本文参考
本文的安装部分参考:《CentOS6.5高可用集群LVS+Keepalived(DR模式)》 http://www.it165.net/admin/html/201312/2220.html
LVS 安装参考:《LVS 三种工作模式基本配置(不含HA)》 http://jedy82.blog.51cto.com/425872/1628085
目的:使用LVS对两台web服务器进行负载设置,并提供LVS本身的高可用性
本文只做LVS本身的keepalived配置,所有LVS的部分将直接使用脚本。
本文以LVS/DR模式为例,LVS的其它工作模式配置方法类似
有关LVS安装、测试详细过程请参看《LVS 三种工作模式基本配置(不含HA)》 http://jedy82.blog.51cto.com/425872/1628085
LVS-master 10.10.6.201
LVS-backup 10.10.6.202
VIP 10.10.6.200
Web1 10.10.6.211
Web2 10.10.6.212
操作系统:CentOS release 6.6 (Final)
二、安装ipvsadm配置
检查linux内核是否集成lvs模块
[root@LVS-master ~]# modprobe -l | grep ipvs
开启内核路由转发功能
[root@LVS-master ~]# echo "1">/proc/sys/net/ipv4/ip_forward
关闭selinux和iptables
[root@Web1 ~]# getenforce Disabled [root@Web1 ~]# chkconfig iptables off [root@Web1 ~]# service iptables stop [root@Web1 ~]#
[root@LVS-master ~]# yum install ipvsadm [root@LVS-master ~]# chkconfig ipvsadm on [root@LVS-master ~]# service ipvsadm start [root@LVS-master ~]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn [root@LVS-master ~]#
安装依赖包和必须工具
[root@LVS-master ~]# yum -y install kernel-devel gcc openssl popt popt-devel libnl libnl-devel popt-static openssl openssl-devel wget [root@LVS-master ~]# wget http://www.keepalived.org/software/keepalived-1.2.16.tar.gz [root@LVS-master ~]# tar -zxvf keepalived-1.2.16.tar.gz -C /usr/local/src/ [root@LVS-master ~]# cd /usr/local/src/keepalived-1.2.16/ [root@LVS-master keepalived-1.2.16]# ./configure --prefix=/usr/local/keepalived-1.2.16 && make && make install [root@LVS-master keepalived-1.2.16]# cd [root@LVS-master ~]# ln -s /usr/local/keepalived-1.2.16 /usr/local/keepalived [root@LVS-master ~]# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ [root@LVS-master ~]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@LVS-master ~]# ln -s /usr/local/keepalived/etc/keepalived /etc/ [root@LVS-master ~]# ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
将keepalived配置成系统服务
[root@LVS-master ~]# chkconfig --add keepalived [root@LVS-master ~]# chkconfig keepalived on [root@LVS-master ~]# chkconfig --list keepalived keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@LVS-master ~]# service keepalived start Starting keepalived: [ OK ] [root@LVS-master ~]#
[root@LVS-master ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak [root@LVS-master ~]# vim /etc/keepalived/keepalived.conf [root@LVS-master ~]# more /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { [email protected] #接受通知邮件的email地址 } notification_email_from [email protected] #发送通知邮件的email地址 smtp_server smtp.189.cn smtp_connect_timeout 30 router_id LVS_MASTER #BACKUP上修改为LVS_BACKUP } vrrp_instance VI_1 { state MASTER #BACKUP上修改为BACKUP interface eth0 #通信端口 virtual_router_id 51 #虚拟路由标识,主从相同 priority 100 #BACKUP上修改为90 advert_int 1 #主从心跳检测时间 authentication { auth_type PASS #主从认证方式必须一致 auth_pass 1111 #主从认证密码必须一致 } virtual_ipaddress { #Web虚拟IP(VTP) 10.10.6.200 } } virtual_server 10.10.6.200 80 { #定义虚拟IP和端口 delay_loop 6 #检查真实服务器时间,单位秒 lb_algo rr #设置LVS负载调度算法,rr为轮训 lb_kind DR #设置LVS负载均衡DR模式(这里可以根据需要改成tun或nat,如果修改,后端的web服务器也要做相应更改) persistence_timeout 60 #会话持久时间,同一IP的连接60秒内被分配到同一台真实服务器(测试时可以将这个注释) protocol TCP #使用TCP协议检查realserver状态 real_server 10.10.6.211 80 { #第一个web服务器 weight 1 #节点权重值 TCP_CHECK { #健康检查方式 connect_timeout 3 #连接超时 nb_get_retry 3 #重试次数 delay_before_retry 3 #重试间隔,单位秒 } } real_server 10.10.6.212 80 { #第二个web服务器 weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@LVS-master ~]# [root@LVS-master ~]# service keepalived restart
[root@Web1 ~]# getenforce Disabled [root@Web1 ~]# chkconfig iptables off [root@Web1 ~]# service iptables stop [root@Web1 ~]#
