概述html
隨着近年來互聯網的快速發展;而衆多須要提供給用戶訪問的WEB服務器,必須保證天天24小時不間斷的提供服務,隨着訪問量的增長,又有哪些好的WEB構架能實現高可用負載均衡,並且又是免費的呢?答案是確定是有了,而這種架構就是LVS+Keepalived
web
Keepalived簡介算法
什麼是Keepalived:keepalived能夠實現服務的高可用或熱備,用來防止單點故障的問題;而Keepalived的核心VRRP協議,VRRP協議主要實現了在路由器或三層交換機處的冗餘;Keepalived就是使用VRRP協議來實現高可用的;下面一塊兒來看一下Keepalived的原理圖:vim
Keepalived啓動後會有三個進程:
後端
父進程:內存管理,子進程管理
瀏覽器
子進程:VRRP子進程
bash
子進程:healthchecker子進程
服務器
由上圖可知:兩個子進程都被系統WatchDog看管,兩個子進程各自複雜本身的事,healthchecker子進程複雜檢查各自服務器的健康程度,例如HTTP,LVS等,若是healthchecker子進程檢查到MASTER上服務不可用了,就會通知本機上的VRRP子進程,讓他刪除通告,而且去掉虛擬IP,轉換爲BACKUP狀態session
環境介紹:
架構
系統版本:CentOS 6_x86_64
LVS_DR模式:WEB1與WEB2服務器的網關不能設置爲LVS調度器
1、安裝配置LVS+Keepalived
一、在Master與Backup服務器上分別安裝Ipvsadm、Keepalived軟件包、這裏使用的是rpm包安裝方式
[root@master ~]# yum -y install ipvsadm keepalived [root@backup ~]# yum -y install ipvsadm keepalived 註釋:這裏安裝Ipvsadm工具主要是爲了查看lvs規則使用,不安裝ipvsadm工具也能成功配置規則,但不方式查看
二、修改Master的主配置文件
[root@master ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { #設置報警通知郵件地址,能夠設置多個 root@localhost } notification_email_from admin@allen.com #設置郵件的發送地址 smtp_server 127.0.0.1 #設置smtp server的地址,該地址必須是存在的 smtp_connect_timeout 30 #設置鏈接smtp server的超時時間 router_id LVS_ALLEN #運行Keepalived服務器的標識,發郵件時顯示在郵件標題中的信息 } vrrp_instance lvs_allen { #定義VRRP實例,實例名自定義 state MASTER #指定Keepalived的角色,MASTER爲主服務器,BACKUP爲備用服務器 interface eth0 #指定HA監測的接口 virtual_router_id 68 #虛擬路由標識,這個標識是一個數字(1-255),在一個VRRP實例中主備服務器ID必須同樣 priority 100 #優先級,數字越大優先級越高,在一個實例中主服務器優先級要高於備服務器 advert_int 1 #設置主備之間同步檢查的時間間隔單位秒 authentication { #設置驗證類型和密碼 auth_type PASS #驗證類型有兩種{PASS|HA} auth_pass 1689 #設置驗證密碼,在一個實例中主備密碼保持同樣 } virtual_ipaddress { #定義虛擬IP地址,能夠有多個,每行一個 172.16.14.10 } } virtual_server 172.16.14.10 80 { #設置虛擬服務器,須要指定虛擬IP與服務端口,用空格分隔 delay_loop 6 #設置健康狀態檢查時間,單位爲秒 lb_algo rr #設置負載高度算法,rr爲輪詢 lb_kind DR #設置LVS實現負載均衡的機制,能夠爲{NAT|TUN|DR}三種 nat_mask 255.255.0.0 #設置掩碼 persistence_timeout 50 #會話保持時間,單位爲秒;這個選項對於動態網頁是很是有用的,爲集羣系統中session共享提供了一個很好的解決方案 protocol TCP #指定轉發協議類型能夠設置{TCP|UDP}兩種 real_server 172.16.14.3 80 { #服務服務節點,須要指定Real_server的IP與端口,用空格分隔 weight 1 #配置服務節點的權重,數字越大,權重越高 HTTP_GET { #設置檢測Realserver的方式爲Http協議 url { path / status_code 200 #設定返回狀態碼爲200表示Realserver是存活的 } connect_timeout 3 #設置響應超時時間 nb_get_retry 3 #設置超時重試次數 delay_before_retry 3 #設置超時後重試間隔 } } real_server 172.16.14.4 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
三、將Master服務器上的主配置文件拷貝到Backup服務器稍做修改
[root@backup ~]# scp 172.16.14.1:/etc/keepalived/keepalived.conf /etc/keepalived/ ######修改以下兩項 [root@backup ~]# vim /etc/keepalived/keepalived.conf state BACKUP priority 98
四、啓動兩臺服務器上的Keepalived服務並設置爲開機自啓動
######MASER服務器 [root@master ~]# service keepalived start Starting keepalived: [ OK ] [root@master ~]# chkconfig keepalived on [root@master ~]# chkconfig --list keepalived keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off ######BACKUP服務器 [root@backup ~]# vim /etc/keepalived/keepalived.conf [root@backup ~]# service keepalived start Starting keepalived: [ OK ] [root@backup ~]# chkconfig keepalived on [root@backup ~]# chkconfig --list keepalived keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off
