Keepalived+LVS部署高可用集群

Keepalived+LVS(DR)部署高可用Web集群

集群环境

主机	角色	服务
192.168.110.134	MASTER	Keepalived
192.168.110.137	BACKUP	Keepalived
192.168.110.136	Real server1	HTTPD
192.168.110.145	Real server2	HTTPD

MASTER配置

global_defs {
   notification_email {
     [email protected]
     [email protected]
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_BACKUP
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.110.252
    }
}

virtual_server 192.168.110.252 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 50
    protocol TCP

    real_server 192.168.110.136 80 {
            weight 1
            TCP_CHECK {
                retry 3
                connect_timeout 3
                nb_get_retry 3
                delay_before_retry 3
                conncet_port 80
            }
        }
    real_server 192.168.110.136 80 {
            weight 1
            TCP_CHECK {
                retry 3
                connect_timeout 3
                nb_get_retry 3
                delay_before_retry 3
                conncet_port 80
            }
        }
    }
}

BACKUP配置

global_defs {
   notification_email {
     [email protected]
     [email protected]
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_BACKUP
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens160
    virtual_router_id 51
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.110.252
    }
}

virtual_server 192.168.110.252 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 50
    protocol TCP

    real_server 192.168.110.136 80 {
        weight 1
        TCP_CHECK{
            connect_timeout 3
            retry 3
            delay_before_retry 3
            connect_port 80
          }
        }
    real_server 192.168.110.145 80 {
        weight 1
        TCP_CHECK{
            connect_timeout 3
            retry 3
            delay_before_retry 3
            connect_port 80
          }
        }
    }
}

检查Virtual IP是否漂移

[root@keepalived ~]# ip addr| grep "252"
    inet 192.168.110.252/32 scope global ens33
[root@localhost ~]# ip addr| grep "252"
[root@localhost ~]# 

#关闭服务Keepalived-MASTER
[root@keepalived ~]# systemctl stop keepalived.service 
[root@keepalived ~]# ip addr| grep "252"
[root@keepalived ~]# 
[root@localhost ~]# ip addr| grep "252"
    inet 192.168.110.252/32 scope global ens160

IPVS检查

前提下载ipvsadm

MASTER

[root@keepalived ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.110.252:80 wrr persistent 50
  -> 192.168.110.136:80           Route   1      0          0         
  -> 192.168.110.145:80           Route   1      0          0 

BACKUP

[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.110.252:80 wrr persistent 50
  -> 192.168.110.136:80           Route   1      0          0         
  -> 192.168.110.145:80           Route   1      0          0

Real Server配置

#将VIP绑定至环回网卡
[root@webserver ~]# ifconfig lo:eth1 192.168.110.252 netmask 255.255.255.255 up
#ARP抑制
[root@webserver ~]# echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@webserver ~]# echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@webserver ~]# route add -host 192.168.110.252 dev lo

附上个人写的小脚本

#!/bin/bash
read -p "Enter the Virtual IP : " vip
ifconfig lo:eth1 $vip netmask 255.255.255.255 up
if [ $? -eq 0 ]
then
	echo -e "\033[32m OK \033[0m" 
else
	echo -e "\033[31m Failed \033[0m"
fi
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
if [ $? -eq 0 ]
then
    echo -e "\033[32m OK \033[0m" 
else
	echo -e "\033[31m Failed \033[0m"
fi
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
if [ $? -eq 0 ]
then
    echo -e "\033[32m OK \033[0m" 
else
	echo -e "\033[31m Failed \033[0m"
fi
route add -host $vip dev lo
if [ $? -eq 0 ]
then
    echo -e "\033[32m OK \033[0m" 
else
	echo -e "\033[31m Failed \033[0m"
fi

大家可以根据自己需要做调整。

测试

停用Real Server某一台的Apache服务

#在Master上动态监测
[root@keepalived ~]# watch -n 0.5 ipvsadm -ln 
#RS
[root@docker ~]# systemctl stop httpd

这里效果需要自己方能看出来。

停用Master上的keepalived检测Backup是否接管资源

#停用前
C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145

C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145
#停用后
[root@keepalived ~]# systemctl stop keepalived.service
C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145

C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145

[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.110.252:80 wrr persistent 50
  -> 192.168.110.136:80           Route   1      0          0         
  -> 192.168.110.145:80           Route   1      0          5
  #可以看出来资源被接管后145被访问了5此