目录
一. keepalived工具介绍
1.专为LVS和HA设计的一款健康检查工具
- 支持故障自动切换
- 支持节点健康状态检查
- 官方网站:http://www.keepalived.org/
2.keepalived实现原理
Keepalived采用VRRP热备份协议,实现Linux服务器的多机热备功能
3.VRRP(虚拟路由冗余协议)
针对路由器的一种备份
- 由多台路由器组成一个热备组,通过共用的虚拟IP地址对外提供服务
- 每个热备组内同时只有一台路由器提供服务,其他路由器处于冗余状态
- 若当前在线的路由器失效,则其他路由器会根据设置的优先级自动接替虚拟IP地址,继续提供服务
二.LVS+Keepalived高可用群集的搭建
在基于LVS+Keepalived实现的LVS群集结构中,至少包括两台热备的负载调度器,三台以上的节点服务器
主DR 服务器:192.168.68.200
备DR 服务器:192.168.68.30
Web 服务器1:192.168.68.105
Web 服务器2:192.168.68.40
vip:192.168.68.95
客户端:192.168.68.138
配置负载调度器(主备相同)
1.主DR服务器(192.168.68.200)
1.安装Keepalived程序
2. 给主配置文件做备份
3.修改主配置文件
[root@localhost keepalived]# vim keepalived.conf
将42行后面的内容都删掉改为
4.查看虚拟网卡vip
5.关闭Linux内核的重定向参数响应
[root@localhost keepalived]# vim /etc/sysctl.conf
6.刷新配置
7.加载模块
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install -y ipvsadm.x86_64 keepalived.x86_64
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vim keepalived.conf
10 smtp_server 127.0.0.1
12 router_id LVS_01
14 #vrrp_strict ##将14行注释掉
19 vrrp_instance VI_1 {
20 state MASTER
21 interface ens33
22 virtual_router_id 10
23 priority 100
24 advert_int 1
25 authentication {
26 auth_type PASS
27 auth_pass 123123
28 }
29 virtual_ipaddress {
30 192.168.68.95
31 }
34 virtual_server 192.168.68.95 80 {
35 delay_loop 6
36 lb_algo rr
37 lb_kind DR
38 persistence_timeout 50
39 protocol TCP
41 real_server 192.168.68.105 80 {
42 weight 1
43 TCP_CHECK {
44 connect_port 80
45 connect_timeout 3
46 nb_get_retry 3
47 delay_before_retry 3
48 }
49 }
50 real_server 192.168.68.40 80 {
51 weight 1
52 TCP_CHECK {
53 connect_port 80
54 connect_timeout 3
55 nb_get_retry 3
56 delay_before_retry 3
57 }
58 }
59 }
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens33:0
[root@localhost network-scripts]# vim ifcfg-ens33:0
NAME=ens33:0
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.68.95
NETMASK=255.255.255.255
[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# ifconfig
[root@localhost keepalived]# vim /etc/sysctl.conf
##在末尾添加
11 net.ipv4.ip_forward = 0
12 net.ipv4.conf.all.send_redirects = 0
13 net.ipv4.conf.default.send_redirects = 0
14 net.ipv4.conf.ens33.send_redirects = 0
[root@localhost keepalived]# sysctl -p
[root@localhost keepalived]# modprobe ip_vs
[root@localhost keepalived]# cat /proc/net/ip_vs
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP C0A8445F:0050 rr persistent 50000 FFFFFFFF
[root@localhost keepalived]# ipvsadm-save >/etc/sysconfig/ipvsadm
[root@localhost keepalived]# systemctl start ipvsadm.service
[root@localhost keepalived]# ipvsadm -C
[root@localhost keepalived]# ipvsadm -A -t 192.168.68.95:80 -s rr
[root@localhost keepalived]# ipvsadm -a -t 192.168.68.95:80 -r 192.168.68.105:80 -g
[root@localhost keepalived]# ipvsadm -a -t 192.168.68.95:80 -r 192.168.68.40:80 -g
[root@localhost keepalived]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP localhost.localdomain:http rr
-> 192.168.68.40:http Route 1 0 0
-> 192.168.68.105:http Route 1 0 0
[root@localhost keepalived]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.68.95:80 rr
-> 192.168.68.40:80 Route 1 0 0
-> 192.168.68.105:80 Route 1 0 0
[root@localhost keepalived]# ipvsadm-save >/etc/sysconfig/ipvsadm2.备DR服务器(192.168.68.30)
1.安装Keepalived程序
2. 给主配置文件做备份
3.修改主配置文件
[root@localhost keepalived]# vim keepalived.conf
将42行后面的内容都删掉改为
4.查看虚拟网卡vip
5.关闭Linux内核的重定向参数响应
[root@localhost keepalived]# vim /etc/sysctl.conf
6.刷新配置
7.加载模块
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install -y ipvsadm.x86_64 keepalived.x86_64
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vim keepalived.conf
10 smtp_server 127.0.0.1
12 router_id LVS_01
14 #vrrp_strict ##将14行注释掉
19 vrrp_instance VI_1 {
20 state MASTER
21 interface ens33
22 virtual_router_id 10
23 priority 100
24 advert_int 1
25 authentication {
26 auth_type PASS
27 auth_pass 123123
28 }
29 virtual_ipaddress {
30 192.168.68.95
31 }
