keepalived+LVS LVS集群节点 NFS+rsync+inotify+keepalived

实验拓扑图:

keepalived+LVS LVS集群节点 NFS+rsync+inotify+keepalived

实验环境:

主机

操作系统

IP地址

调度层:keepalived+LVSctos1-2

Centos7.5

192.168.100.150-151

VTP192.168.100.95

LVSweb集群节点(ctos3-5

Centos7.5

192.168.100.152-154

VTP:192.168.100.95

NFS+rsync+inotify+keeplived使用ctos6-7

Centos7.5

192.168.100.155-156

VTP:192.168.100.195

要求:

1.使用ctos1-2搭建keepalived+LVS调度集群。

2.使用ctos3-5搭建LVSweb集群节点。

3.使用ctos6-7搭建NFS+rsync+inotify+keepalived集群。

4.ctos1-5Keepalived+LVS集群VIP=192.168.100.95.

5.ctos6-7存储集群,VIP=192.168.100.195.

6.ctos3-5挂载192.168.100.195提供/opt/wwwroot共享的网页。

注意事项:

web集群和存储集群的VRRP_ID不能相同。

第六章实验(二):HA+LVS(DR模式)配置

环境介绍:

主服务器ip192.168.100.157(keeplived+lvs)

从服务器ip192.168.100.156(keeplived+lvs)

节点服务器ip:192.168.100.153-192.168.100.155(httpd)

集群vip192.168.100.95

 

1.安装keepalived(在两台调度服务器上安装,192.168.100.150192.168.100.151

yum -y install kernel-devel openssl-devel popt-devel ipvsadm

tar zxvf keepalived-1.2.13.tar.gz -C /usr/src/

cd /usr/src/keepalived-1.2.13/

./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86_64/

make &&make install

cd

[root@localhost ~]# ls /etc/keepalived/

keepalived.conf  samples

 

chkconfig --add keepalived

chkconfig keepalived on

 

2.配置调度器(主:192.168.100.150,备:192.168.100.151,漂移ip192.168.100.95web服务器池(节点1:192.168.100.152、节点2:192.168.100.153、节点3192.168.100.154

1)、配置主HA调度服务器

cd /etc/keepalived/

mv keepalived.conf keepalived.conf.bak

vi /etc/keepalived/keepalived.conf

global_defs {

    router_id HA_TEST_R1##本服务器的名称

}

vrrp_instance VI_1 {##定义VRRP热备实例

    state MASTER##MASTER表示主服务器

    interface eth0##承载VIP地址的物理接口

    virtual_router_id 1##虚拟路由器的ID

    priority 100##优先级,数值越大优先级越高

    advert_int 1##通告间隔秒数(心跳频率)

    authentication {##认证信息

        auth_type PASS##认证类型

        auth_pass 123456##密码字串

    }

    virtual_ipaddress {

  192.168.100.95##指定漂移地址(VIP

    }

virtual_server 192.168.100.95 80 {

        delay_loop 15

        lb_algo rr

        lb_kind DR

        protocol TCP

real_server 192.168.100.152 80 {

        weight 1

        TCP_CHECK {

                connect_port 80

                connect_timeout 3

                nb_get_retry 3

                delay_before_retry 4

                }

        }

real_server 192.168.100.153 80 {

        weight 1

        TCP_CHECK {

                connect_port 80

                connect_timeout 3

                nb_get_retry 3

                delay_before_retry 4

                }

        }

real_server 192.168.100.154 80 {

        weight 1

        TCP_CHECK {

                connect_port 80

                connect_timeout 3

                nb_get_retry 3

                delay_before_retry 4

                }

        }

}

:wq

modprobe ip_vs

lsmod |grep ip_vs

echo "modprobe ip_vs" >>/etc/rc.local

/etc/init.d/keepalived restart

chkconfig ipvsadm off

ip addr show dev eth0

 

