Keepalived + LVS(DR)+ Httpd 实现高可用负载均衡集群实战
一、主机规划
| 高可用 | IP | 负载均衡 |
|---|---|---|
| Master | 192.168.182.129 | Keepalived、LVS |
| Backup | 192.168.182.130 | Keepalived、LVS |
| VIP | 192.168.182.111 | Keepalived、LVS |
| RIP | 192.168.182.131 | Httpd - 1 |
| RIP | 192.168.182.132 | Httpd - 2 |
二、环境部署
1.停止所有服务器的防火墙 和 selinux
systemctl stop firewalld
setenforce 0
2. Master、Backup节点主机分别安装Keepalived、ipvsadm服务(并设置开机自启)
[root@Master ~]# yum install -y keepalived && systemctl enable keepalived
[root@Master ~]# yum install -y ipvsadm && systemctl enable ipvsadm
[root@Backup ~]# yum install -y keepalived && systemctl enable keepalived
[root@Backup ~]# yum install -y ipvsadm && systemctl enable ipvsadm
3. RIP节点主机安装Httpd服务,并分别修改测试页面
web1 - 192.168.182.131
[root@web1 ~]# yum install -y httpd
[root@web1 ~]# echo "I am RealServer2 192.168.182.131" > /var/www/html/index.html
web2 - 192.168.182.132
[root@web2 ~]# yum install -y httpd
[root@web2 ~]# echo "I am RealServer3 192.168.182.132" > /var/www/html/index.html
开启 httpd 服务、并设置开启自启
[root@web1 ~]# systemctl start httpd && systemctl enable httpd
[root@web2 ~]# systemctl start httpd && systemctl enable httpd
访问 web1、web2 测试界面
三、修改主备节点Keepalived配置文件
配置Keepalived - MASTER节点文件
! Configuration File for keepalived
global_defs {
router_id NodeA #主备路由配置不一样
}
vrrp_script chk_port { #Httpd服务故障Keepalived自动转移脚本
script "/etc/keepalived/keepalived.sh"
interval 2
weight 2
}
vrrp_instance VI_1 { #需与备节点配置一致
state MASTER
interface ens33 #需与备节点配置一致
virtual_router_id 51 #需与备节点配置一致
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.182.111/24 dev ens33 #LVS、Keepalived VIP工作和端口
}
}
virtual_server 192.168.182.111 80 { #虚拟服务器VIP地址和端口
delay_loop 3 #健康检查的间隔时间(秒)
lb_algo rr #轮询调度算法
lb_kind DR #直接路由群集工作模式
persistence_timeout 50 #连接保持时间(秒)不启动在前面加(!)即可
protocol TCP #采用TCP协议
real_server 192.168.182.131 80 { #第一个WEB节点地址和端口
weight 1 #节点权重
TCP_CHECK { #健康检查方式
connect_port 80 #检查的目录端口
connect_timeout 3 #连接超时(秒)
nb_get_retry 3 #重试次数
delay_before_retry 3 #重试间隔(秒)
}
}
real_server 192.168.182.132 80 { #第二个web节点的地址、端口和部分信息
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
track_script { #跟踪上述自动转移脚本
chk_port
}
}
配置Keepalived - BACKUP节点文件
! Configuration File for keepalived
global_defs {
router_id NodeB #主备路由配置不一样
}
vrrp_script chk_port { #Httpd服务故障Keepalived自动转移脚本
script "/etc/keepalived/keepalived.sh"
interval 2
weight 2
}
vrrp_instance VI_1 { #需与主节点配置一致
state BACKUP
interface ens33 #需与主节点配置一致
virtual_router_id 51 #需与主节点配置一致
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.182.111/24 dev ens33 #LVS、Keepalived VIP工作和端口
}
}
virtual_server 192.168.182.111 80 { #虚拟服务器VIP地址和端口
delay_loop 3 #健康检查的间隔时间(秒)
lb_algo rr #轮询调度算法
lb_kind DR #直接路由群集工作模式
