keepalived实现LVS的高可用以及实现web服务的高可用(主从模型、双主模型)
准备四台虚拟机,两台HA主机,两台RS主机
一、HA主机的配置
1.1、配置IP:
HA1:IP 172.16.50.20 网关172.16.0.1 HA2:IP 172.16.50.30 网关172.16.0.1
1.2、配置主机名:
HA1主机:
# hostname node1.magedu.com # uname -n # vim /etc/sysconfig/network HOSTNAME = node1.magedu.com
HA2主机:
# hostname node2.magedu.com # uname -n # vim /etc/sysconfig/network HOSTNAME = node2.magedu.com
1.3、配置双机互信
HA1主机配置:
# ssh-****** -t rsa -f ~/.ssh/id_rsa -P'' 密码为空 # ssh-copy-id -i .ssh/id_rsa.pub [email protected] # ssh 172.16.50.30 'ifconfig' 远程连接查看一下ip是否为50.30
HA2主机配置:
# ssh-****** -t rsa -f ~/.ssh/id_rsa -P'' # ssh-copy-id -i .ssh/id_rsa.pub [email protected] # ssh 172.16.50.20 'ifconfig' 远程连接查看一下ip是否为50.20
1.4、配置主机解析
HA1配置:
# vim/etc/hosts 172.16.50.20 node1.magedu.com node1 172.16.50.30 node2.magedu.com node2 ping node2 #查看是否能ping通 scp /etc/hosts node2:/etc/ #直接复制给HA2主机 在HA2主机上ping node1 主机名,看能否ping通
1.5、配置时间同步
HA1主机:
# date # service ntpd stop #先关闭ntpd # chkconfig ntpd off #不让它开机自启动 # ntpdate 172.16.0.1 #与主服务时间同步一下 # crontab -e #使用任务计划,让它每五分钟同步一下时间 */5 * * * * /sbin/ntpdata 172.16.0.1 &> /dev/null
HA2主机:
# date # service ntpd stop #先关闭ntpd # chkconfig ntpd off #不让它开机自启动 # ntpdate 172.16.0.1 #与主服务时间同步一下 # crontab -e #使用任务计划,让它每五分钟同步一下时间 */5 * * * * /sbin/ntpdata 172.16.0.1 &> /dev/null
1.6、配置好yum库
二、RS主机的配置(LVS-DR模型)
2.1、配置IP
RS1:eth0 172.16.50.11 RS2: eth0 172.16.50.12
2.2、关闭selinux
本次实验总共使用了4台虚拟机,都要将selinux关闭
# setenforce 0
2.3、配置DR模型
这里提供一个脚本,可以直接实现
# vim startrs.sh
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
. /etc/rc.d/init.d/functions
VIP=172.16.50.1
host=`/bin/hostname`
case "$1" in
start)
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac
# chmod +x startrs.sh 给一个执行权限
# ./startrs.sh satrt 执行此脚本
2.3、验证:
# ifconfig
三、实现LVS的高可用
HA配置(HA1与HA2安装的软件包相同)
3、安装配置LVS
3.1、安装keepalived(这里是32位的rpm包,这是自己制作的rpm包,里面有很多
东西是不需要配置的,也提供了样例,和官方下载的rpm是不同的)
注意:因为有依赖关系,这里直接使用yum来安装
# yum -y --nogpgcheck localinstall keepalived-1.2.7-5.el5.i386.rpm # rpm -ql keepalived 查看都是安装生成了了哪些文件(这里只看我们提供的服务) /etc/keepalived/keepalived.conf.haproxy_example 这是自己制作的rpm提供的样例 /etc/keepalived/notify.sh 脚本,也是自己制作时提供的,网站下载的是没有的
3.2、安装ipvsadm
# yum -y install ipvsadm
RS主机上的配置
3.3、在RS主机上分别启动httpd服务
# service httpd start
3.4、分别提供网页文件
# vim /var/www/html/index.html RS1.magedu.com # vim /var/www/html/index.html RS2.magedu.com
HA1节点配置
3.5、提供配置文件
# cd /etc/keepalived/
# cp keepalived.conf keepalived.conf.bak
# vim keepalived.conf
! Configuration File for keepalived
global_defs { 全局默认配置
notification_email {主节点发生变化,通知管理员
[email protected]
}
notification_email_from [email protected] {发件人
smtp_server 127.0.0.1
smtp_connect_timeout 30 连接时间超时时长
router_id LVS_DEVEL
}
vrrp_instance VI_1 {vrrp实例,定义虚拟路由组,第一个虚拟路由组
state MASTER 定义初始状态下谁是主谁是备份
