概述
随着近年来互联网的快速发展;而众多需要提供给用户访问的WEB服务器,必须保证每天24小时不间断的提供服务,随着访问量的增加,又有哪些好的WEB构架能实现高可用负载均衡,而且又是免费的呢?答案是肯定是有了,而这种架构就是LVS+Keepalived
Keepalived简介
什么是Keepalived:keepalived可以实现服务的高可用或热备,用来防止单点故障的问题;而Keepalived的核心VRRP协议,VRRP协议主要实现了在路由器或三层交换机处的冗余;Keepalived就是使用VRRP协议来实现高可用的;下面一起来看一下Keepalived的原理图:
Keepalived启动后会有三个进程:
父进程:内存管理,子进程管理
子进程:VRRP子进程
子进程:healthchecker子进程
由上图可知:两个子进程都被系统WatchDog看管,两个子进程各自复杂自己的事,healthchecker子进程复杂检查各自服务器的健康程度,例如HTTP,LVS等,如果healthchecker子进程检查到MASTER上服务不可用了,就会通知本机上的VRRP子进程,让他删除通告,并且去掉虚拟IP,转换为BACKUP状态
环境介绍:
系统版本:CentOS 6_x86_64
LVS_DR模式:WEB1与WEB2服务器的网关不能设置为LVS调度器
一、安装配置LVS+Keepalived
1、在Master与Backup服务器上分别安装Ipvsadm、Keepalived软件包、这里使用的是rpm包安装方式
[backcolor=white !important][iyunv@master ~]# yum -y install ipvsadm keepalived
[backcolor=white !important][iyunv@backup ~]# yum -y install ipvsadm keepalived
[backcolor=white !important]注释:这里安装Ipvsadm工具主要是为了查看lvs规则使用,不安装ipvsadm工具也能成功配置规则,但不方式查看
[backcolor=white !important]2、修改Master的主配置文件
[backcolor=white !important]global_defs {[iyunv@master ~]# vim /etc/keepalived/keepalived.conf
[backcolor=white !important]! Configuration File for keepalived
[backcolor=white !important] notification_email { #设置报警通知邮件地址,可以设置多个
[backcolor=white !important] root@localhost
[backcolor=white !important] }
[backcolor=white !important] notification_email_from admin@allen.com #设置邮件的发送地址
[backcolor=white !important] smtp_server 127.0.0.1 #设置smtp server的地址,该地址必须是存在的
[backcolor=white !important] smtp_connect_timeout 30 #设置连接smtp server的超时时间
[backcolor=white !important] router_id LVS_ALLEN #运行Keepalived服务器的标识,发邮件时显示在邮件标题中的信息
[backcolor=white !important]}
[backcolor=white !important]vrrp_instance lvs_allen { #定义VRRP实例,实例名自定义
[backcolor=white !important] state MASTER #指定Keepalived的角色,MASTER为主服务器,BACKUP为备用服务器
[backcolor=white !important] interface eth0 #指定HA监测的接口
[backcolor=white !important] virtual_router_id 68 #虚拟路由标识,这个标识是一个数字(1-255),在一个VRRP实例中主备服务器ID必须一样
[backcolor=white !important] priority 100 #优先级,数字越大优先级越高,在一个实例中主服务器优先级要高于备服务器
[backcolor=white !important] advert_int 1 #设置主备之间同步检查的时间间隔单位秒
[backcolor=white !important] authentication { #设置验证类型和密码
[backcolor=white !important] auth_type PASS #验证类型有两种{PASS|HA}
[backcolor=white !important] auth_pass 1689 #设置验证密码,在一个实例中主备密码保持一样
[backcolor=white !important] }
[backcolor=white !important] virtual_ipaddress { #定义虚拟IP地址,可以有多个,每行一个
[backcolor=white !important] 172.16.14.10
[backcolor=white !important] }
[backcolor=white !important]}
[backcolor=white !important]virtual_server 172.16.14.10 80 { #设置虚拟服务器,需要指定虚拟IP与服务端口,用空格分隔
[backcolor=white !important] delay_loop 6 #设置健康状态检查时间,单位为秒
[backcolor=white !important] lb_algo rr #设置负载高度算法,rr为轮询
[backcolor=white !important] lb_kind DR #设置LVS实现负载均衡的机制,可以为{NAT|TUN|DR}三种
[backcolor=white !important] nat_mask 255.255.0.0 #设置掩码
[backcolor=white !important] persistence_timeout 50 #会话保持时间,单位为秒;这个选项对于动态网页是非常有用的,为集群系统中session共享提供了一个很好的解决方案
[backcolor=white !important] protocol TCP #指定转发协议类型可以设置{TCP|UDP}两种
[backcolor=white !important] real_server 172.16.14.3 80 { #服务服务节点,需要指定Real_server的IP与端口,用空格分隔
[backcolor=white !important] weight 1 #配置服务节点的权重,数字越大,权重越高
[backcolor=white !important] HTTP_GET { #设置检测Realserver的方式为Http协议
[backcolor=white !important] url {
[backcolor=white !important] path /
[backcolor=white !important] status_code 200 #设定返回状态码为200表示Realserver是存活的
[backcolor=white !important] }
[backcolor=white !important] connect_timeout 3 #设置响应超时时间
[backcolor=white !important] nb_get_retry 3 #设置超时重试次数
[backcolor=white !important] delay_before_retry 3 #设置超时后重试间隔
