您的位置:首页 > 游戏 > 游戏 > LVS+Keepalived群集

LVS+Keepalived群集

2024/12/23 11:41:20 来源:https://blog.csdn.net/minly12/article/details/140965568  浏览:    关键词:LVS+Keepalived群集

keepalived的热备方式

Keepalived 采用 VRRP(Virtual Router Redundancy Protocol,虚拟路由冗余协议)热备份协议,以软件的方式实现Linux服务器的多机热备功能(VRRP是针对路由器的一种备份解决方案--由多台路由器组成一个热备组,通过共用的虚拟 IP地址对外提供服务)

  • 专为LVS和HA设计的一款健康状态检查工具
  • 支持故障自动切换(Failover)
  • 支持节点健康状态检查(Health Checking)


keepalived的安装与服务

//除了安装keepalived,在 LVS 群集环境中应用时,也需要用到 ipvsadm管理工具
[root@localhost ~]# yum install y keepalived ipvsadm
//控制 Keepalived 服务;YUM 安装 keepalived 后,执行以下命令将 keepalived 服务设置为开机启动
[root@localhost ~]# systemctl enable keepalived

一、使用Keepalived双机实现热备案例

服务器

操作系统

主机名/IP 地址

web服务器

CentOS7.9

192.168.10.101

web服务器

CentOS7.9

192.168.10.102

1:主服务器配置

//安装keepalived服务控制
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# systemctl enable keepalived
//配置keepalived
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vim keepalived.conf        //打开配置文件,修改几个参数
...
router_id LVS_01    //router_id用于区分设备,可以重复但不建议
#  vrrp_strict      //严格执行VRRP协议规范,此模式不支持节点单播,配置了此参数,vip可以漂移到这台服务器,但是ping vip不通,因此需要将此参数注释
state MASTER        //将状态改为master
virtual_router_id 51     //虚拟路由id,用于划分主机到同一个热备组
virtual_ipaddress {        //更改虚拟IP地址192.168.10.172}
...
[root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# ip add show dev ens33

2:备用服务器的配置

  • 在同一个Keepalived 热备组内,所有服务器的 Keepalived 配置文件基本相同,包括虚拟路由器的 ID号、认证信息、漂移地址、心跳频率等
    • 路由器名称(router id):建议为每个参与热备的服务器指定不同的名称
    • 热备状态(state):至少应有一台主服务器,将状态设为MASTER;可以有多台备用的服务器,将状态设为 BACKUP
    • 优先级(priority):数值越大则取得 VIP 控制权的优先级越高,因此主服务器的优先级应设为最高;其他备用服务器的优先级可依次递减,但不要相同,以免在争夺 VIP 控制权时发生冲突

配置备用服务器(可以有多台)时,可以参考主服务器的 keepalived.conf 配置文件内容,只需修改路由器名称、热备状态、优先级

//安装keepalived服务控制
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# yum -y install keepalived
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld//配置keepalived
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
...
//需要和主服务器不同的地方
state BACKUP    // 角色
priority 90// Backup的优先级必须比Master低
...
[root@localhost keepalived]# systemctl start keepalived

3:测试虚拟ip的连通性

Keepalived 的日志消息保存在/var/log/messages 文件中,在测试主、备故障自动切换功能时,可以跟踪此日志文件来观察热备状态的变化

//可以先查看两个服务器地址
[root@localhost keepalived]# ip a
//安装keepalived服务控制
[root@localhost ~]# less /var/log/message

在测试过程中down掉master服务器的网络,观察结果,虚拟IP漂移到Backup主机 


二、LVS+Keepalived高可用性

服务器

操作系统

主机名/IP 地址

主调度器

CentOS7.9

192.168.10.101

从调度器

CentOS7.9

192.168.10.102

Web服务器(1)

CentOS7.9

192.168.10.103

Web服务器(1)

CentOS7.9

192.168.10.104

客户端(测试机)

CentOS7.9

192.168.10.105

1:主调度器配置

(1)主服务器keepalived的安装

[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# systemctl enable keepalived

