LVS+Keepalived實現高可用負載均衡

概述html

隨着近年來互聯網的快速發展;而衆多須要提供給用戶訪問的WEB服務器,必須保證天天24小時不間斷的提供服務,隨着訪問量的增長,又有哪些好的WEB構架能實現高可用負載均衡,並且又是免費的呢?答案是確定是有了,而這種架構就是LVS+Keepalived
web

Keepalived簡介算法

什麼是Keepalived:keepalived能夠實現服務的高可用或熱備,用來防止單點故障的問題;而Keepalived的核心VRRP協議,VRRP協議主要實現了在路由器或三層交換機處的冗餘;Keepalived就是使用VRRP協議來實現高可用的;下面一塊兒來看一下Keepalived的原理圖:vim

230149632.jpg

Keepalived啓動後會有三個進程:
後端

父進程:內存管理,子進程管理
瀏覽器

子進程:VRRP子進程
bash

子進程:healthchecker子進程
服務器

由上圖可知:兩個子進程都被系統WatchDog看管,兩個子進程各自複雜本身的事,healthchecker子進程複雜檢查各自服務器的健康程度,例如HTTP,LVS等,若是healthchecker子進程檢查到MASTER上服務不可用了,就會通知本機上的VRRP子進程,讓他刪除通告,而且去掉虛擬IP,轉換爲BACKUP狀態session


環境介紹:
架構

230731940.gif

系統版本:CentOS 6_x86_64

LVS_DR模式:WEB1與WEB2服務器的網關不能設置爲LVS調度器


1、安裝配置LVS+Keepalived

一、在Master與Backup服務器上分別安裝Ipvsadm、Keepalived軟件包、這裏使用的是rpm包安裝方式

[root@master ~]# yum -y install ipvsadm keepalived
[root@backup ~]# yum -y install ipvsadm keepalived
註釋:這裏安裝Ipvsadm工具主要是爲了查看lvs規則使用,不安裝ipvsadm工具也能成功配置規則,但不方式查看

二、修改Master的主配置文件

[root@master ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
   notification_email {      #設置報警通知郵件地址,能夠設置多個
    root@localhost
   }
   notification_email_from admin@allen.com  #設置郵件的發送地址
   smtp_server 127.0.0.1        #設置smtp server的地址,該地址必須是存在的
   smtp_connect_timeout 30      #設置鏈接smtp server的超時時間
   router_id LVS_ALLEN          #運行Keepalived服務器的標識,發郵件時顯示在郵件標題中的信息
}
vrrp_instance lvs_allen {       #定義VRRP實例,實例名自定義
    state MASTER                #指定Keepalived的角色,MASTER爲主服務器,BACKUP爲備用服務器
    interface eth0              #指定HA監測的接口
    virtual_router_id 68        #虛擬路由標識,這個標識是一個數字(1-255),在一個VRRP實例中主備服務器ID必須同樣
    priority 100                #優先級,數字越大優先級越高,在一個實例中主服務器優先級要高於備服務器
    advert_int 1                #設置主備之間同步檢查的時間間隔單位秒
    authentication {            #設置驗證類型和密碼
        auth_type PASS          #驗證類型有兩種{PASS|HA}
        auth_pass 1689          #設置驗證密碼,在一個實例中主備密碼保持同樣
    }
    virtual_ipaddress {         #定義虛擬IP地址,能夠有多個,每行一個
    172.16.14.10
    }
}
virtual_server 172.16.14.10 80 {    #設置虛擬服務器,須要指定虛擬IP與服務端口,用空格分隔
    delay_loop 6                #設置健康狀態檢查時間,單位爲秒
    lb_algo rr                  #設置負載高度算法,rr爲輪詢
    lb_kind DR                  #設置LVS實現負載均衡的機制,能夠爲{NAT|TUN|DR}三種
    nat_mask 255.255.0.0        #設置掩碼
    persistence_timeout 50      #會話保持時間,單位爲秒;這個選項對於動態網頁是很是有用的,爲集羣系統中session共享提供了一個很好的解決方案
    protocol TCP                #指定轉發協議類型能夠設置{TCP|UDP}兩種
    real_server 172.16.14.3 80 {    #服務服務節點,須要指定Real_server的IP與端口,用空格分隔
        weight 1                #配置服務節點的權重,數字越大,權重越高
        HTTP_GET {              #設置檢測Realserver的方式爲Http協議
            url {           
              path /
          status_code 200   #設定返回狀態碼爲200表示Realserver是存活的
            }
            connect_timeout 3   #設置響應超時時間
            nb_get_retry 3      #設置超時重試次數
            delay_before_retry 3 #設置超時後重試間隔
        }
    }
    real_server 172.16.14.4 80 {
        weight 1
        HTTP_GET {
            url {
              path /
          status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

