keepalived+lvs基于http检测

keepalived+lvs基于tcp检测无法探测到后端的Java程序是否假死,所以此时就需要用到基于http的检测方法。
基于http检测的原理是检测后端服务器上的某个页面,如果能获取到则表示后端服务器存活,否则表示后端服务器故障。
语法格式

HTTP_GET {                      #基于http做后端服务器的健康状态检测
    url {                       #
        path /path/to/page      #指定所要检测页面做在的位置
        status_code XXX         #状态码一般为200
    }
    connect_timeout 5           #连接超时时间5秒
    nb_get_retry 3              #重试次数3次
    delay_before_retry 3        #每次重试的间隔时间
}

基于http检测的实现

准备主机4台

server hostname ip
keepalived s1 172.20.27.10
keepalived s2 172.20.27.11
nginx web1 172.20.27.20
nginx web2 172.20.27.21

s1节点配置

1.修改keepalived配置文件

[root@s1 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
    [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id s1.mylinuxops.com
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_iptables
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state Master
    interface ens33
    virtual_router_id 27
    priority 100
    advert_int 2
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    unicast_src_ip 172.20.27.10
    unicast_peer {
    172.20.27.11
    }
    virtual_ipaddress {
    172.20.27.100 dev ens33 label ens33:0
    }
}

virtual_server 172.20.27.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    protocol TCP

    real_server 172.20.27.20 80 {
    weight 1
    HTTP_GET {
        url {
        path /monitor-page/index.html
        status_code 200
        }
        nb_get_retry 3
        delay_before_retry 3
        connect_timeout 5
    }
}
    real_server 172.20.27.21 80 {
        weight 1
    HTTP_GET {
        url {
            path /monitor-page/index.html
            status_code 200
            }
        nb_get_retry 3
        delay_before_retry 3
        connect_timeout 5
        }
    }
}

2.重启服务查看lvs规则

[root@s1 ~]# systemctl restart keepalived
[root@s1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.20.27.100:80 wrr
#由于后端的web服务器没有检测页面,所以没有后端的realserver

s2节点配置

1.修改keepalived配置文件

[root@s2 ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
   notification_email {
    [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id s2.mylinuxops.com
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_iptables
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 27
    priority 80
    advert_int 2
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    unicast_src_ip 172.20.27.11
    unicast_peer {
    172.20.27.10
    }
    virtual_ipaddress {
    172.20.27.100 dev ens33 label ens33:0
    }
}

virtual_server 172.20.27.100 80 {
    delay_loop 5
    lb_algo wrr
    lb_kind DR
    protocol TCP

    real_server 172.20.27.20 80 {
        weight 1
        HTTP_GET {
            url {
                path /monitor-page/index.html
                status_code 200
            }
            nb_get_retry 3
            delay_before_retry 3
            connect_timeout 5
        }   
    }
    real_server 172.20.27.21 80 {
        weight 1
        HTTP_GET {
            url {
                path /monitor-page/index.html
                status_code 200
            }
            nb_get_retry 3
            delay_before_retry 3
            connect_timeout 5
        }
    }
}

2.重启服务后查看lvs规则

[root@s2 ~]# systemctl restart keepalived
[root@s2 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.20.27.100:80 wrr
#s1节点相同没有后端的服务器

配置后端用于检测的页面

在web1和web2上创建检测页面

[root@localhost ~]# mkdir /apps/nginx/html/monitor-page
[root@localhost ~]# echo "ojbk" > /apps/nginx/html/monitor-page/index.html

在web1和web2上分别执行lvs-rs脚本

[root@localhost ~]# bash lvs_dr_rs.sh start

脚本内容

vip=172.20.27.100
mask='255.255.255.255'
dev=lo:1

case $1 in
start)
    echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
    echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
    echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
    echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
    ifconfig $dev $vip netmask $mask #broadcast $vip up
    #route add -host $vip dev $dev
    echo "The RS Server is Ready!"
    ;;
stop)
    ifconfig $dev down
    echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
    echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
    echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
    echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
    echo "The RS Server is Canceled!"
    ;;
*)
    echo "Usage: $(basename $0) start|stop"
    exit 1
    ;;
esac

测试

再次查看s1,s2节点上的lvs规则

[root@s1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.20.27.100:80 wrr
  -> 172.20.27.20:80              Route   1      0          0         
  -> 172.20.27.21:80              Route   1      0          0 
[root@s2 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.20.27.100:80 wrr
  -> 172.20.27.20:80              Route   1      0          0         
  -> 172.20.27.21:80              Route   1      0          0