interface eth0 虚拟路由工作在eth0,以及路由组的接口
virtual_router_id 51
priority 101 优先级
advert_int 1 每隔一秒通告
authentication { 安全认证
auth_type PASS 字符串认证
auth_pass passwd 密码
}
virtual_ipaddress {VIP地址
172.16.50.1
}
}
virtual_server 172.16.50.1 80 {
delay_loop 6 定义获取服务等待的时间
lb_algo wlc 负载均衡调度算法
lb_kind DR LVS类型
nat_mask 255.255.0.0
protocol TCP
real_server 172.16.50.11 80 {
weight 1
url { 监控url的状态
path /
status_code 200
}
connect_timeout 2 连接超时时长
nb_get_retry 3 重试时长
delay_before_retry 1 延时前的重试时长
}
}
virtual_server 172.16.50.1 80 {
delay_loop 6
lb_algo wlc
lb_kind DR
nat_mask 255.255.0.0
protocol TCP
real_server 172.16.50.12 80 {
weight 2
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
3.6、同步至另一节点中
# scp keepalived.conf node2:/etc/keepalived/
HA2主机中修改配置文件
# vim /etc/keepalived/keepalived.conf
只需要修改一下两项,其他的都不改
state BACKUP
priority 100
3.7、启动服务(两个节点都要启动)
# service keepalived start
3.8、验证(会自动配置为32位的源码)
3.8.1、查看一下ip
# ip addr show
3.8.2、查看一下ipvs规则
# ipvsadm -L -n
3.8.3、在物理机*问172.16.50.1
刷新一下
3.8.4、查看一下ipvs规则
# ipvsadm -L -n
四、实现web服务的高可用(在HA1与HA2主机上配置相同)
4.1、需要两台虚拟机(不用realserver虚拟了),将这两台主机做成高可用web服务
4.1.1、将keepalived服务stop
# service keepalived stop
4.1.2、安装httpd包
# yum -y install httpd
4.1.3、提供页面
# vim /var/www/html/index.html <h1>node1</h1> HA2主机页面: # vim /var/www/html/index.html <h1>node2</h1>
4.1.4、启动服务
# service httpd start
4.1.5、在物理主机*问这两个节点
4.2、提供配置文件
# cd /etc/keepalived/
# cp keepalived.conf.haproxy_example keepalived.conf
# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_httpd { 检查httpd
script "killall -0 httpd"
interval 2 每隔两秒检查一次httpd
# check every 2 seconds
weight -2
# if failed, decrease 2 of the priority 如果检查httpd失败了,将自己的优先级减2
fall 2 检查两次,避免误杀进程
# require 2 failures for failures
rise 1
# require 1 sucesses for ok 成功的话就检查一次
}
vrrp_script chk_schedown {只要touch一个down文件,它就变为备份的,删除此文件它就变为主的
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 2
weight -2
}
vrrp_instance VI_1 {
interface eth0
# interface for inside_network, bound by vrrp
state MASTER
# Initial state, MASTER|BACKUP
# As soon as the other machine(s) come up,
# an election will be held and the machine
# with the highest "priority" will become MASTER.
# So the entry here doesn't matter a whole lot.
priority 101
# for electing MASTER, highest priority wins.
# to be MASTER, make 50 more than other machines.
virtual_router_id 51
# arbitary unique number 0..255
# used to differentiate multiple instances of vrrpd
# running on the same NIC (and hence same socket).
garp_master_delay 1
authentication {
auth_typePASS
auth_pass password
}
track_interface {
eth0
}
# optional, monitor these as well.
# go to FAULT state if any of these go down.
virtual_ipaddress {
172.16.50.1/16 dev eth0 label eth0:0
}
#addresses add|del on change to MASTER, to BACKUP.
