准备四台虚拟机,两台HA主机,两台RS主机
一、HA主机的配置
1.1、配置IP:
1
2
|
HA1:IP
172.16
.
50.20
网关
172.16
.
0.1
HA2:IP
172.16
.
50.30
网关
172.16
.
0.1
|
1.2、配置主机名:
HA1主机:
1
2
3
4
|
# hostname node1.magedu.com
# uname -n
# vim /etc/sysconfig/network
HOSTNAME = node1.magedu.com
|
HA2主机:
1
2
3
4
|
# hostname node2.magedu.com
# uname -n
# vim /etc/sysconfig/network
HOSTNAME = node2.magedu.com
|
1.3、配置双机互信
HA1主机配置:
1
2
3
|
# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P
''
密码为空
# ssh-copy-id -i .ssh/id_rsa.pub root@
172.16
.
50.20
# ssh
172.16
.
50.30
'ifconfig'
远程连接查看一下ip是否为
50.30
|
HA2主机配置:
1
2
3
|
# ssh-keygen -t rsa -f ~/.ssh/id_rsa -P
''
# ssh-copy-id -i .ssh/id_rsa.pub root@
172.16
.
50.30
# ssh
172.16
.
50.20
'ifconfig'
远程连接查看一下ip是否为
50.20
|
1.4、配置主机解析
HA1配置:
1
2
3
4
5
6
|
# vim/etc/hosts
172.16
.
50.20
node1.magedu.com node1
172.16
.
50.30
node2.magedu.com node2
ping node2 #查看是否能ping通
scp /etc/hosts node2:/etc/ #直接复制给HA2主机
在HA2主机上ping node1 主机名,看能否ping通
|
1.5、配置时间同步
HA1主机:
1
2
3
4
5
6
|
# date
# service ntpd stop #先关闭ntpd
# chkconfig ntpd off #不让它开机自启动
# ntpdate
172.16
.
0.1
#与主服务时间同步一下
# crontab -e #使用任务计划,让它每五分钟同步一下时间
*/
5
* * * * /sbin/ntpdata
172.16
.
0.1
&> /dev/
null
|
HA2主机:
1
2
3
4
5
6
|
# date
# service ntpd stop #先关闭ntpd
# chkconfig ntpd off #不让它开机自启动
# ntpdate
172.16
.
0.1
#与主服务时间同步一下
# crontab -e #使用任务计划,让它每五分钟同步一下时间
*/
5
* * * * /sbin/ntpdata
172.16
.
0.1
&> /dev/
null
|
1.6、配置好yum库
二、RS主机的配置(LVS-DR模型)
2.1、配置IP
1
2
|
RS1:eth0
172.16
.
50.11
RS2: eth0
172.16
.
50.12
|
2.2、关闭selinux
本次实验总共使用了4台虚拟机,都要将selinux关闭
1
|
# setenforce
0
|
2.3、配置DR模型
这里提供一个脚本,可以直接实现
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
# vim startrs.sh
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=
172.16
.
50.1
host=`/bin/hostname`
case
"$1"
in
start)
# Start LVS-DR real server on
this
machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo
1
> /proc/sys/net/ipv4/conf/lo/arp_ignore
echo
2
> /proc/sys/net/ipv4/conf/lo/arp_announce
echo
1
> /proc/sys/net/ipv4/conf/all/arp_ignore
echo
2
> /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:
0
$VIP broadcast $VIP netmask
255.255
.
255.255
up
/sbin/route add -host $VIP dev lo:
0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:
0
down
echo
0
> /proc/sys/net/ipv4/conf/lo/arp_ignore
echo
0
> /proc/sys/net/ipv4/conf/lo/arp_announce
echo
0
> /proc/sys/net/ipv4/conf/all/arp_ignore
echo
0
> /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:
0
| grep $VIP`
isrothere=`netstat -rn | grep
"lo:0"
| grep $VIP`
if
[ !
"$islothere"
-o !
"isrothere"
];then
# Either the route or the lo:
0
device
# not found.
echo
"LVS-DR real server Stopped."
else
echo
"LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo
"$0: Usage: $0 {start|status|stop}"
exit
1
;;
esac
# chmod +x startrs.sh 给一个执行权限
# ./startrs.sh satrt 执行此脚本
|
2.3、验证:
1
|
# ifconfig
|
三、实现LVS的高可用
HA配置(HA1与HA2安装的软件包相同)
3、安装配置LVS
3.1、安装keepalived(这里是32位的rpm包,这是自己制作的rpm包,里面有很多
东西是不需要配置的,也提供了样例,和官方下载的rpm是不同的)
注意:因为有依赖关系,这里直接使用yum来安装
1
2
3
4
|
# yum -y --nogpgcheck localinstall keepalived-
1.2
.