34 virtual_server 192.168.68.95 80 {
35 delay_loop 6
36 lb_algo rr
37 lb_kind DR
38 persistence_timeout 50
39 protocol TCP
41 real_server 192.168.68.105 80 {
42 weight 1
43 TCP_CHECK {
44 connect_port 80
45 connect_timeout 3
46 nb_get_retry 3
47 delay_before_retry 3
48 }
49 }
50 real_server 192.168.68.40 80 {
51 weight 1
52 TCP_CHECK {
53 connect_port 80
54 connect_timeout 3
55 nb_get_retry 3
56 delay_before_retry 3
57 }
58 }
59 }
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-ens33 ifcfg-ens33:0
[root@localhost network-scripts]# vim ifcfg-ens33:0
NAME=ens33:0
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.68.95
NETMASK=255.255.255.255
[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# ifconfig
[root@localhost keepalived]# vim /etc/sysctl.conf
##在末尾添加
11 net.ipv4.ip_forward = 0
12 net.ipv4.conf.all.send_redirects = 0
13 net.ipv4.conf.default.send_redirects = 0
14 net.ipv4.conf.ens33.send_redirects = 0
[root@localhost keepalived]# sysctl -p
[root@localhost keepalived]# modprobe ip_vs
[root@localhost keepalived]# cat /proc/net/ip_vs
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP C0A8445F:0050 rr persistent 50000 FFFFFFFF
[root@localhost keepalived]# ipvsadm-save >/etc/sysconfig/ipvsadm
[root@localhost keepalived]# systemctl start ipvsadm.service
[root@localhost keepalived]# ipvsadm -C
[root@localhost keepalived]# ipvsadm -A -t 192.168.68.95:80 -s rr
[root@localhost keepalived]# ipvsadm -a -t 192.168.68.95:80 -r 192.168.68.105:80 -g
[root@localhost keepalived]# ipvsadm -a -t 192.168.68.95:80 -r 192.168.68.40:80 -g
[root@localhost keepalived]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP localhost.localdomain:http rr
-> 192.168.68.40:http Route 1 0 0
-> 192.168.68.105:http Route 1 0 0
[root@localhost keepalived]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.68.95:80 rr
-> 192.168.68.40:80 Route 1 0 0
-> 192.168.68.105:80 Route 1 0 0
[root@localhost keepalived]# ipvsadm-save >/etc/sysconfig/ipvsadm3. Web 服务器1(192.168.68.105)
1.安装http服务并开启
2.在网页站点目录中创建网页文件,并写入内容
[root@localhost html]# vim index.html
3.在web1的浏览器中输入自己的ip进行验证
4.创建虚拟接口并进行相关配置
5.开启虚接口并查看
6.调整proce响应参数
[root@localhost network-scripts]# vim /etc/sysctl.conf
7.更新配置
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install -y httpd
[root@localhost ~]# systemctl start httpd.service
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# vim index.html
hello oyyyyy!!!!!!!
[root@localhost html]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
DEVICE=lo
IPADDR=192.168.68.95
NETMASK=255.255.255.255
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
#BROADCAST=127.255.255.255
ONBOOT=yes
#NAME=loopback
[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# ifconfig lo:0
[root@localhost network-scripts]# vim /etc/sysctl.conf
##在最后添加这些参数
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@localhost network-scripts]# sysctl -p
4. Web 服务器2(192.168.68.40)
1.安装http服务并开启
2.在网页站点目录中创建网页文件,并写入内容
[root@localhost html]# vim index.html
3.在web1的浏览器中输入自己的ip进行验证
4.创建虚拟接口并进行相关配置
5.开启虚接口并查看
6.调整proce响应参数
[root@localhost network-scripts]# vim /etc/sysctl.conf
7.更新配置
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install -y httpd
[root@localhost ~]# systemctl start httpd.service
[root@localhost ~]# cd /var/www/html/
[root@localhost html]# vim index.html
hello wangyibo!!!!!!!!!
[root@localhost html]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
DEVICE=lo
IPADDR=192.168.68.95
NETMASK=255.255.255.255
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
#BROADCAST=127.255.255.255
ONBOOT=yes
#NAME=loopback
[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# ifconfig lo:0
[root@localhost network-scripts]# vim /etc/sysctl.conf
##在最后添加这些参数
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@localhost network-scripts]# sysctl -p
5.测试
在浏览器中输入192.168.68.95
等待1分钟后刷新
将主服务器的ens33:0down掉之后再输入192.168.68.95
刷新后