利用Keepalived实现VIP+LVS+后端状态检测(TCP检测或HTTP检测)

一、实验环境

VIP+LVS 服务器:10.0.0.11(keepalived-1)、10.0.0.12(keepalived-2)
nginx服务器:10.0.0.13(nginx-web-1)、10.0.0.14(nginx-web-2)
VIP:10.0.0.100

二、VIP配置

keepalived-1 配置

[root@keepalived-1 ~]# mkdir /etc/keepalived/conf/
[root@keepalived-1 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.100 dev eth0 label eth0:0
    }
}
include /etc/keepalived/conf/*.conf
[root@keepalived-1 ~]# systemctl restart keepalived.service

keepalived-2 配置

[root@keepalived-2 ~]# mkdir /etc/keepalived/conf/
[root@keepalived-2 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.100 dev eth0 label eth0:0
    }
}
include /etc/keepalived/conf/*.conf
[root@keepalived-2 ~]# systemctl restart keepalived.service

三、Nginx配置访问页面

nginx-web-1 配置

[root@nginx-web-1 ~]# vim /apps/nginx/html/index.html
10.0.0.13-nginx-web1

nginx-web-2 配置

[root@nginx-web-2 ~]# vim /apps/nginx/html/index.html
10.0.0.14-nginx-web2

四、LVS配置

keepalived-1 配置

[root@keepalived-1 ~]# vim /etc/keepalived/conf/vip-10.0.0.100-80.conf
virtual_server 10.0.0.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 120
    protocol TCP
    sorry_server 10.0.0.101 80
    real_server 10.0.0.13 80 {
        weight 1
        TCP_CHECK {    
            connect_timeout 5
            nb_get_retry 3    
            delay_before_retry 3
        }
    }
    real_server 10.0.0.14 80 {
        weight 1
        TCP_CHECK {        
            connect_timeout 5
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@keepalived-1 ~]# systemctl restart keepalived.service
[root@keepalived-1 ~]# ipvsadm -Ln    #查看LVS配置是否生效,加上--stats可以查看更详细的信息
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.100:80 wrr persistent 120
  -> 10.0.0.13:80                 Route   1      0          0
  -> 10.0.0.14:80                 Route   1      0          0

keepalived-2 配置

[root@keepalived-2 ~]# vim /etc/keepalived/conf/vip-10.0.0.100-80.conf
virtual_server 10.0.0.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 120
    protocol TCP
    sorry_server 10.0.0.101 80
    real_server 10.0.0.13 80 {
        weight 1
        TCP_CHECK {    
            connect_timeout 5
            nb_get_retry 3    
            delay_before_retry 3
        }
    }
    real_server 10.0.0.14 80 {
        weight 1
        TCP_CHECK {        
            connect_timeout 5
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@keepalived-2 ~]# systemctl restart keepalived.service
[root@keepalived-2 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.100:80 wrr persistent 120
  -> 10.0.0.13:80                 Route   1      0          0
  -> 10.0.0.14:80                 Route   1      0          0

nginx-web-1 在RS上配置VIP,实现DR功能

[root@nginx-web-1 ~]# vim lvs_dr_rs.sh
LVS_VIP=10.0.0.100
source /etc/rc.d/init.d/functions
case "$1" in
start)
    /sbin/ifconfig lo:0 $LVS_VIP netmask 255.255.255.255 broadcast $LVS_VIP
    /sbin/route add -host $LVS_VIP dev lo:0
    echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
    echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
    echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
    echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
    sysctl -p > /dev/null 2>&1
    echo "Real Server Start OK!"
    ;;
stop)
    /sbin/ifconfig lo:0 down
    /sbin/route del $LVS_VIP > /dev/null 2>&1
    echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
    echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
    echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
    echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
    echo "Real Server Stoped!"
    ;;
*)
    echo "Usage: (basename0) start|stop"
    exit 1
    ;;
esac
[root@nginx-web-1 ~]# bash lvs_dr_rs.sh start
Real Server Start OK!

