon[3782]: Registering new address record for 192.168.80.100 on eth1.
May 18 20:35:11 slaver Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
May 18 20:35:11 slaver Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
May 18 20:35:11 slaver Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.10.120
May 18 20:35:11 slaver Keepalived_healthcheckers: Netlink reflector reports IP 192.168.10.120 added
May 18 20:35:11 slaver avahi-daemon[3782]: Registering new address record for 192.168.10.120 on eth0.
May 18 20:35:11 slaver Keepalived_vrrp: Netlink reflector reports IP 192.168.10.120 added
May 18 20:35:14 slaver dhclient: DHCPREQUEST on eth0 to 192.168.10.1 port 67
May 18 20:35:16 slaver Keepalived_vrrp: VRRP_Instance(VI_2) Sending gratuitous ARPs on eth1 for 192.168.80.100
May 18 20:35:16 slaver Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.10.120
May 18 20:35:28 slaver dhclient: DHCPREQUEST on eth0 to 192.168.10.1 port 67
May 18 20:35:35 slaver dhclient: DHCPREQUEST on eth0 to 192.168.10.1 port 67
May 18 20:35:38 slaver Keepalived_vrrp: VRRP_Instance(VI_2) Received higher prio advert
May 18 20:35:38 slaver Keepalived_vrrp: VRRP_Instance(VI_2) Entering BACKUP STATE
May 18 20:35:38 slaver Keepalived_vrrp: VRRP_Instance(VI_2) removing protocol VIPs.
May 18 20:35:38 slaver Keepalived_vrrp: Netlink reflector reports IP 192.168.80.100 removed
May 18 20:35:38 slaver Keepalived_healthcheckers: Netlink reflector reports IP 192.168.80.100 removed
May 18 20:35:38 slaver avahi-daemon[3782]: Withdrawing address record for 192.168.80.100 on eth1.
May 18 20:35:38 slaver Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prio advert
May 18 20:35:38 slaver Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE
May 18 20:35:38 slaver Keepalived_vrrp: VRRP_Instance(VI_1) removing protocol VIPs.
May 18 20:35:38 slaver Keepalived_vrrp: Netlink reflector reports IP 192.168.10.120 removed
May 18 20:35:38 slaver Keepalived_healthcheckers: Netlink reflector reports IP 192.168.10.120 removed
May 18 20:35:38 slaver avahi-daemon[3782]: Withdrawing address record for 192.168.10.120 on eth0.7、设置master和slaver服务器IP转发功能
# sysctl -p
net.ipv4.ip_forward = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 4294967295
kernel.shmall = 2684354568、现在重启主辅服务器上的keepalived服务、web服务器上的httpd服务,关闭master的keepalived服务做测试。
keepalived+LVS-NAT模式就部署就完成了
测试方法:浏览器设置自动刷新功能,我设置的是每秒刷新一次
上面是测试结果,访问VIP地址 网页内容在两台服务器之间切换
9、在web1上部署inotify-tools工具、web2上部署rsync服务,用于当web1网页内容变化时,web2服务器的网页内容的一致性问题
web1上部署inotify-tools
(1)、安装部署inotify-tools
tar -zxf inotify-tools-3.13.tar.gz -C /usr/src
cd /usr/src/inotify-tools-3.13
./configure --prefix=/usr/local/inotify_tools
make && make install
cp /usr/local/inotify_tools/bin/inotifywait /usr/sbin/
cp /usr/local/inotify_tools/bin/inotifywatch /usr/sbin/
(2)、设置rsync认证
# vim /etc/rsync.passwd
strong
chmod 600 /etc/rsync.passwd
(3)、编写同步脚本
inotify-rsync.sh
#!/bin/bash
host1=192.168.80.80
src=/var/www/html
dst1=test
user1=root
/usr/local/inotify_tools/bin/inotifywait -mrq --timefmt '%d/%m/%y %H:%M' --format '%T %w%f%e' -e modify,delete,create,attrib $src \
| while read files
do
/usr/bin/rsync -vzrtopg --delete --progress --password-file=/etc/rsync.passwd $src$user1@$host1::$dst1
echo "${files} was rsynced" >>/tmp/rsync.log 2>&1
done
(4)、修改脚本权限
chmod 755 inotify-rsync.sh
(5)、执行脚本
inotify-rsync.sh & web2上部署rsync服务
新建rsync认证文件
#/etc/rsync.passwd
root:strong
修改rsync认证文件权限
chmod 600 /etc/rsync.passwd
新建rsync主配置文件
# /etc/rsyncd.conf
strict modes = yes
port = 873
pid file = /var/run/rsyncd.pid
lock file = /var/run/rsync.lock
log file = /var/log/rsyncd.log
motd file = /etc/rsyncd.motd
use chroot =
timeout =
[test]
path = /var/www/
comment = rsync files
max connections = 5
uid = root
gid = root
ignore errors
read only = no
write only = no
list = no
hosts allow = *
hosts deny = 10.1.1.1
auth users = root
secrets file = /etc/rsync.passwd
启动rsync服务
chkconfig rsync on
/etc/init.d/xinted restart 10、至此apache+rsync+inotify-tools+keepalived+lvs-NAT模式HA负载均衡部署就此结束
|
|