如需转载请看作者声明,本文转载http://502245466.blog.51cto.com/7559397/1302343;

概述

随着近年来互联网的快速发展;而众多需要提供给用户访问的WEB服务器,必须保证每天24小时不间断的提供服务,随着访问量的增加,又有哪些好的WEB构架能实现高可用负载均衡,而且又是免费的呢?答案是肯定是有了,而这种架构就是LVS+Keepalived

Keepalived简介

什么是Keepalived:keepalived可以实现服务的高可用或热备,用来防止单点故障的问题;而Keepalived的核心VRRP协议,VRRP协议主要实现了在路由器或三层交换机处的冗余;Keepalived就是使用VRRP协议来实现高可用的;下面一起来看一下Keepalived的原理图:

LVS+Keepalived实现高可用负载均衡_lvs+keepalive

Keepalived启动后会有三个进程:

父进程:内存管理,子进程管理

子进程:VRRP子进程

子进程:healthchecker子进程

由上图可知:两个子进程都被系统WatchDog看管,两个子进程各自复杂自己的事,healthchecker子进程复杂检查各自服务器的健康程度,例如HTTP,LVS等,如果healthchecker子进程检查到MASTER上服务不可用了,就会通知本机上的VRRP子进程,让他删除通告,并且去掉虚拟IP,转换为BACKUP状态

环境介绍:

LVS+Keepalived实现高可用负载均衡_lvs+keepalive_02

系统版本:CentOS6_x86_64

LVS_DR模式:WEB1与WEB2服务器的网关不能设置为LVS调度器

一、安装配置LVS+Keepalived

1、在Master与Backup服务器上分别安装Ipvsadm、Keepalived软件包、这里使用的是rpm包安装方式

1
2
3
[root@master~]#yum-yinstallipvsadmkeepalived
[root@backup~]#yum-yinstallipvsadmkeepalived
注释:这里安装Ipvsadm工具主要是为了查看lvs规则使用,不安装ipvsadm工具也能成功配置规则,但不方式查看

2、修改Master的主配置文件

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
[root@master~]#vim/etc/keepalived/keepalived.conf
!ConfigurationFileforkeepalived
global_defs{
notification_email{#设置报警通知邮件地址,可以设置多个
root@localhost
}
notification_email_fromadmin@allen.com#设置邮件的发送地址
smtp_server127.0.0.1#设置smtpserver的地址,该地址必须是存在的
smtp_connect_timeout30#设置连接smtpserver的超时时间
router_idLVS_ALLEN#运行Keepalived服务器的标识,发邮件时显示在邮件标题中的信息
}
vrrp_instancelvs_allen{#定义VRRP实例,实例名自定义
stateMASTER#指定Keepalived的角色,MASTER为主服务器,BACKUP为备用服务器
interfaceeth0#指定HA监测的接口
virtual_router_id68#虚拟路由标识,这个标识是一个数字(1-255),在一个VRRP实例中主备服务器ID必须一样
priority100#优先级,数字越大优先级越高,在一个实例中主服务器优先级要高于备服务器
advert_int1#设置主备之间同步检查的时间间隔单位秒
authentication{#设置验证类型和密码
auth_typePASS#验证类型有两种{PASS|HA}
auth_pass1689#设置验证密码,在一个实例中主备密码保持一样
}
virtual_ipaddress{#定义虚拟IP地址,可以有多个,每行一个
172.16.14.10
}
}
virtual_server172.16.14.1080{#设置虚拟服务器,需要指定虚拟IP与服务端口,用空格分隔
delay_loop6#设置健康状态检查时间,单位为秒
lb_algorr#设置负载高度算法,rr为轮询
lb_kindDR#设置LVS实现负载均衡的机制,可以为{NAT|TUN|DR}三种
nat_mask255.255.0.0#设置掩码
persistence_timeout50#会话保持时间,单位为秒;这个选项对于动态网页是非常有用的,为集群系统中session共享提供了一个很好的解决方案
protocolTCP#指定转发协议类型可以设置{TCP|UDP}两种
real_server172.16.14.380{#服务服务节点,需要指定Real_server的IP与端口,用空格分隔
weight1#配置服务节点的权重,数字越大,权重越高
HTTP_GET{#设置检测Realserver的方式为Http协议
url{
path/
status_code200#设定返回状态码为200表示Realserver是存活的
}
connect_timeout3#设置响应超时时间
nb_get_retry3#设置超时重试次数
delay_before_retry3#设置超时后重试间隔
}
}
real_server172.16.14.480{
weight1
HTTP_GET{
url{
path/
status_code200
}
connect_timeout3
nb_get_retry3
delay_before_retry3
}
}
}