7
-
5
.el5.i386.rpm
# rpm -ql keepalived 查看都是安装生成了了哪些文件(这里只看我们提供的服务)
/etc/keepalived/keepalived.conf.haproxy_example 这是自己制作的rpm提供的样例
/etc/keepalived/notify.sh 脚本,也是自己制作时提供的,网站下载的是没有的
|
3.2、安装ipvsadm
1
|
# yum -y install ipvsadm
|
RS主机上的配置
3.3、在RS主机上分别启动httpd服务
1
|
# service httpd start
|
3.4、分别提供网页文件
1
2
3
4
|
# vim /
var
/www/html/index.html
RS1.magedu.com
# vim /
var
/www/html/index.html
RS2.magedu.com
|
HA1节点配置
3.5、提供配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
# cd /etc/keepalived/
# cp keepalived.conf keepalived.conf.bak
# vim keepalived.conf
! Configuration File
for
keepalived
global_defs { 全局默认配置
notification_email {主节点发生变化,通知管理员
root@localhost
}
notification_email_from root@localhost {发件人
smtp_server
127.0
.
0.1
smtp_connect_timeout
30
连接时间超时时长
router_id LVS_DEVEL
}
vrrp_instance VI_1 {vrrp实例,定义虚拟路由组,第一个虚拟路由组
state MASTER 定义初始状态下谁是主谁是备份
interface
eth0 虚拟路由工作在eth0,以及路由组的接口
virtual_router_id
51
priority
101
优先级
advert_int
1
每隔一秒通告
authentication { 安全认证
auth_type PASS 字符串认证
auth_pass passwd 密码
}
virtual_ipaddress {VIP地址
172.16
.
50.1
}
}
virtual_server
172.16
.
50.1
80
{
delay_loop
6
定义获取服务等待的时间
lb_algo wlc 负载均衡调度算法
lb_kind DR LVS类型
nat_mask
255.255
.
0.0
protocol TCP
real_server
172.16
.
50.11
80
{
weight
1
url { 监控url的状态
path /
status_code
200
}
connect_timeout
2
连接超时时长
nb_get_retry
3
重试时长
delay_before_retry
1
延时前的重试时长
}
}
virtual_server
172.16
.
50.1
80
{
delay_loop
6
lb_algo wlc
lb_kind DR
nat_mask
255.255
.
0.0
protocol TCP
real_server
172.16
.
50.12
80
{
weight
2
url {
path /
status_code
200
}
connect_timeout
2
nb_get_retry
3
delay_before_retry
1
}
}
|
3.6、同步至另一节点中
1
|
# scp keepalived.conf node2:/etc/keepalived/
|
HA2主机中修改配置文件
1
2
3
4
|
# vim /etc/keepalived/keepalived.conf
只需要修改一下两项,其他的都不改
state BACKUP
priority
100
|
3.7、启动服务(两个节点都要启动)
1
|
# service keepalived start
|
3.8、验证(会自动配置为32位的源码)
3.8.1、查看一下ip
1
|
# ip addr show
|
3.8.2、查看一下ipvs规则
1
|
# ipvsadm -L -n
|
3.8.3、在物理机上访问172.16.50.1
刷新一下
3.8.4、查看一下ipvs规则
1
|
# ipvsadm -L -n
|
四、实现web服务的高可用(在HA1与HA2主机上配置相同)
4.1、需要两台虚拟机(不用realserver虚拟了),将这两台主机做成高可用web服务
4.1.1、将keepalived服务stop
1
|
# service keepalived stop
|
4.1.2、安装httpd包
1
|
# yum -y install httpd
|
4.1.3、提供页面
1
2
3
4
5
|
# vim /
var
/www/html/index.html
<h1>node1</h1>
HA2主机页面:
# vim /
var
/www/html/index.html
<h1>node2</h1>
|
4.1.4、启动服务
1
|
# service httpd start
|
4.1.5、在物理主机上访问这两个节点
4.2、提供配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
# cd /etc/keepalived/
# cp keepalived.conf.haproxy_example keepalived.conf
# vim keepalived.conf
! Configuration File
for
keepalived
global_defs {
notification_email {
linuxedu@foxmail.com
mageedu@
126
.com
}
notification_email_from kanotify@magedu.com
smtp_connect_timeout
3
smtp_server
127.0
.
0.1
router_id LVS_DEVEL
}
vrrp_script chk_httpd { 检查httpd
script
"killall -0 httpd"
interval
2
每隔两秒检查一次httpd
# check every
2
seconds
weight -
2
#
if
failed, decrease
2
of the priority 如果检查httpd失败了,将自己的优先级减
2
fall
2
检查两次,避免误杀进程
# require
2
failures
for
failures
rise
1
# require
1
sucesses
for
ok 成功的话就检查一次
}
vrrp_script chk_schedown {只要touch一个down文件,它就变为备份的,删除此文件它就变为主的
script
"[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval
2
weight -
2
}
vrrp_instance VI_1 {
interface
eth0
#
interface
for
inside_network, bound by vrrp
state MASTER
# Initial state, MASTER|BACKUP
# As soon
as
the other machine(s) come up,
# an election will be held and the machine
#
with
the highest
"priority"
will become MASTER.
