LVS+Heartbeat+ldirectord构建高可用负载均衡群集(DR模式)
表1.1IP地址参数设置
|
名称
|
角色
|
IP地址
|
|
Load Balancer
(RHEL5)
|
均衡器
(LVS-Master)
|
eth0:0(Vip):192.168.5.198
eth0:192.168.5.196
eth1:10.0.0.1
(心跳接口
)
|
|
|
||
|
|
||
|
Load Balancer
(RHEL5)
|
均衡器
(LVS-Slave)
|
eth0:0(Vip):192.168.5.198
eth0:192.168.5.197
eth1:10.0.0.2
(心跳接口
)
|
|
|
||
|
|
||
|
RealServer1
(RHEL5)
|
服务器群集节点1
(Web服务器)
|
lo:0(Vip):192.168.5.198
eth0:192.168.5.191
|
|
|
||
|
RealServer2
(RHEL5)
|
服务器群集节点2
(Web服务器)
|
lo:0(Vip):192.168.5.198
eth0:192.168.5.192
|
|
|
||
实验步骤:
一、Load Balancer1(LVS-Master)配置
1) 设置网卡IP地址
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=static
HWADDR=00:0C:29:4C:BD:42
ONBOOT=yes
IPADDR=192.168.1.196
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth1
BOOTPROTO=static
ONBOOT=yes
HWADDR=00:0c:29:4c:bd:4c
IPADDR=192.168.2.1
NETMASK=255.255.255.0
GATEWAY=192.168.2.1
[root@localhost ~]# service network restart
关闭环回接口:
[确定]
弹出环回接口:
[确定]
弹出界面 eth0:
[确定]
弹出界面 eth1:
[确定]
2) 更改主机名为:LVS-Master
[root@localhost ~]# vim /etc/sysconfig/network //永久性修改,需重启机器后生效
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=LVS-Master
[root@localhost ~]# hostname LVS-Master //临时性修改,主机名及时生效。
这项必须改
3) 更改/etc/hosts文件
[root@localhost ~]# vi /etc/hosts //ip地址与主机名映射
添加如下两行
192.168.1.196
LVS-Master
192.168.1.197
LVS-Slave
4)安装heartbeat所需软件
A、检查perl-libwww-perl-*软件包是否已安装
[root@localhost ~]# rpm -qa |grep perl-libwww-perl
perl-libwww-perl-5.805-1.1.1
B、安装ipvsadm管理器
[root@localhost ~]# mount /dev/cdrom /media/
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# cd /media/Cluster
[root@localhost Cluster]# rpm -ivh ipvsadm-1.24-10.i386.rpm
C、编译安装libnet //这里所用的软件被放到了/root目录下了
[root@localhost ~]# ls
anaconda-ks.cfg install.log
libnet-0.10.11.tar.gz
Desktop
install.log.syslog soft
[root@localhost ~]# tar zxvf libnet-0.10.11.tar.gz
[root@localhost ~]# ls //解压到/root下
anaconda-ks.cfg install.log
libnet soft
Desktop
install.log.syslog libnet-0.10.11.tar.gz
[root@localhost ~]# cd libnet
[root@localhost libnet]# ./configure ;make ;make install
D、编译安装MailTools
[root@localhost libnet]# cd -
/root
[root@localhost ~]# tar zxf MailTools-2.04.tar.gz -C /usr/src/
[root@localhost ~]# cd /usr/src/
[root@localhost src]# ls
debug kernels MailTools-2.04 redhat vmware-tools-distrib
[root@localhost src]# cd MailTools-2.04/
[root@localhost MailTools-2.04]# perl Makefile.PL ;make ;make install
E、编译安装Hearbeat
[root@localhost src]# cd
[root@localhost ~]# tar jxvf Heartbeat-STABLE-2-1-STABLE-2.1.4.tar.bz2 -C /usr/src/
[root@localhost ~]# cd /usr/src/Heartbeat-STABLE-2-1-STABLE-2.1.4/
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# groupadd haclient
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# useradd hacluster -g haclient -s /sbin/nologin –M
//添加hearbeat运行所需的程序组账户:haclient组,程序用户:hacluster
Heartbeat编译前需要使用其自带的ConfigureMe脚本进行配置
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# ./ConfigureMe configure
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# ./ConfigureMe make
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# ./ConfigureMe install
F、将heartbeat设置成开机在2、3、4、5级别下自启动
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# chkconfig --add heartbeat
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# chkconfig heartbeat on
4) 配置
ldirectord故障检测及管理
将
ldirectord的配置文件ldirectord.cf的配置文件复制到/etc/ha.d目录下
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# mkdir /etc/ha.d