(2)配置主服务器keepalived

[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
...
virtual_server 192.168.10.172 80 {delay_loop 6  # 回环延迟时间lb_algo wrr   # 调度算法lb_kind DR    # 负载均衡的工作模式#persistence_timeout 50 会话保持时间protocol TCPreal_server 192.168.10.103 80 {weight 1TCP_CHECK {connect_port 80connect_timeout 3nb_get_retry 3delay_before_retry 3}}real_server 192.168.10.104 80 {weight 1TCP_CHECK {connect_port 80connect_timeout 3nb_get_retry 3delay_before_retry 3}}
}
# 剩下的内容删除
# 命令模式下:d + G
保存并退出
...

(3)主服务器内核参数的配置

[root@localhost ~]# vi /etc/sysctl.conf
在末尾添加:
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]# sysctl -p//开启主服务器的keepalived服务
[root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# ip add show dev ens33
健康状态检查的方式
  • SSL_GET
    • 通过SSL,GET一下网站根目录的网页文件,如果有内容,就是正常的
  • TCP_CHECL
    • 工作在第4层,keepalived向后端服务器发起一个tcp连接请求,如果后端服务器没有响应或超时,那么这个后端将从服务器池中移除。
  • HTTP_GET
    • 工作在第5层,向指定的URL执行http请求,将得到的结果用md5加密并与指定的md5值比较看是否匹配,不匹配则从服务器池中移除;此外还可以指定http返回码来判断检测是否成功。HTTP_GET可以指定多个URL用于检测,在一台服务器有多个虚拟主机的情况下使用。
  • MISC_CHECK
    • 用脚本来检测,脚本如果带有参数,需将脚本和参数放入双引号内,根据脚本的返回值来判断

2:从调度器配置

//从调度器keepalived安装
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# systemctl enable keepalived   //从调度器keepalived的配置
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
...
//从服务器内核参数的配置
[root@localhost ~]# vi /etc/sysctl.conf
在末尾添加:
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]# sysctl -p//开启从服务器的keepalived服务
[root@localhost keepalived]# systemctl start keepalived

3:服务器池配置

(1)web1网络的配置
//网络配置
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.10.172
NETMASK=255.255.255.255
ONBOOT=yes[root@localhost network-scripts]# systemctl restrt network
[root@localhost network-scripts]# vi /etc/rc.local
/sbin/route add -host 192.168.10.172 dev lo:0[root@localhost network-scripts]# route add -host 192.168.10.172 dev lo:0
(2)httpd服务的安装
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# vi /var/www/html/index.html
test web01
(3)内核参数的设置
[root@localhost ~]# vi /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
(4)开启httpd服务
[root@localhost ~]# systemctl start httpd
(2)web2服务器配置
//网络配置
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.10.172
NETMASK=255.255.255.255
ONBOOT=yes[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# vi /etc/rc.local
/sbin/route add -host 192.168.10.172 dev lo:0[root@localhost network-scripts]# route add -host 192.168.10.172 dev lo:0(2)httpd服务的安装
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# vi /var/www/html/index.html
test web02(3)内核参数的设置
[root@localhost ~]# vi /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2(4)开启httpd服务
[root@localhost ~]# systemctl start httpd

4:模拟故障

//先访问
[root@localhost ~]# curl 192.168.10.172
test web02
//把主服务器暂停,再测试,可以看到在几秒后, 服务可以正常访问,实现高可用(主调度器和备调度器之间切换Master和VIP)
//在启动主服务器,使用ipvsadm -ln查看创建出对应的LVS策略
[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.10.172:80 rr-> 192.168.10.103:80            Route   1      0          0         -> 192.168.10.104:80            Route   1      0          0 

版权声明:

本网仅为发布的内容提供存储空间,不对发表、转载的内容提供任何形式的保证。凡本网注明“来源:XXX网络”的作品,均转载自其它媒体,著作权归作者所有,商业转载请联系作者获得授权,非商业转载请注明出处。

我们尊重并感谢每一位作者,均已注明文章来源和作者。如因作品内容、版权或其它问题,请及时与我们联系,联系邮箱:809451989@qq.com,投稿邮箱:809451989@qq.com