[backcolor=white !important] }
[backcolor=white !important] }
[backcolor=white !important] real_server 172.16.14.4 80 {
[backcolor=white !important] weight 1
[backcolor=white !important] HTTP_GET {
[backcolor=white !important] url {
[backcolor=white !important] path /
[backcolor=white !important] status_code 200
[backcolor=white !important] }
[backcolor=white !important] connect_timeout 3
[backcolor=white !important] nb_get_retry 3
[backcolor=white !important] delay_before_retry 3
[backcolor=white !important] }
[backcolor=white !important] }
[backcolor=white !important]}
[backcolor=white !important]3、将Master服务器上的主配置文件拷贝到Backup服务器稍作修改
[backcolor=white !important][iyunv@backup ~]# vim /etc/keepalived/keepalived.conf[iyunv@backup ~]# scp 172.16.14.1:/etc/keepalived/keepalived.conf /etc/keepalived/
[backcolor=white !important]######修改如下两项
[backcolor=white !important]state BACKUP
[backcolor=white !important]priority 98
[backcolor=white !important]4、启动两台服务器上的Keepalived服务并设置为开机自启动
[backcolor=white !important]Starting keepalived: [ OK ]######MASER服务器
[backcolor=white !important][iyunv@master ~]# service keepalived start
[backcolor=white !important][iyunv@master ~]# chkconfig keepalived on
[backcolor=white !important][iyunv@master ~]# chkconfig --list keepalived
[backcolor=white !important]keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[backcolor=white !important]######BACKUP服务器
[backcolor=white !important][iyunv@backup ~]# vim /etc/keepalived/keepalived.conf
[backcolor=white !important][iyunv@backup ~]# service keepalived start
[backcolor=white !important]Starting keepalived: [ OK ]
[backcolor=white !important][iyunv@backup ~]# chkconfig keepalived on
[backcolor=white !important][iyunv@backup ~]# chkconfig --list keepalived
[backcolor=white !important]keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[backcolor=white !important]5、开启Master与Backup服务器的路由转发功能
[backcolor=white !important]######执行如下命令使其生效[iyunv@master ~]# sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
[backcolor=white !important][iyunv@backup ~]# sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
[backcolor=white !important]sysctl -p
[backcolor=white !important]二、安装Httpd并设置好Realserver
[backcolor=white !important]1、为后端服务器WEB1安装Httpd服务并启动服务,这里使用的rpm包安装
[backcolor=white !important][iyunv@web1 ~]# echo 'WEB1 http://502245466.blog.' > /var/www/html/index.html[backcolor=white !important][iyunv@web1 ~]# yum -y install httpd
[backcolor=white !important]######为web1提供测试页
[backcolor=white !important][iyunv@web1 ~]# service httpd start
[backcolor=white !important][iyunv@web1 ~]# chkconfig httpd on
[backcolor=white !important][iyunv@web1 ~]# chkconfig --list httpd
[backcolor=white !important]httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[backcolor=white !important]2、访问测试WEB1服务器 [backcolor=white !important]
[backcolor=white !important]3、为后端服务器WEB2安装Httpd服务并启动服务,这里使用的rpm包安装
[backcolor=white !important]
[iyunv@web2 ~]# yum -y install httpd######为web2提供测试页[iyunv@web2 ~]# echo 'WEB2 http://502245466.blog.' > /var/www/html/index.html[iyunv@web2 ~]# service httpd start[iyunv@web2 ~]# chkconfig httpd on[iyunv@web2 ~]# chkconfig --list httpdhttpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off [backcolor=white !important]4、访问测试WEB2服务器 [backcolor=white !important]
[backcolor=white !important]5、为两台Realserver提供Sysv格式的脚本来自动修改内核参数与虚拟IP并运行脚本 [backcolor=white !important][iyunv@web1 ~]# vim /etc/init.d/lvs
[backcolor=white !important]#!/bin/bash
[backcolor=white !important]#ALLEN http://502245466.blog.
