溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
lvs+keepalived是什么?
keepalived工作原理
keepalived是集群管理中保證集群高可用的一個服務軟件,其功能類似于heartbeat,用來防止單點故障。 keepalived是以VRRP協議為實現基礎的,VRRP全稱Virtual Router Redundancy Protocol,即虛擬路由冗余協議。 虛擬路由冗余協議,可以認為是實現路由器高可用的協議,即將N臺提供相同功能的路由器組成一個路由器組,這個組里面有一個master和多個backup,master上面有一個對外提供服務的vip(該路由器所在局域網內其他機器的默認路由為該vip),master會發組播,當backup收不到vrrp包時就認為master宕掉了,這時就需要根據VRRP的優先級來選舉一個backup當master。這樣的話就可以保證路由器的高可用了。
LVS簡介
LVS是Linux Virtual Server的簡寫,意即Linux虛擬服務器,是一個虛擬的服務器集群系統。本項目在1998年5月由章文嵩博士成立,是中國國內最早出現的自由軟件項目之一。目前有三種IP負載均衡技術(VS/NAT、VS/TUN和VS/DR),十種調度算法。
本文重點給大家介紹Linux利用keepalived實現lvs的高可用性的操作方法,感興趣的朋友參考下吧。
單主模型IPVS示例
配置keepalive
高可用的ipvs集群示例:修改keepalived配置文件
修改主機:192.168.234.27的keepalived配置文件
[root@234c27 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost //接受郵件地址
}
notification_email_from keepalived@localhost //發送郵件地址
smtp_server 127.0.0.1 //發送郵件服務器IP
smtp_connect_timeout 30 //郵件連接超時時長
router_id kptwo //路由id
vrrp _mcast_group4 234.10.10.10 //指定vrrp協議的多播地址
}
vrrp_instance VI_1 { //vrrp協議的
state MASTER //lvs的MASTER服務器
interface ens37 //
virtual_router_id 50 //虛擬路由
priority 100 //權重為100.越大越先
advert_int 1 //發送組博包的間隔
authentication { //驗證
auth_type PASS //方式為pass( 明文)
auth_pass 1111 //密碼
}
virtual_ipaddress { //keepalived虛擬ip
10.0.0.100/24
}
}
virtual_server 10.0.0.100 80 {
delay_loop 6 //檢查后端服務器的時間間隔
lb_algo wrr //定義調度方法
lb_kind DR //集群的類型
#persistence_timeout 50 //持久連接時長
protocol TCP //服務協議,僅支持TCP
real_server 192.168.234.47 80 { //后端real_server服務器地址
weight 1 //權重
HTTP_GET { //應用層檢測
url {
path / //定義要監控的URL
status_code 200 //判斷上述檢測機制為健康狀態的響應碼
}
connect_timeout 3 //連接請求的超時時長
nb_get_retry 3 //重試次數
delay_before_retry 3 //重試之前的延遲時長
}
}
real_server 192.168.234.57 80 {
weight 2
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
修改主機:192.168.234.37的keepalived配置文件
[root@234c37 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id kptwo
vrrp _mcast_group4 234.10.10.10
}
vrrp_instance VI_1 {
state BACKUP
interface ens37
virtual_router_id 50
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.100/24
}
}
virtual_server 10.0.0.100 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 50
protocol TCP
sorry_server 127.0.0.1:80
real_server 192.168.234.47 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.234.57 80 {
weight 2
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
查看keepalived
[root@234c37 ~]# systemctl status keepalived ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: inactive (dead) ………… [root@234c37 ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn //暫無ipvsadm
啟動服務
[root@234c27 keepalived]# systemctl start keepalived.service [root@234c27 keepalived]# systemctl status keepalived.service ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since Fri 2018-08-31 20:30:02 CST; 12s ago Process: 9657 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 9658 (keepalived) ……………… [root@234c27 keepalived]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 10.0.0.100:80 wrr -> 192.168.234.47:80 Route 1 0 0 -> 192.168.234.57:80 Route 2 0 0 //啟動服務lvs vs已配置好
后端real_server準備
增加ip在網卡上 修改限制arp通告及應答級別 rs1 rs2都做,網關并指向路由
ip a a 10.0.0.100/32 dev ens37 echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce route add default gw 192.168.234.17
安裝httpd服務 寫好網頁文件
啟動服務
image
多主模型IPVS示例
配置keepalive
高可用的ipvs集群示例:修改keepalived配置文件
修改主機:192.168.234.27的keepalived配置文件
[root@234c27 keepalived]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id kpone
vrrp _mcast_group4 234.10.10.10
}
vrrp_instance VI_1 {
state MASTER
interface ens37
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.100/24
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens37
virtual_router_id 51
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 2222
}
virtual_ipaddress {
10.0.0.200/24
}
}
virtual_server 10.0.0.100 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 50
protocol TCP
#sorry_server 127.0.0.1:80
real_server 192.168.234.47 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 10.0.0.200 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 50
protocol TCP
#sorry_server 127.0.0.1:80
real_server 192.168.234.57 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
修改主機:192.168.234.37的keepalived配置文件
[root@234c37 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id kptwo
vrrp _mcast_group4 234.10.10.10
}
vrrp_instance VI_1 {
state BACKUP
interface ens37
virtual_router_id 50
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.100/24
}
}
vrrp_instance VI_2 {
state MASTER
interface ens37
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 2222
}
virtual_ipaddress {
10.0.0.200/24
}
}
virtual_server 10.0.0.100 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 50
protocol TCP
#sorry_server 127.0.0.1:80
real_server 192.168.234.47 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 10.0.0.200 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 50
protocol TCP
#sorry_server 127.0.0.1:80
real_server 192.168.234.57 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
讓10.0.0.100的ip優先分配至192.168.234.47 192.168.234.57備用
讓10.0.0.200的ip優先分配至192.168.234.57 192.168.234.47備用
后端real_server準備
修改192.168.234.57的vip為10.0.0.200/32
[root@234c27 keepalived]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 10.0.0.100:80 wrr -> 192.168.234.47:80 Route 1 0 0 TCP 10.0.0.200:80 wrr -> 192.168.234.57:80 Route 1 0 0
現在宕掉一個lvs
[root@234c27 keepalived]# systemctl stop keepalived.service [root@234c27 keepalived]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn
依然提供服務
[root@234c37 ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 10.0.0.100:80 wrr -> 192.168.234.47:80 Route 1 0 21 TCP 10.0.0.200:80 wrr -> 192.168.234.57:80 Route 1 0 39
后一個實現基于前一個的基礎上修改來的
假設要實現sorry_server
1.把rs服務都停掉。然后在lvs上安裝apache或者nginx服務
2.將keepalived配置文件中的
virtual_server 10.0.0.200 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 50
protocol TCP
#sorry_server 127.0.0.1:80 //這一行來修改 寫出服務出錯之后的頁面
real_server 192.168.234.57 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
