环境描述:centos7最小化安装

1.环境说明:

名称 IP 说明
master ens33:192.168.0.61 vip:192.168.0.60
backup ens33:192.168.0.62 vip:192.168.0.60
tomcat1 ens33:192.168.0.63 负载
tomcat2 ens33:192.168.0.64 负载

测试机在同网段随意一台均可
tomcat安装详细步骤上一篇文章有详细描述,这里不做赘述。

2.安装ipvsadm(管理工具)+keepalived

[root@localhost ~]# yum -y install ipvsadm keepalived

3.创建lvs主备服务器运行脚本程序

[root@localhost ~]# vim /sbin/lvsdr.sh
#!/bin/bash 
VIP=192.168.0.60
RIP1=192.168.0.63
RIP2=192.168.0.64

/etc/rc.d/init.d/functions
case "$1" in
start)
       echo "start LVS of DirectorServer"
       #Set the Virtual IP Address
       /sbin/ifconfig ens33:1 $VIP broadcast $VIP netmask 255.255.255.255 up
       /sbin/route add -host $VIP dev ens33:1
       #Clear IPVS Table
       /sbin/ipvsadm -C
       #Set Lvs Add route link
       /sbin/ipvsadm -A -t $VIP:8080 -s wrr -p 60
       /sbin/ipvsadm -a -t $VIP:8080 -r $RIP1 -g
       /sbin/ipvsadm -a -t $VIP:8080 -r $RIP2 -g
  #      /sbin/ipvsadm -A -t $VIP:80 -s wrr -p 60
  #     /sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -g
  #     /sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -g
       #Run Lvs
       /sbin/ipvsadm
;;
stop)
echo "Close LVS Directorserver"
/sbin/ifconfig ens33:1 down
/sbin/ipvsadm -C
;;
*)
echo "Usage0{start|stop}"
exit 1
esac

4.添加权限并执行

[root@localhost ~]# chmod 755 /sbin/lvsdr.sh 
[root@localhost ~]# /sbin/lvsdr.sh start

[root@localhost ~]# ipvsadm -ln
查看路由配置结果,如下图则OK

5.添加到开机启动

[root@localhost ~]# vim /etc/rc.local
/sbin/lvsdr.sh start  #追加此纪录

6.将配置程序SCP到backup,并执行4、5步骤

[root@localhost ~]# scp /sbin/lvsdr.sh 192.168.0.62:/sbin/lvsdr.sh

7.tomcat1创建real服务器运行脚本程序

[root@localhost ~]# vim /sbin/realdr.sh 

#!/bin/bash
VIP=192.168.0.60
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo "1">/proc/sys/net/ipv4/conf/default/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/default/arp_announce
echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p

8.分配权限并执行

[root@localhost ~]# chmod 755 /sbin/realdr.sh 
[root@localhost ~]# /sbin/realdr.sh start

[root@localhost ~]# ifconfig
可查看到lo:0上已经有了vip地址
(注:最小化安装系统ifconfig命令没有,可yum -y install net-tools进行安装)

9.设置此real运行程序自启动

[root@localhost ~]# vim /etc/rc.local
/sbin/realdr.sh start   #追加此内容

10.将此real运行程序scp到tomcat2,并执行8、9步骤

11.配置keepalived

有个好习惯,配置文件之前,将原有文件备份,以免将来需要还原旧文件,可cp一份,存放目录最自己习惯

[root@localhost ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

[root@localhost ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
        [email protected]

   }
   notification_email_from [email protected]
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER            #主名称
    interface ens33           #注意主机网卡名称
    virtual_router_id 51     #此id主备有所不同
    priority 100                  #backup优先级应小于master
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
         192.168.0.60         #vip地址,多个的话往后续写即可

    }
}

virtual_server 192.168.0.60 8080 {
    delay_loop 6
    lb_algo rr                          #轮询算法
    lb_kind DR                       #模式为DR,最常用,效率高
    persistence_timeout 50
    protocol TCP

    real_server 192.168.0.63 8080 {
        weight 1
        SSL_GET {
            url {
              path /
              digest ff20ad2481f97b1754ef3e12ecd3a9cc
            }
            url {
              path /mrtg/
              digest 9b3a0c85a887a256d6939da88aabd8cd
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 192.168.0.64 8080 {
        weight 1
        SSL_GET {
            url {
              path /
              digest ff20ad2481f97b1754ef3e12ecd3a9cc
            }
            url {
              path /mrtg/
              digest 9b3a0c85a887a256d6939da88aabd8cd
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

}

12.将master的keepalived配置文件scp到backup

[root@localhost ~]# scp /etc/keepalived/keepalived.conf 192.168.0.62:/etc/keepalived/keepalived.conf
修改名称、id以及优先级

13.开通防火墙端口,或者关闭防火墙

此为防火墙在开启状态,访问被阻,关闭防火墙或者允许页面端口通过都可以。
实验环境可关闭防火墙:

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

生产环境建议开启端口即可,增强服务器安全性:

[root@localhost tomcat8]# firewall-cmd --permanent --add-port=8080/tcp
success
[root@localhost tomcat8]# firewall-cmd --reload
success

14.在主备启动keepalived

[root@localhost ~]# systemctl restart keepalived

15.访问vip地址

由于是DR轮询,在访问时候会两个tomcat轮流返回页面,挂掉一台后还有一台承担负荷,不至于全网GG。

16.模拟master宕机

可关机、断网、停网卡服务、停keepalived服务、防火墙阻止服务/端口……任你飞
[root@localhost ~]# systemctl stop keepalived #这里停掉master上的keepalived服务
监测日志里可看见已经stop:
[root@localhost ~]# tail -f /var/log/messages

如下图,页面访问不受影响

模拟backup宕机效果一样

17.模拟tomcat1宕机

tomcat1关机后,192.168.0.63:8080已经访问不到,但192.168.0.60:8080页面依然坚挺


至此,搞定
将问题机器处理OK后启动即可。