規劃:啓用4臺主機:高可用節點:HA1、HA2 、RS1 、RS2
地址劃分:172.16.173.10、172.16.173.11、172.16.173.13、172.16.173.14、172.16.173.1(虛擬主機ip)
1、配置主機名,保持主機名一致
# hostname lzl01 暫時性的 # vim /etc/sysconfig/network ##修改如下: HOSTNAME=lzl01#當然HA2上要改爲lzl02 :wq #保存退出 # vim /etc/hosts 可以配置主機的別名及主機名解析
2、實現時間同步(如果時間相差太多也會出現錯誤)
[root@lzl02 ~]# service ntpd stop [root@lzl02 ~]# chkconfig ntpd off 關閉自啓動服務 [root@lzl02 ~]# ntpdate 172.16.0.1 與服務器同步時間 [root@lzl02 ~]# date 可以使用命令來實現,防止時間再次錯亂(因爲使用的虛擬機顯示的,所以掛起可能會影響實驗) */5 * * * * /sbin/ntpdate 172.16.0.1 &> /dev/null每5分鐘同步時間 [root@lzl02 ~]# scp /var/spool/cron/root lzl01:/var/spool/cron/複製到另一主機 root@lzl01 ~]# crontab -l查看所寫規則如存在規則,則需刪除,以免影響實驗
3、實現雙機互信
#ssh-keygen -t rsa -f ~/.ssh/id_rsa -P '' 生成密鑰 #ssh-copy-id -i .ssh/id_rsa.pub root@node2 ##將公鑰文件發送到HA2上邊
4、配置yum源並下載
http://407711169.blog.51cto.com/6616996/1179601[1] ## 此處前邊是一個配置yum的例子
安裝配置HA的keepalived工具及負載均衡管理工具ipvsadm
下載好 keepalived-1.2.7-5.el5.i386.rpm
lftp 172.16.0.1:/pub/Sources/keepalived> get keepalived-1.2.7-5.el5.i386.rpm下載軟件rpm包(此處僅演示,此ftp及yum源均是私有的,不可用。)
[root@lzl02 ~]# yum -y --nogpgcheck localinstall keepalived-1.2.7-5.el5.i386.rpm安裝rpm包 在另一個節點上安裝 [root@lzl02 ~]# cd /etc/keepalived/ [root@lzl02 keepalived]# ls查看配置文件
5、在RS1、RS2上安裝httpd服務
# yum install httpd –y # vim /var/www/html/index.html ###添加如下內容 172.16.173.*(本機ip) # service httpd start##開啓服務
這個時候可以打開瀏覽器輸入下172.16.173.13 和172.16.173.14來測試下界面
6、設置負載均衡集羣
這裏只需要在各個RS節點中運行下如下的腳本,就可以了。(當然如果不怕麻煩的同學可以手動添加,內容和腳本start中的內容一致)
# vim start.sh創建腳本
添加如下內容
#!/bin/bash # # Script to start LVS DR real server. # description: LVS DR real server # ./etc/rc.d/init.d/functions VIP=172.16.173.1(此腳本僅需要修改此處,改爲自己設置的虛擬主機 ip) host=`/bin/hostname` case "$1" in start)##手動添加只需要進行下邊的操作 # Start LVS-DR real server on this machine. /sbin/ifconfig lo down /sbin/ifconfig lo up echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore #定義接收到ARP請求時的響應級別 echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce #設置地址向外通告時的級別 echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up定義廣播地址爲自播模式 /sbin/route add -host $VIP dev lo:0##定義主機爲172.16.111.1的地址使用lo:0爲源地址##手動添加操作到此 ;; stop) # Stop LVS-DR real server loopback device(s). /sbin/ifconfig lo:0 down echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce ;; status) # Status of LVS-DR real server. islothere=`/sbin/ifconfig lo:0 | grep $VIP` isrothere=`netstat -rn | grep "lo:0" | grep $VIP` if [ ! "$islothere" -o ! "isrothere" ];then # Either the route or the lo:0 device # not found. echo "LVS-DR real server Stopped." else echo "LVS-DR real server Running." fi ;; *) # Invalid entry. echo "$0: Usage: $0 {start|status|stop}" exit 1 ;; esac
:wq#保存退出
# chmod +x start.sh 賦予執行權限
# ./start.sh start #執行腳本
7、編輯keepalived的配置文件
: # vim /etc/ keepalived/ keepalived.conf
然後複製到另外個虛擬機中,只需改動兩處地方
##記得改state改爲BACKUP ##將priority 改爲100 Yum安裝ipvsadm查看信息 # yum install ipvsadm -y然後開啓服務: # service ipvsadm start
注:此處有可能影響服務的啓動:
[RS端的設置:
(同樣兩個在兩個RS分別執行)
關掉selinux
# setenforce 0
或者
# vim /etc/selinux/config
##修改
SELINUX=permissive]
打開網頁輸入172.16.173.1查看