3、将Master服务器上的主配置文件拷贝到Backup服务器稍作修改

1
2
3
4
5
[root@backup~]#scp172.16.14.1:/etc/keepalived/keepalived.conf/etc/keepalived/
######修改如下两项
[root@backup~]#vim/etc/keepalived/keepalived.conf
stateBACKUP
priority98

4、启动两台服务器上的Keepalived服务并设置为开机自启动

1
2
3
4
5
6
7
8
9
10
11
12
13
######MASER服务器
[root@master~]#servicekeepalivedstart
Startingkeepalived:[OK]
[root@master~]#chkconfigkeepalivedon
[root@master~]#chkconfig--listkeepalived
keepalived0:off1:off2:on3:on4:on5:on6:off
######BACKUP服务器
[root@backup~]#vim/etc/keepalived/keepalived.conf
[root@backup~]#servicekeepalivedstart
Startingkeepalived:[OK]
[root@backup~]#chkconfigkeepalivedon
[root@backup~]#chkconfig--listkeepalived
keepalived0:off1:off2:on3:on4:on5:on6:off

5、开启Master与Backup服务器的路由转发功能

1
2
3
4
[root@master~]#sed-i's/net.ipv4.ip_forward=0/net.ipv4.ip_forward=1/g'/etc/sysctl.conf
[root@backup~]#sed-i's/net.ipv4.ip_forward=0/net.ipv4.ip_forward=1/g'/etc/sysctl.conf
######执行如下命令使其生效
sysctl-p

二、安装Httpd并设置好Realserver

1、为后端服务器WEB1安装Httpd服务并启动服务,这里使用的rpm包安装

1
2
3
4
5
6
7
[root@web1~]#yum-yinstallhttpd
######为web1提供测试页
[root@web1~]#echo'<h1>WEB1http://502245466.blog.51cto.com</h1>'>/var/www/html/index.html
[root@web1~]#servicehttpdstart
[root@web1~]#chkconfighttpdon
[root@web1~]#chkconfig--listhttpd
httpd0:off1:off2:on3:on4:on5:on6:off

2、访问测试WEB1服务器

LVS+Keepalived实现高可用负载均衡_lvs+keepalive_03

3、为后端服务器WEB2安装Httpd服务并启动服务,这里使用的rpm包安装

1
2
3
4
5
6
7
[root@web2~]#yum-yinstallhttpd
######为web2提供测试页
[root@web2~]#echo'<h1>WEB2http://502245466.blog.51cto.com</h1>'>/var/www/html/index.html
[root@web2~]#servicehttpdstart
[root@web2~]#chkconfighttpdon
[root@web2~]#chkconfig--listhttpd
httpd0:off1:off2:on3:on4:on5:on6:off

