keepalived+LVS
keepalived :
1、vrrp协议在Linux主机上以守护进程方式的实现;
SRE实战 互联网时代守护先锋,助力企业售后服务体系运筹帷幄!一键直达领取阿里云限量特价优惠。2、能够根据配置文件自动生成ipvs规则;
3、对各real server做健康检测;
vrrp: 虚拟路由冗余协议,当主机的下一跳出现故障时,由另一台路由器来代替出现故障的路由器进行工作;
虚拟路由器:由一个master路由器和多个Backup路由器组成,主机将虚拟路由器当作默认网关。
实验 : keepalived+LVS
MASTER:192.168.10.10 directory1 MASTER
BACKUP: 192.168.10.20 dirtrectory2 BACKUP
real server1:192.168.10.30
real server2:192.168.10.40
real server1、real server2 做为两台web服务器,进行测试,安装httpd,并配置
real server1:echo "192.168.10.30 real server111" > /var/www/html/index.html
real server2:echo "192.168.10.40 real server222" > /var/www/html/index.html
real server1、real server2 执行脚本如下(跟上start or stop):
#!/bin/bash
case $1 in
start)
ifconfig lo:0 192.168.10.100 netmask 255.255.255.255 broadcast 192.168.10.100 up
route add -host 192.168.10.100/32 dev lo:0
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
;;
stop)
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
;;
*)
echo -e "input: \033[4;31mstart | stop\033[0m"
;;
esac
MASTER :
]# yum -y install keepalived
]# yum -y install ipvsadm
]# cp /etc/keepalived/keepalived.conf{,.bak}
]# vim /etc/keepalived/keepalived.con
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost #设置报警邮箱,收件人邮箱,可以设置多个,每行一个
}
notification_email_from keepalived@localhost #发件人邮箱@
smtp_server 127.0.0.1 #邮件服务器地址
smtp_connect_timeout 30 #设置连接邮件服务器的超时时间
router_id LVS_DEVEL #运行keepalived服务器的一个标识
# vrrp_skip_check_adv_addr
# vrrp_strict #这个必须的注释掉,不然主机ping不通vip,无法实现调度
# vrrp_garp_interval 0
# vrrp_gna_interval 0
}
#健康检测
vrrp_script chk_test #定义名称
{
script "/etc/keepalived/test.sh" #定义的这个脚本,会在后面的配置文件中调用
interval 1 #间隔多少秒探测一次
weight -2 #触发这个脚本权重-2
}
vrrp_instance VI_1 {
state MASTER #MASTER表示主服务器,BACKUP表示备用服务器。
interface ens33 #网卡名称
virtual_router_id 51 #虚拟路由标识,0-255,同一个vrrp实例使用唯一的标识,即同一个vrrp_instance下,MASTER和BACKUP必须是一致的(针对本机)
priority 100 #定义优先级,数字越大,优先级越高,在一个vrrp_instance下,MASTER的优先级必须大于BACKUP的优先级
advert_int 1 #设定MASTER和BACKUP负载均衡之间同步检查的时间间隔,单位秒
authentication {
auth_type PASS #设定验证类型,主要由PASS和AH两种
auth_pass 1111 #设置验证密码,在一个vrrp_instance下,MASTER和BACKUP必须使用相同的密码才能正常通信
}
virtual_ipaddress { #设置vip地址,可以设置多个vip,每行一个
192.168.10.100/32
}
track_script { #调用上面定义的脚本
chk_test
}
#健康状态检测 : 外面定义对应的脚本,往后看
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/krrpalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
#虚拟服务器定义部分
virtual_server 192.168.10.100 80 { #设置虚拟服务器。需要指定的vip和服务器端口,IP和端口之间用空格隔开
delay_loop 6 #健康检测状态时间,单位秒
lb_algo rr #设置调度算法,rr,轮询
lb_kind DR #设置LVS实现负载均衡的机制,有NAT、TUN和DR三个模式
persistence_timeout 50
#会话保持时间,单位是秒,这个选项对于动态网页是非常有用的,为集群系统中session共享提供了一个很好的解决方案。有了这个会话保持功能,用户的请求会被一直分发到某个服务节点,直到超过这个会话保持时间。需要注意的是,这个会话保持时间,是最大无响应超时时间,也就是说用户在操作动态页面时,如果在50秒内没有执行任何操作,那么接下来的操作会被分发到另外节点,但是如果一直在操作动态页面,则不受50秒的时间限制。0为不可用
protocol TCP #指定转发协议类型,有TCP和UDP两种
sorry_server 127.0.0.1 80 #当后端realserver全挂掉之后,directory可以将本地的页面提供上去,提示友好界面,如:服务器正在维护……