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# cp ./ldirectord/ldirectord.cf /etc/ha.d/ldirectord.cf
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# cd /etc/ha.d/
[root@localhost ha.d]# ls
ldirectord.cf
[root@localhost ha.d]# vim ldirectord.cf
checktimeout=3
checkinterval=1
fallback=127.0.0.1:80
autoreload=yes
logfile="/var/log/ldirectord.log"
logfile="local0"
quiescent=yes
virtual=192.168.1.198:80
real=192.168.1.191:80 gate
real=192.168.1.192:80 gate
fallback=127.0.0.1:80 gate
service=http
scheduler=rr
protocol=tcp
checktype=negotiate e
checkport=80
5) 设定heartbeat配置文档
Heartbeat的配置文件有三个:ha.cf、haresources、authkeys。这三个配置文件需要放置
/etc/ha.d目录下,但是此目录下默认没有这三个文件,所以要复制样本文件。
[root@localhost ~]# cd Heartbeat-STABLE-2-1-STABLE-2.1.4
[[email protected]]#cp ./doc/ha.cf ./doc/haresources ./doc/authkeys /etc/ha.d/
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# cd /etc/ha.d/
[root@localhost ha.d]# ls
authkeys ha.cf haresources ldirectord.cf
[root@localhost ha.d]# vi ha.cf
debugfile /var/log/ha-debug //日志文件存储位置
logfile /var/log/ha-log //其他非调试信息的写入位置
logfacility
local0 //写入日志的日志级别,默认为local0
keepalive 2 //心跳间隔时间,默认为2s
deadtime 30 //主机死亡时间,表示将在停止响应 30 秒之后启动故障转移,辅助服务器接替主服务器的工作
warntime 10 //在日志中发出最后心跳”late heartbeat” 前的警告时间设定
initdead 120 //节点重启后所花的时间
udpport 694
//upd的默认端口为694
cast
eth1 # Linux //心跳检测所使用的网卡
auto_failback on //设置当主服务器从故障恢复后,是否自动从辅助服务器中切换回来,还是手动切换过来
node
LVS-Master //节点名称,与uname –n保持一致
node
LVS-Slave
respawn root /usr/lib/heartbeat/ipfail
apiauth ipfail gid=haclient uid=hacluster
6) 编辑haresources文件,定义heartbeat启动设定VIP,启动ldirectord服务
[root@localhost ha.d]# vim haresources
在最后添加如下行
LVS-Master IPaddr::192.168.1.198/32 ldirectord::ldirectord.cf
其中,“LVS-Master”是主节点名称,“192.168.5.198/32”是VIP,“ldirectord::ldirectord.cf”指定ldirectord使用ldirectord.cf配置文件。
编辑authkeys文件,指定使用认证的方式。
[root@localhost ha.d]# vim authkeys
找到如下行,修改即可
auth 1
1 crc
考虑到安全性,authkeys文件的权限必须为600
[root@localhost ha.d]# chmod 600 authkeys
最后重启
heartbeat服务
[root@localhost ~]#service heartbeat restart
二、Load Balancer2LVS-Slave)配置
1)设置网卡IP地址
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=static
HWADDR=00:0C:29:AB:B0:02
ONBOOT=yes
IPADDR=192.168.1.197
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth1
BOOTPROTO=static
ONBOOT=yes
HWADDR=00:0c:29:ab:b0:0c
IPADDR=192.168.2.2
NETMASK=255.255.255.0
GATEWAY=192.168.2.1
[root@localhost ~]# service network restart
关闭环回接口:
[确定]
弹出环回接口:
[确定]
弹出界面 eth0:
[确定]
弹出界面 eth1:
[确定]
2) 更改主机名为:LVS-Slave
[root@localhost ~]# vim /etc/sysconfig/network //永久性修改,需重启机器后生效
NETWORKING=yes
NETWORKING_IPV6=no
HOSTNAME=LVS-Slave
[root@localhost ~]# hostname LVS-Slave //临时性修改,主机名及时生效
3) 更改/etc/hosts文件
[root@localhost ~]# vi /etc/hosts //ip地址与主机名映射
添加如下两行
192.168.1.196
LVS-Master
192.168.1.197
LVS-Slave
4)安装heartbeat所需软件
A、检查perl-libwww-perl-*软件包是否已安装
[root@localhost ~]# rpm -qa |grep perl-libwww-perl
perl-libwww-perl-5.805-1.1.1
B、安装ipvsadm管理器
[root@localhost ~]# mount /dev/cdrom /media/
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# cd /media/Cluster
[root@localhost Cluster]# rpm -ivh ipvsadm-1.24-10.i386.rpm
C、编译安装libnet //这里所用的软件被放到了/root目录下了
[root@localhost ~]# ls
anaconda-ks.cfg install.log
libnet-0.10.11.tar.gz
Desktop
install.log.syslog soft
[root@localhost ~]# tar zxvf libnet-0.10.11.tar.gz
[root@localhost ~]# ls //解压到/root下
anaconda-ks.cfg install.log
libnet soft
