Keepalived+LVS实现高可用负载均衡双主模式
LVS是一种集群(Cluster)技术:采用IP负载均衡技术和基于内容请求分发技术。调度器具有很好的吞吐率,将请求均衡地转移到不同的服务器上执行,且调度器自动屏蔽掉服务器的故障,从而将一组服务器构成一个高性能的、高可用的虚拟服务器。整个服务器集群的结构对客户是透明的,而且无需修改客户端和服务器端的程序。工作在四层,在内核空间工作,基于ipvs模块,不占用流量。
双机高可用方法目前分为两种:
1)双机主从模式:即前端使用两台服务器,一台主服务器和一台热备服务器,正常情况下,主服务器绑定一个公网虚拟IP,提供负载均衡服务,热备服务器处于空闲状态;当主服务器发生故障时,热备服务器接管主服务器的公网虚拟IP,提供负载均衡服务;但是热备服务器在主机器不出现故障的时候,永远处于浪费状态,对于服务器不多的网站,该方案不经济实惠。
2)双机主主模式:这种模式的效果很强大,即前端使用两台负载均衡服务器,互为主备,且都处于活动状态(这样达到不浪费服务器),同时各自绑定一个公网虚拟IP,提供负载均衡服务;当其中一台发生故障时,另一台接管发生故障服务器的公网虚拟IP(这时由非故障机器一台负担所有的请求)。这种方案,经济实惠,非常适合于当前架构环境。
一、环境介绍:
操作系统:
[root@CentOS-4 ~]# cat /etc/RedHat-release
CentOS release 6.9 (Final)
服务器对应关系:
KA1:192.168.5.129 centos-1
KA2:192.168.5.128 centos-4
Vip1:192.168.5.200 129master/128backup
VIP2:192.168.5.210 128master/129backup
Web1:192.168.5.131 centos-2
Web2:192.168.5.132 centos-3
Client:192.168.5.140centos-5
二、环境安装:
安装依赖:
(在KA1和KA2机器上执行以下步骤)
[root@centos-4 ~]# yum -y install gcc pcre-devel zlib-devel openssl-devel
[root@centos-4~]# cd /usr/local/src/
[root@centos-4 src]# wget http://nginx.org/download/nginx-1.9.7.tar.gz
安装nginx
[root@centos-4 src]# tar -zvxfnginx-1.9.7.tar.gz
[root@centos-4 src]# cd nginx-1.9.7
[root@centos-4 nginx-1.9.7]#./configure --prefix=/usr/local/nginx --user=nginx --group=nginx--with-http_ssl_module --with-http_flv_module --with-http_stub_status_module--with-http_gzip_static_module --with-pcre
[root@centos-4 nginx-1.9.7]# make &&make install
[root@centos-1 ~]# yum install -ykeepalived
[root@centos-1 ~]# yum install –y ipvsadm
(在web1服务器和web2服务器上安装nginx)
[root@centos-2~]# yum -y install gcc pcre-devel zlib-devel openssl-devel
[root@centos-2~]# cd /usr/local/src/
[root@centos-2 src]# wget http://nginx.org/download/nginx-1.9.7.tar.gz
安装nginx
[root@centos-2 src]# tar -zvxfnginx-1.9.7.tar.gz
[root@centos-2 src]# cd nginx-1.9.7
[root@centos-2 nginx-1.9.7]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx--with-http_ssl_module --with-http_flv_module --with-http_stub_status_module--with-http_gzip_static_module --with-pcre
[root@centos-2 nginx-1.9.7]# make &&make install
三、配置服务:
(所以服务器上配置)
[root@centos-1 ~]# cat/etc/sysconfig/selinux
SELINUX=disabled
[root@centos-1 ~]# getenforce
Disabled
[root@centos-1 ~]# service iptables stop
1、配置keepalived:
(KA1上操作)
[root@centos-1 ~]#cat /etc/keepalived/keepalived.conf
! Configuration File forkeepalived
global_defs {
notification_email {
acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/opt/check_nginx.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_1{
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.5.200
}
}
vrrp_instance VI_2{
state BACKUP
interface eth0
virtual_router_id 50
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.5.210
}
}
track_script {
chk_http_port
}
}
virtual_server192.168.5.200 80 { # 定义转移ip端口80的集群服务
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.5.131 80 { # 定义集群服务包含的RS 1