real_server 192.168.10.30 80 {
weight 1
#配置服务节点的权值,权值大小用数字表示,数字越大,权值越高,设置权值的大小可以为不同性能的服务器分配不同的负载,可以对性能高的服务器设置较高的权值,而对性能较低的服务器设置相对较低的权值,这样就合理的利用和分配了系统资源
HTTP_GET {
url {
path / #请求地址为/ ,也就是/index.html或者index.php
status_code 200 #返回状态吗为200表示为OK
}
connect_timeout 3 #连接超时时长,3秒无响应超时
nb_get_retry 3 #重试次数
delay_before_retry 3 #重试间隔
}
}
real_server 192.168.0.40 80 { #配置 realserver2
weight 10
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
文件接下来用不到的部分全部注释 :.,$s@^@#@g
]# vim /etc/keepalived/test.sh #在/etc/keepalived/ 下面创建down文件,就可以实现,不关闭keepalived,实现 vip 切换
#!/bin/bash [[ -f /etc/keepalived/down ]] && exit 1 || exit 0
]# vim /etc/keepalived/notify.sh
#!/bin/bash
vip=192.168.10.100
contact='root@localhost'
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %T'`: vrrp transition,`hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
master)
notify master
exit 0
;;
backup)
notify backup
exit 0
;;
fault)
notify fault
exit 0
;;
*)
echo 'Usage:`basename $0` {master|backup|fault}'
exit 1
;;
esac
配置sorry_server的页面
]# yum -y install httpd
]# echo "页面维护中 sorry ......" > /var/www/html/index.html
BACKUP
重复上面MASTER步骤,不过/etc/keepalived/keepalived.conf 中有地方要改
]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
# vrrp_skip_check_adv_addr
# vrrp_strict
# vrrp_garp_interval 0
# vrrp_gna_interval 0
}
vrrp_script chk_test
{
script "/etc/keepalived/test.sh"
interval 1
weight -2
}
vrrp_instance VI_1 {
state BACKUP ########改成BACKUP
interface ens33
virtual_router_id 51
priority 99 ##########优先级 改一下
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.100/32
}
track_script {
chk_test
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/krrpalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 192.168.10.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.10.30 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.10.40 80 {
weight 10
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
]# systemctl start keepalived
]# ip addr show
[root@node1 keepalived]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:6e:e0:96 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.10/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.100/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6e:e096/64 scope link
valid_lft forever preferred_lft forever
如果在MASTER这边停掉keepalived ,或者在/etc/keepalived/ touch一个down文件(因为前面配置中加载了自定义的脚本), 都能够是的192.168.10.100这个虚拟IP切换到BACKUP主机
#LVS 的规则会自动添加
[root@node1 keepalived]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.10.100:80 rr
-> 192.168.10.30:80 Route 1 0 0
-> 192.168.10.40:80 Route 1 0 0
轮询效果
[root@node1 keepalived]# curl 192.168.10.100
192.168.10.30 real server111
[root@node1 keepalived]# curl 192.168.10.100
192.168.10.40 real server222
[root@node1 keepalived]# curl 192.168.10.100
192.168.10.30 real server111
[root@node1 keepalived]# curl 192.168.10.100
192.168.10.40 real server222
