lvs keepalived 负载均衡器

lvs keepalived 实现负载均衡

环境

主机名	IP地址	os	软件
lvs01	172.16.50.104	CentOS 7.4.1708	ipvsadm keepalived	master
lvs02	172.16.50.111	CentOS 7.4.1708	ipvsadm keepalived	backup
nginx01	172.16.50.124	CentOS 7.4.1708	nginx
nginx02	172.16.50.112	CentOS 7.4.1708	nginx

Vip地址 172.16.50.230

部署

Nginx 部署

主机nginx01，nginx02

yum install nginx -y

启动

systemctl enable nginx && systemctl start nginx

主机nginx01

echo "124" > /usr/share/nginx/html/index.html 

主机nginx02

echo "112" > /usr/share/nginx/html/index.html 

创建realserver.sh脚本，内容如下：

#!/bin/bash
#description: Config realserver

VIP=172.16.50.230

. /etc/rc.d/init.d/functions
case "$1" in
start)
       /sbin/ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
       /sbin/route add -host $VIP dev lo:0
       echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
       sysctl -p >/dev/null 2>&1
       echo "RealServer Start OK"
       ;;
stop)
       /sbin/ifconfig lo:0 down
       /sbin/route del $VIP >/dev/null 2>&1
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
       echo "RealServer Stoped"
       ;;
*)
       echo "Usage: $0 {start|stop}"
       exit 1
esac

exit 0

添加执行权限及运行脚本

chmod +x realserver.sh && ./realserver.sh start

lvs，keepalived 部署

开启路由转发

临时生效

echo "1" > /proc/sys/net/ipv4/ip_forward

永久生效，编辑配置文件/etc/sysctl.conf添加

net.ipv4.ip_forward= 1
sysctl -p #生效

主机 lvs01，lvs02

yum install ipvsadm keepalived -y

主机lvs01编辑配置文件/etc/keepalived/keepalived.conf

! Configuration File for keepalived

! 全局配置
global_defs {
   ! 标识
   router_id keep-50.104
}

! VRRPD配置
vrrp_instance VI_1 {
    ! 指定该keepalived节点的初始状态:MASTER|BACKUP
    state MASTER
    ! vrrp实例绑定的接口，用于发送VRRP包
    interface eth0
    ! 指定VRRP实例ID，范围是0-255,主备的virtual_router_id 必须相同
    virtual_router_id 51
    ! 指定优先级，优先级高的将成为MASTER
    priority 100
    ! 指定发送VRRP通告的间隔,单位秒
    advert_int 1
    authentication {
        ! 指定认证方式:PASS|AH
        auth_type PASS
        ! 指定认证所使用的密码,最多8位
        auth_pass 1111
    }
    virtual_ipaddress {
        ! 指定VIP地址
        172.16.50.230
    }
}

virtual_server 172.16.50.230 80 {
    ! 健康检查的时间间隔
    delay_loop 6
    ! LVS调度算法:rr|wrr|lc|wlc|lblc|sh|dh
    lb_algo rr
    ! LVS模式:NAT|DR|TUN
    lb_kind DR
    ! 持久化超时时间,单位秒
    persistence_timeout 50
    ! 协议: TCP|UDP|SCTP
    protocol TCP

    ! 后端服务器
    real_server 172.16.50.124 80 {
        ! 权重
        weight 1
        ! 健康检查方式
        TCP_CHECK {
            ! 超时时间,单位秒
            connect_timeout 3
            ! 尝试次数
            nb_get_retry 3
            ! 在尝试之前延迟多少秒
            delay_before_retry 10
            ! 尝试间隔
            delay_before_retry 2
        }
    }

    real_server 172.16.50.112 80 {
        ! 权重
        weight 1
        ! 健康检查方式
        TCP_CHECK {
            ! 超时时间,单位秒
            connect_timeout 3
            ! 尝试次数
            nb_get_retry 3
            ! 在尝试之前延迟多少秒
            delay_before_retry 10
            ! 尝试间隔
            delay_before_retry 2
        }
    }
}

主机lvs02 参考主机lvs01配置文件

修改部分

router_id keep-50.111
state BACKUP
priority 90

启动

systemctl enable keepalived && systemctl start keepalived

测试

ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.50.230:80 rr persistent 50
  -> 172.16.50.112:80             Route   1      0          0         
  -> 172.16.50.124:80             Route   1      0          0         

curl 172.16.50.230
112

1. 停止主机nginx02 Nginx 服务

   观察主机lvs01 keepalived日志

   lvs01keepalived[10879]: TCP connection to [172.16.50.112]:80 failed.
   Keepalived_healthcheckers[10879]: TCP connection to [172.16.50.112]:80 failed.
   Keepalived_healthcheckers[10879]: Check on service [172.16.50.112]:80 failed after 1 retry.
   Keepalived_healthcheckers[10879]: Removing service [172.16.50.112]:80 from VS [172.16.50.230]:80

   curl 172.16.50.230
   124

2. 停止主机lvs01 Keepalived 服务

   观察主机lvs02 Keepalived 日志

   Keepalived_vrrp[10774]: VRRP_Instance(VI_1) Transition to MASTER STATE
   Keepalived_vrrp[10774]: VRRP_Instance(VI_1) Entering MASTER STATE
   Keepalived_vrrp[10774]: VRRP_Instance(VI_1) setting protocol VIPs.
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230
   Keepalived_vrrp[10774]: Sending gratuitous ARP on eth0 for 172.16.50.230

   Vip地址漂移到了主机 lvs02