lvs + keepalived + httpd DR模式web层高可用方案架构
注意:lvs+keepalived 高可用方案中主备可以不需要绑定脚本,只需要keepalived的单个文件就可以整个集群.
本实验为了方便理解采用了rpm 包安装的方式,对tar包情有独钟的可以绕过.本次讨论的重点是lvs+keepalived
1.1 IP地址的配置:
lvs1master 192.168.80.145 主keepalived
lvs2 slave 192.168.80.144 备keepalived
realserver 192.168.80.146 web1
realserver 192.168.80.147 web2
realserver 192.168.80.149 web3 实验里面未添加(机器太烂)
GW 192.168.80.254 网关
1.2 架构图:
安装支持包:
|
1
|
yum install openssl-devel kernel-devel
|
安装ipvsadm :
|
1
|
yum install ipvsadm
|
安装keepalived :
|
1
|
yum install keepalived
|
配置开机启动项:
|
1
2
|
chkconfig ipvsadm on
chkconfig keepalived on
|
配置keepalived :
|
1
|
vim /etc/keepalived/keepalived.confg
|
内容如下:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
|
! Configuration File
for
keepalived
global_defs {
notification_email {
57674891
@qq.com # 联系人
}
notification_email_from
57674891
@qq.com
smtp_server smtp.qq.com
smtp_connect_timeout
30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER #从上直接改为BACKUP 即可。
interface
eth0
virtual_router_id
51
priority
100
# 主上是
100
从一定要设置比主小,
90
advert_int
1
authentication {
auth_type PASS #密码验证类型
auth_pass
1111
#主从之间的验证密码,主从
2
端一定要一致
}
virtual_ipaddress {
#
192.168
.
200.16
#
192.168
.
200.17
#
192.168
.
200.18
#
10.0
.
0.100
192.168
.
80.148
# 虚拟ip (vip)地址后面,下面可以继续叠加。
}
}
#--------------------------------------
virtual_server
192.168
.
80.148
80
{ # 虚拟IP
delay_loop
6
#(每隔
10
秒查询realserver状态)
lb_algo rr #(lvs 算法) 更改算法在此处更改
lb_kind DR #(Direct Route)
persistence_timeout
5
#(同一IP的连接
60
秒内被分配到同一台realserver)
protocol TCP #(用TCP协议检查realserver状态)
real_server
192.168
.
80.146
80
{ # web端地址
weight
1
#(权重)
TCP_CHECK {
connect_timeout
10
#(
10
秒无响应超时)
nb_get_retry
3
delay_before_retry
3
connect_port
80
#端口
}
}
real_server
192.168
.
80.147
80
{
weight
1
TCP_CHECK {
connect_timeout
10
nb_get_retry
3
delay_before_retry
3
connect_port
80
}
}
}
|
#后面还有很多示例可以负载其他服务,再此不做演示
------------------------主ha配置完成-------------------------------------
backup 配置:
安装ipvsadm 和keepalived 是一样的
|
1
|
scp root@
192.168
.
80.144
:/etc/keepalived/keepalived.conf
|
修改keepalived 配置文件使之成为备ha,(仅需要修改2个地方)
|
1
|
vim /etc/keepalived/keepalived.conf
|
|
1
2
3
4
5
6
|
vrrp_instance VI_1 {
state BACKUP #直接改为BACKUP 即可。
interface
eth0
virtual_router_id
51
priority
90
#主上是
100
从一定要设置比主小,
90
advert_int
1
|
设置完成重启keepalived 即可,启动ipvsadm start
|
1
|
service keepalived start
|
------------------------备ha配置完成-------------------------------------
web 端:
|
1
|
vim /root/realserver.sh
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
#!/bin/bash
# description: Config realserver
#Written by : http:
//kerry.blog.51cto.com
#此脚本转自以上作者,尊重他人劳动成果。特此保留版权信息
SNS_VIP=
192.168
.
80.148
# VIP 地址
/etc/rc.d/init.d/functions #如果提示权限不够 执行:chmod
777
/etc/rc.d/init.d/functions
case
"$1"
in
start)
/sbin/ifconfig lo:
0
$SNS_VIP netmask
255.255
.
255.255
broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:
0
echo
"1"
>/proc/sys/net/ipv4/conf/lo/arp_ignore
echo
"2"
>/proc/sys/net/ipv4/conf/lo/arp_announce
echo
"1"
>/proc/sys/net/ipv4/conf/all/arp_ignore
echo
"2"
>/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/
null
2
>&
1
echo
"RealServer Start OK"
;;
stop)
/sbin/ifconfig lo:
0
down
/sbin/route del $SNS_VIP >/dev/
null
2
>&
1
echo
"0"
>/proc/sys/net/ipv4/conf/lo/arp_ignore
echo
"0"
>/proc/sys/net/ipv4/conf/lo/arp_announce
echo
"0"
>/proc/sys/net/ipv4/conf/all/arp_ignore
echo
"0"
>/proc/sys/net/ipv4/conf/all/arp_announce
echo
"RealServer Stoped"
;;
*)
echo
"Usage: $0 {start|stop}"
exit
1
esac
exit
0
|
赋予可执行权限:
|
1
|
chmod a+x realserver.sh
|
加入开启自启动:
|
1
|
echo /root/realserver.sh &>>/etc/rc.local
|
启动脚本:
|
1
|
/root/realserver.sh &
|
查看本机的ip信息:
#
|
1
|
ifconfig
|
把realserver.sh 复制到其他的web端上同样操作,验证即可。
------------------------至此realserver配置完成-----------------------
测试部分:
任意客户端访问http://192.168.80.148应该都在146,147,149 三台主机之间切换
主lvs + keepalived 访问效果图:
ipvsadm �Cln
ipvsadm �Cln�C-stats
backup 上的内容
ipvsadm �Cln
ipvsadm �Cln �Cstats:
主从切换日志内容:
停掉主上的keepalived
tail �CF/var/log/message
backup日志
从接替主之后访问VIP 产生的效果:
主从切换正常,试验完成。