persistence_timeout 50 #连接保持时间(秒)不启动在前面加(!)即可
protocol TCP #采用TCP协议
real_server 192.168.182.131 80 { #第一个WEB节点地址和端口
weight 1 #节点权重
TCP_CHECK { #健康检查方式
connect_port 80 #检查的目录端口
connect_timeout 3 #连接超时(秒)
nb_get_retry 3 #重试次数
delay_before_retry 3 #重试间隔(秒)
}
}
real_server 192.168.182.132 80 { #第二个web节点的地址、端口和部分信息
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
track_script { #跟踪上述自动转移脚本
chk_port
}
}
Httpd服务故障Keepalived自动转移脚本(主备服务器脚本内容均一致、并授予可执行权限)
[root@Master ~]# vim /etc/keepalived/keepalived.sh
[root@Master ~]# chmod a+x /etc/keepalived/keepalived.sh
[root@Backup ~]# vim /etc/keepalived/keepalived.sh
[root@Backup ~]# chmod a+x /etc/keepalived/keepalived.sh
#!/bin/bash
counter=$(ps -C httpd --no-heading | wc -l )
if [ "${counter}"="0" ];then
systemctl start httpd
sleep 5
counter=$(ps -C httpd --no-heading | wc -l )
if [ "${counter}"="0" ];then
systemctl stop keepalived
fi
fi
开启主备节点 Keepalived 服务
[root@Master ~]# systemctl start keepalived
[root@Backup ~]# systemctl start keepalived
四、配置 LVS(ipvsadm)负载均衡服务
配置RIP节点主机虚拟IP
[root@web1 sh]# cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
[root@web1 sh]# vim ifcfg-lo:0
DEVICE=lo:0 #虚拟主机名
IPADDR=192.168.182.111 #虚拟主机IP
NETMASK=255.255.255.255 #子网掩码
ONBOOT=yes #开机自启
[root@web2 sh]# cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
[root@web2 sh]# vim ifcfg-lo:0
DEVICE=lo:0 #虚拟主机名
IPADDR=192.168.182.111 #虚拟主机IP
NETMASK=255.255.255.255 #子网掩码
ONBOOT=yes #开机自启
配置RIP节点主机虚拟路由
[root@web1 ~]# vi /etc/rc.local
#####在文件下方追加下行命令行
/sbin/route add host 192.168.182.111 dev lo:0
[root@web2 ~]# vi /etc/rc.local
#####在文件下方追加下行命令行
/sbin/route add host 192.168.182.111 dev lo:0
设置ARP抑制
作用:当广播呼叫VIP(LVS、RS中配置VIP)时,RS中的VIP不给予呼应
WEB1、WEB2均需配置
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
打开路由转发功能
[root@web1 ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@web1 ~]# sysctl -p
[root@web2 ~]# vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
[root@web2 ~]# sysctl -p
五、测试!!!
重启虚拟机
4台虚拟机均需要重启
reboot
测试1:开启Master节点Keepalived服务,此时外界访问测试界面则为Master节点测试页面
[root@Master ~]# systemctl start keepalived
[root@Master ~]# ip a |grep ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.182.131/24 brd 192.168.182.255 scope global noprefixroute ens33
inet 192.168.182.111/24 scope global secondary ens33
测试2:开启Backup节点Keepalived服务,关闭Master节点,此时外界访问测试界面则为Backup节点测试页面
[root@BACKUP ~]# systemctl start keepalived
[root@BACKUP ~]# ip a |grep ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.182.132/24 brd 192.168.182.255 scope global noprefixroute ens33
inet 192.168.182.111/24 scope global secondary ens33
学习视频:https://www.bilibili.com/video/av80201614?p=58
来源:CSDN
作者:VillianTsang
链接:https://blog.csdn.net/VillianTsang/article/details/103852331