2)、配置HA从调度服务器

cd /etc/keepalived/

mv keepalived.conf keepalived.conf.bak

vi /etc/keepalived/keepalived.conf

global_defs {

    router_id HA_TEST_R2##本服务器的名称

}

vrrp_instance VI_1 {##定义VRRP热备实例

    state BACKUP##BACKUP表示主服务器

    interface eth0##承载VIP地址的物理接口

    virtual_router_id 1##虚拟路由器的ID

    priority 99##优先级,数值越大优先级越高

    advert_int 1##通告间隔秒数(心跳频率)

    authentication {##认证信息

        auth_type PASS##认证类型

        auth_pass 123456##密码字串

    }

    virtual_ipaddress {

  192.168.100.95##指定漂移地址(VIP

    }

virtual_server 192.168.100.95 80 {

        delay_loop 15

        lb_algo rr

        lb_kind DR

        protocol TCP

real_server 192.168.100.152 80 {

        weight 1

        TCP_CHECK {

                connect_port 80

                connect_timeout 3

                nb_get_retry 3

                delay_before_retry 4

                }

        }

real_server 192.168.100.153 80 {

        weight 1

        TCP_CHECK {

                connect_port 80

                connect_timeout 3

                nb_get_retry 3

                delay_before_retry 4

                }

        }

real_server 192.168.100.154 80 {

        weight 1

        TCP_CHECK {

                connect_port 80

                connect_timeout 3

                nb_get_retry 3

                delay_before_retry 4

                }

        }

}

:wq

 

modprobe ip_vs

lsmod |grep ip_vs

echo "modprobe ip_vs" >>/etc/rc.local

/etc/init.d/keepalived restart

chkconfig ipvsadm off

ip addr show dev eth0

######设置防火墙和selinux(此处为测试)#########

iptables -F

setenforce 0

 

3.配置Web节点服务器(DR工作模式的配置,分别在节点服务器上做如下设置)

cd /etc/sysconfig/network-scripts/

cp ifcfg-lo ifcfg-lo:0

vi ifcfg-lo:0

DEVICE=lo:0

IPADDR=192.168.100.95

NETMASK=255.255.255.255

ONBOOT=yes

:wq

/etc/init.d/network restart

echo "route add -host 192.168.100.95 dev lo:0" >>/etc/rc.local

route add -host 192.168.100.95 dev lo:0

ip addr show dev lo

关闭ARP广播响应

vi /etc/sysctl.conf

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.default.arp_ignore = 1

net.ipv4.conf.default.arp_announce = 2

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.lo.arp_announce = 2

sysctl -p

yum -y install httpd

vi /var/www/html/index.html

test page 192.168.100.153!!!!

:wq

/etc/init.d/httpd start

chkconfig httpd on

iptables -F

setenforce 0

 

4.测试lvs+Keepalived高可用集群

在客户机浏览器访问192.168.100.95,调度服务器可用坏一个,节点服务器至少要有一个是好的。

通过/var/log/message日志文件,跟踪故障切换过程。使用ipvsadm -Ln查看LVS

root@localhost keepalived]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  192.168.100.95:80 rr

  -> 192.168.100.152:80           Route   1      0          0         

  -> 192.168.100.153:80           Route   1      0          0         

  -> 192.168.100.154:80           Route   1      0          0     

5

1ssh密钥对认证后rsync同步

ssh-keygen  -t  rsa  一直按回车即可,(192.168.100.155-156

ssh-copy-id  root@192.168.100.156  ##给下载用户上传公钥匙

ssh-copy-id  root@192.168.100.155  

ssh  roott@192.168.100.155

ssh  roott@192.168.100.156    ##登录验证

2)inotify的使用:

vi  /etc/sysctl.conf

fs.inotify.max_queued_envents = 16384  ##监控事件队列数

fs.inotify.max_user_instances = 1024   ##监控实例数

fs.inotify.max_user_watches = 1048576  ##监控的文件数量

  

tar zxvf inotify-tools-3.14.tar.gz -C /usr/src/ 192.1668.100.155-156都操作)

cd /usr/src/inotify-tools-3.14/

./configure  &&make &&amake  install

 

ls  /usr/local/bin/inotifywa

mkdir /opt/wwwroot

vi  rsync_inotify.sh   ##实时同步脚本(主服务器配置)

#!/bin/bash

RSYNC="rsync -avzH /opt/wwwroot root@192.168.100.155:/opt/wwwroot/ --delete"

INT_CMD="inotifywait -mrq -e modify,create,move,delete,attrib /opt/wwwroot"

