规划:启用4台主机:高可用节点:HA1、HA2 、RS1 、RS2
地址划分:172.16.173.10、172.16.173.11、172.16.173.13、172.16.173.14、172.16.173.1(虚拟主机ip)
1、配置主机名,保持主机名一致
# hostname lzl01 暂时性的 # vim /etc/sysconfig/network ##修改如下: HOSTNAME=lzl01#当然HA2上要改为lzl02 :wq #保存退出 # vim /etc/hosts 可以配置主机的别名及主机名解析
2、实现时间同步(如果时间相差太多也会出现错误)
[root@lzl02 ~]# service ntpd stop [root@lzl02 ~]# chkconfig ntpd off 关闭自启动服务 [root@lzl02 ~]# ntpdate 172.16.0.1 与服务器同步时间 [root@lzl02 ~]# date 可以使用命令来实现,防止时间再次错乱(因为使用的虚拟机显示的,所以挂起可能会影响实验) */5 * * * * /sbin/ntpdate 172.16.0.1 &> /dev/null每5分钟同步时间 [root@lzl02 ~]# scp /var/spool/cron/root lzl01:/var/spool/cron/复制到另一主机 root@lzl01 ~]# crontab -l查看所写规则如存在规则,则需删除,以免影响实验
3、实现双机互信
#ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' 生成密钥 #ssh-copy-id -i .ssh/id_rsa.pub root@node2 ##将公钥文件发送到HA2上边
4 、配置yum 源并下载
http://407711169.blog.51cto.com/6616996/1179601[1] ## 此处前边是一个配置yum的例子
安装配置HA的keepalived工具及负载均衡管理工具ipvsadm
下载好 keepalived-1.2.7-5.el5.i386.rpm
lftp 172.16.0.1:/pub/Sources/keepalived> get keepalived-1.2.7-5.el5.i386.rpm下载软件rpm包(此处仅演示,此ftp及yum源均是私有的,不可用。)
[root@lzl02 ~]# yum -y --nogpgcheck localinstall keepalived-1.2.7-5.el5.i386.rpm安装rpm包 在另一个节点上安装 [root@lzl02 ~]# cd /etc/keepalived/ [root@lzl02 keepalived]# ls查看配置文件
5、在RS1、RS2上安装httpd服务
# yum install httpd �Cy # vim /var/www/html/index.html ###添加如下内容 172.16.173.*(本机ip) # service httpd start##开启服务
这个时候可以打开浏览器输入下172.16.173.13 和172.16.173.14 来测试下界面
6 、设置负载均衡集群
这里只需要在各个RS节点中运行下如下的脚本,就可以了。(当然如果不怕麻烦的同学可以手动添加,内容和脚本start中的内容一致)
# vim start.sh创建脚本
添加如下内容
#!/bin/bash # # Script to start LVS DR real server. # description: LVS DR real server # ./etc/rc.d/init.d/functions VIP=172.16.173.1(此脚本仅需要修改此处,改为自己设置的虚拟主机 ip) host=`/bin/hostname` case "$1" in start)##手动添加只需要进行下边的操作 # Start LVS-DR real server on this machine. /sbin/ifconfig lo down /sbin/ifconfig lo up echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore #定义接收到ARP请求时的响应级别 echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce #设置地址向外通告时的级别 echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up定义广播地址为自播模式 /sbin/route add -host $VIP dev lo:0##定义主机为172.16.111.1的地址使用lo:0为源地址##手动添加操作到此 ;; stop) # Stop LVS-DR real server loopback device(s). /sbin/ifconfig lo:0 down echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce ;; status) # Status of LVS-DR real server. islothere=`/sbin/ifconfig lo:0 | grep $VIP` isrothere=`netstat -rn | grep "lo:0" | grep $VIP` if [ ! "$islothere" -o ! "isrothere" ];then # Either the route or the lo:0 device # not found. echo "LVS-DR real server Stopped." else echo "LVS-DR real server Running." fi ;; *) # Invalid entry. echo "$0: Usage: $0 {start|status|stop}" exit 1 ;; esac
:wq#保存退出
# chmod +x start.sh 赋予执行权限
# ./start.sh start #执行脚本
7、编辑keepalived的配置文件
: # vim /etc/ keepalived/ keepalived.conf
然后复制到另外个虚拟机中,只需改动两处地方
##记得改state改为BACKUP ##将priority 改为100 Yum安装ipvsadm查看信息 # yum install ipvsadm -y然后开启服务: # service ipvsadm start
注:此处有可能影响服务的启动:
[RS端的设置:
(同样两个在两个RS分别执行)
关掉selinux
# setenforce 0
或者
# vim /etc/selinux/config
##修改
SELINUX=permissive]
打开网页输入172.16.173.1查看