五、開啓Master與Backup服務器的路由轉發功能
[root@master ~]# sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf [root@backup ~]# sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/g' /etc/sysctl.conf ######執行以下命令使其生效 sysctl -p
2、安裝Httpd並設置好Realserver
一、爲後端服務器WEB1安裝Httpd服務並啓動服務,這裏使用的rpm包安裝
[root@web1 ~]# yum -y install httpd ######爲web1提供測試頁 [root@web1 ~]# echo '<h1>WEB1 http://502245466.blog.51cto.com</h1>' > /var/www/html/index.html [root@web1 ~]# service httpd start [root@web1 ~]# chkconfig httpd on [root@web1 ~]# chkconfig --list httpd httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
二、訪問測試WEB1服務器
三、爲後端服務器WEB2安裝Httpd服務並啓動服務,這裏使用的rpm包安裝
[root@web2 ~]# yum -y install httpd ######爲web2提供測試頁 [root@web2 ~]# echo '<h1>WEB2 http://502245466.blog.51cto.com</h1>' > /var/www/html/index.html [root@web2 ~]# service httpd start [root@web2 ~]# chkconfig httpd on [root@web2 ~]# chkconfig --list httpd httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
四、訪問測試WEB2服務器
五、爲兩臺Realserver提供Sysv格式的腳原本自動修改內核參數與虛擬IP並運行腳本
[root@web1 ~]# vim /etc/init.d/lvs #!/bin/bash #ALLEN http://502245466.blog.51cto.com # chkconfig: - 88 66 # Script to start LVS DR real server. # description: LVS DR real server # . /etc/rc.d/init.d/functions VIP=172.16.14.10 host=`/bin/hostname` case "$1" in start) # Start LVS-DR real server on this machine. /sbin/ifconfig lo down /sbin/ifconfig lo up echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up /sbin/route add -host $VIP dev lo:0 ;; stop) # Stop LVS-DR real server loopback device(s). /sbin/ifconfig lo:0 down echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce ;; status) # Status of LVS-DR real server. islothere=`/sbin/ifconfig lo:0 | grep $VIP` isrothere=`netstat -rn | grep "lo:0" | grep $VIP` if [ ! "$islothere" -o ! "isrothere" ];then # Either the route or the lo:0 device # not found. echo "LVS-DR real server Stopped." else echo "LVS-DR real server Running." fi ;; *) # Invalid entry. echo "$0: Usage: $0 {start|status|stop}" exit 1 ;; esac 註釋:腳本中的VIP定義的是虛擬IP地址 ==================================================================== [root@web1 ~]# chmod +x /etc/init.d/lvs [root@web1 ~]# chkconfig --add lvs [root@web1 ~]# chkconfig lvs on [root@web1 ~]# chkconfig --list lvs lvs 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@web1 ~]# service lvs start [root@web1 ~]# service lvs status LVS-DR real server Running. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ######爲WEB2提供腳本 [root@web2 ~]# scp -p 172.16.14.3:/etc/init.d/lvs /etc/init.d/ [root@web2 ~]# chkconfig --add lvs [root@web2 ~]# chkconfig lvs on [root@web2 ~]# chkconfig --list lvs lvs 0:off 1:off 2:on 3:on 4:on 5:on 6:off [root@web2 ~]# service lvs start [root@web2 ~]# service lvs status LVS-DR real server Running.
