keepalived+lvs集群

一，概念及实验介绍

其他的高可用方案：pacemaker piranha heartbeat
其他负载均衡方案：lvs nginx haproxy(专业的七层负载均衡)
keepalived是什么
keepalived是集群管理中保证集群高可用的一个服务软件，其功能类似于heartbeat，用来防止单点故障。

keepalived工作原理
keepalived是以VRRP协议为实现基础的，VRRP全称Virtual Router Redundancy Protocol，即虚拟路由冗余协议。

工作原理：
虚拟路由冗余协议，可以认为是实现路由器高可用的协议，即将N台提供相同功能的服务器组成一个服务器组，这个组里面有一个master和多个backup，master上面有一个对外提供服务的vip（该服务器所在局域网内其他机器的默认路由为该vip），master会发组播，当backup收不到vrrp包时就认为master宕掉了，这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以保证服务器的高可用了。

keepalived主要有三个模块，分别是core、check和vrrp。core模块为keepalived的核心，负责主进程的启动、维护以及全局配置文件的加载和解析。check负责健康检查，包括常见的各种检查方式。vrrp模块是来实现VRRP协议的。

拓扑

++++++++++++
+---------------------------> + Client + 192.168.122.1/24 (真实机做客户端)
| ++++++++++++
| ________________|_______________ VIP eth0:1 192.168.122.254/24
| | |
| +++++++++++++ +++++++++++++
| + Director master + + Director backup +
| +++++++++++++ +++++++++++++
| DIP eth0 192.168.122.10/24 DIP eth0 192.168.122.20/24
| |______________________________|
|_____________________________________|____________________
| |
| |
++++++++++++ ++++++++++++
+ Real Server A + + Real Server B +
++++++++++++ ++++++++++++
eth0 192.168.122.30/24 eth0 192.168.122.40/24

分别在Director master、Director backup 上部署浮动资源（VIP IPVS策略）
测试2个Director在DR模式下都工作正常。测试完成后都撤掉浮动资源。

在Director master上安装配置Keepalived
[root@localhost ~]# tar xf keepalived-1.2.1.tar.gz
[root@localhost ~]# cd keepalived-1.2.1


[root@localhost keepalived-1.2.1]# ./configure --prefix=/ --mandir=/usr/local/share/man/ --with-kernel-dir=/usr/src/kernels/2.6.18-194.el5xen-i686/

注意：如果没有/usr/src/kernels/2.6.18-194.el5xen-i686，需要安装对应当前kernel版本的kernel-devel软件包
例：[root@localhost ~]# uname -r
2.6.18-308.el5xen
[root@localhost ~]# yum install kernel-xen-devel

Keepalived configuration
------------------------
Keepalived version : 1.2.1
Compiler : gcc
Compiler flags : -g -O2 -DETHERTYPE_IPV6=0x86dd
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework : Yes
Use Debug flags : No

[root@localhost keepalived-1.2.1]# make
[root@localhost keepalived-1.2.1]# make install

实验的过程：

1.安装软件
在Director master上安装配置Keepalived
# yum install keepalived -y
2.配置文件的修改
[root@localhost keepalived-1.2.1]# cd /etc/keepalived/
[root@localhost keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Director1 //两边dr机器上面是一样的
}

vrrp_instance VI_1 {
state MASTER //另一台机器是BACKUP
interface eth0 //心跳网卡
virtual_router_id 51 //随便写，两台dr一样
priority 150 //优先级
advert_int 1 //检查间隔，单位秒
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.122.254/24 dev eth0
}
}

virtual_server 192.168.122.254 80 { //LVS 配置
delay_loop 3 //服务论询的时间间隔
lb_algo rr //LVS 调度算法
lb_kind DR // LVS 集群模式
protocol TCP
real_server 192.168.122.30 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 192.168.122.40 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}
3.在backup机器上安装keepalived
# yum -y install keepalived

4.拷贝master上的keepalived.conf到backup机器上
[root@localhost keepalived]# scp keepalived.conf 192.168.122.20:/etc/keepalived/
5.拷贝后,修改配置文件
state BACKUP
priority 100

6.两个Director上启动服务：
两个Director上启动服务:
rhel6:
[root@localhost keepalived]# service keepalived start
rhel7:
[root@localhost keepalived]# systemctl start keepalived
7.测试：
观察lvs路由条目
观察vip地址在哪台机器上
用浏览器访问测试
手动关闭一台dr的keepalived服务
再启动试一试

=============================

二，实验的具体过程

1.实验环境：四台机器
192.168.78.142 web1 rs1
192.168.78.145 web2 rs2
192.168.78.134 master
192.168.78.144 backup
2.在 master和backup这两台机器上面：
添加网卡，原来是有ens33 ，添加后都有ens37(用来设置vip)
#yum -y install keepalived
这里其实设置了针对网卡ens37的虚拟IP 192.168.78.150（这个ip是虚拟的，可以随意设置，只要在同一网段）
对于master机器：
#vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Director1
}

vrrp_instance VI_1 {
state MASTER
interface ens37
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.78.150/24 dev ens37
}
}

virtual_server 192.168.78.150 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 192.168.78.142 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 192.168.78.145 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}
#systemctl restart keepalived
对于backup机器：
#vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Director1
}

vrrp_instance VI_1 {
state BACKUP
interface ens37
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.78.150/24 dev ens37
}
}

virtual_server 192.168.78.150 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 192.168.78.142 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 192.168.78.145 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}
#systemctl restart keepalived
3.在web1和web2上面：
#yum -y install nginx
#systemctl start nginx
这里的nginx的主页的内容最好不一样，可以适当改一下，这样才能看到效果

4.测试(访问虚拟IP)
观察lvs路由条目
观察vip地址在哪台机器上
用浏览器访问测试
手动关闭一台dr的keepalived服务
再启动试一试

补充说明:

keepalived还可以给其他的需求做高可用