一,主从模式
10.10.10.13(master) 安装keepalived 和nginx
10.10.10.14( slave ) 安装keepalived 和nginx
1,安装软件
yum install keepalived -y
yum install nginx -y (默认情况下centos7系统没有nginx的源,要yum安装的话需要更新一下yum源
rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm)
2,修改配置
nginx
echo 'keepalived-master' > /usr/share/nginx/html/index.html (10.10.10.13)
echo 'keepalived-master' > /usr/share/nginx/html/index.html(10.10.10.14)
keepalived
拷贝配置文件到/etc/keepalived下面
cp /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp /etc/keepalived/keepalived.conf
10.10.10.13的配置
global_defs {
router_id kp_master #设置节点名称,这个可以自行定义名称
}
vrrp_instance VI_1 {
state MASTER # MASTER表示为主服务
interface eth0
garp_master_delay 10
smtp_alert
virtual_router_id 51 # 虚拟路由id 主和从都设置成一样的
priority 100 # 优先级,主的优先级要高于从的优先级,数字越大优先级越高
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.10.200 label eth0:0 # 添加虚拟网卡
}
}
10.10.10.14的配置
global_defs {
router_id kp_slave
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
garp_master_delay 10
smtp_alert
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.10.200 label eth0:0
}
}
3,启动服务
systemctl start keepalived
systemctl start nginx
4,查看虚拟ip地址绑定情况
5,测试效果
6,故障演练
a,主机故障
模拟主服务器主机故障
停掉10.10.10.13上面的keepalived服务
systemctl stop keepalived
b,服务故障
模拟nginx服务故障
停掉10.10.10.13上面的nginx服务
systemctl stop nginx
6,结果分析
由以上演练可以得出:
a,当主机故障时keepalived可以实现高可用
b,当服务故障时上面配置的服务无法实现高可用
二,通过keepalived + lvs(dr模型) + nginx 实现负载均衡
服务器分配
1,通过lvs实现负载均衡
a,设置arp响应模式(15,16上配置)
在lvs的三种负载均衡的技术中,DR和TUN模式都需要在真实服务器上对arp_ignore和arp_announce参数进行配置,主 要是实现禁止响应对VIP的ARP请求
[root@localhost ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@localhost ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@localhost ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@localhost ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
b,安装网络配置工具(15,16上配置)
yum install net-tools.x86_64
c,配置网卡(15,16上配置)
ifconfig lo:0 10.10.10.200 netmask 255.255.255.255 broadcast 10.10.10.200
d,配置lvs(13上配置)
[root@localhost ~]# yum install ipvsadm -y
[root@localhost ~]# ipvsadm -A -t 10.10.10.200:80 -s rr
[root@localhost ~]# ipvsadm -a -t 10.10.10.200:80 -r 10.10.10.15
[root@localhost ~]# ipvsadm -a -t 10.10.10.200:80 -r 10.10.10.16
e,测试效果
[root@localhost ~]# curl 10.10.10.200
nginx-rs1
[root@localhost ~]# curl 10.10.10.200
nginx-rs2
[root@localhost ~]# curl 10.10.10.200
nginx-rs1
[root@localhost ~]# curl 10.10.10.200
nginx-rs2
2, 通过keepalived本身的功能实现负载均衡
a,清除上面的lvs设置
[root@localhost ~]# ipvsadm -C
b,在keeplived之前的配置文件中加入如下内容
virtual_server 10.10.10.200 80 { # 配置vip
delay_loop 6
lb_algo rr # 调动策略
lb_kind DR # lvs模式
protocol TCP # 协议
real_server 10.10.10.15 80 { # 后端realserver1
}
real_server 10.10.10.16 80 { # 后端realserver2
}
}
C,故障演练
停止后端一个节点上的realserver
[root@localhost ~]# systemctl stop nginx
测试访问情况
[root@localhost ~]# curl 10.10.10.200
curl: (7) Failed connect to 10.10.10.200:80; 拒绝连接
[root@localhost ~]# curl 10.10.10.200
nginx-rs1
三,实现对后端realserver的故障检查及剔除
在real_server内部增加HTTP_GET检测机制(检测机制还有其他的方式)
virtual_server 10.10.10.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 10.10.10.15 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 10.10.10.16 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
测试效果
停掉realserver1 (可以看ipvsadm把15剔除了调度组,所有请求都被调度到rs2上面了)
[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.10.10.200:80 rr
-> 10.10.10.16:80
[root@localhost ~]# curl 10.10.10.200
nginx-rs2
[root@localhost ~]# curl 10.10.10.200
nginx-rs2
[root@localhost ~]# curl 10.10.10.200
nginx-rs2
[root@localhost ~]# curl 10.10.10.200
nginx-rs2
[root@localhost ~]# curl 10.10.10.200
nginx-rs2
[root@localhost ~]# curl 10.10.10.200
nginx-rs2
[root@localhost ~]# curl 10.10.10.200