[backcolor=white !important]# chkconfig: - 88 66
[backcolor=white !important]# Script to start LVS DR real server.
[backcolor=white !important]# description: LVS DR real server
[backcolor=white !important]#
[backcolor=white !important]. /etc/rc.d/init.d/functions
[backcolor=white !important]VIP=172.16.14.10
[backcolor=white !important]host=`/bin/hostname`
[backcolor=white !important]case "$1" in
[backcolor=white !important]start)
[backcolor=white !important] # Start LVS-DR real server on this machine.
[backcolor=white !important] /sbin/ifconfig lo down
[backcolor=white !important] /sbin/ifconfig lo up
[backcolor=white !important] echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[backcolor=white !important] echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[backcolor=white !important] echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[backcolor=white !important] echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[backcolor=white !important] /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
[backcolor=white !important] /sbin/route add -host $VIP dev lo:0
[backcolor=white !important];;
[backcolor=white !important]stop)
[backcolor=white !important] # Stop LVS-DR real server loopback device(s).
[backcolor=white !important] /sbin/ifconfig lo:0 down
[backcolor=white !important] echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[backcolor=white !important] echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
[backcolor=white !important] echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
[backcolor=white !important] echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
[backcolor=white !important];;
[backcolor=white !important]status)
[backcolor=white !important] # Status of LVS-DR real server.
[backcolor=white !important] islothere=`/sbin/ifconfig lo:0 | grep $VIP`
[backcolor=white !important] isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
[backcolor=white !important] if [ ! "$islothere" -o ! "isrothere" ];then
[backcolor=white !important] # Either the route or the lo:0 device
[backcolor=white !important] # not found.
[backcolor=white !important] echo "LVS-DR real server Stopped."
[backcolor=white !important] else
[backcolor=white !important] echo "LVS-DR real server Running."
[backcolor=white !important] fi
[backcolor=white !important];;
[backcolor=white !important]*)
[backcolor=white !important] # Invalid entry.
[backcolor=white !important] echo "$0: Usage: $0 {start|status|stop}"
[backcolor=white !important] exit 1
[backcolor=white !important];;
[backcolor=white !important]esac
[backcolor=white !important]注释:脚本中的VIP定义的是虚拟IP地址
[backcolor=white !important]====================================================================
[backcolor=white !important][iyunv@web1 ~]# chmod +x /etc/init.d/lvs
[backcolor=white !important][iyunv@web1 ~]# chkconfig --add lvs
[backcolor=white !important][iyunv@web1 ~]# chkconfig lvs on
[backcolor=white !important][iyunv@web1 ~]# chkconfig --list lvs
[backcolor=white !important]lvs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[backcolor=white !important][iyunv@web1 ~]# service lvs start
[backcolor=white !important][iyunv@web1 ~]# service lvs status
[backcolor=white !important]LVS-DR real server Running.
[backcolor=white !important]++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
[backcolor=white !important]######为WEB2提供脚本
[backcolor=white !important][iyunv@web2 ~]# scp -p 172.16.14.3:/etc/init.d/lvs /etc/init.d/
[backcolor=white !important][iyunv@web2 ~]# chkconfig --add lvs
[backcolor=white !important][iyunv@web2 ~]# chkconfig lvs on
[backcolor=white !important][iyunv@web2 ~]# chkconfig --list lvs
[backcolor=white !important]lvs 0:off 1:off 2:on 3:on 4:on 5:on 6:off
[backcolor=white !important][iyunv@web2 ~]# service lvs start
[backcolor=white !important][iyunv@web2 ~]# service lvs status
[backcolor=white !important]LVS-DR real server Running.
