-
LVS+Keepalived群集
目录
keepalived的热备方式
Keepalived 采用 VRRP(Virtual Router Redundancy Protocol,虚拟路由冗余协议)热备份协议,以软件的方式实现Linux服务器的多机热备功能(VRRP是针对路由器的一种备份解决方案--由多台路由器组成一个热备组,通过共用的虚拟 IP地址对外提供服务)
- 专为LVS和HA设计的一款健康状态检查工具
- 支持故障自动切换(Failover)
- 支持节点健康状态检查(Health Checking)
keepalived的安装与服务
- //除了安装keepalived,在 LVS 群集环境中应用时,也需要用到 ipvsadm管理工具
- [root@localhost ~]# yum install y keepalived ipvsadm
- //控制 Keepalived 服务;YUM 安装 keepalived 后,执行以下命令将 keepalived 服务设置为开机启动
- [root@localhost ~]# systemctl enable keepalived
一、使用Keepalived双机实现热备案例
服务器
操作系统
主机名/IP 地址
web服务器
CentOS7.9
192.168.10.101
web服务器
CentOS7.9
192.168.10.102
1:主服务器配置
- //安装keepalived服务控制
- [root@localhost ~]# systemctl stop NetworkManager
- [root@localhost ~]# setenforce 0
- [root@localhost ~]# systemctl stop firewalld
- [root@localhost ~]# yum -y install keepalived ipvsadm
- [root@localhost ~]# systemctl enable keepalived
- //配置keepalived
- [root@localhost ~]# cd /etc/keepalived/
- [root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
- [root@localhost keepalived]# vim keepalived.conf //打开配置文件,修改几个参数
- ...
- router_id LVS_01 //router_id用于区分设备,可以重复但不建议
- # vrrp_strict //严格执行VRRP协议规范,此模式不支持节点单播,配置了此参数,vip可以漂移到这台服务器,但是ping vip不通,因此需要将此参数注释
- state MASTER //将状态改为master
- virtual_router_id 51 //虚拟路由id,用于划分主机到同一个热备组
- virtual_ipaddress { //更改虚拟IP地址
- 192.168.10.172
- }
- ...
- [root@localhost keepalived]# systemctl start keepalived
- [root@localhost keepalived]# ip add show dev ens33
2:备用服务器的配置
- 在同一个Keepalived 热备组内,所有服务器的 Keepalived 配置文件基本相同,包括虚拟路由器的 ID号、认证信息、漂移地址、心跳频率等
- 路由器名称(router id):建议为每个参与热备的服务器指定不同的名称
- 热备状态(state):至少应有一台主服务器,将状态设为MASTER;可以有多台备用的服务器,将状态设为 BACKUP
- 优先级(priority):数值越大则取得 VIP 控制权的优先级越高,因此主服务器的优先级应设为最高;其他备用服务器的优先级可依次递减,但不要相同,以免在争夺 VIP 控制权时发生冲突
配置备用服务器(可以有多台)时,可以参考主服务器的 keepalived.conf 配置文件内容,只需修改路由器名称、热备状态、优先级
- //安装keepalived服务控制
- [root@localhost ~]# systemctl stop NetworkManager
- [root@localhost ~]# yum -y install keepalived
- [root@localhost ~]# setenforce 0
- [root@localhost ~]# systemctl stop firewalld
- //配置keepalived
- [root@localhost ~]# cd /etc/keepalived/
- [root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
- [root@localhost keepalived]# vi keepalived.conf
- ...
- //需要和主服务器不同的地方
- state BACKUP // 角色
- priority 90
- // Backup的优先级必须比Master低
- ...