实现WEB的高可用
我们直接在上边实验过程中的两个HA上做修改。
先关掉keepalived服务
打开网页测试下两个页面
这个时候我们需要去配置keepalived的配置文件
主从节点的配置
配置keepalived配置文件
! Configuration File for keepalived global_defs { notification_email { [email protected] [email protected] } notification_email_from [email protected] smtp_connect_timeout 3 smtp_server 127.0.0.1 router_id LVS_DEVEL } vrrp_script chk_httpd { script "killall -0 httpd" interval 2 # check every 2 seconds weight -2 # if failed, decrease 2 of the priority fall 2 # require 2 failures for failures rise 1 # require 1 sucesses for ok } vrrp_script chk_schedown { script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0" interval 2 weight -2 } vrrp_instance VI_1 { interface eth0 # interface for inside_network, bound by vrrp state MASTER # Initial state, MASTER|BACKUP # As soon as the other machine(s) come up, # an election will be held and the machine # with the highest "priority" will become MASTER. # So the entry here doesn't matter a whole lot. priority 101 # for electing MASTER, highest priority wins. # to be MASTER, make 50 more than other machines. virtual_router_id 51 # arbitary unique number 0..255 # used to differentiate multiple instances of vrrpd # running on the same NIC (and hence same socket). garp_master_delay 1 authentication { auth_type PASS auth_pass password } track_interface { eth0 } # optional, monitor these as well. # go to FAULT state if any of these go down. virtual_ipaddress { 172.16.173.1/16 dev eth0 label eth0:0 } #addresses add|del on change to MASTER, to BACKUP #With the same entries on other machines, #the opposite transition will be occuring. #<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL> track_script { chk_httpd chk_schedown } notify_master "/etc/keepalived/notify.sh master" notify_backup "/etc/keepalived/notify.sh backup" notify_fault "/etc/keepalived/notify.sh fault" } #vrrp_instance VI_2 { #interface eth0 #state MASTER# BACKUP for slave routers #priority 101# 100 for BACKUP #virtual_router_id 52 #garp_master_delay 1 # #authentication { #auth_type PASS #auth_pass password #} #track_interface { #eth0 #} #virtual_ipaddress { #172.16.100.2/16 dev eth0 label eth0:1 #} #track_script { #chk_haproxy #chk_mantaince_down #} # #notify_master "/etc/keepalived/notify.sh master eth0:1" #notify_backup "/etc/keepalived/notify.sh backup eth0:1" #notify_fault "/etc/keepalived/notify.sh fault eth0:1" #}
此脚本中所要修改的不是很多只需要修改启动的服务名称(本次实验的为http服务),在修改notify.sh脚本中的所要启动的服务名称
然后将其复制到节点HA2中
[root@lzl01 keepalived]# scp keepalived.conf notify.sh lzl02:/etc/keepalived/ keepalived.conf 100% 2805 2.7KB/s 00:00 notify.sh 100% 777 0.8KB/s
并修改其中的主从节点设置选项
state MASTER##改为BUCKUP (从节点)
priority 101##优先级改为100
分别在两边开启服务开启服务。
# service keepalived start 这时候查看一下网卡信息 # ip addr show
可以看出来网卡172.16.173.1已经在网卡eth0:0上了
打开网页输入172.16.111.1查看
可以发现确实在节点HA1上
这个时候我们可以仿照HA1服务故障:(配置文件中可以留意在其文件中创建一个down文件可以模拟其服务故障,还有一种方式可以实现,关闭http服务,但本机中notify.sh脚本中设置的为关闭服务后会重启,所以不可实现。)
注:以上几张图片忘记做标记了,请仔细看他们的主机名字的变化
然后打开网页测试下:
显然已经变成了HA2的http页面
大家可以继续做测试,删掉dwon文件(但由于ha1的优先级高,所以会抢占过来节点)