LVS+Keepalived

最新推荐文章于 2024-07-05 11:56:57 发布

&π_π&

最新推荐文章于 2024-07-05 11:56:57 发布

阅读量65

点赞数

本文链接：https://blog.csdn.net/weixin_48190892/article/details/109454310

版权

LVS+Keepalived

1. 理解Keepalived实现原理
2. keepalived+LVS案例

1. 理解Keepalived实现原理

1.1 Keepalived案例分析

在企业应用中，单台服务器承担应用存在单点故障的危险，在企业应用集群中，存在了至少两处单点故障危险，
单点故障一旦发生，企业服务将发生中断，造成极大的危害

1.2 Keepalived工具介绍

支持故障自动切换（Failover）
支持节点健康状态检查（Health Checking）
官方网站：http://www.keepalived.org/

1.3 Keepalived实现原理剖析

Keepalived采用VRRP热备份协议实现Linux服务器的多机热备功能

VRRP ，虚拟路由冗余协议，是针对路由器的一种备份解决方案
1、由多台路由器组成一个热备组，通过共用的虚拟IP地址对外提供服务
2、每个热备组内同一时刻只有一台主路由器提供服务，其他路由器处于冗余状态
3、若当前在线的路由器失效，则其他路由器会根据设置的优先级自动接替虚拟IP地址，继续提供服务

2. keepalived+LVS案例

IP地址规划：
漂移地址（VIP）：192.168.100.10
主调度器：192.168.100.15
辅调度器：192.168.100.20
WEB服务器1:192.168.100.30
WEB服务器2:192.168.100.40
存储服务器：192.168.100.50

2.1 配置主调度器 192.168.100.15

【1】调整/proc响应参数

[root@localhost network-scripts]# vi /etc/sysctl.conf 
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

[root@localhost network-scripts]# sysctl -p     ###生效
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

【2】清除负载分配策略

  [root@localhost /]# ipvsadm -C

【3】调整keepalived参数

[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs {
   router_id HA_TEST_R1                  ####本路由器的服务器名称  HA_TEST_R1
}
vrrp_instance VI_1 {                     ####定义VRRP热备实列
   state MASTER                          ####热备状态，master表示主服务器
   interface ens33                       ####表示承载VIP地址的物理接口
   virtual_router_id 1                   ####虚拟路由器的ID号，每个热备组保持一致
   priority 100                          ####优先级，优先级越大优先级越高
   advert_int 1                          ####通告间隔秒数（心跳频率）
   authentication {                      ####认证信息，每个热备组保持一致
      auth_type PASS                     ####认证类型
      auth_pass 123456                   ####认证密码
   }
   virtual_ipaddress {                   ####漂移地址（VIP），可以是多个
      192.168.100.10
   }
}
virtual_server 192.168.100.10 80 {        ####虚拟服务器地址（VIP）、端口
    delay_loop 15                        ####健康检查的时间间隔（秒）
    lb_algo rr                           ####轮询调度算法
    lb_kind DR                           ####直接路由（DR）群集工作模式
    persistence 60                       ####连接保持时间（秒），若启用请去掉！号
    protocol TCP                         ####应用服务采用的是TCP协议
    real_server 192.168.100.30 80 {       ####第一个WEB站点的地址，端口
        weight 1                         ####节点的权重
        TCP_CHECK {                      ####健康检查方式
     connect_port 80                    ####检查端口目标
     connect_timeout 3                  ####连接超时（秒）
     nb_get_retry 3                     ####重试次数
     delay_before_retry 4               ####重试间隔（秒）
 }
    }
    real_server 192.168.100.40 80 {
        weight 1
        TCP_CHECK {
     connect_port 80
     connect_timeout 3
     nb_get_retry 3
     delay_before_retry 4
 }
    }
}      

[root@localhost keepalived]# systemctl start keepalived                  ####启动keepalived
[root@localhost keepalived]# systemctl enable keepalived                 ####开机启动keepalived
[root@localhost keepalived]# ip addr show dev ens33                      ####查看主控制IP地址和漂移地址

2.2 配置辅调度器 192.168.100.20

【1】调整/proc响应参数

[root@localhost network-scripts]# vi /etc/sysctl.conf 
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

[root@localhost network-scripts]# sysctl -p     ###生效
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

【2】清除负载分配策略

[root@localhost /]# ipvsadm -C

【3】调整keepalived参数

global_defs {
   router_id HA_TEST_R2                  ####本路由器的服务器名称 HA_TEST_R2
}
vrrp_instance VI_1 {                     ####定义VRRP热备实列
   state BACKUP                          ####热备状态，backup表示辅服务器
   interface ens33                       ####表示承载VIP地址的物理接口
   virtual_router_id 1                   ####虚拟路由器的ID号，每个热备组保持一致
   priority 99                           ####优先级，优先级越大优先级越高
   advert_int 1                          ####通告间隔秒数（心跳频率）
   authentication {                      ####认证信息，每个热备组保持一致
      auth_type PASS                     ####认证类型
      auth_pass 123456                   ####认证密码
   }
   virtual_ipaddress {                   ####漂移地址（VIP），可以是多个
      192.168.100.10
   }
}
virtual_server 192.168.100.10 80 {       
    delay_loop 15
    lb_algo rr
    lb_kind DR
    persistence 60
    protocol TCP
    real_server 192.168.100.30 80 {
        weight 1
        TCP_CHECK {
     connect_port 80
     connect_timeout 3
     nb_get_retry 3
     delay_before_retry 4
 }
    }
    real_server 192.168.100.40 80 {
        weight 1
        TCP_CHECK {
     connect_port 80
     connect_timeout 3
     nb_get_retry 3
     delay_before_retry 4
 }
    }
}  


