規劃:啓用4臺主機:高可用節點:HA1、HA2 、RS1 、RS2
地址劃分:172.16.173.10、172.16.173.11、172.16.173.13、172.16.173.14、172.16.173.1(虛擬主機ip)
1、配置主機名,保持主機名一致
# hostname lzl01 暫時性的 # vim /etc/sysconfig/network ##修改如下: HOSTNAME=lzl01#當然HA2上要改爲lzl02 :wq #保存退出 # vim /etc/hosts 可以配置主機的別名及主機名解析
2、實現時間同步(如果時間相差太多也會出現錯誤)
[root@lzl02 ~]# service ntpd stop [root@lzl02 ~]# chkconfig ntpd off 關閉自啓動服務 [root@lzl02 ~]# ntpdate 172.16.0.1 與服務器同步時間 [root@lzl02 ~]# date 可以使用命令來實現,防止時間再次錯亂(因爲使用的虛擬機顯示的,所以掛起可能會影響實驗) */5 * * * * /sbin/ntpdate 172.16.0.1 &> /dev/null每5分鐘同步時間 [root@lzl02 ~]# scp /var/spool/cron/root lzl01:/var/spool/cron/複製到另一主機 root@lzl01 ~]# crontab -l查看所寫規則如存在規則,則需刪除,以免影響實驗
3、實現雙機互信
#ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' 生成密鑰 #ssh-copy-id -i .ssh/id_rsa.pub root@node2 ##將公鑰文件發送到HA2上邊
4、配置yum源並下載
http://407711169.blog.51cto.com/6616996/1179601[1] ## 此處前邊是一個配置yum的例子
安裝配置HA的keepalived工具及負載均衡管理工具ipvsadm
下載好 keepalived-1.2.7-5.el5.i386.rpm
lftp 172.16.0.1:/pub/Sources/keepalived> get keepalived-1.2.7-5.el5.i386.rpm下載軟件rpm包(此處僅演示,此ftp及yum源均是私有的,不可用。)
[root@lzl02 ~]# yum -y --nogpgcheck localinstall keepalived-1.2.7-5.el5.i386.rpm安裝rpm包 在另一個節點上安裝 [root@lzl02 ~]# cd /etc/keepalived/ [root@lzl02 keepalived]# ls查看配置文件
5、在RS1、RS2上安裝httpd服務
# yum install httpd –y # vim /var/www/html/index.html ###添加如下內容 172.16.173.*(本機ip) # service httpd start##開啓服務
這個時候可以打開瀏覽器輸入下172.16.173.13 和172.16.173.14來測試下界面
6、設置負載均衡集羣
這裏只需要在各個RS節點中運行下如下的腳本,就可以了。(當然如果不怕麻煩的同學可以手動添加,內容和腳本start中的內容一致)
# vim start.sh創建腳本
添加如下內容
#!/bin/bash
#
# Script to start LVS DR real server.
# description: LVS DR real server
#
./etc/rc.d/init.d/functions
VIP=172.16.173.1(此腳本僅需要修改此處,改爲自己設置的虛擬主機 ip)
host=`/bin/hostname`
case "$1" in
start)##手動添加只需要進行下邊的操作
# Start LVS-DR real server on this machine.
/sbin/ifconfig lo down
/sbin/ifconfig lo up
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore #定義接收到ARP請求時的響應級別
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce #設置地址向外通告時的級別
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up定義廣播地址爲自播模式
/sbin/route add -host $VIP dev lo:0##定義主機爲172.16.111.1的地址使用lo:0爲源地址##手動添加操作到此
;;
stop)
# Stop LVS-DR real server loopback device(s).
/sbin/ifconfig lo:0 down
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
# Status of LVS-DR real server.
islothere=`/sbin/ifconfig lo:0 | grep $VIP`
isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
if [ ! "$islothere" -o ! "isrothere" ];then
# Either the route or the lo:0 device
# not found.
echo "LVS-DR real server Stopped."
else
echo "LVS-DR real server Running."