weight 1 # 权重为1
HTTP_GET { # 定义RS1的健康状态检测
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.5.132 80 { # 定义集群服务包含的RS 2
weight 1 # 权重为1
HTTP_GET { # 定义RS2的健康状态检测
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
virtual_server 192.168.5.21080 { # 定义转移ip端口80的集群服务
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.5.131 80 { # 定义集群服务包含的RS 1
weight 1 # 权重为1
HTTP_GET { # 定义RS1的健康状态检测
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.5.132 80 { # 定义集群服务包含的RS 2
weight 1 # 权重为1
HTTP_GET { # 定义RS2的健康状态检测
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
(KA2上操作)
[root@centos-2 ~]# cat/etc/keepalived/keepalived.conf
! Configuration File forkeepalived
global_defs {
notification_email {
acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
}
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/opt/check_nginx.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.5.200
}
}
vrrp_instance VI_2{
state MASTER
interface eth0
virtual_router_id 50
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.5.210
}
}
track_script {
chk_http_port
}
}
virtual_server192.168.5.200 80 { # 定义转移ip端口80的集群服务
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.5.131 80 { # 定义集群服务包含的RS 1
weight 1 # 权重为1
HTTP_GET { # 定义RS1的健康状态检测
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.5.132 80 { # 定义集群服务包含的RS 2
weight 1 # 权重为1
HTTP_GET { # 定义RS2的健康状态检测
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
virtual_server192.168.5.210 80 { # 定义转移ip端口80的集群服务
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.5.131 80 { # 定义集群服务包含的RS 1
weight 1 # 权重为1
HTTP_GET { # 定义RS1的健康状态检测
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.5.132 80 { # 定义集群服务包含的RS 2
weight 1 # 权重为1
HTTP_GET { # 定义RS2的健康状态检测
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
编写一个监控nginx的脚本:
需要注意的是,要判断本机nginx是否正常,如果发现nginx不正常,重启之后,等待三秒在校验,任然失败则不尝试,关闭keepalived,发送邮件,其他主机此时接管VIP;
[root@centos-4~]# cat /opt/check_nginx.sh
#!/bin/bash
check=$(ps-C nginx --no-heading | wc -l)
IP=`ipadd | grep eth0 | awk 'NR==2{print $2}'| awk -F '/' '{print $1}'`
if ["${check}" = "0" ]; then
/usr/local/nginx/sbin/nginx
sleep 2
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${check}" = "0"]; then
/etc/init.d/keepalived stop
echo "check $IP nginx is down"| mail -s "check keepalived nginx" *********@qq.com
fi
fi
(KA1一样的监控脚本)
2、在后端两台web服务器上配置vip默认路由和配置两台服务器的nginx(这就不演示怎样配置nginx了。):
(考虑到方便执行就编写了一个脚本:在web1和web2服务器上配置。)
[root@centos-2 ~]# cat lvs.sh
#!/bin/bash
#realserver config vip config route arp
#legehappy
Vip1=192.168.5.200
Vip2=192.168.5.210
source /etc/rc.d/init.d/functions
case $1 in
start)
echo"config vip route arp" > /tmp/lvs1.txt
/sbin/ifconfiglo:0 $Vip1 broadcast $Vip1 netmask 255.255.255.255 up
/sbin/ifconfiglo:1 $Vip2 broadcast $Vip2 netmask 255.255.255.255 up
