前言:
常用的负载均衡软件有lvs、haproxy、nginx,一般lvs和keeplavied一起使用
lvs是实现负载均衡作用的,即将客户端的需求采用特定的负载均衡算法分发到后端的web应用服务器上,keepalived是用来实现高可用的,即保证主lvs宕机后,从lvs可以在很短时间顶上,从而保证了系统或网站的稳定性
注意事项
1、虚拟ip不需物理机,设置ip前先本机ping以下看是否被人占用,用户访问的是虚拟ip
2、lvs使用DR模式,效率最高,物理机必须绑定虚拟ip
3、lvs slave使用ip a是查看不到虚拟ip的,如果可以看到,可能前言:virtual_router_id和master没设置成一样
4、我这里的web服务器是apache,也可以装tomcat,端口号就要改成8080,但是lvs和keepalived配置是一样的
5、keepAlived中的通知邮箱好像必须要写,否则不正确
6、keepAlived中的网卡设备要注意,按照服务器的实际情况填写
7、slave的优先级priority必须小于master的priority,如果无法转发,查看日志/var/log/messages
8、使用时,必要的端口要打开或者关掉防火墙和selinux,否则有时会无法服务,方法:
# service iptables stop
# setenforce 0
# vi /etc/sysconfig/selinux
SELINUX=disabled
然后重启服务器reboot
主机环境如下:
192.168.20.198 LVS_VIP(VIP:Virtual IP)
192.168.20.103 LVS_Master
192.168.20.104 LVS_Backup
192.168.20.193 WEB1_RealServer
192.168.20.194 WEB2_RealServer
克隆:我们先安装配置好一层的一个服务器,其他服务器使用克隆方式。
一、服务器准备
1、安装虚拟机VirtualBox_5.0.24.8355_Win.exe
2、安装CentOS 6.6
3、装完然后进行上网ip配置
vi /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=08:00:27:63:8E:2D
TYPE=Ethernet
UUID=23cfb80e-aaaf-4370-b611-2c10cee9df02
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.20.103
NETMASK=255.255.255.0
GATEWAY=192.168.20.1
cd /usr/src
yum install gcc make wget openssl-devel popt-devel libnl libnl-devel kernel-devel ipvsadm -y
ln -s /usr/src/kernels/2.6.32-642.3.1.el6.x86_64/ /usr/src/linux
wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz
tar zxvf keepalived-1.2.7.tar.gz
cd keepalived-1.2.7
./configure --with-kernel-dir=/usr/src/kernels/2.6.32-358.2.1.el6.x86_64/
make && make install
cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
知识点:ipvsadm理解为IPVS管理工具;LVS(Linux Virtual Server)的核心为IPVS(IP Virtual Server),从Linux内核版本2.6起,IPVS模块已经编译进了Linux内核,
使用yum命令进行安装,系统会选择最适合内核版本的ipvsadm,上面的kernel路径自己去用tab键弄出来
keepalived安装成功会提示:
install -m 644 ../doc/man/man1/genhash.1 /usr/local/share/man/man1三、配置KeepAlived (重点)
1、打开IP Forward 功能(LVS现有三种负载均衡规则都需要打开此功能)
vi /etc/sysctl.conf
打开后修改里面"net.ipv4.ip_forward = 1"
修改好后保存退出,执行如下命令使设置立即生效
sysctl -p
2、KeepAlivde的配置
vi /etc/keepalived/keepalived.conf
(启动KeepAlived时,它默认会去/etc/keepalived下面找它的配置文件,所以上面命令中我们已经将这个配置文件复制过来了。现在进行修改)
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_MASTER
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 60
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.20.198
}
}
virtual_server 192.168.20.198 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
#persistence_timeout 50
protocol TCP
real_server 192.168.20.193 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.20.194 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
chkconfig keepalived on
service keepalived start
#查看进程
[root@localhost ~]# ps aux | grep keepalived
root 1229 0.3 0.2 42168 1016 ? Ss 16:44 0:08 keepalived -D
root 1231 1.4 0.4 44396 2292 ? S 16:44 0:31 keepalived -D
root 1232 1.0 0.3 44272 1640 ? S 16:44 0:22 keepalived -D
root 1292 0.0 0.1 103252 864 pts/0 S+ 17:20 0:00 grep keepalived
#查看下虚拟IP是否已经加上(重要) 如果看到虚拟ip :192.168.20.198说明keepalived启动正常
[root@localhost ~]# ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:63:8e:2d brd ff:ff:ff:ff:ff:ff
inet 192.168.20.103/24 brd 192.168.20.255 scope global eth0
inet 192.168.20.198/32 scope global eth0
inet6 fe80::a00:27ff:fe63:8e2d/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
还有3个命令在先列示下,并不用执行显示集群中服务器ip信息:ipvsadm -ln查看日志:tail -f /var/log/messages查看请求转发情况:ipvsadm -lcn | grep 虚拟IP==>>至此,LVS_MASTER服务器已经配置好并启动了,接下来我们配置web服务器
vi /etc/init.d/realserver.sh
#在文件中输入如下脚本:
#!/bin/bash
SNS_VIP=192.168.203.107
. /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
然后保存退出
yum -y install httpd
chkconfig httpd on
service httpd start
为了方便测试3、启动虚拟IP的脚本,运行后会看到网络有一个虚拟IP:lo:0处有个192.168.20.198,就是最开始设置的虚拟ip
sh /etc/init.d/realserver.sh start
ifconfig
[root@localhost ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 08:00:27:63:8E:2D