3、驗證服務
一、查看當前Master服務器的IP地址及LVS規則
[root@master ~]# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0 inet 172.16.14.10/32 scope global eth0 inet6 fe80::20c:29ff:fe2c:1a24/64 scope link valid_lft forever preferred_lft forever ######由上可見虛擬IP地址已經在Master主機上啓動 ======================================================================== [root@master ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.16.14.10:80 rr persistent 50 -> 172.16.14.3:80 Route 1 0 0 -> 172.16.14.4:80 Route 1 0 0 ######從規則中能夠看出虛擬IP與Port及調度算法爲rr;其中有兩個Realserver
二、訪問測試服務器是否正常提供服務
由上可知,使用的是rr調度算法,在訪問測試時可能須要多訪問幾回或換個瀏覽器來測試訪問
三、模擬Master服務器出現故障,將Master主機上的Keepalived服務中止,查看Backup服務器是否接管全部服務
[root@master ~]# service keepalived stop Stopping keepalived: [ OK ] ---------------------------------------------------------------------- [root@master ~]# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0 inet6 fe80::20c:29ff:fe2c:1a24/64 scope link valid_lft forever preferred_lft forever ---------------------------------------------------------------------- [root@master ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn ######由上可見Master服務器上已刪除虛擬IP與LVS規則 ====================================================================== [root@backup ~]# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:ec:f6:3f brd ff:ff:ff:ff:ff:ff inet 172.16.14.2/16 brd 172.16.255.255 scope global eth0 inet 172.16.14.10/32 scope global eth0 inet6 fe80::20c:29ff:feec:f63f/64 scope link valid_lft forever preferred_lft forever ######由上可見,虛擬IP地址已成功在Backup服務器啓動 ---------------------------------------------------------------------- [root@backup ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.16.14.10:80 rr persistent 50 -> 172.16.14.3:80 Route 1 0 0 -> 172.16.14.4:80 Route 1 0 0 ######LVS的規則也已成功配置在Backup服務器上面
四、再次訪問測試服務器是否正常提供服務
五、假如Master服務器修復好已從新上線,則虛擬IP地址與LVS規則會從新配置到Master服務器上而在Backup服務器上刪除
######查看Master服務器 [root@master ~]# service keepalived start Starting keepalived: [ OK ] ---------------------------------------------------------------------- [root@master ~]# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:2c:1a:24 brd ff:ff:ff:ff:ff:ff inet 172.16.14.1/16 brd 172.16.255.255 scope global eth0 inet 172.16.14.10/32 scope global eth0 inet6 fe80::20c:29ff:fe2c:1a24/64 scope link valid_lft forever preferred_lft forever ---------------------------------------------------------------------- [root@master ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.16.14.10:80 rr persistent 50 -> 172.16.14.3:80 Route 1 0 0 -> 172.16.14.4:80 Route 1 0 0 ######由上可見,虛擬IP地址與LVS規則又從新配置到Master服務器上面 ====================================================================== ######查看Backup服務器 [root@backup ~]# ip addr show eth0 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:ec:f6:3f brd ff:ff:ff:ff:ff:ff inet 172.16.14.2/16 brd 172.16.255.255 scope global eth0 inet6 fe80::20c:29ff:feec:f63f/64 scope link valid_lft forever preferred_lft forever ---------------------------------------------------------------------- [root@backup ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.16.14.10:80 rr persistent 50 -> 172.16.14.3:80 Route 1 0 0 -> 172.16.14.4:80 Route 1 0 0 ######由上可見,虛擬IP地址已經刪除,可是LVS規則還存在,這對咱們是沒有影響的,沒有了IP地址只有規則也是不生效的
六、若是後端Realserver出現故障,則LVS規則會清除相應Realserver的規則
[root@web1 ~]# service httpd stop Stopping httpd: [ OK ] ------------------------------------------------------------------------ [root@master ~]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 172.16.14.10:80 rr persistent 50 -> 172.16.14.4:80 Route 1 0 0 ######由上可見,中止了WEB1服務器的Httpd服務;查看LVS規則中已經清除了WEB1服務器的規則;若是將WEB1從新上線,則LVS會自動將規則添加上這裏就再也不測試
舒適提示:
若是在是實際環境中使用Keepalived作高可用集羣解決方案時,爲了解決腦裂的問題,咱們須要把MASTER與BACKUP服務器的Keepalived的主配置文件(keepalived.conf)中的 "state" 狀態都改成 "BACKUP" 優先級 "priority" 選項的值不要設置爲相同,能夠設置一個數值大另外一個數值小;如優先級分別爲:priority 100 priority 98
到此Keepalived+LVS實現高可用負載均衡集羣已所有完成,感謝各位博友的關注與支持,後面會持續更新其餘內容;敬請期待!!!