[backcolor=white !important]三、验证服务
[backcolor=white !important]1、查看当前Master服务器的IP地址及LVS规则
[backcolor=white !important] link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff[iyunv@master ~]# ip addr show eth0
[backcolor=white !important]2: eth0:
mtu 1500 qdisc pfifo_fast state UP qlen 1000
[backcolor=white !important] inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0
[backcolor=white !important] inet 172.16.14.10/32 scope global eth0
[backcolor=white !important] inet6 fe80::20c:29ff:fe2c:1a24/64 scope link
[backcolor=white !important] valid_lft forever preferred_lft forever
[backcolor=white !important]######由上可见虚拟IP地址已经在Master主机上启动
[backcolor=white !important]========================================================================
[backcolor=white !important][iyunv@master ~]# ipvsadm -L -n
[backcolor=white !important]IP Virtual Server version 1.2.1 (size=4096)
[backcolor=white !important]Prot LocalAddress:Port Scheduler Flags
[backcolor=white !important] -> RemoteAddress:Port Forward Weight ActiveConn InActConn
[backcolor=white !important]TCP 172.16.14.10:80 rr persistent 50
[backcolor=white !important] -> 172.16.14.3:80 Route 1 0 0
[backcolor=white !important] -> 172.16.14.4:80 Route 1 0 0
[backcolor=white !important]######从规则中可以看出虚拟IP与Port及调度算法为rr;其中有两个Realserver
[backcolor=white !important]2、访问测试服务器是否正常提供服务
[backcolor=white !important]
[backcolor=white !important]
[backcolor=white !important]由上可知,使用的是rr调度算法,在访问测试时可能需要多访问几次或换个浏览器来测试访问 [backcolor=white !important]3、模拟Master服务器出现故障,将Master主机上的Keepalived服务停止,查看Backup服务器是否接管所有服务
[backcolor=white !important]
[iyunv@master ~]# service keepalived stopStopping keepalived: [ OK ]----------------------------------------------------------------------[iyunv@master ~]# ip addr show eth02: eth0:
mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0 inet6 fe80::20c:29ff:fe2c:1a24/64 scope link valid_lft forever preferred_lft forever----------------------------------------------------------------------[iyunv@master ~]# ipvsadm -L -nIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn######由上可见Master服务器上已删除虚拟IP与LVS规则======================================================================[iyunv@backup ~]# ip addr show eth02: eth0:
mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:ec:f6:3f brd ff:ff:ff:ff:ff:ff inet 172.16.14.2/16 brd 172.16.255.255 scope global eth0 inet 172.16.14.10/32 scope global eth0 inet6 fe80::20c:29ff:feec:f63f/64 scope link valid_lft forever preferred_lft forever######由上可见,虚拟IP地址已成功在Backup服务器启动----------------------------------------------------------------------[iyunv@backup ~]# ipvsadm -L -nIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConnTCP 172.16.14.10:80 rr persistent 50 -> 172.16.14.3:80 Route 1 0 0 -> 172.16.14.4:80 Route 1 0 0######LVS的规则也已成功配置在Backup服务器上面 [backcolor=white !important]4、再次访问测试服务器是否正常提供服务 [backcolor=white !important]
[backcolor=white !important]
[backcolor=white !important]5、假如Master服务器修复好已重新上线,则虚拟IP地址与LVS规则会重新配置到Master服务器上而在Backup服务器上删除 [backcolor=white !important]######查看Master服务器
[backcolor=white !important][iyunv@master ~]# service keepalived start
[backcolor=white !important]Starting keepalived: [ OK ]
[backcolor=white !important]----------------------------------------------------------------------
[backcolor=white !important][iyunv@master ~]# ip addr show eth0
[backcolor=white !important]2: eth0:
mtu 1500 qdisc pfifo_fast state UP qlen 1000
[backcolor=white !important] link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff
