LVS+Keepalived高可用负载均衡集群架构实验(参考)
本文未做测试,转载的目的是因为文章中有很多注释,方便我们了解配置过程和原理。
实验环境:
LVS和keepalived介绍:
1.keepalived的设计目标是构建高可用的LVS负载均衡群集,可以调用ipvsadm工具来创建虚拟服务器,管理服务器池,而不仅仅用来做双机热备。
使用keepalived构建LVS群集更加简便易用,主要优势体现在:
对LVS负载调度器实现热备切换,提高可用性;
对服务器池中的节点进行健康检查,自动移除失效节点,恢复后再重新加入。
2.在基于LVS+Keepalived实现的LVS群集结构中,至少包括两台热备的负载调度器,两台以上的节点服务器,本例将以DR模式的LVS群集为基础,增加一台从负载调度器,使用Keepalived来实现主、从调度器的热备,从而构建建有负载均衡、高可用两种能力的LVS网站群集平台。
3.通过LVS+Keepalived构建的LVS集群,LVS负载均衡用户请求到后端tomcat服务器,Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。
Keepalived简介
什么是Keepalived:keepalived可以实现服务的高可用或热备,用来防止单点故障的问题;而Keepalived的核心VRRP协议,VRRP协议主要实现了在路由器或三层交换机处的冗余;Keepalived就是使用VRRP协议来实现高可用的;下面一起来看一下Keepalived的原理图:
Keepalived启动后会有三个进程:
父进程:内存管理,子进程管理
子进程:VRRP子进程
子进程:healthchecker子进程
由上图可知:
两个子进程都被系统WatchDog看管,两个子进程各自复杂自己的事,healthchecker子进程复杂检查各自服务器的健康程度,例如HTTP,LVS等,如果healthchecker子进程检查到MASTER上服务不可用了,就会通知本机上的VRRP子进程,让它删除通告,并且去掉虚拟IP,转换为BACKUP状态;
实验架构图:
1
实验过程:
HA高可用集群构建前提:
1.proxy和proxy2节点时间必须同步;
建议使用ntp协议进行;
参考博客:http://sohudrgon.blog.51cto.com/3088108/1598314
2、节点之间必须要通过主机名互相通信;
建议使用hosts文件;
通信中使用的名字必须与其节点为上“uname -n”命令展示出的名字保持一致;
[root@proxy ~]# cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.0.1 server.magelinux.com server
172.16.31.52 proxy.stu31.com proxy
172.16.31.53 proxy2.stu31.com proxy2
172.16.31.50 tom1.stu31.com tom1
172.16.31.51 tom2.stu31.com tom2
3、节点之间彼此root用户能基于ssh密钥方式进行通信;
节点proxy:
# ssh-keygen -t rsa -P ""
# ssh-copy-id -i .ssh/id_rsa.pub proxy2
节点proxy2:
# ssh-keygen -t rsa -P ""
# ssh-copy-id -i .ssh/id_rsa.pub proxy
测试ssh无密钥通信:
123 [root@proxy ~]# date ; ssh proxy2 date
Sat Jan 17 15:29:26 CST 2015
Sat Jan 17 15:29:26 CST 2015
一.配置安装LVS+keepalived
1.在Master与Backup服务器上分别安装Ipvsadm、Keepalived软件包、这里使用的是yum安装方式
# yum install -y keepalived ipvsadm
注释:这里安装Ipvsadm工具主要是为了查看lvs规则使用,不安装ipvsadm工具也能成功配置规则,但不方便;
2.修改keepalived配置文件
keepalived的文件路径/etc/keepalived/keepalived.conf
修改Master节点proxy的主配置文件
[root@proxy ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email { #设置报警通知邮件地址,可以设置多个
root@localhost
}
notification_email_from [email protected] #设置邮件的发送地址
smtp_server 127.0.0.1 #设置smtp server的地址,该地址必须是存在的
smtp_connect_timeout 30 #设置连接smtp server的超时时间
router_id LVS_DEVEL #运行Keepalived服务器的标识,发邮件时显示在邮件标题中的信息
}
vrrp_instance VI_1 { #定义VRRP实例,实例名自定义
state MASTER #指定Keepalived的角色,MASTER为主服务器,BACKUP为备用服务器
interface eth0 #指定HA监测的接口
virtual_router_id 51 #虚拟路由标识,这个标识是一个数字(1-255),在一个VRRP实例中主备服务器ID必须一样
priority 100 #优先级,数字越大优先级越高,在一个实例中主服务器优先级要高于备服务器
advert_int 1 #设置主备之间同步检查的时间间隔单位秒
authentication { #设置验证类型和密码
auth_type PASS #验证类型有两种{PASS|HA}
auth_pass Oracle #设置验证密码,在一个实例中主备密码保持一样
}
virtual_ipaddress { #定义虚拟IP地址,可以有多个,每行一个
172.16.31.188
}
}
virtual_server 172.16.31.188 { #设置虚拟服务器,需要指定虚拟IP与服务端口,用空格分隔
delay_loop 6 #设置健康状态检查时间,单位为秒
lb_algo rr #设置负载高度算法,rr为轮询
lb_kind DR #设置LVS实现负载均衡的机制,可以为{NAT|TUN|DR}三种
nat_mask 255.255.0.0 #设置掩码
persistence_timeout 50 #会话保持时间,单位为秒;这个选项对于动态网页是非常有用的,为集群系统中session共享提供了一个很好的解决方案
protocol TCP #指定转发协议类型可以设置{TCP|UDP}两种
real_server 172.16.31.50 80 { #后端服务器节点,需要指定Real_server的IP与端口,用空格分隔
weight 1 #配置服务节点的权重,数字越大,权重越高
HTTP_GET { #设置检测Realserver的方式为http协议
url {
path /
status_code 200 #设定返回状态码为200表示Realserver是存活的
}
connect_timeout 3 #设置响应超时时间
nb_get_retry 3 #设置超时重试次数
delay_before_retry 3 #设置超时后重试间隔
}
}
real_server 172.16.31.51 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
3.将Master服务器proxy节点上的主配置文件拷贝到Backup服务器proxy2节点稍作修改
# scp /etc/keepalived/keepalived.conf proxy2:/etc/keepalived/
######修改如下两项
[root@proxy2 ~]# vim /etc/keepalived/keepalived.conf
state BACKUP
priority 99
4.启动两台服务器上的Keepalived服务并设置为开机自启动
# chkconfig --add keepalived ; ssh proxy2 "chkconfig --add keepalived"
# chkconfig keepalived on ; ssh proxy2 "chkconfig keepalived on"
# chkconfig --list keepalived; ssh proxy2 "chkconfig --list keepalived"
keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
启动服务:
# service keepalived start; ssh proxy2 "service keepalived start"
5.观察各节点的服务启动后的日志:
MASTER节点的日志;
[root@proxy keepalived]# tail -f /var/log/messages
Jan 17 15:57:42 proxy Keepalived[15019]: Starting Keepalived v1.2.13 (10/15,2014)
Jan 17 15:57:42 proxy Keepalived[15021]: Starting Healthcheck child process, pid=15024
Jan 17 15:57:42 proxy Keepalived[15021]: Starting VRRP child process, pid=15025
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: Netlink reflector reports IP 172.16.31.52 added
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: Netlink reflector reports IP fe80::a00:27ff:fe3b:2360 added
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: Registering Kernel netlink reflector