4、访问测试WEB2服务器

LVS+Keepalived实现高可用负载均衡_lvs+keepalive_04

5、为两台Realserver提供Sysv格式的脚本来自动修改内核参数与虚拟IP并运行脚本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
[root@web1~]#vim/etc/init.d/lvs
#!/bin/bash
#ALLENhttp://502245466.blog.51cto.com
#chkconfig:-8866
#ScripttostartLVSDRrealserver.
#description:LVSDRrealserver
#
./etc/rc.d/init.d/functions
VIP=172.16.14.10
host=`/bin/hostname`
case"$1"in
start)
#StartLVS-DRrealserveronthismachine.
/sbin/ifconfiglodown
/sbin/ifconfigloup
echo1>/proc/sys/net/ipv4/conf/lo/arp_ignore
echo2>/proc/sys/net/ipv4/conf/lo/arp_announce
echo1>/proc/sys/net/ipv4/conf/all/arp_ignore
echo2>/proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfiglo:0$VIPbroadcast$VIPnetmask255.255.255.255up
/sbin/routeadd-host$VIPdevlo:0
;;
stop)
#StopLVS-DRrealserverloopbackdevice(s).
/sbin/ifconfiglo:0down
echo0>/proc/sys/net/ipv4/conf/lo/arp_ignore
echo0>/proc/sys/net/ipv4/conf/lo/arp_announce
echo0>/proc/sys/net/ipv4/conf/all/arp_ignore
echo0>/proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
#StatusofLVS-DRrealserver.
islothere=`/sbin/ifconfiglo:0|grep$VIP`
isrothere=`netstat-rn|grep"lo:0"|grep$VIP`
if[!"$islothere"-o!"isrothere"];then
#Eithertherouteorthelo:0device
#notfound.
echo"LVS-DRrealserverStopped."
else
echo"LVS-DRrealserverRunning."
fi
;;
*)
#Invalidentry.
echo"$0:Usage:$0{start|status|stop}"
exit1
;;
esac
注释:脚本中的VIP定义的是虚拟IP地址
====================================================================
[root@web1~]#chmod+x/etc/init.d/lvs
[root@web1~]#chkconfig--addlvs
[root@web1~]#chkconfiglvson
[root@web1~]#chkconfig--listlvs
lvs0:off1:off2:on3:on4:on5:on6:off
[root@web1~]#servicelvsstart
[root@web1~]#servicelvsstatus
LVS-DRrealserverRunning.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
######为WEB2提供脚本
[root@web2~]#scp-p172.16.14.3:/etc/init.d/lvs/etc/init.d/
[root@web2~]#chkconfig--addlvs
[root@web2~]#chkconfiglvson
[root@web2~]#chkconfig--listlvs
lvs0:off1:off2:on3:on4:on5:on6:off
[root@web2~]#servicelvsstart
[root@web2~]#servicelvsstatus
LVS-DRrealserverRunning.

三、验证服务

1、查看当前Master服务器的IP地址及LVS规则

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
[root@master~]#ipaddrshoweth0
2:eth0:<BROADCAST,MULTICAST,UP,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:2c:1a:24brdff:ff:ff:ff:ff:ff
inet172.16.14.1/16brd172.16.255.255scopeglobaleth0
inet172.16.14.10/32scopeglobaleth0
inet6fe80::20c:29ff:fe2c:1a24/64scopelink
valid_lftforeverpreferred_lftforever
######由上可见虚拟IP地址已经在Master主机上启动
========================================================================
[root@master~]#ipvsadm-L-n
IPVirtualServerversion1.2.1(size=4096)
ProtLocalAddress:PortSchedulerFlags
->RemoteAddress:PortForwardWeightActiveConnInActConn
TCP172.16.14.10:80rrpersistent50
->172.16.14.3:80Route100
->172.16.14.4:80Route100
######从规则中可以看出虚拟IP与Port及调度算法为rr;其中有两个Realserver

