准备环境
| Director 1 |
Director 2 |
Web Server Nginx1 |
Web Server Nginx |
| DIP:172.18.42.100 |
DIP:172.18.42.22 |
RIP:172.18.42.111 |
RIP:172.18.42.222 |
VIP:172.18.42.119(MASTER) VIP:172.18.42.120(BACKUP) |
VIP:172.18.42.119(BACKUP) VIP:172.18.42.120(MASTER) |
VIP:172.18.42.119 VIP:172.18.42.120 |
VIP:172.18.42.119 VIP:172.18.42.120 |
一、Director 1 配置
1、yum安装keepalived
[root@wtc ~]# yum install keepalived -y
2、编辑配置文件
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from www.mageedu.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Slackware
vrrp_mcast_group4 224.0.42.10
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 110
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.42.119 dev eth0 label eth0:1
}
}
virtual_server 172.18.42.119 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.18.42.111 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.18.42.222 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 111
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.42.120 dev eth0 label eth0:2
}
}
virtual_server 172.18.42.120 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.18.42.111 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.18.42.222 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
二、Director 2 配置
1、安装keepalived服务
[root@localhost~]# yum install keepalived -y
2、编辑配置文件
[root@wtc ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from www.mageedu.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Slackware
vrrp_mcast_group4 224.0.42.10
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 110
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.42.119 dev eth0 label eth0:1
}
}
virtual_server 172.18.42.119 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.18.42.111 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.18.42.222 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 111
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.42.120 dev eth0 label eth0:2
}
}
virtual_server 172.18.42.120 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.18.42.111 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.18.42.222 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
三、Web Server Nginx1配置
1、修改Web Server Nginx1的内核参数
[root@localhost ~]# echo 1 &> /proc/sys/net/ipv4/conf/all/arp_ignore [root@localhost ~]# echo 1 &> /proc/sys/net/ipv4/conf/lo/arp_ignore [root@localhost ~]# echo 2 &> /proc/sys/net/ipv4/conf/lo/arp_announce [root@localhost ~]# echo 2 &> /proc/sys/net/ipv4/conf/all/arp_announce
2、添加VIP
[root@localhost ~]# ifconfig lo:1 172.18.42.119 netmask 255.255.255.255 broadcast 172.18.42.119 [root@localhost ~]# ifconfig lo:2 172.18.42.120 netmask 255.255.255.255 broadcast 172.18.42.120 [root@localhost ~]# route add -host 172.18.42.119 dev lo:1 [root@localhost ~]# route add -host 172.18.42.120 dev lo:2
3、安装nginx、并启动
[root@localhost ~]# yum install nginx -y [root@localhost ~]# nginx
四、Web Server Nginx2配置
1、修改Web Server Nginx2的内核参数
[root@localhost ~]# echo 1 &> /proc/sys/net/ipv4/conf/all/arp_ignore [root@localhost ~]# echo 1 &> /proc/sys/net/ipv4/conf/lo/arp_ignore [root@localhost ~]# echo 2 &> /proc/sys/net/ipv4/conf/lo/arp_announce [root@localhost ~]# echo 2 &> /proc/sys/net/ipv4/conf/all/arp_announce
2、添加VIP
[root@localhost ~]# ifconfig lo:1 172.18.42.119 netmask 255.255.255.255 broadcast 172.18.42.119 [root@localhost ~]# ifconfig lo:2 172.18.42.120 netmask 255.255.255.255 broadcast 172.18.42.120 [root@localhost ~]# route add -host 172.18.42.119 dev lo:1 [root@localhost ~]# route add -host 172.18.42.120 dev lo:2
3、安装nginx,并启动
[root@localhost ~]# yum install nginx -y [root@localhost ~]# nginx
五、开启两台Director,并测试
1、Director 1
[root@localhost ~]# service keepalived start [root@localhost ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:90:84:C0 inet addr:172.18.42.100 Bcast:172.18.255.255 Mask:255.255.0.0 inet6 addr: fe80::20c:29ff:fe90:84c0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:182021 errors:0 dropped:0 overruns:0 frame:0 TX packets:48384 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:28094276 (26.7 MiB) TX bytes:4476727 (4.2 MiB) eth0:1 Link encap:Ethernet HWaddr 00:0C:29:90:84:C0 inet addr:172.18.42.119 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:663 errors:0 dropped:0 overruns:0 frame:0 TX packets:663 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:49597 (48.4 KiB) TX bytes:49597 (48.4 KiB) [root@localhost ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.18.42.119:80 rr -> 172.18.42.111:80 Route 1 0 0 -> 172.18.42.222:80 Route 1 0 1 TCP 172.18.42.120:80 rr -> 172.18.42.111:80 Route 1 0 0 -> 172.18.42.222:80 Route 1 0 0