#With the same entries on other machines,
#the opposite transition will be occuring.
#<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL>
track_script { 每个一定的时间就会执行这两个脚本一次
chk_httpd
chk_schedown
}
一旦发现主从切换就会执行下面的脚本
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"(失败时执行此脚本)
}
4.3、同步至节点2
# scp keepalived.conf notify.sh node2:/etc/keepalived/
4.3.1、HA2主机中修改配置文件
# vim /etc/keepalived/keepalived.conf
只需要修改一下两项,其他的都不改
state BACKUP
priority 100
4.3.2、启动服务(两个节点都要启动)
# service keepalived start
4.3.3、验证
# ifconfig
在物理机*问
4.3.4、手动切换节点1至节点2上
在上面的配置文件中我们定义的有脚本,只有touch一个down文件节点1就会被转移
# touch /etc/keepalived/down
验证:查看节点1与节点2的IP地址
# ifconfig
节点1IP
节点2IP
在物理主机*问172.16.50.1
4.3.5、删除down文件,资源就会转移回节点1
# rm -rf /etc/keepalived/down
验证:
节点1IP
在物理主机*问172.16.50.1
五、实现web服务高可用双主模型
当然这是在主从模型的基础上做的
5、配置文件的修改
5.1、修改节点1的配置文件
# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_2 {
interface eth0
state BACKUP # BACKUP for slave routers
priority 100 # 100 for BACKUP
virtual_router_id 52
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.50.2/16 dev eth0 label eth0:1
}
track_script {
chk_httpd
chk_schedown
}
notify_master "/etc/keepalived/notify.sh master eth0:1"
notify_backup "/etc/keepalived/notify.sh backup eth0:1"
notify_fault "/etc/keepalived/notify.sh fault eth0:1"
}
5.2、修改节点2的配置文件
# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_2 {
interface eth0
state MASTER # BACKUP for slave routers
priority 101 # 100 for BACKUP
virtual_router_id 52
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.50.2/16 dev eth0 label eth0:1
}
track_script {
chk_httpd
chk_schedown
}
notify_master "/etc/keepalived/notify.sh master eth0:1"
notify_backup "/etc/keepalived/notify.sh backup eth0:1"
notify_fault "/etc/keepalived/notify.sh fault eth0:1"
}
5.3、重启服务
5.3.1、启动节点1
# service keepalived restart
5.3.2、启动节点2
# service keepalived restart
5.4、验证
5.4.1、查看节点1的IP
# ifconfig
5.4.2、查看节点2的IP
# ifconfig
5.4.3、在物理机上分别访问
http://172.16.50.1
http://172.16.50.2
5.5、模拟节点2 down掉
5.5.1、创建一个down文件
# touch /etc/keepalived/down
5.5.2、查看节点2的IP
5.5.3、查看节点1的IP
5.5.4、验证
在物理主机*问
http://172.16.50.1
http://172.16.50.2
5.6、删除down文件
# rm -rf /etc/keepalived/down
5.6.1、查看节点2IP,看是否夺回了资源
5.6.2、物理主机服务172.16.50.2
5.7、模拟节点1 down掉
5.7.1、创建一个down文件
# touch /etc/keepalived/down
5.7.2、查看节点1的IP
5.7.3、查看节点2的IP
5.7.4、验证
在物理主机*问
http://172.16.50.1
http://172.16.50.2
5.8、删除down文件
# rm -rf /etc/keepalived/down
5.8.1、查看节点2IP,看是否夺回了资源
5.8.2、物理主机服务172.16.50.2
注意:虽然叫双主模型,但不是双主模型,因为使用了不同的
这就是keepalived所要实现的功能,当然它的功能远不止这些,这里只讲了一小部分,希望对读者有所帮助哦!
转载于:https://blog.51cto.com/jilili/1202069