Keepalived + LVS/DR
说明
- Keepalived:可以踢出掉故障服务
- Keepalived:可以实现主从切换,解决单点故障
实验环境
- 四台主机:Linux Centos 6.4 32位
- 两台Director:LVS+Keepalived
- 两台Web:Apache
环境搭建操作
web server 端
1、添加虚拟IP脚本
vim /usr/local/sbin/lvs_dr.sh
#/bin/bash vip=192.168.1.100 # 把vip绑定在lo上,是为了实现rs直接把结果返回给客户端 ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip lo:0 # 以下操作为更改arp内核参数,目的是为了让rs顺利发送mac地址给客户端 echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore echo "2">/proc/sys/net/ipv4/conf/all/arp_announce # 更改内核配置文件之后生效命令,可以不加 sysctl -a 查看所有内核参数 # sysctl -p
2、执行脚本
sh /usr/local/sbin/lvs_dr.sh
主 Director
1、安装服务
yum -y install keepalived.i686 0:1.2.7-3.el6 yum -y install ipvsadm.i686
2、开启路由转发功能
echo 1 > /proc/sys/net/ipv4/ip_forward
3、配置Keepalived配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
vrrp_instance VI_1 {
# 备用服务器上为 BACKUP
state MASTER
# 公网的网卡
interface eth0
# 自定义id数值
virtual_router_id 51
# 权重值、主要高于slave
priority 100
# 检测服务器状态间隔时间
advert_int 1
authentication {
# 密码类型
auth_type PASS
# 密码
auth_pass 1111
}
virtual_ipaddress {
# 虚拟IP地址,可以为多个
192.168.1.100
}
}
# 配置VIP
virtual_server 192.168.1.100 80 {
# 每隔6秒查询realserver状态
delay_loop 6
# LVS算法
lb_algo wlc
# Direct Route
lb_kind DR
# 同一个IP的链接0秒内被分配到同一台realserver
persistence_timeout 0
# 用TCP协议检查realserver状态
protocol TCP
# 配置realserver
real_server 192.168.1.111 80 {
# 权重
weight 100
TCP_CHECK {
# 10秒无响应超时
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
# 配置realserver
real_server 192.168.1.115 80 {
# 权重
weight 100
# 检测
TCP_CHECK {
# 10秒无响应超时
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
4、启动服务:先启动主后启动从
/etc/init.d/keepalived start
从 Director
1、安装服务
yum -y install keepalived.i686 0:1.2.7-3.el6 yum -y install ipvsadm.i686
2、开启路由转发功能
echo 1 > /proc/sys/net/ipv4/ip_forward
3、配置Keepalived配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
vrrp_instance VI_1 {
# 主用服务器上为 MASTER
state BACKUP
# 公网的网卡
interface eth0
# 自定义id数值
virtual_router_id 51
# 权重值、主要高于slave
priority 90
# 检测服务器状态间隔时间
advert_int 1
authentication {
# 密码类型
auth_type PASS
# 密码
auth_pass 1111
}
virtual_ipaddress {
# 虚拟IP地址,可以为多个
192.168.1.100
}
}
# 配置VIP
virtual_server 192.168.1.100 80 {
# 每隔6秒查询realserver状态
delay_loop 6
# LVS算法
lb_algo wlc
# Direct Route
lb_kind DR
# 同一个IP的链接0秒内被分配到同一台realserver
persistence_timeout 0
# 用TCP协议检查realserver状态
protocol TCP
# 配置realserver
real_server 192.168.1.111 80 {
# 权重
weight 100
TCP_CHECK {
# 10秒无响应超时
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
# 配置realserver
real_server 192.168.1.115 80 {
# 权重
weight 100
# 检测
TCP_CHECK {
# 10秒无响应超时
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
4、启动服务:先启动主后启动从
/etc/init.d/keepalived start
查询状态
命令:ipvsadm -l IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.100:http wlc -> 192.168.1.111:http Route 100 0 0 -> 192.168.1.115:http Route 100 0 0
命令:ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:67:0e:20 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.160/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.100/32 scope global eth0
inet6 fe80::20c:29ff:fe67:e20/64 scope link
valid_lft forever preferred_lft forever
命令:ipvsadm -l IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.100:http wlc -> 192.168.1.111:http Route 100 0 0 -> 192.168.1.115:http Route 100 0 0
命令:ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:9e:70:1e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.161/24 brd 192.168.1.255 scope global eth0
inet6 fe80::20c:29ff:fe9e:701e/64 scope link
valid_lft forever preferred_lft forever
命令:ifconfig
lo:0 Link encap:Local Loopback
inet addr:192.168.1.100 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
测试
http://192.168.1.100/ LVS 1 http://192.168.1.100/ LVS 2 http://192.168.1.100/ LVS 1 http://192.168.1.100/ LVS 2
#---------------------------单点故障-------------------------------#
Dir 主 端:ifdown eth0 关闭网卡
# 查看IP飘逸192.168.1.100
Dir 从端:ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:9e:70:1e brd ff:ff:ff:ff:ff:ff
inet 192.168.1.161/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.100/32 scope global eth0
inet6 fe80::20c:29ff:fe9e:701e/64 scope link
valid_lft forever preferred_lft forever
# 查看日志
主端:tail -f /var/log/messages
Dec 24 02:36:18 localhost Keepalived_healthcheckers[1916]: Netlink reflector reports IP 192.168.1.100 added
#------------------------------------------------------------------#
#---------------------------恢复单点故障-----------------------------#
Dir 主 端:ifup eth0 启动网卡
# 查看IP飘逸192.168.1.100
Dir 主 端: ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:67:0e:20 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.160/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.100/32 scope global eth0
inet6 fe80::20c:29ff:fe67:e20/64 scope link
valid_lft forever preferred_lft forever
# 查看日志
Dir 从 端: tail -f /var/log/messages
Dec 24 02:36:23 localhost Keepalived_vrrp[1917]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.100
Dec 24 02:48:02 localhost Keepalived_vrrp[1917]: VRRP_Instance(VI_1) Received higher prio advert
Dec 24 02:48:02 localhost Keepalived_vrrp[1917]: VRRP_Instance(VI_1) Entering BACKUP STATE
Dec 24 02:48:02 localhost Keepalived_vrrp[1917]: VRRP_Instance(VI_1) removing protocol VIPs.
Dec 24 02:48:02 localhost Keepalived_healthcheckers[1916]: Netlink reflector reports IP 192.168.1.100 removed
#------------------------------------------------------------------#
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
