LVS+keepalived高可用群集

簡介

Keepalived起初是專門針對LVS設(shè)計(jì)的一款強(qiáng)大的輔助工具，主要是用來提供故障切換和健康檢查功能——判斷LVS負(fù)載調(diào)度器、節(jié)點(diǎn)服務(wù)器的可用性，及時隔離并替換為新的服務(wù)器，當(dāng)故障主機(jī)回復(fù)后將其重新加入群集

實(shí)驗(yàn)環(huán)境

開始部署

DR1主調(diào)度服務(wù)器

1.安裝keepalived、ipvsadm軟件包
  yum install keepalived ipvsadm -y
2.修改/proc響應(yīng)參數(shù)
  vi /etc/sysctl.conf
net.ipv4.ip_forward=1                                    #開啟路由轉(zhuǎn)發(fā)功能
net.ipv4.conf.all.send_redirects = 0              #proc響應(yīng)關(guān)閉重定向功能
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

3.立即生效
  sysctl -p
4.創(chuàng)建虛擬VIP
    cd /etc/sysconfig/network-scripts/
    cp ifcfg-ens33 ifcfg-ens33:0
5.編輯虛擬網(wǎng)卡    
  vim ifcfg-ens33:0
DEVICE=ens33:0
ONBOOT=yes
IPADDR=192.168.100.10
NETMASK=255.255.255.0
6.啟用虛擬網(wǎng)卡
ifup ifcfg-ens33:0
7.制作dr.sh腳本文件
  vim /etc/init.d/dr.sh
#!/bin/bash
GW=192.168.100.1                          #網(wǎng)關(guān)地址
VIP=192.168.100.10                        #VIP虛擬地址
RIP1=192.168.100.133                   #web1節(jié)點(diǎn)服務(wù)器IP
RIP2=192.168.100.134                  #web2節(jié)點(diǎn)服務(wù)器IP
case "$1" in
start)
/sbin/ipvsadm --save > /etc/sysconfig/ipvsadm       #保存ipvsadm策略
systemctl start ipvsadm 
/sbin/ifconfig ens33:0 $VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up
/sbin/route add -host $VIP dev ens33:0
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
echo "ipvsadm starting --------------------[ok]"
;;
stop)
/sbin/ipvsadm -C
systemctl stop ipvsadm
ifconfig ens33:0 down
route del $VIP
echo "ipvsamd stoped----------------------[ok]"
;;
status)
if [ ! -e /var/lock/subsys/ipvsadm ];then
echo "ipvsadm stoped---------------"
exit 1
else
echo "ipvsamd Runing ---------[ok]"
fi
;;
*)
echo "Usage: $0 {start|stop|status}"
exit 1
esac
exit 0

8.給dr.sh腳本賦執(zhí)行權(quán)限,啟動腳本
chmod +x dr.sh
service dr.sh start
9.查看驗(yàn)證lvs節(jié)點(diǎn)狀態(tài)
  ipvsadm -ln
10.修改keepalived配置文件如下
vim /etc/keepalived/keepalived.conf

global_defs {
...
smtp_server 127.0.0.1                             #指向本地
router_id LVS_02                                     #指定服務(wù)器名稱
... 
}
vrrp_instance VI_1 {
state BACKUP                                       #主份服務(wù)器是Master
interface ens33
virtual_router_id 10                                   #主備組號相同
priority 99                                                 #優(yōu)先級備服務(wù)器小于主服務(wù)器
... 
auth_pass abc123                                 #驗(yàn)證密碼，主備相同
...
virtual_ipaddress {
192.168.100.10                                      #虛擬VIP地址
}
...
virtual_server 192.168.100.10 80 {         #虛擬服務(wù)器VIP、端口
...
lb_kind DR
...
real_server 192.168.100.133 80 {           #真實(shí)web1節(jié)點(diǎn)服務(wù)器IP、端口
weight 1
TCP_CHECK {
connect_port 80 
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
} 
} 
real_server 192.168.100.134 80 { #真實(shí)web2節(jié)點(diǎn)服務(wù)器IP、端口
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
} 
} 
}

11.啟動keepalived服務(wù)
 systemctl start keepalived

DR2從調(diào)度服務(wù)器

1.安裝keepalived、ipvsadm軟件包
  yum install keepalived ipvsadm -y
2.修改/proc響應(yīng)參數(shù)
  vi /etc/sysctl.conf
net.ipv4.ip_forward=1                                    #開啟路由轉(zhuǎn)發(fā)功能
net.ipv4.conf.all.send_redirects = 0              #proc響應(yīng)關(guān)閉重定向功能
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0