Desktop
install.log.syslog libnet-0.10.11.tar.gz
[root@localhost ~]# cd libnet
[root@localhost libnet]# ./configure ;make ;make install
D、编译安装MailTools
[root@localhost libnet]# cd -
/root
[root@localhost ~]# tar zxf MailTools-2.04.tar.gz -C /usr/src/
[root@localhost ~]# cd /usr/src/
[root@localhost src]# ls
debug kernels MailTools-2.04 redhat vmware-tools-distrib
[root@localhost src]# cd MailTools-2.04/
[root@localhost MailTools-2.04]# perl Makefile.PL ;make ;make install
E、编译安装Hearbeat
[root@localhost src]# cd
[root@localhost ~]# tar jxvf Heartbeat-STABLE-2-1-STABLE-2.1.4.tar.bz2 -C /usr/src/
[root@localhost ~]# cd /usr/src/Heartbeat-STABLE-2-1-STABLE-2.1.4/
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# groupadd haclient
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# useradd hacluster -g haclient -s /sbin/nologin –M
//添加hearbeat运行所需的程序组账户:haclient组,程序用户:hacluster
Heartbeat编译前需要使用其自带的ConfigureMe脚本进行配置
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# ./ConfigureMe configure
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# ./ConfigureMe make
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# ./ConfigureMe install
F、将heartbeat设置成开机在2、3、4、5级别下自启动
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# chkconfig --add heartbeat
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# chkconfig heartbeat on
4)备份节点上的配置文件内容要求与主节点服务器中的保持一致,所以可直接从主节点服
务器(LVS-Master)上复制heartbeat的三个配置文件(ha.cf、haresources、authkeys),ldirectord的配置文件(ldirectord.cf)
在LVS-Slave上创建目录ha.d
[root@localhost ~]# mkdir /etc/ha.d
在LVS-Master上scp /etc/ha.d/*
到[email protected]:/etc/ha.d
[root@localhost ~]# scp /etc/ha.d/* [email protected]:/etc/ha.d
The authenticity of host '192.168.1.197 (192.168.1.197)' can't be established.
RSA key fingerprint is 11:4a:6c:17:64:76:e5:e4:f6:53:c1:79:31:8b:da:10.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.197' (RSA) to the list of known hosts.
[email protected]'s password:
authkeys
100% 643 0.6KB/s 00:00
ha.cf
100% 10KB 10.3KB/s 00:00
haresources
100% 5967 5.8KB/s 00:00
ldirectord.cf
100% 7541 7.4KB/s 00:00
4) 配置
ldirectord故障检测及管理
将
ldirectord的配置文件ldirectord.cf的配置文件复制到/etc/ha.d目录下
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# mkdir /etc/ha.d
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# cp ./ldirectord/ldirectord.cf /etc/ha.d/ldirectord.cf
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# cd /etc/ha.d/
[root@localhost ha.d]# ls
ldirectord.cf
[root@localhost ha.d]# vim ldirectord.cf
checktimeout=3
checkinterval=1
fallback=127.0.0.1:80
autoreload=yes
logfile="/var/log/ldirectord.log"
logfile="local0"
quiescent=yes
virtual=192.168.1.198:80
real=192.168.1.191:80 gate
real=192.168.1.192:80 gate
fallback=127.0.0.1:80 gate
service=http
scheduler=rr
protocol=tcp
checktype=negotiate e
checkport=80
5) 设定heartbeat配置文档
Heartbeat的配置文件有三个:ha.cf、haresources、authkeys。这三个配置文件需要放置
/etc/ha.d目录下,但是此目录下默认没有这三个文件,所以要复制样本文件。
[root@localhost ~]# cd Heartbeat-STABLE-2-1-STABLE-2.1.4
[[email protected]]#cp ./doc/ha.cf ./doc/haresources ./doc/authkeys /etc/ha.d/
[root@localhost Heartbeat-STABLE-2-1-STABLE-2.1.4]# cd /etc/ha.d/
[root@localhost ha.d]# ls
authkeys ha.cf haresources ldirectord.cf
[root@localhost ha.d]# vi ha.cf
debugfile /var/log/ha-debug //日志文件存储位置
logfile /var/log/ha-log //其他非调试信息的写入位置
logfacility
local0 //写入日志的日志级别,默认为local0
keepalive 2 //心跳间隔时间,默认为2s