三、將Master服務器上的主配置文件拷貝到Backup服務器稍做修改

[root@backup ~]# scp 172.16.14.1:/etc/keepalived/keepalived.conf /etc/keepalived/
######修改以下兩項
[root@backup ~]# vim /etc/keepalived/keepalived.conf
state BACKUP
priority 98

四、啓動兩臺服務器上的Keepalived服務並設置爲開機自啓動

######MASER服務器
[root@master ~]# service keepalived start
Starting keepalived:                                       [  OK  ]
[root@master ~]# chkconfig keepalived on
[root@master ~]# chkconfig --list keepalived
keepalived      0:off   1:off   2:on    3:on    4:on    5:on    6:off
######BACKUP服務器
[root@backup ~]# vim /etc/keepalived/keepalived.conf
[root@backup ~]# service keepalived start
Starting keepalived:                                       [  OK  ]
[root@backup ~]# chkconfig keepalived on
[root@backup ~]# chkconfig --list keepalived
keepalived      0:off   1:off   2:on    3:on    4:on    5:on    6:off

五、開啓Master與Backup服務器的路由轉發功能

[root@master ~]# sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
[root@backup ~]# sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf
######執行以下命令使其生效
sysctl -p

2、安裝Httpd並設置好Realserver

一、爲後端服務器WEB1安裝Httpd服務並啓動服務,這裏使用的rpm包安裝

[root@web1 ~]# yum -y install httpd
######爲web1提供測試頁
[root@web1 ~]# echo '<h1>WEB1 http://502245466.blog.51cto.com</h1>' > /var/www/html/index.html
[root@web1 ~]# service httpd start
[root@web1 ~]# chkconfig httpd on
[root@web1 ~]# chkconfig --list httpd
httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off

二、訪問測試WEB1服務器

001528504.gif

三、爲後端服務器WEB2安裝Httpd服務並啓動服務,這裏使用的rpm包安裝

[root@web2 ~]# yum -y install httpd
######爲web2提供測試頁
[root@web2 ~]# echo '<h1>WEB2 http://502245466.blog.51cto.com</h1>' > /var/www/html/index.html
[root@web2 ~]# service httpd start
[root@web2 ~]# chkconfig httpd on
[root@web2 ~]# chkconfig --list httpd
httpd           0:off   1:off   2:on    3:on    4:on    5:on    6:off

四、訪問測試WEB2服務器

001930825.gif

五、爲兩臺Realserver提供Sysv格式的腳原本自動修改內核參數與虛擬IP並運行腳本

[root@web1 ~]# vim /etc/init.d/lvs
#!/bin/bash
#ALLEN http://502245466.blog.51cto.com
# chkconfig: - 88 66
# Script to start LVS DR real server.
# description: LVS DR real server
#
.  /etc/rc.d/init.d/functions
VIP=172.16.14.10
host=`/bin/hostname`
case "$1" in
start)
       # Start LVS-DR real server on this machine.
        /sbin/ifconfig lo down
        /sbin/ifconfig lo up
        echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
        echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
        echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
        echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
        /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
        /sbin/route add -host $VIP dev lo:0
;;
stop)
        # Stop LVS-DR real server loopback device(s).
        /sbin/ifconfig lo:0 down
        echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
        echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
        echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
        echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
status)
        # Status of LVS-DR real server.
        islothere=`/sbin/ifconfig lo:0 | grep $VIP`
        isrothere=`netstat -rn | grep "lo:0" | grep $VIP`
        if [ ! "$islothere" -o ! "isrothere" ];then
            # Either the route or the lo:0 device
            # not found.
            echo "LVS-DR real server Stopped."
        else
            echo "LVS-DR real server Running."
        fi
;;
*)
            # Invalid entry.
            echo "$0: Usage: $0 {start|status|stop}"
            exit 1
;;
esac
註釋:腳本中的VIP定義的是虛擬IP地址
====================================================================
[root@web1 ~]# chmod +x /etc/init.d/lvs
[root@web1 ~]# chkconfig --add lvs
[root@web1 ~]# chkconfig lvs on
[root@web1 ~]# chkconfig --list lvs
lvs             0:off   1:off   2:on    3:on    4:on    5:on    6:off
[root@web1 ~]# service lvs start
[root@web1 ~]# service lvs status
LVS-DR real server Running.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
######爲WEB2提供腳本
[root@web2 ~]# scp -p 172.16.14.3:/etc/init.d/lvs /etc/init.d/
[root@web2 ~]# chkconfig --add lvs
[root@web2 ~]# chkconfig lvs on
[root@web2 ~]# chkconfig --list lvs
lvs             0:off   1:off   2:on    3:on    4:on    5:on    6:off
[root@web2 ~]# service lvs start
[root@web2 ~]# service lvs status
LVS-DR real server Running.

