使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备

目录

一、Keepalived概述与安装

【关于LVS点击这里】

(1)Keepalived简介

Keepalived是一款专门为LVS+HA设计的一款健康检查工具
它支持的功能有:
(1)支持故障自动切换(Failover)
(2)支持节点健康状态检查(Health Checking)
官方网站:http://www.keepalived.org/
logo:
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备

(2)Keepalived的热备方式

1.VRRP(Virtual Router Redundancy Protocol,虚拟路由冗余协议)
示例图:
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备

2.一主+多备,共用一个ip地址,但是优先级不一样
注:如果需要使用多台备用服务器,state均设为backup,但是各自的优先级priority不要相同即可
示例图:
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备

(3)Keepalived的安装

实验环境:

服务器名称 IP地址 扮演角色
keepalived-1 192.168.100.1 主服务器
keepalived-2 192.168.100.2 备用服务器

漂移地址为:192.168.100.254
提供的应用服务有:Web
本次实验全部采用Centos7的操作系统

主服务器配置

******(1)先做基础配置
[root@centos7-007 ~]# hostnamectl set-hostname keepalived-1
[root@centos7-007 ~]# su
[root@keepalived-1 ~]# systemctl stop firewalld
[root@keepalived-1 ~]# setenforce 0
setenforce: SELinux is disabled
[root@keepalived-1 ~]# mount /dev/cdrom /media/cdrom/
mount: /dev/sr0 写保护,将以只读方式挂载
******(2)使用yum安装必要组件
[root@keepalived-1 ~]# yum -y install keepalived ipvsadm httpd
。。。。。。
完毕!
******(2)编写web页面,设置keepalived为自启动
[root@keepalived-1 ~]# echo "1111111111" > /var/www/html/index.html
[root@keepalived-1 ~]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
******(3)配置keepalived配置文件(做之前先备份一下养成习惯)
[root@keepalived-1 ~]# mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak 
[root@keepalived-1 ~]# vim /etc/keepalived/keepalived.conf (编写新的配置文件)
写入:
global_defs {
   router_id A1
}


vrrp_instance VI_1 {
    state MASTER          
    interface ens33       
    virtual_router_id 1   
    priority 100       
    advert_int 1          
    authentication {      
        auth_type PASS   
        auth_pass 123456  
    }
    virtual_ipaddress {   
        192.168.100.254

    }
}
保存退出
——————————————————————————————————————华丽分割线——————————————————————————————————————
配置文件项解析:
router_id A1	            ##本服务器的名称(这个名称随便写)

vrrp_instance VI_1 {		##定义VRRP热备实例
    state MASTER		    ##MASTER表示主服务器,备份服务器填BACKUP  
    interface ens33		    ##承载VIP地址的物理接口
    virtual_router_id 1		##虚拟路由器的ID号,这个ID号主服务器要和备份服务器一致
    priority 100		    ##优先级,数值越大优先级越高,备份服务器的优先级要比主服务器的低
    advert_int 1	     	##通告间隔秒数(心跳频率)
    authentication {		##认证信息
        auth_type PASS		##认证类型
        auth_pass 123456	##密码字串
    }
    virtual_ipaddress {
  192.168.200.254	        ##指定漂移地址(VIP),主服务器要和备份服务器一致
—————————————————————————————————————————————————————————————————————————————————————
******(4)启动keepalived和httpd
[root@keepalived-1 ~]# systemctl start keepalived 
[root@keepalived-1 ~]# systemctl start httpd
[root@keepalived-1 ~]# curl 127.0.0.1  (测试是否启动正常)
11111
******(5)使用ip a命令查看vip是否在主服务器上
[root@keepalived-1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:44:ad:db brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.1/24 brd 192.168.100.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet 192.168.100.254/32 scope global ens33      (发现vip在主服务器上)
       valid_lft forever preferred_lft forever
    inet6 fe80::7762:f351:dbfc:cb0e/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

备份服务器配置

******和主服务器配置相同
[root@centos7-008 ~]# hostnamectl set-hostname keepalived-2
[root@centos7-008 ~]# su
[root@keepalived-2 ~]# systemctl stop firewalld
[root@keepalived-2 ~]# setenforce 0
setenforce: SELinux is disabled
[root@keepalived-2 ~]# mount /dev/cdrom /media/cdrom/
mount: /dev/sr0 写保护,将以只读方式挂载
[root@keepalived-2 ~]# yum -y install keepalived ipvsadm httpd
。。。。。。
完毕!
[root@keepalived-2 ~]# echo "22222222222" > /var/www/html/index.html
[root@keepalived-2 ~]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@keepalived-2 ~]# mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
[root@keepalived-2 ~]# vim /etc/keepalived/keepalived.conf
写入:
gglobal_defs {
   router_id A2
}


vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 1
    priority 99 
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        192.168.100.254

    }
}
保存退出
[root@keepalived-2 ~]# systemctl start keepalived 
[root@keepalived-2 ~]# systemctl start httpd
[root@keepalived-2 ~]# curl 127.0.0.1
22222
[root@keepalived-2 ~]# ip a  (查看地址,因为是备份服务器所以vip不在此服务器上)
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:bc:67:07 brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.2/24 brd 192.168.100.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::2ff4:55fa:6c3d:65e0/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

验证

开一台测试机,去访问192.168.100.254(vip)
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备

发现访问的是主服务器的,这个时候把主服务器的网卡ifdown,然后再次进行访问(如果关闭网卡没有进行切换那就把主服务器关掉)
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
开启主服务器网卡,然后用测试机pingVIP,过程中再次关掉主服务器网卡看多长时间恢复通信
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
至此Keepalived部署完成!!