echo"1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo"2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo"1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo"2" > /proc/sys/net/ipv4/conf/all/arp_announce
routeadd -host $Vip1 dev lo:0
routeadd -host $Vip2 dev lo:1
;;
stop)
echo "deletevip route arp" > /tmp/lvs2.txt
/sbin/ifconfig lo:0 down
echo"0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo"0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo"0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo"0" > /proc/sys/net/ipv4/conf/all/arp_announce
routedel -host $Vip1 dev lo:0
routedel -host $Vip2 dev lo:1
;;
*)
echo"Usage: $0 (start | stop)"
exit 1
esac
(两台后端配置web服务nginx的页面信息)
[root@centos-2 ~]# curl 192.168.5.131
10.2
[root@centos-3 ~]# curl 192.168.5.132
10.3
3、在两台前端服务器上启动keepalived服务,对于192.168.5.200的vip centos-1是master/192.168.5.210的vip centos-1是backup。
[root@centos-1 ~]#service keepalived start
[root@centos-4 ~]# service keepalived start
查看日志文件:
[root@centos-1 ~]# cat /var/log/messages
Oct 19 22:00:22 centos-1 Keepalived_vrrp[46184]: VRRP_Instance(VI_2)Sending gratuitous ARPs on eth0 for 192.168.5.210
Oct 19 22:00:22 centos-1 Keepalived_healthcheckers[46183]: Netlinkreflector reports IP 192.168.5.210 added
Oct 19 22:00:24 centos-1 Keepalived_vrrp[46184]: VRRP_Instance(VI_1)Sending gratuitous ARPs on eth0 for 192.168.5.200
Oct 19 22:00:27 centos-1 Keepalived_vrrp[46184]: VRRP_Instance(VI_2)Sending gratuitous ARPs on eth0 for 192.168.5.210
(因为KA1先启动keepalived服务所以两个vip都会在KA1上,但第二台keepaliver服务起来后vip2就会被KA2抢占回来。)
[root@centos-4 ~]# cat /var/log/messages
Oct 19 22:01:38 centos-4 Keepalived_healthcheckers[15009]: Netlinkreflector reports IP 192.168.5.210 added
Oct 19 22:01:38 centos-4 avahi-daemon[1513]: Registering new addressrecord for 192.168.5.210 on eth0.IPv4.
Oct 19 22:01:38 centos-4 Keepalived_vrrp[15010]: VRRP_Instance(VI_2)Sending gratuitous ARPs on eth0 for 192.168.5.210
Oct 19 22:01:43 centos-4 Keepalived_vrrp[15010]: VRRP_Instance(VI_2)Sending gratuitous ARPs on eth0 for 192.168.5.210
查看ip addr:
[root@centos-1 keepalived]# ip add
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdiscpfifo_fast state UP qlen 1000
link/ether00:0c:29:0d:f3:5d brd ff:ff:ff:ff:ff:ff
inet 192.168.5.129/24 brd192.168.5.255 scope global eth0
inet 192.168.5.200/32scope global eth0
[root@centos-4 keepalived]#ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdiscpfifo_fast state UP qlen 1000
link/ether00:50:56:3a:84:30 brd ff:ff:ff:ff:ff:ff
inet 192.168.5.128/24 brd192.168.5.255 scope global eth0
inet 192.168.5.210/32 scope global eth0
(两台KA1和KA2服务器重启nginx、keepalived服务)
[root@centos-1~]# /usr/local/nginx/sbin/nginx -t
nginx:the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx:configuration file /usr/local/nginx/conf/nginx.conf test is successful ###检查配置文件没问题后再执行重启nginx。
[root@centos-1~]# /usr/local/nginx/sbin/nginx -s reload
[root@centos-4~]# /usr/local/nginx/sbin/nginx -t
