keepalived结合LVS配合使用
- 1、后端nfs存储提供项目文件
- 2、后端nfs上集中安装MySQL,共用数据库
- 3、业务服务器通过LNMP正常部署wordpress博客,客户端通过DNS解析可正常访问
- 4、所有业务服务器上修改arp参数、配置VIP
- 5、配置keepalived实现LVS高可用
-
- [5.1 keepalived结合LVS的作用](#5.1 keepalived结合LVS的作用)
- [5.2 在负载均衡器上安装keepalived](#5.2 在负载均衡器上安装keepalived)
- [5.3 编辑keepalived配置文件](#5.3 编辑keepalived配置文件)
- [5.4 启动keepalived服务,查看验证](#5.4 启动keepalived服务,查看验证)
- [5.5 测试通过VIP访问业务](#5.5 测试通过VIP访问业务)
1、后端nfs存储提供项目文件
2、后端nfs上集中安装MySQL,共用数据库
3、业务服务器通过LNMP正常部署wordpress博客,客户端通过DNS解析可正常访问
4、所有业务服务器上修改arp参数、配置VIP
bash
[root@web01 ~]# vim /etc/sysctl.conf
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
[root@web01 ~]# sysctl -p
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
bash
[root@web01 ~]# ip addr add dev lo 192.168.140.100/32
[root@web01 ~]# ip addr show lo
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.140.100/32 scope global lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
5、配置keepalived实现LVS高可用
5.1 keepalived结合LVS的作用
1、自动生成负载均衡规则(虚拟服务、后端real server)
2、实现lvs负载均衡器的高可用
3、对后端业务服务器有健康状态检查功能
5.2 在负载均衡器上安装keepalived
bash
[root@master_lvs ~]# yum install -y keepalived ipvsadm
5.3 编辑keepalived配置文件
主调度器的配置
bash
[root@master_lvs ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id master_lvs
}
vrrp_instance blog { // keepalived虚拟组名
state MASTER // 状态
interface ens33 // 在哪块网卡配置VIP
virtual_router_id 51 // 虚拟组ID
priority 100 // 优先级
advert_int 1 // 心跳间隔,单位秒
authentication {
auth_type PASS
auth_pass redhat
}
virtual_ipaddress {
192.168.140.100
}
}
virtual_server 192.168.140.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 300
protocol TCP
real_server 192.168.140.12 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.140.13 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
从调度器的配置
bash
[root@slave_lvs ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id slave_lvs
}
vrrp_instance blog {
state BACKUP // BACKUP代表从状态
interface ens33
virtual_router_id 51
priority 50 // 低优先级
advert_int 1
authentication {
auth_type PASS
auth_pass redhat
}
virtual_ipaddress {
192.168.140.100
}
}
virtual_server 192.168.140.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 300
protocol TCP
real_server 192.168.140.12 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.140.13 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
5.4 启动keepalived服务,查看验证
bash
[root@master_lvs ~]#
[root@master_lvs ~]# systemctl enable --now keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@master_lvs ~]#
[root@slave_lvs ~]# systemctl enable --now keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@slave_lvs ~]#
分别在主、备调度上查看LVS负载均衡规则
bash
[root@master_lvs ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.140.100:80 rr persistent 300
-> 192.168.140.12:80 Route 1 0 0
-> 192.168.140.13:80 Route 1 0 0
bash
[root@slave_lvs ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.140.100:80 rr persistent 300
-> 192.168.140.12:80 Route 1 0 0
-> 192.168.140.13:80 Route 1 0 0
正常情况下,只有主调度上会出现VIP,客户端所有的流量从主经过
bash
[root@master_lvs ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:cc:6b:2f brd ff:ff:ff:ff:ff:ff
inet 192.168.140.10/24 brd 192.168.140.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.140.100/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fecc:6b2f/64 scope link
valid_lft forever preferred_lft forever
5.5 测试通过VIP访问业务
修改解析
bash
C:\Users\admin>ping blog.linux.com
正在 Ping blog.linux.com [192.168.140.100] 具有 32 字节的数据:
来自 192.168.140.100 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.140.100 的回复: 字节=32 时间<1ms TTL=64
将主调度停掉,在从调度上查看VIP
bash
[root@slave_lvs ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:29:e5:43 brd ff:ff:ff:ff:ff:ff
inet 192.168.140.11/24 brd 192.168.140.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.140.100/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe29:e543/64 scope link
valid_lft forever preferred_lft forever