[root@Web1 ~]# yum install httpd php php-fpm [root@Web1 ~]# vi /etc/httpd/conf/httpd.conf ServerName :80 [root@Web1 ~]# service httpd restart [root@Web1 ~]# service php-fpm restart [root@Web1 ~]# [root@Web1 ~]# [root@Web1 ~]# more /var/www/html/phpinfo.php <?php phpinfo() ?> [root@Web1 ~]# [root@Web1 ~]# more /var/www/html/index.html \\web2 这里全部要做相应的修改 <html> <head> <title>web1</title> </head> <body> hostname: Web1<br>ip : 10.10.6.211 </body> </html> [root@Web1 ~]# [root@Web1 ~]# [root@Web1 ~]#
http://10.10.6.211/phpinfo.php
http://10.10.6.212/phpinfo.php
http://10.10.6.211
http://10.10.6.212
[root@Web1 ~]# vi dr-rs.sh [root@Web1 ~]# more dr-rs.sh #!/bin/bash # # Script to start LVS DR real server. # description: LVS DR real server # . /etc/rc.d/init.d/functions VIP=10.10.6.200 host=`/bin/hostname` case "$1" in start) # Start LVS-DR real server on this machine. /sbin/ifconfig lo down /sbin/ifconfig lo up echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev lo:0 echo "LVS RealServer Start OK" ;; stop) # Stop LVS-DR real server loopback device(s). /sbin/ifconfig lo:0 down echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce echo "LVS RealServer Stoped OK" ;; status) # Status of LVS-DR real server. islothere=`/sbin/ifconfig lo:0 | grep $VIP` isrothere=`netstat -rn | grep "lo:0" | grep $VIP` if [ ! "$islothere" -o ! "isrothere" ];then # Either the route or the lo:0 device # not found. echo "LVS-DR real server Stopped." else echo "LVS-DR real server Running." fi ;; *) # Invalid entry. echo "$0: Usage: $0 {start|status|stop}" exit 1 ;; esac [root@Web1 ~]# chmod +x dr-rs.sh [root@Web1 ~]# ./dr-rs.sh start LVS RealServer Start OK [root@Web1 ~]# [root@Web1 ~]# echo "/root/dr-rs.sh start" >>/etc/rc.local [root@Web1 ~]#
http://10.10.6.200
第一次访问
第二次访问
第三次访问
第四次访问
[root@LVS-master log]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:50:56:ae:2d:e1 brd ff:ff:ff:ff:ff:ff inet 10.10.6.201/24 brd 10.10.6.255 scope global eth0 inet 10.10.6.200/32 scope global eth0 inet6 fe80::250:56ff:feae:2de1/64 scope link valid_lft forever preferred_lft forever 3: eth1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 1000 link/ether 00:50:56:ae:32:1e brd ff:ff:ff:ff:ff:ff [root@LVS-master log]#
http://10.10.6.200 #访问一直刷新会轮训显示10.10.6.211/212模拟宕掉主LVS,服务器照常工作,再宕掉Web1,这时只会显示Web2,这样就实现ip负载均衡,高可用集群。当主LVS恢复后,会切换成主动服务器,如果Keepalived监控模块检测web故障恢复后,恢复的主机又将此节点加入集群系统中。
关闭LVS-master
[root@LVS-master ~]# service keepalived stop
从LVS-backup的log中看到,服务状态变为master
[root@LVS-backup log]# tail -f messages Apr 9 11:29:43 LVS-backup Keepalived_vrrp[2322]: VRRP_Instance(VI_1) Transition to MASTER STATE Apr 9 11:29:44 LVS-backup Keepalived_vrrp[2322]: VRRP_Instance(VI_1) Entering MASTER STATE Apr 9 11:29:44 LVS-backup Keepalived_vrrp[2322]: VRRP_Instance(VI_1) setting protocol VIPs.
通过ip addr,查看 VIP在LVS-backup eth0端口上
[root@LVS-backup log]# ip add 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:50:56:ae:06:2a brd ff:ff:ff:ff:ff:ff inet 10.10.6.202/24 brd 127.255.255.255 scope global eth0 inet 10.10.6.200/32 scope global eth0 inet6 fe80::250:56ff:feae:62a/64 scope link valid_lft forever preferred_lft forever
开启LVS-master
[root@LVS-master ~]# service keepalived start
从LVS-master的log中看到,服务状态变为master,接管VIP
[root@LVS-master log]# tail -f messages Apr 9 11:31:57 LVS-master Keepalived_vrrp[2764]: VRRP_Instance(VI_1) Entering MASTER STATE Apr 9 11:31:57 LVS-master Keepalived_vrrp[2764]: VRRP_Instance(VI_1) setting protocol VIPs. Apr 9 11:31:57 LVS-master Keepalived_healthcheckers[2763]: Netlink reflector reports IP 10.10.6.200 added
配置完成