[backcolor=white !important] inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0
[backcolor=white !important] inet 172.16.14.10/32 scope global eth0
[backcolor=white !important] inet6 fe80::20c:29ff:fe2c:1a24/64 scope link
[backcolor=white !important] valid_lft forever preferred_lft forever
[backcolor=white !important]----------------------------------------------------------------------
[backcolor=white !important][iyunv@master ~]# ipvsadm -L -n
[backcolor=white !important]IP Virtual Server version 1.2.1 (size=4096)
[backcolor=white !important]Prot LocalAddress:Port Scheduler Flags
[backcolor=white !important] -> RemoteAddress:Port Forward Weight ActiveConn InActConn
[backcolor=white !important]TCP 172.16.14.10:80 rr persistent 50
[backcolor=white !important] -> 172.16.14.3:80 Route 1 0 0
[backcolor=white !important] -> 172.16.14.4:80 Route 1 0 0
[backcolor=white !important]######由上可见,虚拟IP地址与LVS规则又重新配置到Master服务器上面
[backcolor=white !important]======================================================================
[backcolor=white !important]######查看Backup服务器
[backcolor=white !important][iyunv@backup ~]# ip addr show eth0
[backcolor=white !important]2: eth0:
mtu 1500 qdisc pfifo_fast state UP qlen 1000
[backcolor=white !important] link/ether 00:0c:29:ec:f6:3f brd ff:ff:ff:ff:ff:ff
[backcolor=white !important] inet 172.16.14.2/16 brd 172.16.255.255 scope global eth0
[backcolor=white !important] inet6 fe80::20c:29ff:feec:f63f/64 scope link
[backcolor=white !important] valid_lft forever preferred_lft forever
[backcolor=white !important]----------------------------------------------------------------------
[backcolor=white !important][iyunv@backup ~]# ipvsadm -L -n
[backcolor=white !important]IP Virtual Server version 1.2.1 (size=4096)
[backcolor=white !important]Prot LocalAddress:Port Scheduler Flags
[backcolor=white !important] -> RemoteAddress:Port Forward Weight ActiveConn InActConn
[backcolor=white !important]TCP 172.16.14.10:80 rr persistent 50
[backcolor=white !important] -> 172.16.14.3:80 Route 1 0 0
[backcolor=white !important] -> 172.16.14.4:80 Route 1 0 0
[backcolor=white !important]######由上可见,虚拟IP地址已经删除,但是LVS规则还存在,这对我们是没有影响的,没有了IP地址只有规则也是不生效的
[backcolor=white !important]6、如果后端Realserver出现故障,则LVS规则会清除相应Realserver的规则
[backcolor=white !important]------------------------------------------------------------------------[iyunv@web1 ~]# service httpd stop
[backcolor=white !important]Stopping httpd: [ OK ]
[backcolor=white !important][iyunv@master ~]# ipvsadm -L -n
[backcolor=white !important]IP Virtual Server version 1.2.1 (size=4096)
[backcolor=white !important]Prot LocalAddress:Port Scheduler Flags
[backcolor=white !important] -> RemoteAddress:Port Forward Weight ActiveConn InActConn
[backcolor=white !important]TCP 172.16.14.10:80 rr persistent 50
[backcolor=white !important] -> 172.16.14.4:80 Route 1 0 0
[backcolor=white !important]######由上可见,停止了WEB1服务器的Httpd服务;查看LVS规则中已经清除了WEB1服务器的规则;如果将WEB1重新上线,则LVS会自动将规则添加上这里就不再测试
[backcolor=white !important]温馨提示: [backcolor=white !important]如果在是实际环境中使用Keepalived做高可用集群解决方案时,为了解决脑裂的问题,我们需要把MASTER与BACKUP服务器的Keepalived的主配置文件(keepalived.conf)中的 "state" 状态都改为 "BACKUP" 优先级 "priority" 选项的值不要设置为相同,可以设置一个数值大另一个数值小;如优先级分别为:priority 100 priority 98
[backcolor=white !important]到此Keepalived+LVS实现高可用负载均衡集群已全部完成,感谢各位博友的关注与支持,后面会持续更新其他内容;敬请期待!!!
| 
QQ群⑧:
窥视卡
雷达卡
发表于 2013-9-27 09:04:59
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