Linux-利用keepalived实现lvs的高可用性
程序员文章站
2022-12-11 08:49:48
单主模型IPVS示例配置keepalive高可用的ipvs集群示例:修改keepalived配置文件修改主机:192.168.234.27的keepalived配置文件 1 [root@234c27 ~]# vim /etc/keepalived/keepalived.conf 2 ! Config... ......
单主模型ipvs示例
配置keepalive
高可用的ipvs集群示例:修改keepalived配置文件
修改主机:192.168.234.27的keepalived配置文件
1 [root@234c27 ~]# vim /etc/keepalived/keepalived.conf 2 ! configuration file for keepalived 3 4 global_defs { 5 notification_email { 6 root@localhost //接受邮件地址 7 } 8 notification_email_from keepalived@localhost //发送邮件地址 9 smtp_server 127.0.0.1 //发送邮件服务器ip 10 smtp_connect_timeout 30 //邮件连接超时时长 11 router_id kptwo //路由id 12 vrrp _mcast_group4 234.10.10.10 //指定vrrp协议的多播地址 13 } 14 15 vrrp_instance vi_1 { //vrrp协议的 16 state master //lvs的master服务器 17 interface ens37 // 18 virtual_router_id 50 //虚拟路由 19 priority 100 //权重为100.越大越先 20 advert_int 1 //发送组博包的间隔 21 authentication { //验证 22 auth_type pass //方式为pass( 明文) 23 auth_pass 1111 //密码 24 } 25 virtual_ipaddress { //keepalived虚拟ip 26 10.0.0.100/24 27 } 28 } 29 virtual_server 10.0.0.100 80 { 30 delay_loop 6 //检查后端服务器的时间间隔 31 lb_algo wrr //定义调度方法 32 lb_kind dr //集群的类型 33 #persistence_timeout 50 //持久连接时长 34 protocol tcp //服务协议,仅支持tcp 35 real_server 192.168.234.47 80 { //后端real_server服务器地址 36 weight 1 //权重 37 http_get { //应用层检测 38 url { 39 path / //定义要监控的url 40 status_code 200 //判断上述检测机制为健康状态的响应码 41 } 42 connect_timeout 3 //连接请求的超时时长 43 nb_get_retry 3 //重试次数 44 delay_before_retry 3 //重试之前的延迟时长 45 } 46 } 47 real_server 192.168.234.57 80 { 48 weight 2 49 http_get { 50 url { 51 path / 52 status_code 200 53 } 54 connect_timeout 3 55 nb_get_retry 3 56 delay_before_retry 3 57 } 58 } 59 }
修改主机:192.168.234.37的keepalived配置文件
[root@234c37 ~]# vim /etc/keepalived/keepalived.conf
! configuration file for keepalived global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id kptwo vrrp _mcast_group4 234.10.10.10 } vrrp_instance vi_1 { state backup interface ens37 virtual_router_id 50 priority 80 advert_int 1 authentication { auth_type pass auth_pass 1111 } virtual_ipaddress { 10.0.0.100/24 } } virtual_server 10.0.0.100 80 { delay_loop 6 lb_algo wrr lb_kind dr #persistence_timeout 50 protocol tcp sorry_server 127.0.0.1:80 real_server 192.168.234.47 80 { weight 1 http_get { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.234.57 80 { weight 2 http_get { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
查看keepalived
[root@234c37 ~]# systemctl status keepalived ● keepalived.service - lvs and vrrp high availability monitor loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) active: inactive (dead) ………… [root@234c37 ~]# ipvsadm -ln ip virtual server version 1.2.1 (size=4096) prot localaddress:port scheduler flags -> remoteaddress:port forward weight activeconn inactconn //暂无ipvsadm
启动服务
[root@234c27 keepalived]# systemctl start keepalived.service [root@234c27 keepalived]# systemctl status keepalived.service ● keepalived.service - lvs and vrrp high availability monitor loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) active: active (running) since fri 2018-08-31 20:30:02 cst; 12s ago process: 9657 execstart=/usr/sbin/keepalived $keepalived_options (code=exited, status=0/success) main pid: 9658 (keepalived) ……………… [root@234c27 keepalived]# ipvsadm -ln ip virtual server version 1.2.1 (size=4096) prot localaddress:port scheduler flags -> remoteaddress:port forward weight activeconn inactconn tcp 10.0.0.100:80 wrr -> 192.168.234.47:80 route 1 0 0 -> 192.168.234.57:80 route 2 0 0 //启动服务lvs vs已配置好
后端real_server准备
增加ip在网卡上 修改限制arp通告及应答级别 rs1 rs2都做,网关并指向路由
ip a a 10.0.0.100/32 dev ens37 echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