2、访问测试服务器是否正常提供服务

LVS+Keepalived实现高可用负载均衡_lvs+keepalive_05

LVS+Keepalived实现高可用负载均衡_lvs+keepalive_06

由上可知,使用的是rr调度算法,在访问测试时可能需要多访问几次或换个浏览器来测试访问

3、模拟Master服务器出现故障,将Master主机上的Keepalived服务停止,查看Backup服务器是否接管所有服务

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
[root@master~]#servicekeepalivedstop
Stoppingkeepalived:[OK]
----------------------------------------------------------------------
[root@master~]#ipaddrshoweth0
2:eth0:<BROADCAST,MULTICAST,UP,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:2c:1a:24brdff:ff:ff:ff:ff:ff
inet172.16.14.1/16brd172.16.255.255scopeglobaleth0
inet6fe80::20c:29ff:fe2c:1a24/64scopelink
valid_lftforeverpreferred_lftforever
----------------------------------------------------------------------
[root@master~]#ipvsadm-L-n
IPVirtualServerversion1.2.1(size=4096)
ProtLocalAddress:PortSchedulerFlags
->RemoteAddress:PortForwardWeightActiveConnInActConn
######由上可见Master服务器上已删除虚拟IP与LVS规则
======================================================================
[root@backup~]#ipaddrshoweth0
2:eth0:<BROADCAST,MULTICAST,UP,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:ec:f6:3fbrdff:ff:ff:ff:ff:ff
inet172.16.14.2/16brd172.16.255.255scopeglobaleth0
inet172.16.14.10/32scopeglobaleth0
inet6fe80::20c:29ff:feec:f63f/64scopelink
valid_lftforeverpreferred_lftforever
######由上可见,虚拟IP地址已成功在Backup服务器启动
----------------------------------------------------------------------
[root@backup~]#ipvsadm-L-n
IPVirtualServerversion1.2.1(size=4096)
ProtLocalAddress:PortSchedulerFlags
->RemoteAddress:PortForwardWeightActiveConnInActConn
TCP172.16.14.10:80rrpersistent50
->172.16.14.3:80Route100
->172.16.14.4:80Route100
######LVS的规则也已成功配置在Backup服务器上面

4、再次访问测试服务器是否正常提供服务

LVS+Keepalived实现高可用负载均衡_lvs+keepalive_07

LVS+Keepalived实现高可用负载均衡_lvs+keepalive_08

5、假如Master服务器修复好已重新上线,则虚拟IP地址与LVS规则会重新配置到Master服务器上而在Backup服务器上删除

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
######查看Master服务器
[root@master~]#servicekeepalivedstart
Startingkeepalived:[OK]
----------------------------------------------------------------------
[root@master~]#ipaddrshoweth0
2:eth0:<BROADCAST,MULTICAST,UP,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:2c:1a:24brdff:ff:ff:ff:ff:ff
inet172.16.14.1/16brd172.16.255.255scopeglobaleth0
inet172.16.14.10/32scopeglobaleth0
inet6fe80::20c:29ff:fe2c:1a24/64scopelink
valid_lftforeverpreferred_lftforever
----------------------------------------------------------------------
[root@master~]#ipvsadm-L-n
IPVirtualServerversion1.2.1(size=4096)
ProtLocalAddress:PortSchedulerFlags
->RemoteAddress:PortForwardWeightActiveConnInActConn
TCP172.16.14.10:80rrpersistent50
->172.16.14.3:80Route100
->172.16.14.4:80Route100
######由上可见,虚拟IP地址与LVS规则又重新配置到Master服务器上面
======================================================================
######查看Backup服务器
[root@backup~]#ipaddrshoweth0
2:eth0:<BROADCAST,MULTICAST,UP,LOWER_UP>mtu1500qdiscpfifo_faststateUPqlen1000
link/ether00:0c:29:ec:f6:3fbrdff:ff:ff:ff:ff:ff
inet172.16.14.2/16brd172.16.255.255scopeglobaleth0
inet6fe80::20c:29ff:feec:f63f/64scopelink
valid_lftforeverpreferred_lftforever
----------------------------------------------------------------------
[root@backup~]#ipvsadm-L-n
IPVirtualServerversion1.2.1(size=4096)
ProtLocalAddress:PortSchedulerFlags
->RemoteAddress:PortForwardWeightActiveConnInActConn
TCP172.16.14.10:80rrpersistent50
->172.16.14.3:80Route100
->172.16.14.4:80Route100
######由上可见,虚拟IP地址已经删除,但是LVS规则还存在,这对我们是没有影响的,没有了IP地址只有规则也是不生效的

6、如果后端Realserver出现故障,则LVS规则会清除相应Realserver的规则

1
2
3
4
5
6
7
8
9
10
[root@web1~]#servicehttpdstop
Stoppinghttpd:[OK]
------------------------------------------------------------------------
[root@master~]#ipvsadm-L-n
IPVirtualServerversion1.2.1(size=4096)
ProtLocalAddress:PortSchedulerFlags
->RemoteAddress:PortForwardWeightActiveConnInActConn
TCP172.16.14.10:80rrpersistent50
->172.16.14.4:80Route100
######由上可见,停止了WEB1服务器的Httpd服务;查看LVS规则中已经清除了WEB1服务器的规则;如果将WEB1重新上线,则LVS会自动将规则添加上这里就不再测试