nginx:the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx:configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@centos-4~]# /usr/local/nginx/sbin/nginx -s reload
[root@centos-1~]# service keepalived restart
停止keepalived: [确定]
正在启动keepalived: [确定]
[root@centos-4~]# service keepalived restart
停止keepalived: [确定]
正在启动keepalived: [确定]
四、测试:
验证方法(保证从负载均衡器本机到后端真实服务器之间能正常通信):
(1)、先测试完成后的效果访问vip1、vip2
Vip1:
[root@centos-5~]# curl 192.168.5.200
10.2
[root@centos-5~]# curl 192.168.5.200
10.3
[root@centos-5~]# curl 192.168.5.200
10.2
[root@centos-5~]# curl 192.168.5.200
10.3
Vip2:
[root@centos-5~]# curl 192.168.5.210
10.3
[root@centos-5~]# curl 192.168.5.210
10.2
[root@centos-5~]# curl 192.168.5.210
10.3
[root@centos-5~]# curl 192.168.5.210
10.2
(2)、把KA1keepalived stop掉(模拟KA1主机的keepalived故障)
[root@centos-1 ~]# service keepalived stop
停止 keepalived:
[root@centos-1 ~]# ip addr
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:0d:f3:5d brd ff:ff:ff:ff:ff:ff
inet 192.168.5.129/24 brd 192.168.5.255 scope global eth0
inet6 fe80::20c:29ff:fe0d:f35d/64 scope link
valid_lft forever preferred_lft forever
(KA1主机上查看ip addr已经没有vip了。)
在KA2主机上查看日志文件:
[root@centos-4 ~]# cat /var/log/messages
Oct 19 23:20:46 centos-4Keepalived_vrrp[15412]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for192.168.5.200
Oct 19 23:20:46 centos-4avahi-daemon[1513]: Registering new address record for 192.168.5.200 oneth0.IPv4.
Oct 19 23:20:46 centos-4Keepalived_healthcheckers[15411]: Netlink reflector reports IP 192.168.5.200added
Oct 19 23:20:51 centos-4Keepalived_vrrp[15412]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for192.168.5.200
(日志文件显示已经把vip:192.168.5.200接管了)
查看KA2主机的ip addr
[root@centos-4 ~]# ip addr
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:50:56:3a:84:30 brd ff:ff:ff:ff:ff:ff
inet 192.168.5.128/24 brd 192.168.5.255 scope global eth0
inet 192.168.5.210/32 scope global eth0
inet 192.168.5.200/32 scope global eth0
(可以看到已经有两个vip)
检查nginx服务是否被KA2接管且不中断
[root@centos-5~]# curl 192.168.5.200
10.3
[root@centos-5~]# curl 192.168.5.200
10.2
[root@centos-5~]# curl 192.168.5.210
10.3
[root@centos-5~]# curl 192.168.5.210
10.2
Keepalived+LVS实现高可用负载均衡双主模式的更多相关文章
- Keepalived+LVS(dr)高可用负载均衡集群的实现
一 环境介绍 1.操作系统CentOS Linux release 7.2.1511 (Core) 2.服务keepalived+lvs双主高可用负载均衡集群及LAMP应用keepalived-1.2 ...
- Keepalived+lvs 搭建高可用负载均衡
本站点停止更新,请访问:blog.coocap.com 不了解负载均衡高可用的童鞋,强烈建议先看keepalived+nginx高可用负载均衡: 传送门(求粉):http://www.cnblogs. ...
- Linux keepalived+lvs实现高可用负载均衡
LVS的具有强大的负载均衡功能,但是它缺少对负载层节点(DS)的健康状态检测功能,也不能对后端服务(RS)进行健康状态检测:keepalived是专门用来监控高可用集群架构的中各服务的节点状态,如果某 ...
- keepalived+LVS搭建高可用负载均衡系统
相关架构设置: 1)vip : 192.168.137.6 2)DS master ip : 192.168.137.8 3)DS backup ip : 192.168.137.9 4)RS 1 i ...
- LVS+Keepalived搭建MyCAT高可用负载均衡集群
LVS+Keepalived 介绍 LVS LVS是Linux Virtual Server的简写,意即Linux虚拟服务器,是一个虚拟的服务器集群系统.本项目在1998年5月由章文嵩博士成立,是中国 ...