route add default gw 192.168.234.17
安装httpd服务 写好网页文件
启动服务
多主模型ipvs示例
配置keepalive
高可用的ipvs集群示例:修改keepalived配置文件
修改主机:192.168.234.27的keepalived配置文件
[root@234c27 keepalived]# vim /etc/keepalived/keepalived.conf global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id kpone vrrp _mcast_group4 234.10.10.10 } vrrp_instance vi_1 { state master interface ens37 virtual_router_id 50 priority 100 advert_int 1 authentication { auth_type pass auth_pass 1111 } virtual_ipaddress { 10.0.0.100/24 } } vrrp_instance vi_2 { state backup interface ens37 virtual_router_id 51 priority 80 advert_int 1 authentication { auth_type pass auth_pass 2222 } virtual_ipaddress { 10.0.0.200/24 } } virtual_server 10.0.0.100 80 { delay_loop 6 lb_algo wrr lb_kind dr #persistence_timeout 50 protocol tcp #sorry_server 127.0.0.1:80 real_server 192.168.234.47 80 { weight 1 http_get { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } virtual_server 10.0.0.200 80 { delay_loop 6 lb_algo wrr lb_kind dr #persistence_timeout 50 protocol tcp #sorry_server 127.0.0.1:80 real_server 192.168.234.57 80 { weight 1 http_get { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
修改主机:192.168.234.37的keepalived配置文件
[root@234c37 ~]# vim /etc/keepalived/keepalived.conf ! configuration file for keepalived global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id kptwo vrrp _mcast_group4 234.10.10.10 } vrrp_instance vi_1 { state backup interface ens37 virtual_router_id 50 priority 80 advert_int 1 authentication { auth_type pass auth_pass 1111 } virtual_ipaddress { 10.0.0.100/24 } } vrrp_instance vi_2 { state master interface ens37 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type pass auth_pass 2222 } virtual_ipaddress { 10.0.0.200/24 } } virtual_server 10.0.0.100 80 { delay_loop 6 lb_algo wrr lb_kind dr #persistence_timeout 50 protocol tcp #sorry_server 127.0.0.1:80 real_server 192.168.234.47 80 { weight 1 http_get { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } virtual_server 10.0.0.200 80 { delay_loop 6 lb_algo wrr lb_kind dr #persistence_timeout 50 protocol tcp #sorry_server 127.0.0.1:80 real_server 192.168.234.57 80 { weight 1 http_get { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
让10.0.0.100的ip优先分配至192.168.234.47 192.168.234.57备用
让10.0.0.200的ip优先分配至192.168.234.57 192.168.234.47备用
后端real_server准备
修改192.168.234.57的vip为10.0.0.200/32
1 [root@234c27 keepalived]# ipvsadm -ln 2 ip virtual server version 1.2.1 (size=4096) 3 prot localaddress:port scheduler flags 4 -> remoteaddress:port forward weight activeconn inactconn 5 tcp 10.0.0.100:80 wrr 6 -> 192.168.234.47:80 route 1 0 0 7 tcp 10.0.0.200:80 wrr 8 -> 192.168.234.57:80 route 1 0 0
现在宕掉一个lvs
1 [root@234c27 keepalived]# systemctl stop keepalived.service 2 [root@234c27 keepalived]# ipvsadm -ln 3 ip virtual server version 1.2.1 (size=4096) 4 prot localaddress:port scheduler flags 5 -> remoteaddress:port forward weight activeconn inactconn 6
依然提供服务
1 [root@234c37 ~]# ipvsadm -ln 2 ip virtual server version 1.2.1 (size=4096) 3 prot localaddress:port scheduler flags 4 -> remoteaddress:port forward weight activeconn inactconn 5 tcp 10.0.0.100:80 wrr 6 -> 192.168.234.47:80 route 1 0 21 7 tcp 10.0.0.200:80 wrr 8 -> 192.168.234.57:80 route 1 0 39
后一个实现基于前一个的基础上修改来的
假设要实现sorry_server
1.把rs服务都停掉。然后在lvs上安装apache或者nginx服务
2.将keepalived配置文件中的
1 virtual_server 10.0.0.200 80 { 2 delay_loop 6 3 lb_algo wrr 4 lb_kind dr 5 #persistence_timeout 50 6 protocol tcp 7 #sorry_server 127.0.0.1:80 //这一行来修改 写出服务出错之后的页面 8 real_server 192.168.234.57 80 { 9 weight 1 10 http_get { 11 url { 12 path / 13 status_code 200 14 } 15 connect_timeout 3 16 nb_get_retry 3 17 delay_before_retry 3 18 } 19 } 20 }