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: Registering Kernel netlink command channel
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: Registering gratuitous ARP shared channel
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Netlink reflector reports IP 172.16.31.52 added
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Netlink reflector reports IP fe80::a00:27ff:fe3b:2360 added
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Registering Kernel netlink reflector
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Registering Kernel netlink command channel
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: Opening file '/etc/keepalived/keepalived.conf'.
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: Configuration is using : 63202 Bytes
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: Using LinkWatch kernel netlink reflector...
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Opening file '/etc/keepalived/keepalived.conf'.
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Configuration is using : 16989 Bytes
Jan 17 15:57:42 proxy Keepalived_vrrp[15025]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Using LinkWatch kernel netlink reflector...
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Activating healthchecker for service [172.16.31.50]:8080
Jan 17 15:57:42 proxy Keepalived_healthcheckers[15024]: Activating healthchecker for service [172.16.31.51]:8080
Jan 17 15:57:43 proxy Keepalived_vrrp[15025]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jan 17 15:57:44 proxy Keepalived_vrrp[15025]: VRRP_Instance(VI_1) Entering MASTER STATE
Jan 17 15:57:44 proxy Keepalived_vrrp[15025]: VRRP_Instance(VI_1) setting protocol VIPs.
Jan 17 15:57:44 proxy Keepalived_healthcheckers[15024]: Netlink reflector reports IP 172.16.31.188 added
Jan 17 15:57:44 proxy Keepalived_vrrp[15025]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 172.16.31.188
BACKUP节点的日志:
[root@proxy2 keepalived]# tail -f /var/log/messages
Jan 17 15:57:42 proxy2 Keepalived[15005]: Starting Keepalived v1.2.13 (10/15,2014)
Jan 17 15:57:42 proxy2 Keepalived[15007]: Starting Healthcheck child process, pid=15009
Jan 17 15:57:42 proxy2 Keepalived[15007]: Starting VRRP child process, pid=15010
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: Netlink reflector reports IP 172.16.31.53 added
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Netlink reflector reports IP 172.16.31.53 added
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: Netlink reflector reports IP fe80::a00:27ff:fe6e:bd28 added
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: Registering Kernel netlink reflector
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: Registering Kernel netlink command channel
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: Registering gratuitous ARP shared channel
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Netlink reflector reports IP fe80::a00:27ff:fe6e:bd28 added
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Registering Kernel netlink reflector
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Registering Kernel netlink command channel
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: Opening file '/etc/keepalived/keepalived.conf'.
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Opening file '/etc/keepalived/keepalived.conf'.
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Configuration is using : 16991 Bytes
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: Configuration is using : 63204 Bytes
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: Using LinkWatch kernel netlink reflector...
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: VRRP_Instance(VI_1) Entering BACKUP STATE
Jan 17 15:57:42 proxy2 Keepalived_vrrp[15010]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Using LinkWatch kernel netlink reflector...
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Activating healthchecker for service [172.16.31.50]:8080
Jan 17 15:57:42 proxy2 Keepalived_healthcheckers[15009]: Activating healthchecker for service [172.16.31.51]:8080
6.开启Master节点与Backup节点服务器的路由转发功能
#sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
Linux服务器LB群集之LVS-NAT http://www.linuxidc.com/Linux/2013-05/84774.htm
Linux下群集服务之LB集群-LVS-NAT模式 http://www.linuxidc.com/Linux/2012-05/59839.htm
LVS-NAT+ipvsadm实现RHEL 5.7上的服务集群 http://www.linuxidc.com/Linux/2012-04/58936.htm
Linux虚拟服务器LVS-NAT 和 LVS-DR 模型的实现 http://www.linuxidc.com/Linux/2011-09/42934.htm
转载地址:http://www.linuxidc.com/Linux/2015-01/112560.htm