二、利用Keepalived+LVS搭建高可用负载均衡群集

实验环境

服务器名称 ip地址 扮演角色
master 192.168.100.1 主调度器
backup 192.168.100.2 备用调度器
web1 192.168.100.3 节点服务器
web2 192.168.100.4 节点服务器

漂移地址为:192.168.100.254
以下实验都在上面实验的基础上进行

主调度器配置

******(1)做基础配置
[root@Centos7 ~]# hostnamectl set-hostname master
[root@Centos7 ~]# su
[root@master ~]# systemctl stop httpd
[root@master ~]# yum -y remove httpd  (删除httpd,因为之前安装只是用来测试的)
******(2)修改keepalived的配置文件
[root@master ~]# vim /etc/keepalived/keepalived.conf (修改主配置文件为)
global_defs {
   router_id A1
}


vrrp_instance VI_1 {
    state MASTER          
    interface ens32      
    virtual_router_id  1 
    priority 100     
    advert_int 1          
    authentication {      
        auth_type PASS   
        auth_pass 123456  
    }
    virtual_ipaddress {   
        192.168.100.254

    }
}
virtual_server 192.168.100.254 80 {
        delay_loop 15
        lb_algo rr
        lb_kind DR
        protocol TCP
		
		real_server 192.168.100.3 80 {
        weight 1
        TCP_CHECK {
                connect_port 80
                connect_timeout 3
                nb_get_retry 3
                delay_before_retry 4
                }
        }

		
		real_server 192.168.100.4 80 {
        weight 1
        TCP_CHECK {
                connect_port 80
                connect_timeout 3
                nb_get_retry 3
                delay_before_retry 4
                }
        }
}
保存退出
—————————————————————————————————————华丽分割线———————————————————————————————————————
新增配置项详解:
virtual_server 192.168.100.254 80 {#这里填写vip漂移地址和端口号
    delay_loop 15                  #健康检查间隔时间秒
    lb_algo rr                     #调度算法,这里是轮询,更多请点击文章开头的超链接
    lb_kind DR                     #群集工作模式,这里是DR模式,更多请点击文章开头的超链接
   ! persistence_timeout 50        #连接保持时间
    protocol TCP                   #应用服务采用的协议

    real_server 192.168.100.3 80 { #这里填节点服务器的地址和端口,可以写多个节点,每个节点都这么写
        weight 1                   #权重
        TCP_CHECK  {               #健康检查方式
            connect_port 80        #目标端口
            connect_timeout 3      #连接超时
            nb_get_retry 3         #重试次数
            delay_before_retry 3   #重试间隔
        }
     }                             #一定要注意{}完整性		
—————————————————————————————————————————————————————————————————————————————————————
******(3)加载系统内核的服务模块等
[root@master ~]# modprobe ip_vs      (加载模块)
[root@master ~]# lsmod | grep ip_vs  (查看模块状态)
ip_vs                 141092  0 
nf_conntrack          133387  1 ip_vs
libcrc32c              12644  3 xfs,ip_vs,nf_conntrack
[root@master ~]# echo "modprobe ip_vs" >> /etc/rc.local  (添加模块为开机启动的服务项)
[root@master ~]# systemctl restart keepalived  (重新启动keepalived)

备份调度器配置

和主调度器的配置基本一致
[root@Centos7 ~]# hostnamectl set-hostname backup
[root@Centos7 ~]# su
[root@backup ~]# systemctl stop httpd
[root@backup ~]# yum -y remove httpd
[root@backup ~]# vim /etc/keepalived/keepalived.conf
修改:
global_defs {
   router_id A2
}


vrrp_instance VI_1 {
    state BACKUP          
    interface ens32       
    virtual_router_id  1 
    priority 99     
    advert_int 1          
    authentication {      
        auth_type PASS   
        auth_pass 123456  
    }
    virtual_ipaddress {   
        192.168.100.254