- [root@localhost keepalived]# systemctl start keepalived
3:测试虚拟ip的连通性
Keepalived 的日志消息保存在/var/log/messages 文件中,在测试主、备故障自动切换功能时,可以跟踪此日志文件来观察热备状态的变化
- //可以先查看两个服务器地址
- [root@localhost keepalived]# ip a
- //安装keepalived服务控制
- [root@localhost ~]# less /var/log/message
在测试过程中down掉master服务器的网络,观察结果,虚拟IP漂移到Backup主机
二、LVS+Keepalived高可用性
服务器
操作系统
主机名/IP 地址
主调度器
CentOS7.9
192.168.10.101
从调度器
CentOS7.9
192.168.10.102
Web服务器(1)
CentOS7.9
192.168.10.103
Web服务器(1)
CentOS7.9
192.168.10.104
客户端(测试机)
CentOS7.9
192.168.10.105
1:主调度器配置
(1)主服务器keepalived的安装
- [root@localhost ~]# systemctl stop NetworkManager
- [root@localhost ~]# setenforce 0
- [root@localhost ~]# systemctl stop firewalld
- [root@localhost ~]# yum -y install keepalived ipvsadm
- [root@localhost ~]# systemctl enable keepalived
(2)配置主服务器keepalived
- [root@localhost ~]# cd /etc/keepalived/
- [root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
- [root@localhost keepalived]# vi keepalived.conf
- ...
- virtual_server 192.168.10.172 80 {
- delay_loop 6 # 回环延迟时间
- lb_algo wrr # 调度算法
- lb_kind DR # 负载均衡的工作模式
- #persistence_timeout 50 会话保持时间
- protocol TCP
- real_server 192.168.10.103 80 {
- weight 1
- TCP_CHECK {
- connect_port 80
- connect_timeout 3
- nb_get_retry 3
- delay_before_retry 3
- }
- }
- real_server 192.168.10.104 80 {
- weight 1
- TCP_CHECK {
- connect_port 80
- connect_timeout 3
- nb_get_retry 3
- delay_before_retry 3
- }
- }
- }
- # 剩下的内容删除
- # 命令模式下:d + G
- 保存并退出
- ...
(3)主服务器内核参数的配置
- [root@localhost ~]# vi /etc/sysctl.conf
- 在末尾添加:
- net.ipv4.conf.all.send_redirects = 0
- net.ipv4.conf.default.send_redirects = 0
- net.ipv4.conf.ens33.send_redirects = 0
- [root@localhost ~]# sysctl -p
- //开启主服务器的keepalived服务
- [root@localhost keepalived]# systemctl start keepalived
- [root@localhost keepalived]# ip add show dev ens33
健康状态检查的方式
- SSL_GET
- 通过SSL,GET一下网站根目录的网页文件,如果有内容,就是正常的
- TCP_CHECL
- 工作在第4层,keepalived向后端服务器发起一个tcp连接请求,如果后端服务器没有响应或超时,那么这个后端将从服务器池中移除。
- HTTP_GET
- 工作在第5层,向指定的URL执行http请求,将得到的结果用md5加密并与指定的md5值比较看是否匹配,不匹配则从服务器池中移除;此外还可以指定http返回码来判断检测是否成功。HTTP_GET可以指定多个URL用于检测,在一台服务器有多个虚拟主机的情况下使用。
- MISC_CHECK
- 用脚本来检测,脚本如果带有参数,需将脚本和参数放入双引号内,根据脚本的返回值来判断
2:从调度器配置
- //从调度器keepalived安装
- [root@localhost ~]# systemctl stop NetworkManager
- [root@localhost ~]# setenforce 0
- [root@localhost ~]# systemctl stop firewalld
- [root@localhost ~]# yum -y install keepalived ipvsadm
- [root@localhost ~]# systemctl enable keepalived
- //从调度器keepalived的配置
- [root@localhost ~]# cd /etc/keepalived/
- [root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
- [root@localhost keepalived]# vi keepalived.conf
- ...