nginx-web-2 在RS上配置VIP,实现DR功能

[root@nginx-web-2 ~]# vim lvs_dr_rs.sh
LVS_VIP=10.0.0.100
source /etc/rc.d/init.d/functions
case "$1" in
start)
    /sbin/ifconfig lo:0 $LVS_VIP netmask 255.255.255.255 broadcast $LVS_VIP
    /sbin/route add -host $LVS_VIP dev lo:0
    echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
    echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
    echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
    echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
    sysctl -p > /dev/null 2>&1
    echo "Real Server Start OK!"
    ;;
stop)
    /sbin/ifconfig lo:0 down
    /sbin/route del $LVS_VIP > /dev/null 2>&1
    echo "0" > /proc/sys/net/ipv4/conf/all/arp_ignore
    echo "0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
    echo "0" > /proc/sys/net/ipv4/conf/all/arp_announce
    echo "0" > /proc/sys/net/ipv4/conf/lo/arp_announce
    echo "Real Server Stoped!"
    ;;
*)
    echo "Usage: (basename0) start|stop"
    exit 1
    ;;
esac
[root@nginx-web-2 ~]# bash lvs_dr_rs.sh start
Real Server Start OK!

五、访问测试

利用Keepalived实现VIP+LVS+后端状态检测(TCP检测或HTTP检测)

六、测试VIP切换

关闭master的keepalived服务

[root@keepalived-1 ~]# systemctl stop keepalived.service

再次通过浏览器进行访问
利用Keepalived实现VIP+LVS+后端状态检测(TCP检测或HTTP检测)

七、后端服务器状态检测测试

关闭后端服务器nginx-web-2

[root@nginx-web-2 ~]# systemctl stop nginx.service

在LVS服务器上查看存活的后端服务器,经命令查看,LVS已经把非存活服务器从转发列表删除

[root@keepalived-1 ~]# ipvsadm -Ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes
  -> RemoteAddress:Port
TCP  10.0.0.100:80                       0        0        0        0        0
  -> 10.0.0.13:80                        0        0        0        0        0

通过浏览器访问,不再访问到 nginx-web-2
利用Keepalived实现VIP+LVS+后端状态检测(TCP检测或HTTP检测)
将后端服务器nginx-web-2再次开启

[root@nginx-web-2 ~]# systemctl start nginx.service

在LVS服务器上查看存活的后端服务器,经命令查看,LVS已经把恢复正常的服务器添加到转发列表中

[root@keepalived-1 ~]# ipvsadm -Ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes
  -> RemoteAddress:Port
TCP  10.0.0.100:80                       1       14        0     1490        0
  -> 10.0.0.13:80                        1       14        0     1490        0
  -> 10.0.0.14:80                        0        0        0        0        0

八、修改LVS配置,将TCP检测换成HTTP检测

keepalived-1 配置

[root@keepalived-1 ~]# vim /etc/keepalived/conf/vip-10.0.0.100-80.conf
virtual_server 10.0.0.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 120
    protocol TCP
    sorry_server 10.0.0.101 80
    real_server 10.0.0.13 80 {
        weight 1
        HTTP_GET {
            url {
                path /index.html
                status_code 200
            }
            connect_timeout 5
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 10.0.0.14 80 {
        weight 1
		HTTP_GET {
            url {
                path /index.html
                status_code 200
            }
            connect_timeout 5
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@keepalived-1 ~]# systemctl restart keepalived.service
[root@keepalived-1 ~]# ipvsadm -Ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes
  -> RemoteAddress:Port
TCP  10.0.0.100:80                       0        0        0        0        0
  -> 10.0.0.13:80                        0        0        0        0        0
  -> 10.0.0.14:80                        0        0        0        0        0

keepalived-2 配置

[root@keepalived-2 ~]# vim /etc/keepalived/conf/vip-10.0.0.100-80.conf
virtual_server 10.0.0.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 120
    protocol TCP
    sorry_server 10.0.0.101 80
    real_server 10.0.0.13 80 {
        weight 1
		HTTP_GET {
            url {
                path /index.html
                status_code 200
            }
            connect_timeout 5
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 10.0.0.14 80 {
        weight 1
		HTTP_GET {
            url {
                path /index.html
                status_code 200
            }
            connect_timeout 5
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@keepalived-2 ~]# systemctl restart keepalived.service
[root@keepalived-2 ~]# ipvsadm -Ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port               Conns   InPkts  OutPkts  InBytes OutBytes
  -> RemoteAddress:Port
TCP  10.0.0.100:80                       0        0        0        0        0
  -> 10.0.0.13:80                        0        0        0        0        0
  -> 10.0.0.14:80                        0        0        0        0        0
上一篇:Centos 6中keepalived作为服务启动


下一篇:Linux实战教学笔记31:Keepalived高可用集群应用实践