    }
}
virtual_server 192.168.100.254 80 {
        delay_loop 15
        lb_algo rr
        lb_kind DR
        protocol TCP
		
		real_server 192.168.100.3 80 {
        weight 1
        TCP_CHECK {
                connect_port 80
                connect_timeout 3
                nb_get_retry 3
                delay_before_retry 4
                }
        }

		
		real_server 192.168.100.4 80 {
        weight 1
        TCP_CHECK {
                connect_port 80
                connect_timeout 3
                nb_get_retry 3
                delay_before_retry 4
                }
        }
}
保存退出
[root@backup ~]# modprobe ip_vs
[root@backup ~]# lsmod | grep ip_vs
ip_vs                 141092  0 
nf_conntrack          133387  1 ip_vs
libcrc32c              12644  3 xfs,ip_vs,nf_conntrack
[root@backup ~]# echo "modprobe ip_vs" >> /etc/rc.local 
[root@backup ~]# systemctl restart keepalived

web1节点服务器配置

******(1)先做基础配置,使用yum安装httpd和编写web页面
[root@Centos7 ~]# hostnamectl set-hostname web1
[root@Centos7 ~]# su
[root@web1 ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护,将以只读方式挂载
mount: /dev/sr0 已经挂载或 /mnt 忙
       /dev/sr0 已经挂载到 /mnt 上
[root@web1 ~]# yum -y install httpd
。。。。。。
完毕!
[root@web1 ~]# echo "1111111111" > /var/www/html/index.html
******(2)编写网卡配置
[root@web1 ~]# cd /etc/sysconfig/network-scripts/
[root@web1 network-scripts]# cp ifcfg-lo ifcfg-lo:0
写入:
DEVICE=lo:0
IPADDR=192.168.100.254
NETMASK=255.255.255.255
ONBOOT=yes
保存退出
[root@web1 network-scripts]# systemctl restart network  (重启网络服务)
[root@web1 network-scripts]# ip a (查看是否添加成功)
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 192.168.100.254/32 brd 192.168.100.254 scope global lo:0
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
。。。。。。
[root@web1 network-scripts]# cd
******(3)添加路由,下一跳为vip地址
[root@web1 ~]# echo "route add -host 192.168.100.254 dev lo:0" >> /etc/rc.local 
[root@web1 ~]# route add -host 192.168.100.254 dev lo:0
[root@web1 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.100.0   0.0.0.0         255.255.255.0   U     100    0        0 ens32
192.168.100.254 0.0.0.0         255.255.255.255 UH    0      0        0 lo
******(4)添加不响应arp的策略
[root@web1 ~]# vim /etc/sysctl.conf (修改)
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
保存退出
[root@web1 ~]# sysctl -p (立即生效)
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
******(5)开启httpd服务
[root@web1 ~]# systemctl start httpd
[root@web1 ~]# curl 127.0.0.1
1111111111

web2节点服务器配置

和web1节点服务器配置基本相同
[root@Centos7 ~]# hostnamectl set-hostname web2
[root@Centos7 ~]# su
[root@web2 ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护,将以只读方式挂载
mount: /dev/sr0 已经挂载或 /mnt 忙
       /dev/sr0 已经挂载到 /mnt 上
[root@web2 ~]# yum -y install httpd
。。。。。。
完毕!
[root@web2 ~]# echo "222222222" > /var/www/html/index.html
[root@web2 ~]# cd /etc/sysconfig/network-scripts/
[root@web2 network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@web2 network-scripts]# cat <<aa> ifcfg-lo:0
> DEVICE=lo:0
> IPADDR=192.168.100.254
> NETMASK=255.255.255.255
> ONBOOT=yes
> aa
[root@web2 network-scripts]# systemctl restart network
[root@web2 network-scripts]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 192.168.100.254/32 brd 192.168.100.254 scope global lo:0
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ed:7c:e7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.100.4/24 brd 192.168.100.255 scope global ens32
       valid_lft forever preferred_lft forever
    inet6 fe80::34f4:cad:16ae:5b4d/64 scope link 
       valid_lft forever preferred_lft forever
[root@web2 network-scripts]# cd
[root@web2 ~]# echo "route add -host 192.168.100.254 dev lo:0" >> /etc/rc.local 
[root@web2 ~]# route add -host 192.168.100.254 dev lo:0
[root@web2 ~]# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.100.0   0.0.0.0         255.255.255.0   U     100    0        0 ens32
192.168.100.254 0.0.0.0         255.255.255.255 UH    0      0        0 lo
[root@web2 ~]# cat <<aaa>> /etc/sysctl.conf 
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> net.ipv4.conf.default.arp_ignore = 1
> net.ipv4.conf.default.arp_announce = 2
> net.ipv4.conf.lo.arp_ignore = 1
> net.ipv4.conf.lo.arp_announce = 2
> aaa
[root@web2 ~]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@web2 ~]# systemctl start httpd
[root@web2 ~]# curl 127.0.0.1
222222222

测试

打开测试机访问vip192.168.100.254,刷新几次,查看负载均衡是否正常
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
确认负载均衡正常后,关闭主调度器的网卡或者关闭主调度器
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
然后再次进行访问,查看是否还能正常访问
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
查看备用调度器,发现vip已经成功漂移到备用调度器上
使用keepalived(HA)+LVS实现高可用负载均衡群集,调度器的双机热备
至此,LVS+keepalived(HA)的高可用负载均衡群集已经部署完毕!!!!

上一篇:巧妙的Linux命令,给我再来6个


下一篇:Linux date命令的用法(转)