## Director 1的VIP已经启动;同时ipvsadm的规则自动生成
2、Director 2
[root@wtc ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:0F:A3:6E inet addr:172.18.42.22 Bcast:172.18.255.255 Mask:255.255.0.0 inet6 addr: fe80::20c:29ff:fe0f:a36e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:134293 errors:0 dropped:0 overruns:0 frame:0 TX packets:69576 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:16446378 (15.6 MiB) TX bytes:5481841 (5.2 MiB) eth0:2 Link encap:Ethernet HWaddr 00:0C:29:0F:A3:6E inet addr:172.18.42.120 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:3431 errors:0 dropped:0 overruns:0 frame:0 TX packets:3431 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:291422 (284.5 KiB) TX bytes:291422 (284.5 KiB) [root@wtc ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.18.42.119:80 rr -> 172.18.42.111:80 Route 1 0 0 -> 172.18.42.222:80 Route 1 0 0 TCP 172.18.42.120:80 rr -> 172.18.42.111:80 Route 1 0 0 -> 172.18.42.222:80 Route 1 0 0
试着访问Web服务
[root@localhost ~]# curl http://172.18.42.119172.18.42.222 Web Server 2
[root@localhost ~]# curl http://172.18.42.119172.18.42.111 Web Server 1
[root@localhost ~]# curl http://172.18.42.120172.18.42.222 Web Server 2
[root@localhost ~]# curl http://172.18.42.120172.18.42.111 Web Server 1
##实现了负载均衡、双主模型
六、把Director 1关闭掉;会发生什么样的情况?
Director 1
[root@localhost ~]# service keepalived stop
Director 2
[root@wtc ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:0F:A3:6E inet addr:172.18.42.22 Bcast:172.18.255.255 Mask:255.255.0.0 inet6 addr: fe80::20c:29ff:fe0f:a36e/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:142076 errors:0 dropped:0 overruns:0 frame:0 TX packets:73562 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:17381764 (16.5 MiB) TX bytes:5790752 (5.5 MiB) eth0:1 Link encap:Ethernet HWaddr 00:0C:29:0F:A3:6E inet addr:172.18.42.119 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 eth0:2 Link encap:Ethernet HWaddr 00:0C:29:0F:A3:6E inet addr:172.18.42.120 Bcast:0.0.0.0 Mask:255.255.255.255 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:3435 errors:0 dropped:0 overruns:0 frame:0 TX packets:3435 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:291770 (284.9 KiB) TX bytes:291770 (284.9 KiB) [root@wtc ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.18.42.119:80 rr -> 172.18.42.111:80 Route 1 0 0 -> 172.18.42.222:80 Route 1 0 0 TCP 172.18.42.120:80 rr -> 172.18.42.111:80 Route 1 0 1 -> 172.18.42.222:80 Route 1 0 1
##当把Director 1关闭掉之后,此时Director 2会把Director的VIP夺过来
我们再来访问Web服务
[root@localhost ~]# curl http://172.18.42.120172.18.42.222 Web Server 2
[root@localhost ~]# curl http://172.18.42.120172.18.42.111 Web Server 1
[root@localhost ~]# curl http://172.18.42.119172.18.42.222 Web Server 2
[root@localhost ~]# curl http://172.18.42.119172.18.42.111 Web Server 1
##服务能够正常提供
七、如果Web2服务挂掉了,会发生什么样的情况?
Web Server Nginx2
[root@localhost ~]# nginx -s stop
Director
[root@wtc ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.18.42.119:80 rr -> 172.18.42.222:80 Route 1 0 1 TCP 172.18.42.120:80 rr -> 172.18.42.222:80 Route 1 0 1
##服务器自动剔除Web1的IP
再次尝试访问Web服务
[root@localhost ~]# curl http://172.18.42.119172.18.42.222 Web Server 2
[root@localhost ~]# curl http://172.18.42.119172.18.42.222 Web Server 2
[root@localhost ~]# curl http://172.18.42.120172.18.42.222 Web Server 2
[root@localhost ~]# curl http://172.18.42.120172.18.42.222 Web Server 2
##响应请求的只有Web Server Nginx2了
如果开启Web Server Nginx1;服务器会自动添加规则吗?
[root@localhost ~]# nginx [root@wtc ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.18.42.119:80 rr -> 172.18.42.111:80 Route 1 0 0 -> 172.18.42.222:80 Route 1 0 0 TCP 172.18.42.120:80 rr -> 172.18.42.111:80 Route 1 0 0 -> 172.18.42.222:80 Route 1 0 0
##Web Server Nginx1的规则自动添加
问题总结:
1、对于Director中的keepalived配置文件;两个vrrp示例的“vrrp_router_id”必须不能一样
2、每台Director的时间需要同步;可基于ntpdate实现