3.立即生效
  sysctl -p
4.制作dr.sh腳本文件
  vim /etc/init.d/dr.sh
#!/bin/bash
GW=192.168.100.1                          #網(wǎng)關(guān)地址
VIP=192.168.100.10                        #VIP虛擬地址
RIP1=192.168.100.133                   #web1節(jié)點(diǎn)服務(wù)器IP
RIP2=192.168.100.134                  #web2節(jié)點(diǎn)服務(wù)器IP
case "$1" in
start)
/sbin/ipvsadm --save > /etc/sysconfig/ipvsadm       #保存ipvsadm策略
systemctl start ipvsadm 
/sbin/ifconfig ens33:0 $VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up
/sbin/route add -host $VIP dev ens33:0
/sbin/ipvsadm -A -t $VIP:80 -s rr
/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g
/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g
echo "ipvsadm starting --------------------[ok]"
;;
stop)
/sbin/ipvsadm -C
systemctl stop ipvsadm
ifconfig ens33:0 down
route del $VIP
echo "ipvsamd stoped----------------------[ok]"
;;
status)
if [ ! -e /var/lock/subsys/ipvsadm ];then
echo "ipvsadm stoped---------------"
exit 1
else
echo "ipvsamd Runing ---------[ok]"
fi
;;
*)
echo "Usage: $0 {start|stop|status}"
exit 1
esac
exit 0

5.給dr.sh腳本賦執(zhí)行權(quán)限,啟動腳本
chmod +x dr.sh
service dr.sh start
6.查看驗(yàn)證lvs節(jié)點(diǎn)狀態(tài)
  ipvsadm -ln
7.修改keepalived配置文件如下
vim /etc/keepalived/keepalived.conf

global_defs {
...
smtp_server 127.0.0.1                             #指向本地
router_id LVS_02                                     #指定服務(wù)器名稱
... 
}
vrrp_instance VI_1 {
state MASTER                                        #備份服務(wù)器是BACKUP
interface ens33
virtual_router_id 10                                   #主備組號相同
priority 100                                              #優(yōu)先級備服務(wù)器小于主服務(wù)器
... 
auth_pass abc123                                 #驗(yàn)證密碼，主備相同
...
virtual_ipaddress {
192.168.100.10                                      #虛擬VIP地址
}
...
virtual_server 192.168.100.10 80 {         #虛擬服務(wù)器VIP、端口
...
lb_kind DR
...
real_server 192.168.100.133 80 {           #真實(shí)web1節(jié)點(diǎn)服務(wù)器IP、端口
weight 1
TCP_CHECK {
connect_port 80 
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
} 
} 
real_server 192.168.100.134 80 { #真實(shí)web2節(jié)點(diǎn)服務(wù)器IP、端口
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
} 
} 
}

8.啟動keepalived服務(wù)
 systemctl start keepalived

Web1節(jié)點(diǎn)服務(wù)器

1.安裝httpd軟件包
yum install -y httpd
2.啟動httpd服務(wù)
systemctl start httpd.service 
3.新建網(wǎng)站首頁文件
echo "<h2>this is benet</h2>" > /var/www/html/index.html
4.新建web.sh腳本至服務(wù)管理目錄，便于service進(jìn)行管理
vim /etc/init.d/web.sh
#!/bin/bash
VIP=192.168.100.10 #VIP虛擬IP地址
case "$1" in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK "
;;
stop)
ifconfig lo:0 down
route del $VIP /dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stopd"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0

5.給web.sh腳本賦執(zhí)行權(quán)限
chmod +x web.sh
6.啟動web.sh服務(wù)
service web.sh start
7.關(guān)閉防火墻及selinux
systemctl stop  firewalld.service 
setenforce 0

8.測試

Web2節(jié)點(diǎn)服務(wù)器

1.安裝httpd軟件包
yum install -y httpd
2.啟動httpd服務(wù)
systemctl start httpd.service 
3.新建網(wǎng)站首頁文件
echo "<h2>this is accp web</h2>" > /var/www/html/index.html
4.新建web.sh腳本至服務(wù)管理目錄，便于service進(jìn)行管理
vim /etc/init.d/web.sh
#!/bin/bash
VIP=192.168.100.10 #VIP虛擬IP地址
case "$1" in
start)
ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK "
;;
stop)
ifconfig lo:0 down
route del $VIP /dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stopd"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0

5.給web.sh腳本賦執(zhí)行權(quán)限
chmod +x web.sh
6.啟動web.sh服務(wù)
service web.sh start
7.關(guān)閉防火墻及selinux
systemctl stop  firewalld.service 
setenforce 0

8.測試

客戶端測試

等待幾十秒后刷新，如果不行，清除瀏覽器緩存后再試