lvs+keepalived+apache分离式部署实现简单的高可用~
准备工作:
lvs+keepalived:192.168.131.80、81
nginx(http):192.168.131.82、83
基础环境防火墙都是关闭的状态:
systemctl stop firewalld
setenforce 0
1、安装步骤
1.安装lvs+keepalived
192.168.131.80配置:
//在LVS服务器上添加一个地址为VIP的虚拟网卡ens33:0 并启动
ifconfig ens33:0 192.168.131.100 netmask 255.255.255.0
ipvsadm -A -t 192.168.131.100:80 -s rr
ipvsadm -a -t 192.168.131.100:80 -r 192.168.131.82:80 -g
ipvsadm -a -t 192.168.131.100:80 -r 192.168.131.83:80 -g
ipvsadm
yum -y install keepalived ipvsadm
修改配置文件:vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
! vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.131.100
}
}
virtual_server 192.168.131.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
! persistence_timeout 50
protocol TCP
real_server 192.168.131.82 80 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 80
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.131.83 80 {
weight 1
TCP_CHECK {
connect_timeout 3
connect_port 80
nb_get_retry 3
delay_before_retry 3
}
}
}
保存退出
启动keepalived
systemctl start keepalived
ip a 查看vip状态
192.168.131.81配置:
//在LVS服务器上添加一个地址为VIP的虚拟网卡ens33:0 并启动
ifconfig ens33:0 192.168.131.100 netmask 255.255.255.0
ipvsadm -A -t 192.168.131.100:80 -s rr
ipvsadm -a -t 192.168.131.100:80 -r 192.168.131.82:80 -g
ipvsadm -a -t 192.168.131.100:80 -r 192.168.131.83:80 -g
ipvsadm
yum -y install keepalived ipvsadm
修改配置文件内容有两个地方需要改动 别的都一样
20 state BACKUP
23 priority 90
20行的MASTER 换成BACKUP 23行的优先级设置个比100小的数 其他不变
保存退出
启动keepalived
systemctl start keepalived
停掉192.168.131.80的keepalived 测试vip能不能飘到 81的虚拟机上
2.安装apache
注:(我这里用的是apache换成nginx也可以)
192.168.131.82配置:
ifconfig lo:0 192.168.131.100 netmask 255.255.255.255
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
注:arp_announce为2时:只向该网卡回应与该网段匹配的ARP报文。
arp_ignore为1:只响应目的IP地址为接收网卡上的本地地址的arp请求其主要是实现禁止响应ARP的请求。
route add 192.168.131.100 dev lo
yum -y install httpd
echo web1 > /var/www/html/index.html
测试
192.168.131.83配置:
ifconfig lo:0 192.168.131.100 netmask 255.255.255.255
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
注:arp_announce为2时:只向该网卡回应与该网段匹配的ARP报文。
arp_ignore为1:只响应目的IP地址为接收网卡上的本地地址的arp请求其主要是实现禁止响应ARP的请求。
route add 192.168.131.100 dev lo
yum -y install httpd
echo web2 > /var/www/html/index.html
测试
3.测试验证
返回192.168.131.80 查看ipvsadm 调度表
访问vip验证