重点:各节点之间同步时间
ntpadte time.windows.com
1.关闭防火墙和SELinux
service iptables stop
setenforce 0
<img src="https://img-blog.csdn.net/20150812143136442?watermark/2/text/aHR0cDovL2Jsb2cuY3Nkbi5uZXQv/font/5a6L5L2T/fontsize/400/fill/I0JBQkFCMA==/dissolve/70/gravity/Center" alt="" />
2.环境规划
3.配置
(1) DR主:
安装ipvsadm yum -y install ipvsadm
安装keepalived yum -y install keepalived
配置keepalived vim /etc/keepalived/keepalived.conf
Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc #设置报警邮件地址,可以设置多个,每行1个,
failover@firewall.loc <span style="white-space:pre"> </span> #需开启邮件报警及本机的Sendmail服务。
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1 #设置SMTP Server地址;
smtp_connect_timeout 30
router_id LVS_DEVEL
}
########VRRP Instance########
vrrp_instance VI_1 {
state MASTER #指定Keepalived的角色,MASTER为主机服务器,BACKUP为备用服务器
interface eth0 <span style="white-space:pre"> </span> #BACKUP为备用服务器
virtual_router_id 51
priority 100 <span style="white-space:pre"> </span> #定义优先级,数字越大,优先级越高,主DR必须大于备用DR。
advert_int 1
authentication {
auth_type PASS <span style="white-space:pre"> </span> #设置验证类型,主要有PASS和AH两种
auth_pass 1111 <span style="white-space:pre"> </span> #设置验证密码
}
virtual_ipaddress {
192.168.1.10 #设置主DR的虚拟IP地址(virtual IP),可多设,但必须每行1个
}
}
########Virtual Server########
virtual_server 192.168.1.10 80 { #注意IP地址与端口号之间用空格隔开
delay_loop 6 <span style="white-space:pre"> </span> #设置健康检查时间,单位是秒
lb_algo rr #设置负载调度算法,默认为rr,即轮询算法,最优秀是wlc算法
lb_kind DR <span style="white-space:pre"> </span> #设置LVS实现LB机制,有NAT、TUNN和DR三个模式可选
nat_mask 255.255.255.0
persistence_timeout 50 #会话保持时间,单位为秒
protocol TCP #指定转发协议类型,有TCP和UDP两种
real_server 192.168.1.105 80 {
weight 1 #配置节点权值,数字越大权值越高
TCP_CHECK {
connect_timeout 3 #表示3秒无响应,则超时
nb_get_retry 3 #表示重试次数
delay_before_retry 3 #表示重试间隔
}
}
real_server 192.168.1.133 80 { #配置服务器节点,即Real Server2的public IP
weight 3 <span style="white-space:pre"> </span> #配置节点权值,数字越大权值越高
TCP_CHECK {
connect_timeout 3 #表示3秒无响应,则超时
nb_get_retry 3 #表示重试次数
delay_before_retry 3 #表示重试间隔
}
}
}
(2) DR备: <pre name="code" class="html"> 安装ipvsadm yum -y install ipvsadm
安装keepalived yum -y install keepalived
配置keepalived vim /etc/keepalived/keepalived.conf
仅仅需要修改两处就OK</span>
NO.1处:把“state MASTER” 修改为 “state BACKUP” #即备用服务器
NO.2处:把“priority 100” 修改为 “priority 90 ” #优先级为9
(3)各节点RS:(4)两个DR启动keepalived ip addr 可以查看VIP安装http yum -y install httpd 启动http service httpd start echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 1 >/proc/sys/net/ipv4/conf/eth0/arp_ignore 配置VIP ifconfig lo:0 192.168.1.10 braodcast 192.168.1.10 netmask 255.255.255.255 添加路由 route add -host 192.168.1.10 dev lo:0
<span style="font-family:SimSun;"> 4.性能测试</span>
1.高可用性能测试:
<span style="font-family:SimSun;"> 高可用性是通过LVS的两个DR1和DR2完成的。为了模拟故障,先将DR1上的keepalived服务停止,然后观察DR2能否获得VIP地址接管DR1的任务。</span>
<span style="font-family:SimSun;"> 2.负载均衡测试:</span>
<span style="font-family:SimSun;"> 1)用客户端的浏览器访问www服务访问VIP地址:192.168.1.10(将RS1设置为real server 1,RS2,设置为real server 2)看是否能根据算法来回切换</span>
<span style="font-family:SimSun;"><pre name="code" class="html" style="font-size:14px;"><img src="http://www.jizhuomi.com/upload/lvs-keepalived-38.jpg" alt="" /></span>
2)故障切换测试
<span style="font-family:SimSun;"> 在某个节点出现故障后,keepalived监控模块能否及时发现,然后屏蔽故障节点,同时转移到正常节点上执行。</span>
<span style="font-family:SimSun;"> 停掉RS2的httpd服务,然后访问www服务</span>
<span style="font-family:SimSun;"> <img src="http://www.jizhuomi.com/upload/lvs-keepalived-42.jpg" alt="" /></span>
<span style="font-family:SimSun;"> 由上图这样就是没问题</span>