Vm linux下实现keepalived+DNS+apache实现负载均衡+高可用
DNS顾名思义是域名解析服务器,keepalived是知名的开源套件用于实现服务器的高可用,这里这个小实验是实现负载均衡+高可用的另外一个方案,即DNS用于负载均衡,keepalived实现高可用。
实验平台:vm下三台linux(CentOS5.5)虚拟机服务器
IP规划:
DNS server:192.168.1.193.
Web1 server+keepalived(两个套件安装在同一台主机上):192.168.1.195
Web2 server+keepalived(两个套件安装在同一台主机上):192.168.1.196
第一:对于DNS server的设置
[root@localhost ~]# yum -y install bind bind-chroot ypbind bind-utils caching-nameserver
第二:在DNS服务器上的设置
[root@localhost ~]# cd /var/named/chroot/etc/ //进入主设置档案所在的目录
[root@localhost etc]# cp -p named.caching-nameserver.conf named.conf //制作主配置文件
以下这个步骤的含义是:每次服务启动时默认的会去/etc目录下去搜索配置文件,做这个软连接也是这个原因。
[root@localhost etc]# ln -s /var/named/chroot/etc/named.conf /etc/named.conf
以下这个步骤是对rndc的设置(借助rndc对DNS服务器的管理,可以在不关闭DNS服务器的情况下,更新主服务器做过的修改)
[root@localhost ~]# rndc-confgen > /etc/rndc.conf //生成rndc的主配置文档
对这个档案不做任何的修改,只需把DNS需要的部分复制过去即可
[root@localhost ~]# vi /etc/rndc.conf
[root@localhost ~]# vi /etc/named.conf //修改主配置文件,主要修改以下列出的部分即可
listen-on port 53 { any; };
forwarders{202.102.240.65;};
allow-query { any; };
allow-query-cache { any; };
match-clients { any; };
match-destinations { any; };
###################### rndc-confgen ###################
key "rndckey" {
algorithm hmac-md5;
secret "JkZ/MxIb8I58yefvWMkpIw==";
};
controls {
inet 127.0.0.1 port 953
allow { 127.0.0.1; } keys { "rndckey"; };
};
############################END ##################
以上这个步骤就是可以使用#rdnc reload重载配置文件
[root@localhost ~]# vi /etc/named.rfc1912.zones //添加自己的域
zone "ethnicity.com" IN {
type master;
file "named.ethnicity.com";
allow-update { none; };
allow-transfer { 192.168.1.195;}; //这就是针对辅服务器做的设置
also-notify { 192.168.1.195; };
};
zone "1.168.192.in-addr.arpa" IN {
type master;
file "named.192.168.1";
allow-update { none; };
allow-transfer { 192.168.1.195;}; //这里是针对DNS的master/slave的设置,可以略
also-notify { 192.168.1.195; };
};
以下这个步骤是建立自己域名的配置文件
[root@localhost named]# cp -p localhost.zone named.ethnicity.com
[root@localhost named]# cp -p named.local named.192.168.1
[root@localhost named]# vi named.ethnicity.com //设置正解
$TTL 86400
@ IN SOA dns.ethnicity.com. root.ethnicity.com. (
46 ; serial (d. adams)
3H ; refresh
15M ; retry
1W ; expiry
1D ) ; minimum
IN NS dns.ethnicity.com.
@ IN MX 10 mail.ethnicity.com.
www IN A 192.168.1.200
www IN A 192.168.1.203
[root@localhost named]# vi named.192.168.1 //设置反解
$TTL 86400
@ IN SOA dns.ethnicity.com. root.ethnicity.com. (
1997022700 ; Serial
28800 ; Refresh
14400 ; Retry
3600000 ; Expire
86400 ) ; Minimum
IN NS dns.ethnicity.com.
200 IN PTR www.ethnicity.com.
203 IN PTR www.ethnicity.com.
[root@localhost ~]# vi /etc/resolv.conf
nameserver 192.168.1.193
第二:对于keepalived的安装配置
首先是双方(192.168.1.195和192.168.1.196)都要做的步骤:
[root@localhost ~]# yum -y install ipvsadm kernel-devel openssl openssl-devel
[root@localhost ~]# ln -s /usr/src/kernels/2.6.18-194.el5-i686/ /usr/src/linux
[root@localhost ~]# wget http://www.keepalived.org/software/keepalived-1.2.1.tar.gz
[root@localhost ~]# ls keepalived-1.2.1.tar.gz
keepalived-1.2.1.tar.gz
[root@localhost ~]# tar zxvf keepalived-1.2.1.tar.gz
[root@localhost ~]# cd keepalived-1.2.1
[root@localhost keepalived-1.2.1]# ./configure //结束后出现以下的内容表示可以编译安装了
Keepalived configuration
------------------------
Keepalived version : 1.2.1
Compiler : gcc
Compiler flags : -g -O2 -DETHERTYPE_IPV6=0x86dd
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework : Yes
Use Debug flags : No
[root@localhost keepalived-1.2.1]# make && make install
[root@localhost ~]# mkdir /etc/keepalived
[root@localhost ~]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
[root@localhost ~]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/keepalived
[root@localhost ~]# cp /usr/local/sbin/keepalived /usr/sbin/keepalived
[root@localhost ~]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/keepalived
其次是在192.168.1.195上的配置异于192.168.1.196的内容为:
[root@localhost ~]# "web 192.168.1.195">/var/www/html/index.html
[root@localhost ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 192.168.1.196
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "killall -0 httpd"
interval 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 5
authentication {
auth_typePASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.200/24 dev eth0
}
track_script {
chk_http_port
}
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 52
priority 150
advert_int 5
authentication {
auth_typePASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.203/24 dev eth0
}
track_script {
chk_http_port
}
}
再次是在192.168.1.196上的配置异于192.168.1.195的内容为:
[root@localhost ~]# echo "web 192.168.1.196">/var/www/html/index.html
[root@localhost ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 192.168.1.196
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "killall -0 httpd"
interval 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 5
authentication {
auth_typePASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.200/24 dev eth0
}
track_script {
chk_http_port
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
priority 100
advert_int 5
authentication {
auth_typePASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.203/24 dev eth0
}
track_script {
chk_http_port
}
}
第三:测试的部分 //模拟真实环境的故障
分别打开192.168.1.195和192.168.1.196的keepalived和apache服务
[root@localhost ~]# /etc/init.d/keepalived restart
[root@localhost ~]# /etc/init.d/httpd restart
在DNS服务器上打开named服务
[root@localhost ~]# /etc/init.d/named restart
1、 在DNS主机上(同时作为客户端,客户端采用windows主机也可以,但是需要把DNS服务器设置成192.168.1.193)
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.195
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.196
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.195
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.196
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.195
以上是多次访问的结果
2、 模拟192.168.1.196上的keepalived关闭或者apache关闭
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.195
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.195
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.195
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.195
以上是多次访问的结果
3、 模拟192.168.1.195上的keepalived关闭或者apache关闭
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.196
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.196
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.196
[root@localhost ~]# curl http://www.ethnicity.com
web 192.168.1.196
至此实验结束
总结:这个实验是对网络学习的一个测试,在此十分的感谢赶星老师,这个实验的关键点就在DNS和keepalived,期待更近一步的学习,这里只是点到为止,皮毛。