inet addr:192.168.20.194 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::a00:27ff:fe63:8e2d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5645428 errors:0 dropped:0 overruns:0 frame:0
TX packets:2349063 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:379129935 (361.5 MiB) TX bytes:150050719 (143.0 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:93 errors:0 dropped:0 overruns:0 frame:0
TX packets:93 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:6634 (6.4 KiB) TX bytes:6634 (6.4 KiB)
lo:0 Link encap:Local Loopback
inet addr:192.168.20.198 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:65536 Metric:1
4、去LVS_MASTER服务器的终端查看下ipvsadm,查看已经连接上了WEB1服务器,运行命令
[root@localhost network-scripts]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.20.198:80 rr
-> 192.168.20.193:80 Route 1 0 0
五、配置lvs slave、web2服务器
1、从LVS_MASTER克隆一个LVS_BACKUP服务器,然后修改其中的参数,MASTER与BACKUP配置仅三处不同:global_defs中的router_id、vrrp_instance中的state、priority
(注意keepAlived的配置文件中有一个网卡设备,虚拟机的网卡设备可能是不一样的,有的是eth0,有的是eth1,所以也是要改动的,否则从服务器的服务器很有可能服务不正常)
配置好的如下文:
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_BACKUP
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 60
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.20.198
}
}
virtual_server 192.168.20.198 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
#persistence_timeout 50
protocol TCP
real_server 192.168.20.193 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.20.194 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
lvs_master查看相关日志
[root@localhost ~]# ps aux | grep keepalived
root 1229 0.9 0.2 42168 1016 ? Ss 16:44 0:46 keepalived -D
root 1231 3.3 0.4 44396 2300 ? S 16:44 2:45 keepalived -D
root 1232 2.1 0.3 44272 1640 ? S 16:44 1:48 keepalived -D
root 1373 0.0 0.1 103252 860 pts/0 S+ 18:07 0:00 grep keepalived
[root@localhost ~]# ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP ql en 1000
link/ether 08:00:27:63:8e:2d brd ff:ff:ff:ff:ff:ff
inet 192.168.20.103/24 brd 192.168.20.255 scope global eth0
inet 192.168.20.198/32 scope global eth0
inet6 fe80::a00:27ff:fe63:8e2d/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.20.198:80 rr
-> 192.168.20.193:80 Route 1 2 0
-> 192.168.20.194:80 Route 1 0 0
[root@localhost ~]# ipvsadm -lcn | grep 192.168.20.198
TCP 07:55 ESTABLISHED 192.168.20.24:56422 192.168.20.198:80 192.168.20.193:80
TCP 08:21 ESTABLISHED 192.168.20.24:56430 192.168.20.198:80 192.168.20.193:80
[root@localhost ~]# tail -f /var/log/messages
Jul 14 18:11:19 localhost Keepalived_vrrp[1232]: bogus VRRP packet received on eth0 !!!
Jul 14 18:11:19 localhost Keepalived_vrrp[1232]: VRRP_Instance(VI_1) Dropping received VRRP packet...
Jul 14 18:11:21 localhost Keepalived_vrrp[1232]: ip address associated with VRID not present in received packet : 192.168.20.198
Jul 14 18:11:21 localhost Keepalived_vrrp[1232]: one or more VIP associated with VRID mismatch actual MASTER advert
Jul 14 18:11:21 localhost Keepalived_vrrp[1232]: bogus VRRP packet received on eth0 !!!
Jul 14 18:11:21 localhost Keepalived_vrrp[1232]: VRRP_Instance(VI_1) Dropping received VRRP packet...
具体测试方法:
开启每个服务器的相关服务,关闭防火墙,开始进行测试。
1、测试LVS层
1)首先执行ip a命令,主服务器会存在一个虚拟IP,从服务器不会存在这个虚拟IP。现在浏览网页显示正常。虚拟IP如图所示:
显示集群中服务器ip信息:ipvsadm -ln
查看日志:tail -f /var/log/messages
查看请求转发情况:ipvsadm -lcn | grep 虚拟IP
2)现在停掉LVS_MASTER的keepAlived服务,看LVS_BACKUP是否可以自动加上虚拟IP地址,并且开始转发请求。
(注意keepAlived的配置文件中有一个网卡设备,虚拟机的网卡设备可能是不一样的,有的是eth0,有的是eth1,所以也是要改动的,否则从服务器的服务器很有可能服务不正常)
之后你通过命令:ip a去分别查看LVS_MASTER和LVS_BACKUP机器,结果正如预料一样,BACKUP立即接管了MASTER的工作。
切换很快,访问网页:http://192.168.20.198也能正常显示。
3)恢复主服务器的keepAlived服务后,主服务器立刻接替了从服务器的工作,就不做截图了。和第1)个正常效果是一样的。
4)测试WEB服务器,看能否正常提供服务。先断掉WEB1,看下效果。
ipvsadm中的服务器列表,已经去掉了WEB1服务器,访问网页也只能访问到WEB2服务器了。
5)开启WEB1,关掉WEB2。测试正常