# So the entry here doesn't matter a whole lot.
priority
101
#
for
electing MASTER, highest priority wins.
# to be MASTER, make
50
more than other machines.
virtual_router_id
51
# arbitary unique number
0
..
255
# used to differentiate multiple instances of vrrpd
# running on the same NIC (and hence same socket).
garp_master_delay
1
authentication {
auth_typePASS
auth_pass password
}
track_interface {
eth0
}
# optional, monitor these
as
well.
# go to FAULT state
if
any of these go down.
virtual_ipaddress {
172.16
.
50.1
/
16
dev eth0
label
eth0:
0
}
#addresses add|del on change to MASTER, to BACKUP.
#With the same entries on other machines,
#the opposite transition will be occuring.
#<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE>
label
<LABEL>
track_script { 每个一定的时间就会执行这两个脚本一次
chk_httpd
chk_schedown
}
一旦发现主从切换就会执行下面的脚本
notify_master
"/etc/keepalived/notify.sh master"
notify_backup
"/etc/keepalived/notify.sh backup"
notify_fault
"/etc/keepalived/notify.sh fault"
(失败时执行此脚本)
}
|
4.3、同步至节点2
1
|
# scp keepalived.conf notify.sh node2:/etc/keepalived/
|
4.3.1、HA2主机中修改配置文件
1
2
3
4
|
# vim /etc/keepalived/keepalived.conf
只需要修改一下两项,其他的都不改
state BACKUP
priority
100
|
4.3.2、启动服务(两个节点都要启动)
1
|
# service keepalived start
|
4.3.3、验证
1
|
# ifconfig
|
在物理机上访问
4.3.4、手动切换节点1至节点2上
在上面的配置文件中我们定义的有脚本,只有touch一个down文件节点1就会被转移
1
|
# touch /etc/keepalived/down
|
验证:查看节点1与节点2的IP地址
1
|
# ifconfig
|
节点1IP
节点2IP
在物理主机上访问172.16.50.1
4.3.5、删除down文件,资源就会转移回节点1
1
|
# rm -rf /etc/keepalived/down
|
验证:
节点1IP
在物理主机上访问172.16.50.1
五、实现web服务高可用双主模型
当然这是在主从模型的基础上做的
5、配置文件的修改
5.1、修改节点1的配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_2 {
interface
eth0
state BACKUP # BACKUP
for
slave routers
priority
100
#
100
for
BACKUP
virtual_router_id
52
garp_master_delay
1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16
.
50.2
/
16
dev eth0
label
eth0:
1
}
track_script {
chk_httpd
chk_schedown
}
notify_master
"/etc/keepalived/notify.sh master eth0:1"
notify_backup
"/etc/keepalived/notify.sh backup eth0:1"
notify_fault
"/etc/keepalived/notify.sh fault eth0:1"
}
|
5.2、修改节点2的配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_2 {
interface
eth0
state MASTER # BACKUP
for
slave routers
priority
101
#
100
for
BACKUP
virtual_router_id
52
garp_master_delay
1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16
.
50.2
/
16
dev eth0
label
eth0:
1
}
track_script {
chk_httpd
chk_schedown
}
notify_master
"/etc/keepalived/notify.sh master eth0:1"
notify_backup
"/etc/keepalived/notify.sh backup eth0:1"
notify_fault
"/etc/keepalived/notify.sh fault eth0:1"
}
|
5.3、重启服务
5.3.1、启动节点1
1
|
# service keepalived restart
|
5.3.2、启动节点2
1
|
# service keepalived restart
|
5.4、验证
5.4.1、查看节点1的IP
1
|
# ifconfig
|
5.4.2、查看节点2的IP
1
|
# ifconfig
|
5.4.3、在物理机上分别访问
http://172.16.50.1
http://172.16.50.2
5.5、模拟节点2 down掉
5.5.1、创建一个down文件
1
|
# touch /etc/keepalived/down
|
5.5.2、查看节点2的IP
5.5.3、查看节点1的IP
5.5.4、验证
在物理主机上访问
http://172.16.50.1
http://172.16.50.2
5.6、删除down文件
1
|
# rm -rf /etc/keepalived/down
|
5.6.1、查看节点2IP,看是否夺回了资源
5.6.2、物理主机服务172.16.50.2
5.7、模拟节点1 down掉
5.7.1、创建一个down文件
1
|
# touch /etc/keepalived/down
|
5.7.2、查看节点1的IP
5.7.3、查看节点2的IP
5.7.4、验证
在物理主机上访问
http://172.16.50.1
http://172.16.50.2
5.8、删除down文件
1
|
# rm -rf /etc/keepalived/down
|
5.8.1、查看节点2IP,看是否夺回了资源
5.8.2、物理主机服务172.16.50.2
注意:虽然叫双主模型,但不是双主模型,因为使用了不同的
这就是keepalived所要实现的功能,当然它的功能远不止这些,这里只讲了一小部分,希望对读者有所帮助哦!
转载于:https://blog.51cto.com/zhangyc/1303777