lvs+keepalived 高可用性负载均衡
一、系统环境
LVS-Master
192.168
.1.251
LVS-BACKUP
192.168
.1.252
LVS-DR-VIP
192.168
.
2.250
WEB1-Realserver
192.168
.1.253
WEB2-Realserver
192.168
.1.254
登录192.168.1.251 ,更改主机名称为LVS_Master。
[root@lvs_1 ~]# hostname LVS_Master
[root@lvs_1 ~]# bash
在LVS-Master 和LVS-Master 安装ipvsadm服务和keepalived服务
[root@LVS_Master ~]# yum install -y ipvsadm
[root@LVS_Master ~]# yum install -y keepalived
安装好后,在LVS_Master编辑keepalived配置文件
vim /etc/keepalived/keepalived.conf //加入如下:
vrrp_instance VI_1 {
state MASTER #备用服务器上为 BACKUP
interface eth0
virtual_router_id 51
priority 100 #备用服务器上为90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.250
}
}
virtual_server 192.168.1.250 80 {
delay_loop 6 #(每隔10秒查询realserver状态)
lb_algo wlc #(lvs 算法)
lb_kind DR #(Direct Route)
persistence_timeout 60 #(同一IP的连接60秒内被分配到同一台realserver)
protocol TCP #(用TCP协议检查realserver状态)
real_server 192.168.1.253 80 {
weight 100 #(权重)
TCP_CHECK {
connect_timeout 10 #(10秒无响应超时)
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.1.254 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
在LVS_BACKUP编辑keepalived配置文件
vim /etc/keepalived/keepalived.conf //加入如下:
vrrp_instance VI_1 {
state BACKUP #备用服务器上为 BACKUP
interface eth0
virtual_router_id 51
priority 90 #备用服务器上为90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.250
}
}
virtual_server 192.168.1.250 80 {
delay_loop 6 #(每隔6秒查询realserver状态)
lb_algo wlc #(lvs 算法)
lb_kind DR #(Direct Route)
persistence_timeout 60 #(同一IP的连接60秒内被分配到同一台realserver)
protocol TCP #(用TCP协议检查realserver状态)
real_server 192.168.1.253 80 {
weight 100 #(权重)
TCP_CHECK {
connect_timeout 10 #(10秒无响应超时)
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.1.254 80 {
weight 100
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
然后在LVS_Master和LVS_BACKUP上启动keepalived服务
[root@lvs_1 ~]# /etc/init.d/keepalived start
[root@lvs_2 ~]# /etc/init.d/keepalived start
在两台RealServer上编写一个脚本并执行:
vim /usr/local/sbin/lvs_dr_rs.sh
#! /bin/bash vip=192.168.1.250 ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sh /usr/local/sbin/lvs_dr_rs.sh 执行脚本内容
然后用Google访问vip 192.168.1.250
发现一直在访问192.168.1.254 这台web服务器
解决办法:
[root@lvs_1 ~]# vim /etc/keepalived/keepalived.conf 查看keepalived.conf 配置文件
发现persistence_timeout 60 #(同一IP的连接60秒内被分配到同一台realserver)将60秒改成0秒
然后重启keepalived服务 master 和backup都需要重启keepalived服务
然后再次测试,发现可以在两台RealServer上来回切换访问。
做测试:
将master eth0网卡down掉
[root@lvs_1 ~]# ifdown eth0
查看backup日志
[root@lvs_2 ~]# cat /var/log/messages
发现系统日志记录是:
May 14 03:02:16 localhost Keepalived_vrrp[2578]: VRRP_Instance(VI_1) Entering MASTER STATE
May 14 03:02:16 localhost Keepalived_vrrp[2578]: VRRP_Instance(VI_1) setting protocol VIPs.
May 14 03:02:16 localhost Keepalived_vrrp[2578]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.250
May 14 03:02:16 localhost Keepalived_healthcheckers[2577]: Netlink reflector reports IP 192.168.1.250 added
May 14 03:02:21 localhost Keepalived_vrrp[2578]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.250
其中有一条:May 14 03:02:16 localhost Keepalived_healthcheckers[2577]: Netlink reflector reports IP 192.168.1.250 added 03:02:21分 增加了一个192.168.1.250的ip
将master的网卡开启,然后查看backup的系统日志
May 14 03:11:50 localhost Keepalived_healthcheckers[2577]: Netlink reflector reports IP 192.168.1.250 removed backup将vip释放给master 用浏览器访问vip测试可以在两台服务器上自由切换。
另外,需要注意的是,启动keepalived服务会自动生成vip和ipvsadm规则,不需要再去执行上面提到的/usr/local/sbin/lvs_dr.sh 脚本。