實現WEB的高可用
我們直接在上邊實驗過程中的兩個HA上做修改。
先關掉keepalived服務
打開網頁測試下兩個頁面
這個時候我們需要去配置keepalived的配置文件
主從節點的配置
配置keepalived配置文件
! Configuration File for keepalived global_defs { notification_email { [email protected] [email protected] } notification_email_from [email protected] smtp_connect_timeout 3 smtp_server 127.0.0.1 router_id LVS_DEVEL } vrrp_script chk_httpd { script "killall -0 httpd" interval 2 # check every 2 seconds weight -2 # if failed, decrease 2 of the priority fall 2 # require 2 failures for failures rise 1 # require 1 sucesses for ok } vrrp_script chk_schedown { script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0" interval 2 weight -2 } vrrp_instance VI_1 { interface eth0 # interface for inside_network, bound by vrrp state MASTER # Initial state, MASTER|BACKUP # As soon as the other machine(s) come up, # an election will be held and the machine # with the highest "priority" will become MASTER. # So the entry here doesn't matter a whole lot. priority 101 # for electing MASTER, highest priority wins. # to be MASTER, make 50 more than other machines. virtual_router_id 51 # arbitary unique number 0..255 # used to differentiate multiple instances of vrrpd # running on the same NIC (and hence same socket). garp_master_delay 1 authentication { auth_type PASS auth_pass password } track_interface { eth0 } # optional, monitor these as well. # go to FAULT state if any of these go down. virtual_ipaddress { 172.16.173.1/16 dev eth0 label eth0:0 } #addresses add|del on change to MASTER, to BACKUP #With the same entries on other machines, #the opposite transition will be occuring. #<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL> track_script { chk_httpd chk_schedown } notify_master "/etc/keepalived/notify.sh master" notify_backup "/etc/keepalived/notify.sh backup" notify_fault "/etc/keepalived/notify.sh fault" } #vrrp_instance VI_2 { #interface eth0 #state MASTER# BACKUP for slave routers #priority 101# 100 for BACKUP #virtual_router_id 52 #garp_master_delay 1 # #authentication { #auth_type PASS #auth_pass password #} #track_interface { #eth0 #} #virtual_ipaddress { #172.16.100.2/16 dev eth0 label eth0:1 #} #track_script { #chk_haproxy #chk_mantaince_down #} # #notify_master "/etc/keepalived/notify.sh master eth0:1" #notify_backup "/etc/keepalived/notify.sh backup eth0:1" #notify_fault "/etc/keepalived/notify.sh fault eth0:1" #}
此腳本中所要修改的不是很多只需要修改啓動的服務名稱(本次實驗的爲http服務),在修改notify.sh腳本中的所要啓動的服務名稱
然後將其複製到節點HA2中
[root@lzl01 keepalived]# scp keepalived.conf notify.sh lzl02:/etc/keepalived/ keepalived.conf 100% 2805 2.7KB/s 00:00 notify.sh 100% 777 0.8KB/s
並修改其中的主從節點設置選項
state MASTER##改爲BUCKUP (從節點)
priority 101##優先級改爲100
分別在兩邊開啓服務開啓服務。
# service keepalived start 這時候查看一下網卡信息 # ip addr show
可以看出來網卡172.16.173.1已經在網卡eth0:0上了
打開網頁輸入172.16.111.1查看
可以發現確實在節點HA1上
這個時候我們可以仿照HA1服務故障:(配置文件中可以留意在其文件中創建一個down文件可以模擬其服務故障,還有一種方式可以實現,關閉http服務,但本機中notify.sh腳本中設置的爲關閉服務後會重啓,所以不可實現。)
注:以上幾張圖片忘記做標記了,請仔細看他們的主機名字的變化
然後打開網頁測試下:
顯然已經變成了HA2的http頁面
大家可以繼續做測試,刪掉dwon文件(但由於ha1的優先級高,所以會搶佔過來節點)