deadtime 30 //主机死亡时间,表示将在停止响应 30 秒之后启动故障转移,辅助服务器接替主服务器的工作
warntime 10 //在日志中发出最后心跳”late heartbeat” 前的警告时间设定
initdead 120 //节点重启后所花的时间
udpport 694
//upd的默认端口为694
cast
eth1 # Linux //心跳检测所使用的网卡
auto_failback on //设置当主服务器从故障恢复后,是否自动从辅助服务器中切换回来,还是手动切换过来
node
LVS-Master //节点名称,与uname –n保持一致
node
LVS-Slave
respawn root /usr/lib/heartbeat/ipfail
apiauth ipfail gid=haclient uid=hacluster
6) 编辑haresources文件,定义heartbeat启动设定VIP,启动ldirectord服务
[root@localhost ha.d]# vim haresources
在最后添加如下行
LVS-Slave IPaddr::192.168.1.198/32 ldirectord::ldirectord.cf
其中,“LVS-Master”是主节点名称,“192.168.5.198/32”是VIP,“ldirectord::ldirectord.cf”指定ldirectord使用ldirectord.cf配置文件。
编辑authkeys文件,指定使用认证的方式。
[root@localhost ha.d]# vim authkeys
找到如下行,修改即可
auth 1
1 crc
考虑到安全性,authkeys文件的权限必须为600
[root@localhost ha.d]# chmod 600 authkeys
最后重启
heartbeat服务
[root@localhost ~]#service heartbeat restart
三、Realserver服务器上的配置
提供服务的RealServer1和RealServer2不需要安装任何IPVS软件,只需要设置在开机后自动执行以下脚本:
1)在RealServer1上的设置
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=static
HWADDR=00:0C:29:26:16:64
ONBOOT=yes
IPADDR=192.168.1.191
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
编写lvs-dr脚本
[root@localhost ~]# vi /opt/lvs-dr
#!/bin/bash
vip="192.168.1.198"
/sbin/ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
/sbin/route add -host $vip dev lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
[root@localhost ~]# chmod +x /opt/lvs-dr //给予执行权限
[root@localhost ~]# echo "/opt/lvs-dr" >>/etc/rc.local //让脚本lvs-dr随机开机启动
[root@localhost ~]# /opt/lvs-dr //执行lvs-dr脚本
[root@localhost ~]# mount /dev/cdrom /media/ //挂载光盘,安装YUM
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# vim /etc/yum.repos.d/rhel-debuginfo.repo
[rhel-debuginfo]
name=Red Hat Enterprise Linux $releasever - $basearch - Debug
baseurl=file:///media/Server
enabled=1
gpgcheck=0
[root@localhost ~]# yum -y install http* //安装apache
[root@localhost ~]# echo "111" > /var/www/html/index.html //在RealServer1添加测试页
[root@localhost ~]# service httpd restart //重启web服务器
2)在RealServer1上的设置
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
# Advanced Micro Devices [AMD] 79c970 [PCnet32 LANCE]
DEVICE=eth0
BOOTPROTO=static
HWADDR=00:0C:29:E8:EE:83
ONBOOT=yes
IPADDR=192.168.1.192
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
编写lvs-dr脚本
[root@localhost ~]# vi /opt/lvs-dr
#!/bin/bash
vip="192.168.1.198"
/sbin/ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
/sbin/route add -host $vip dev lo:0
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
[root@localhost ~]# chmod +x /opt/lvs-dr //给予执行权限
[root@localhost ~]# echo "/opt/lvs-dr" >>/etc/rc.local //让脚本lvs-dr随机开机启动
[root@localhost ~]# /opt/lvs-dr //执行lvs-dr脚本
[root@localhost ~]# mount /dev/cdrom /media/ //挂载光盘,安装YUM
mount: block device /dev/cdrom is write-protected, mounting read-only
[root@localhost ~]# vim /etc/yum.repos.d/rhel-debuginfo.repo
[rhel-debuginfo]
name=Red Hat Enterprise Linux $releasever - $basearch - Debug
baseurl=file:///media/Server
enabled=1
gpgcheck=0
[root@localhost ~]# yum -y install http* //安装apache
[root@localhost ~]# echo "111" > /var/www/html/index.html //在RealServer1添加测试页
[root@localhost ~]# service httpd restart //重启web服务器
四、测试
1)启动heartbeat服务
分别在主、副均衡服务器上启动heartbeat服务,启动命令为:
[root@LVS-Slave ~]# service heartbeat start
2)确定realserver1和realserver2服务器的httpd服务启动,页面能正常访问
3)在两台客户机上分别打开浏览器,输入
http://192.168.1.198,将分别看到不同的页面