[root@localhost keepalived]# systemctl start keepalived                  ####启动keepalived
[root@localhost keepalived]# systemctl enable keepalived                 ####开机启动keepalived
[root@localhost keepalived]# ip addr show dev ens33                      ####查看主控制IP地址和漂移地址

2.3 配置存储服务器：192.168.100.50

rpm -q nfs-utils    ###如果没装，yum -y install nfs-utils
rpm -q rpcbind      ###如果没装，yum -y install rpcbind

[root@localhost ~]# systemctl start nfs
[root@localhost ~]# systemctl start rpcbind
[root@localhost ~]# vi /etc/exports
/opt/51xit 192.168.100.0/24 (rw,sync)
/opt/52xit 192.168.100.0/24 (rw,sync)

[root@localhost ~]# systemctl restart nfs
[root@localhost ~]# systemctl restart rpcbind
[root@localhost ~]# systemctl enable nfs
[root@localhost ~]# systemctl enable rpcbind
[root@localhost ~]# mkdir /opt/51xit /opt/52xit
[root@localhost ~]# echo "this is 51xit" >/opt/51xit/index.html
[root@localhost ~]# echo "this is 52xit" >/opt/52xit/index.html

2.4 配置节点服务器：192.168.100.30

【1】配置虚拟IP地址

[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.10
NETMASK=255.255.255.255
ONBOOT=yes

[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# ifconfig

[root@localhost network-scripts]# vi /etc/rc.local 
/sbin/route add -host 192.168.100.10 dev lo:0

[root@localhost network-scripts]# route add -host 192.168.100.10 dev lo:0

【2】调整/proc响应参数

[root@localhost network-scripts]# vi /etc/sysctl.conf 
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

[root@localhost network-scripts]# sysctl -p

【3】安装httpd 挂载测试页

[root@localhost ~]# showmount -e 192.168.100.50     ####如果还没发布，请到存储服务器发布下，exportfs -rv
Export list for 192.168.100.50:
/opt/51xit  (everyone)
/opt/52xit (everyone)

[root@localhost ~]# yum -y install httpd
[root@localhost ~]# mount 192.168.100.50:/opt/51xit /var/www/html/
[root@localhost ~]# vi /etc/fstab 
192.168.100.50:/opt/51xit/ /var/www/html/        nfs     rw,tcp,intr     0 1        ###开机自动挂载，注意格式对齐
[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl enable httpd

登录192.168.100.30测试网站是否正常

2.5 配置节点服务器：192.168.100.40

【1】配置虚拟IP地址

[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.10
NETMASK=255.255.255.255
ONBOOT=yes

[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# ifconfig

[root@localhost network-scripts]# vi /etc/rc.local 
/sbin/route add -host 192.168.100.10 dev lo:0

[root@localhost network-scripts]# route add -host 192.168.100.10 dev lo:0

【2】调整/proc响应参数

[root@localhost network-scripts]# vi /etc/sysctl.conf 
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

[root@localhost network-scripts]# sysctl -p

【3】安装httpd 挂载测试页

[root@localhost ~]# showmount -e 192.168.100.50     ####如果还没发布，请到存储服务器发布下，exportfs -rv
Export list for 192.168.100.50:
/opt/accp  (everyone)
/opt/bdqn (everyone)

[root@localhost ~]# yum -y install httpd
[root@localhost ~]# mount 192.168.100.50:/opt/52xit /var/www/html/
[root@localhost ~]# vi /etc/fstab 
192.168.100.50:/opt/52xit/ /var/www/html/        nfs     rw,tcp,intr     0 1        ###开机自动挂载，注意格式对齐

[root@localhost ~]# systemctl start httpd
[root@localhost ~]# systemctl enable httpd

登录192.168.100.40测试网站是否正常

2.6 测试网站

1、测试主调度器是否正常工作

打开抓包工具，会发现192.168.100.15主调度器，一直在发VRRP报文

打开浏览器 192.168.100.10 出现 this is 51xit

等待一分钟打开浏览器 192.168.100.15 出现this is 52xit

主调度器正常！

2、测试辅调度器是否正常工作

停止主服务器的keepadlive systemctl stop keepalived.service

打开抓包工具，会发现192.168.100.20辅调度器，一直在发VRRP报文

打开浏览器 192.168.100.10 出现 this is 51xit

等待一分钟打开浏览器 192.168.100.10 出现 this is 52xit

辅调度器正常！

tail -f /var/log/messages

&π_π&

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
LVS+Keepalived

LVS+Keepalived1. 理解Keepalived实现原理1.1 Keepalived案例分析1.2 Keepalived工具介绍1.3 Keepalived实现原理剖析2. keepalived+LVS案例2.1 配置主调度器 192.168.100.101. 理解Keepalived实现原理1.1 Keepalived案例分析在企业应用中，单台服务器承担应用存在单点故障的危险，在企业应用集群中，存在了至少两处单点故障危险，单点故障一旦发生，企业服务将发生中断，造成极大的危害1.2
复制链接

扫一扫