- //从服务器内核参数的配置
- [root@localhost ~]# vi /etc/sysctl.conf
- 在末尾添加:
- net.ipv4.conf.all.send_redirects = 0
- net.ipv4.conf.default.send_redirects = 0
- net.ipv4.conf.ens33.send_redirects = 0
- [root@localhost ~]# sysctl -p
- //开启从服务器的keepalived服务
- [root@localhost keepalived]# systemctl start keepalived
3:服务器池配置
(1)web1网络的配置
- //网络配置
- [root@localhost ~]# systemctl stop firewalld
- [root@localhost ~]# cd /etc/sysconfig/network-scripts/
- [root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
- [root@localhost network-scripts]# vi ifcfg-lo:0
- DEVICE=lo:0
- IPADDR=192.168.10.172
- NETMASK=255.255.255.255
- ONBOOT=yes
- [root@localhost network-scripts]# systemctl restrt network
- [root@localhost network-scripts]# vi /etc/rc.local
- /sbin/route add -host 192.168.10.172 dev lo:0
- [root@localhost network-scripts]# route add -host 192.168.10.172 dev lo:0
- (2)httpd服务的安装
- [root@localhost ~]# yum -y install httpd
- [root@localhost ~]# vi /var/www/html/index.html
- test web01
- (3)内核参数的设置
- [root@localhost ~]# vi /etc/sysctl.conf
- net.ipv4.conf.all.arp_ignore = 1
- net.ipv4.conf.all.arp_announce = 2
- net.ipv4.conf.default.arp_ignore = 1
- net.ipv4.conf.default.arp_announce = 2
- net.ipv4.conf.lo.arp_ignore = 1
- net.ipv4.conf.lo.arp_announce = 2
- (4)开启httpd服务
- [root@localhost ~]# systemctl start httpd
(2)web2服务器配置
- //网络配置
- [root@localhost ~]# systemctl stop firewalld
- [root@localhost ~]# cd /etc/sysconfig/network-scripts/
- [root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
- [root@localhost network-scripts]# vi ifcfg-lo:0
- DEVICE=lo:0
- IPADDR=192.168.10.172
- NETMASK=255.255.255.255
- ONBOOT=yes
- [root@localhost network-scripts]# systemctl restart network
- [root@localhost network-scripts]# vi /etc/rc.local
- /sbin/route add -host 192.168.10.172 dev lo:0
- [root@localhost network-scripts]# route add -host 192.168.10.172 dev lo:0
- (2)httpd服务的安装
- [root@localhost ~]# yum -y install httpd
- [root@localhost ~]# vi /var/www/html/index.html
- test web02
- (3)内核参数的设置
- [root@localhost ~]# vi /etc/sysctl.conf
- net.ipv4.conf.all.arp_ignore = 1
- net.ipv4.conf.all.arp_announce = 2
- net.ipv4.conf.default.arp_ignore = 1
- net.ipv4.conf.default.arp_announce = 2
- net.ipv4.conf.lo.arp_ignore = 1
- net.ipv4.conf.lo.arp_announce = 2
- (4)开启httpd服务
- [root@localhost ~]# systemctl start httpd
4:模拟故障
- //先访问
- [root@localhost ~]# curl 192.168.10.172
- test web02
- //把主服务器暂停,再测试,可以看到在几秒后, 服务可以正常访问,实现高可用(主调度器和备调度器之间切换Master和VIP)
- //在启动主服务器,使用ipvsadm -ln查看创建出对应的LVS策略
- [root@localhost ~]# ipvsadm -ln
- IP Virtual Server version 1.2.1 (size=4096)
- Prot LocalAddress:Port Scheduler Flags
- -> RemoteAddress:Port Forward Weight ActiveConn InActConn
- TCP 192.168.10.172:80 rr
- -> 192.168.10.103:80 Route 1 0 0
- -> 192.168.10.104:80 Route 1 0 0
-
相关阅读:
soildwork2022怎么样添加螺纹孔?
【考研英语语法】语篇标记
Redis 的相关基础知识
R语言在vector向量数据末尾追加新的元素(在已知向量末尾添加单个标量数据形成新的向量)
二进制搭建 Kubernetes v1.20
大数据学长面试之华为面试题
jwt 实现用户登录完整java
ssm+vue+elementUI基于微信小程序的电动电动汽车车智能充电桩服务平台-计算机毕业设计
大数据生态安全框架的实现原理与最佳实践(下篇)
龙蛇入笔,身不由己,码农出书以及无法控制的表达欲
- 原文地址:https://blog.csdn.net/minly12/article/details/140965568