$INT_CMD |while read DIRECOTRY EVENT FILE;do

$RSYNC

done

:wq

 

chmod  +x  rsync_inotify.sh

./rsync_inotify.sh  &  ##启动脚本

测试验证。

6、部署keepalived(192.168.100.155-156)

yum -y install kernel-devel openssl-devel popt-devel  ipvsadm(主从都需要配置)

tar zxvf keepalived-1.2.13.tar.gz -C /usr/src/

cd /usr/src/keepalived-1.2.13/

./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86_64/

make &&make install

chkconfig --add keepalived

chkconfig keepalived on

2.配置HA

主配置:(192.168.100.156上操作)

cd /etc/keepalived/

mv keepalived.conf keepalived.conf.bak

vi /etc/keepalived/keepalived.conf

global_defs {

    router_id HA_TEST_R3##本服务器的名称

}

vrrp_instance VI_1 {##定义VRRP热备实例

    state MASTER##MASTER表示主服务器

    interface eth0##承载VIP地址的物理接口

    virtual_router_id 2 ##虚拟路由器的ID

    priority 100##优先级,数值越大优先级越高

    advert_int 1##通告间隔秒数(心跳频率)

    authentication {##认证信息

        auth_type PASS##认证类型

        auth_pass 123456##密码字串

    }

    virtual_ipaddress {

  192.168.100.195##指定漂移地址(VIP

    }

}

 

从配置:(192.168.100.155上操作)

cd /etc/keepalived/

mv keepalived.conf keepalived.conf.bak

vi /etc/keepalived/keepalived.conf

global_defs {

    router_id HA_TEST_R4##本服务器的名称

}

vrrp_instance VI_1 {

    state BACKUP##SLAVE表示从服务器

    interface eth0

    virtual_router_id 2

    priority 99##优先级,低于主服务器

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 123456

    }

    virtual_ipaddress {

        192.168.100.195

    }

}

 

3.启动服务及应用服务:

1)启动keepalived

/etc/init.d/keepalived start

ip addr show dev eth0      ##验证vip是否在主服务器上

7

1)安装nfs-utilsrcpbind软件包

[root@localhost ~]# yum -y install nfs-utils rpcbind

[root@localhost ~]# for i in rpcbind nfs;do chkconfig $i on; done   ##设置为开机启动

 

2)设置共享目录

[root@localhost ~]# chmod 777 /opt/wwwroot  ##设置权限

vi /etc/exports

/opt/wwwroot192.168.100.0/24(rw,sync,no_root_squash)

 

3)启动nfs服务程序

[root@localhost ~]# /etc/init.d/rpcbind restart

[root@localhost ~]# /etc/init.d/nfs restart

[root@localhost ~]# netstat -utpnl |grep rpcbind

[root@localhost ~]# showmount -e ##查看本机共享的目录

 

4)客户机设置(192.168.100.152-154

[root@localhost ~]# yum -y install nfs-utils rpcbind

chkconfig rpcbind on

[root@localhost ~]# showmount -e 192.168.100.195

[root@localhost ~]# echo 3 >/proc/sys/vm/drop_caches  ##nfs因为缓存没有及时而导致错,可以使用该命令

5)客户机挂载使用nfs共享(192.168.100.152-154

[root@localhost ~]# mount 192.168.100.195:/opt/wwwroot /var/www/html/

[root@localhost ~]# mount |grep nfs

[root@localhost ~]# vi /etc/fstab

192.168.100.195:/opt/wwwroot /var/www/html nfs defaults,_netdev 0 0

:wq

[root@localhost ~]# mount -a

[root@localhost ~]# mount |grep nfs

验证:

[root@localhost ~]# cd /var/www/html/

[root@localhost html]# vi index.html

[root@localhost html]# ll

切换到100.195上验证:

[root@localhost ~]# vi /opt/wwwroot/index.html

 

通过浏览器访问测试:分别断开节点测试是否成功。http://192.168.100.95


附件:http://down.51cto.com/data/2368333












本文转自信自己belive51CTO博客,原文链接:http://blog.51cto.com/11638205/1868422 ,如需转载请自行联系原作者




上一篇:kali linux 系列教程之metasploit 连接postgresql可能遇见的问题


下一篇:shell 学习笔记整理(一)