keepalived+lvs
準備4臺虛擬機分別爲server1,server2,server3,server4(server1爲主機,4爲備機)
安裝
- 安裝包
keepalived-1.2.5.tar.gz
tar zxf keepalived-1.2.5.tar.gz- 依賴性解決
yum install -y ipvsadm kernel-devel openssl-devel popt-devel libnl-devel gcc make編譯安裝
./configure –prefix=/usr/local/keepalived ##keepalived路徑編譯結果:
Keepalived configuration
—————————————————
Keepalived version : 1.2.5
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lpopt -lssl -lcrypto -lnl
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
IPVS use libnl : No
Use VRRP Framework : Yes
Use VRRP VMAC : Yes
SNMP support : No
Use Debug flags : No
make && make installkeepalived + lvs
配置keepalived
server1與server4同:
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived /etc/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbinkeepalived主配置文件:
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost ##接收警報的email地址,可添加多個
}
notification_email_from keepalived@server1 ##郵件的發送地址
smtp_server 127.0.0.1 ##設置smtp server地址爲本機
smtp_connect_timeout 30 ##連接smtp服務器超時時間
router_id LVS_DEVEL ##loadbalancer的標識,用於email警報
}
vrrp_instance VI_1 {
state MASTER ##設定本機爲主,server4爲BACKUP,此狀態由priority的值決定,priority值大則爲MASTER
interface eth0 ##HA檢測網絡接口
virtual_router_id 87 ##vrid,主備機的vrid必須相同,取值0-255
priority 100 ##優先級
advert_int 1 ##主備之間的通告間隔秒數
authentication { ##主備切換時的認證
auth_type PASS ##驗證類型,主要有PASS和AH兩種
auth_pass 1111 ##設置驗證密碼,在一個vrrp_instance下,MASTER與BACKUP必須使用相同的密碼才能正常通信
}
virtual_ipaddress { ##設置虛擬IP地址,可以設置多個虛擬IP地址,每行一個
172.25.36.100
}
}
virtual_server 172.25.36.100 80 { ##定義虛擬服務器
delay_loop 6 ##每隔6秒檢查realserver狀態
lb_algo rr ##lvs調度算法爲輪叫rr
lb_kind DR ##lvs使用DR模式
nat_mask 255.255.255.0
#persistence_timeout 50 ##連接後端服務器,50S內不會負載均衡
protocol TCP ##指定轉發協議類型,有tcp和udp兩種
real_server 172.25.36.2 80 { ##配置服務節點
weight 1 ##服務節點權值
TCP_CHECK { ##realserver的狀態檢測部分
connect_timeout 3 ##3秒無響應超時
nb_get_retry 3 ##重試次數爲3次
delay_before_retry 3 ##重試間隔
}
real_server 172.25.36.3 80 { ##配置服務節點
weight 1 ##服務節點權值
TCP_CHECK { ##realserver的狀態檢測部分
connect_timeout 3 ##3秒無響應超時
nb_get_retry 3 ##重試次數爲3次
delay_before_retry 3
}
/etc/init.d/keepalived start
scp /etc/keepalived/keepalived.conf root@172.25.36.4:/etc/keepalived/server4:
vim /etc/keepalived/keepalived.conf ##只修改這兩處
vrrp_instance VI_1 {
state BACKUP
priority 50
}
/etc/init.d/keepalived startserver2,server3:
ip addr add 172.25.36.100/32 dev eth0
/etc/init.d/httpd start測試:
1.真機curl 172.25.36.100
server1的mac地址爲09:9f
2.server1:
/etc/init.d/keepalived stop真機:curl 172.25.36.100
server4的mac地址爲46:f9
3.server4:
/etc/init.d/keepalived stop
server1:
/etc/init.d/keepalived start
curl 172.25.36.100(server1接管)
keepalived爲單線程,其下由兩個子進程
第一個子進程:vrrp協議,實現高可用
第二個子進程:健康檢查,維護LVS的策略
keepalived+LVS+vsftp
server2,server3:
yum install -y arptables_jf
arptables -A IN -d 172.25.36.100 -j DROP ##將RS接受到的172.25.36.100包丟棄
arptables -A OUT -s 172.25.36.100 -j mangle --mangle-ip-s 172.25.36.3 ##將源時172.25.36.100的請求發送給172.25.36.3
/etc/init.d/arptables_jf save
/etc/init.d/arptables_jf start查看arptables:
arptables -L
server1,server4中keepalived.conf同時添加如下:
vim /etc/keepalived/keepalived.conf
virtual_server 172.25.36.100 21 { ##vsftpd端口爲21端口
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50 ##連接後端服務器,50S內不會負載均衡
protocol TCP
real_server 172.25.36.2 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.36.3 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
/etc/init.d/keepalived restart查看配置是否生效:
ipvsadm -l
server2,server3中:
yum install vsftpd -y
/etc/init.d/vsftpd start
mkdir /var/ftp/server2(server3) ##方便測試看出效果測試:
1.真機:lftp 172.25.36.100 -> ls
2.server1:
/etc/init.d/keepalived stop
真機:lftp 172.25.36.100(server4會接管keepalived)
3.server3:
/etc/init.d/vsftpd stop
真機:lftp 172.25.36.100
keepalived + nginx
配置nginx:
server1(nginx所在主機):
http {
upstream westos { ##添加westos負載均衡組
server 172.25.36.2:80;
server 172.25.36.3:80;
}
server {
listen 80;
server_name www.westos.org; ##添加訪問域名
location / {
proxy_pass http://westos; ##訪問westos負載均衡組
}
}
nginx -s reload
scp -r nginx/ server4:/usr/local/server4:
/usr/local/nginx/sbin/nginx -t ##檢查nginx配置文件是否出錯
/usr/local/nginx/sbin/nginx ##運行nginxserver2,server3:
/etc/init.d/httpd start ##運行httpd(port 80)在測試主機上將解析加入:
vim /etc/hosts
172.25.36.100 www.westos.org
測試:
主機web:www.westos.org(有輪詢)
輪詢
配置keepalived:
keepalived服務(server1,server4):
cd /opt
vim nginx_check.sh
#!/bin/bash
curl http://127.0.0.1/index.html -o /dev/null -s || /usr/local/lnmp/nginx/sbin/nginx ##檢測nginx是否運行,若沒有運行則運行nginx
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop &> /dev/null ##若不能運行nginx則關閉本機keepalived由備機server4接管
fivim /etc/keepalived/keepalived.conf
vrrp_script nginx_check {
script /opt/nginx_check.sh ##腳本位置
interval 2 ##檢查間隔兩秒
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@server1
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 87
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.36.100/24
}
track_script {
nginx_check ##腳本資源爲nginx_check
}測試:
1.server1:
/etc/init.d/keepalived start
nginx -s stop ##停止運行nginx
真機web:
www.westos.org ##可以正常訪問,因爲keepalived中腳本每兩秒檢測,檢測到nginx關閉而開啓了nginx
2.server1:
mv /usr/local/lnmp/nginx/ /mnt/
/etc/init.d/keepalived start
真機web:
www.westos.org ##可以正常訪問,因爲keepalived在server1中被停止運行後由備機server4接管