- CentOS 6.3下部署LVS(NAT)+keepalived实现高性能高可用负载均衡
一.简介 VS/NAT原理图: 二.系统环境 实验拓扑: 系统平台:CentOS 6.3 Kernel:2.6.32-279.el6.i686 LVS版本:ipvsadm-1.26 keepalive ...
- 转载--CentOS 6.3下部署LVS(NAT)+keepalived实现高性能高可用负载均衡
源地址:http://www.cnblogs.com/mchina/archive/2012/08/27/2644391.html 一.简介 VS/NAT原理图: 二.系统环境 实验拓扑: 系统平台: ...
- RHEL 5.4下部署LVS(DR)+keepalived实现高性能高可用负载均衡
原文地址:http://www.cnblogs.com/mchina/archive/2012/05/23/2514728.html 一.简介 LVS是Linux Virtual Server的简写, ...
- CentOS 6.3下部署LVS(NAT)+keepalived实现高性能高可用负载均衡【转】
CentOS 6.3下部署LVS(NAT)+keepalived实现高性能高可用负载均衡 一.简介 VS/NAT原理图: 二.系统环境 实验拓扑: 系统平台:CentOS 6.3 Kernel:2 ...
随机推荐
- pinpoint与zipkin的比较
经过本周部署和测试pinpoint监控平台的工作,我对这套开源系统有了更进一步的认识. 初次见到pinpoint这套系统时,我被它各方面优秀的特征所折服:无需对项目代码进行任何改动就可以部署探针.追踪 ...
- SAP 多语言文本翻译
SAP自己的东西都是有语言包的,针对很多语言有是有对应文本的翻译,巴特,比较不是专业的翻译,多以很多时候还是有这样那样的文本描述需要调整. 语言包怎么打就不说了,也不知道,知道也没打过... 标准界面 ...
- 为Linux技术学习推荐看的书籍—《Linux就该这么学》
成长,是一种经历:经历,是一种人生的体验.人生的意义不在于我们拥有了什么,而在于从中我们体悟了什么.在这短短的三年,却在我的人生中弥足珍贵,在脑海中记忆犹新,在这大学三年里,我从一个莽撞少年成长为一名 ...
- MCNN多层神经网络论文笔记
论文原文 https://www.cv-foundation.org/openaccess/content_cvpr_2016/papers/Zhang_Single-Image_Crowd_Coun ...
- timeline server介绍
1. timeline是什么 2. timeline能做什么 3. timeline结构 4. timeline怎么配置 1). timeline是什么? 它能存储和检索应用当前和历史信息在yar ...
- kolla-ansible配置cinder 的ceph的多种后端存储池【转】
在实际的使用中,openstack后端采用ceph存储,存储磁盘类型有SATA和SSD,这里如果想基于存储驱动器提供多种云硬盘类型,可以基于下面的配置完成 点击查看配置详情
- effective java——12考虑实现coparable接口
float和double类型的主要设计目标是为了科学计算和工程计算.他们执行二进制浮点运算,这是为了在广域数值范围上提供较为精确的快速近似计算而精心设计的.然而,它们没有提供完全精确的结果,所以不应该 ...
- Linux修改日期、时间,系统与硬件时间
Linux的时间分为两种,硬件时间和系统时间两种: 一.查看与修改系统时间 查看系统时间:date # date Fri Nov 26 15:20:18 CST 1999 用指定的格式显示系统时间: ...
- 浅谈URI和URL
URI(Uniform Resource Identifier)字面上的意思是,统一资源标示符 URL(Uniform Resource Locator),统一资源定位符 光从字面上的意思,这个2个东 ...
- Mac 下配置Lua环境
1.下载LUA源码包 curl -R -O http://www.lua.org/ftp/lua-5.3.1.tar.gz 2.解压并进入目录 tar -xvf lua-.tar.gz cd lua- ...