fi
;;
*)
# Invalid entry.
echo "$0: Usage: $0 {start|status|stop}"
exit 1
;;
esac:wq#保存退出
# chmod +x start.sh 賦予執行權限
# ./start.sh start #執行腳本
7、編輯keepalived的配置文件
: # vim /etc/ keepalived/ keepalived.conf
然後複製到另外個虛擬機中,只需改動兩處地方
##記得改state改爲BACKUP ##將priority 改爲100 Yum安裝ipvsadm查看信息 # yum install ipvsadm -y然後開啓服務: # service ipvsadm start
注:此處有可能影響服務的啓動:
[RS端的設置:
(同樣兩個在兩個RS分別執行)
關掉selinux
# setenforce 0
或者
# vim /etc/selinux/config
##修改
SELINUX=permissive]
打開網頁輸入172.16.173.1查看
實現WEB的高可用
我們直接在上邊實驗過程中的兩個HA上做修改。
先關掉keepalived服務
打開網頁測試下兩個頁面
這個時候我們需要去配置keepalived的配置文件
主從節點的配置
配置keepalived配置文件
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_httpd {
script "killall -0 httpd"
interval 2
# check every 2 seconds
weight -2
# if failed, decrease 2 of the priority
fall 2
# require 2 failures for failures
rise 1
# require 1 sucesses for ok
}
vrrp_script chk_schedown {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 2
weight -2
}
vrrp_instance VI_1 {
interface eth0
# interface for inside_network, bound by vrrp
state MASTER
# Initial state, MASTER|BACKUP
# As soon as the other machine(s) come up,
# an election will be held and the machine
# with the highest "priority" will become MASTER.
# So the entry here doesn't matter a whole lot.
priority 101
# for electing MASTER, highest priority wins.
# to be MASTER, make 50 more than other machines.
virtual_router_id 51
# arbitary unique number 0..255
# used to differentiate multiple instances of vrrpd
# running on the same NIC (and hence same socket).
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
# optional, monitor these as well.
# go to FAULT state if any of these go down.
virtual_ipaddress {
172.16.173.1/16 dev eth0 label eth0:0
}
#addresses add|del on change to MASTER, to BACKUP
#With the same entries on other machines,
#the opposite transition will be occuring.
#<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL>
track_script {
chk_httpd
chk_schedown
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
#vrrp_instance VI_2 {
#interface eth0
#state MASTER# BACKUP for slave routers
#priority 101# 100 for BACKUP
#virtual_router_id 52
#garp_master_delay 1
#
#authentication {
#auth_type PASS
#auth_pass password
#}
#track_interface {
#eth0
#}
#virtual_ipaddress {
#172.16.100.2/16 dev eth0 label eth0:1
#}
#track_script {
#chk_haproxy
#chk_mantaince_down
#}
#
#notify_master "/etc/keepalived/notify.sh master eth0:1"
#notify_backup "/etc/keepalived/notify.sh backup eth0:1"
#notify_fault "/etc/keepalived/notify.sh fault eth0:1"
#}此腳本中所要修改的不是很多只需要修改啓動的服務名稱(本次實驗的爲http服務),在修改notify.sh腳本中的所要啓動的服務名稱
然後將其複製到節點HA2中
[root@lzl01 keepalived]# scp keepalived.conf notify.sh lzl02:/etc/keepalived/ keepalived.conf 100% 2805 2.7KB/s 00:00 notify.sh 100% 777 0.8KB/s
並修改其中的主從節點設置選項
state MASTER##改爲BUCKUP (從節點)
priority 101##優先級改爲100
分別在兩邊開啓服務開啓服務。
# service keepalived start 這時候查看一下網卡信息 # ip addr show
可以看出來網卡172.16.173.1已經在網卡eth0:0上了
打開網頁輸入172.16.111.1查看
可以發現確實在節點HA1上
這個時候我們可以仿照HA1服務故障:(配置文件中可以留意在其文件中創建一個down文件可以模擬其服務故障,還有一種方式可以實現,關閉http服務,但本機中notify.sh腳本中設置的爲關閉服務後會重啓,所以不可實現。)
注:以上幾張圖片忘記做標記了,請仔細看他們的主機名字的變化
然後打開網頁測試下:
顯然已經變成了HA2的http頁面
大家可以繼續做測試,刪掉dwon文件(但由於ha1的優先級高,所以會搶佔過來節點)
