Keepalived+LVS(DR)部署高可用Web集群
集群环境
| 主机 | 角色 | 服务 |
|---|---|---|
| 192.168.110.134 | MASTER | Keepalived |
| 192.168.110.137 | BACKUP | Keepalived |
| 192.168.110.136 | Real server1 | HTTPD |
| 192.168.110.145 | Real server2 | HTTPD |
MASTER配置
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_BACKUP
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.110.252
}
}
virtual_server 192.168.110.252 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.110.136 80 {
weight 1
TCP_CHECK {
retry 3
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
conncet_port 80
}
}
real_server 192.168.110.136 80 {
weight 1
TCP_CHECK {
retry 3
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
conncet_port 80
}
}
}
}
BACKUP配置
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_BACKUP
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens160
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.110.252
}
}
virtual_server 192.168.110.252 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.110.136 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.110.145 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
connect_port 80
}
}
}
}
检查Virtual IP是否漂移
[root@keepalived ~]# ip addr| grep "252"
inet 192.168.110.252/32 scope global ens33
[root@localhost ~]# ip addr| grep "252"
[root@localhost ~]#
#关闭服务Keepalived-MASTER
[root@keepalived ~]# systemctl stop keepalived.service
[root@keepalived ~]# ip addr| grep "252"
[root@keepalived ~]#
[root@localhost ~]# ip addr| grep "252"
inet 192.168.110.252/32 scope global ens160
IPVS检查
前提下载ipvsadm
MASTER
[root@keepalived ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.110.252:80 wrr persistent 50
-> 192.168.110.136:80 Route 1 0 0
-> 192.168.110.145:80 Route 1 0 0
BACKUP
[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.110.252:80 wrr persistent 50
-> 192.168.110.136:80 Route 1 0 0
-> 192.168.110.145:80 Route 1 0 0
Real Server配置
#将VIP绑定至环回网卡
[root@webserver ~]# ifconfig lo:eth1 192.168.110.252 netmask 255.255.255.255 up
#ARP抑制
[root@webserver ~]# echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@webserver ~]# echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@webserver ~]# route add -host 192.168.110.252 dev lo
附上个人写的小脚本
#!/bin/bash
read -p "Enter the Virtual IP : " vip
ifconfig lo:eth1 $vip netmask 255.255.255.255 up
if [ $? -eq 0 ]
then
echo -e "\033[32m OK \033[0m"
else
echo -e "\033[31m Failed \033[0m"
fi
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
if [ $? -eq 0 ]
then
echo -e "\033[32m OK \033[0m"
else
echo -e "\033[31m Failed \033[0m"
fi
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
if [ $? -eq 0 ]
then
echo -e "\033[32m OK \033[0m"
else
echo -e "\033[31m Failed \033[0m"
fi
route add -host $vip dev lo
if [ $? -eq 0 ]
then
echo -e "\033[32m OK \033[0m"
else
echo -e "\033[31m Failed \033[0m"
fi
大家可以根据自己需要做调整。文章来源:https://www.toymoban.com/news/detail-663564.html
测试
停用Real Server某一台的Apache服务
#在Master上动态监测
[root@keepalived ~]# watch -n 0.5 ipvsadm -ln
#RS
[root@docker ~]# systemctl stop httpd
这里效果需要自己方能看出来。文章来源地址https://www.toymoban.com/news/detail-663564.html
停用Master上的keepalived检测Backup是否接管资源
#停用前
C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145
C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145
#停用后
[root@keepalived ~]# systemctl stop keepalived.service
C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145
C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145
[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.110.252:80 wrr persistent 50
-> 192.168.110.136:80 Route 1 0 0
-> 192.168.110.145:80 Route 1 0 5
#可以看出来资源被接管后145被访问了5此
到了这里,关于Keepalived+LVS部署高可用集群的文章就介绍完了。如果您还想了解更多内容,请在右上角搜索TOY模板网以前的文章或继续浏览下面的相关文章,希望大家以后多多支持TOY模板网!