3、驗證服務

一、查看當前Master服務器的IP地址及LVS規則

[root@master ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff
    inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0
    inet 172.16.14.10/32 scope global eth0
    inet6 fe80::20c:29ff:fe2c:1a24/64 scope link
       valid_lft forever preferred_lft forever
######由上可見虛擬IP地址已經在Master主機上啓動
========================================================================
[root@master ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.14.10:80 rr persistent 50
  -> 172.16.14.3:80               Route   1      0          0      
  -> 172.16.14.4:80               Route   1      0          0      
######從規則中能夠看出虛擬IP與Port及調度算法爲rr;其中有兩個Realserver

二、訪問測試服務器是否正常提供服務

141037598.gif

141034298.gif

由上可知,使用的是rr調度算法,在訪問測試時可能須要多訪問幾回或換個瀏覽器來測試訪問

三、模擬Master服務器出現故障,將Master主機上的Keepalived服務中止,查看Backup服務器是否接管全部服務

[root@master ~]# service keepalived stop
Stopping keepalived:                                       [  OK  ]
----------------------------------------------------------------------
[root@master ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff
    inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0
    inet6 fe80::20c:29ff:fe2c:1a24/64 scope link
       valid_lft forever preferred_lft forever
----------------------------------------------------------------------
[root@master ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
######由上可見Master服務器上已刪除虛擬IP與LVS規則
======================================================================
[root@backup ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ec:f6:3f brd ff:ff:ff:ff:ff:ff
    inet 172.16.14.2/16 brd 172.16.255.255 scope global eth0
    inet 172.16.14.10/32 scope global eth0
    inet6 fe80::20c:29ff:feec:f63f/64 scope link
       valid_lft forever preferred_lft forever
######由上可見,虛擬IP地址已成功在Backup服務器啓動
----------------------------------------------------------------------
[root@backup ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.14.10:80 rr persistent 50
  -> 172.16.14.3:80               Route   1      0          0    
  -> 172.16.14.4:80               Route   1      0          0
######LVS的規則也已成功配置在Backup服務器上面

四、再次訪問測試服務器是否正常提供服務

193248148.gif

193244594.gif

五、假如Master服務器修復好已從新上線,則虛擬IP地址與LVS規則會從新配置到Master服務器上而在Backup服務器上刪除

######查看Master服務器
[root@master ~]# service keepalived start
Starting keepalived:                                       [  OK  ]
----------------------------------------------------------------------
[root@master ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff
    inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0
    inet 172.16.14.10/32 scope global eth0
    inet6 fe80::20c:29ff:fe2c:1a24/64 scope link
       valid_lft forever preferred_lft forever
----------------------------------------------------------------------
[root@master ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.14.10:80 rr persistent 50
  -> 172.16.14.3:80               Route   1      0          0      
  -> 172.16.14.4:80               Route   1      0          0
######由上可見,虛擬IP地址與LVS規則又從新配置到Master服務器上面
======================================================================
######查看Backup服務器
[root@backup ~]# ip addr show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ec:f6:3f brd ff:ff:ff:ff:ff:ff
    inet 172.16.14.2/16 brd 172.16.255.255 scope global eth0
    inet6 fe80::20c:29ff:feec:f63f/64 scope link
       valid_lft forever preferred_lft forever
----------------------------------------------------------------------
[root@backup ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.14.10:80 rr persistent 50
  -> 172.16.14.3:80               Route   1      0          0      
  -> 172.16.14.4:80               Route   1      0          0
######由上可見,虛擬IP地址已經刪除,可是LVS規則還存在,這對咱們是沒有影響的,沒有了IP地址只有規則也是不生效的

六、若是後端Realserver出現故障,則LVS規則會清除相應Realserver的規則

[root@web1 ~]# service httpd stop
Stopping httpd:                                            [  OK  ]
------------------------------------------------------------------------
[root@master ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.16.14.10:80 rr persistent 50
  -> 172.16.14.4:80               Route   1      0          0
######由上可見,中止了WEB1服務器的Httpd服務;查看LVS規則中已經清除了WEB1服務器的規則;若是將WEB1從新上線,則LVS會自動將規則添加上這裏就再也不測試

舒適提示:

若是在是實際環境中使用Keepalived作高可用集羣解決方案時,爲了解決腦裂的問題,咱們須要把MASTER與BACKUP服務器的Keepalived的主配置文件(keepalived.conf)中的 "state" 狀態都改成 "BACKUP" 優先級 "priority" 選項的值不要設置爲相同,能夠設置一個數值大另外一個數值小;如優先級分別爲:priority 100 priority 98


到此Keepalived+LVS實現高可用負載均衡集羣已所有完成,感謝各位博友的關注與支持,後面會持續更新其餘內容;敬請期待!!!

相關文章
相關標籤/搜索