keepalive之LVS-DR架構
author:JevonWei
版權聲明:原創做品html
Keepalive實戰之LVS-DR
實驗目的:構建LVS-DR架構,爲了達到LVS的高可用目的,故在LVS-DR的Director端作Keepalive集羣,在Director-A上作keepalive-A,在Director上作keepalive-B,LVS-RS1和LVS-RS2爲後端的兩臺web服務器,經過在Director上作keepalive集羣實現高可用的目的nginx
網絡拓撲圖
web
實驗環境(keepalive節點同時做爲LVS的directory節點)vim
keepalive-A(Director-A) 172.16.253.108 keepalive-B(Director-A) 172.16.253.105 LVS-RS1 172.16.250.127 LVS-RS2 172.16.253.193 VIP 172.16.253.150 client 172.16.253.177
LVS-RS web集羣
爲了更好的觀察實驗結果,故在此將RS1和RS2的web頁面內容設置不一致,以至能夠更清晰的區分RS1服務端和RS2服務端後端
LVS-RS1bash
[root@LVS-RS1 ~]# systemctl restart chronyd \\多臺服務器時間同步
[root@LVS-RS1 ~]# iptables -F
[root@LVS-RS1 ~]# setenforce 0
[root@LVS-RS1 ~]# yum -y install nginx
[root@LVS-RS1 ~]# vim /usr/share/nginx/html/index.html
<h1> Web RS1 </h1>
[root@LVS-RS1 ~]# systemctl start nginx
修改內核參數並添加VIP地址
[root@LVS-RS1 ~]# vim lvs_dr.sh
#!/bin/bash
#
vip=172.16.253.150
mask=255.255.255.255
iface="lo:0"
case $1 in
start)
ifconfig $iface $vip netmask $mask broadcast $vip up
route add -host $vip dev $iface
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
;;
stop)
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $iface down
;;
*)
echo "Usage:$(basename $0) start|stop"
exit 1
;;
esac
[root@LVS-RS1 ~]# bash lvs_dr.sh start
[root@LVS-RS1 ~]# ifconfig
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 172.16.253.150 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
LVS-RS2服務器
[root@LVS-RS2 ~]# systemctl restart chronyd \\多臺服務器時間同步
[root@LVS-RS2 ~]# iptables -F
[root@LVS-RS2 ~]# setenforce 0
[root@LVS-RS2 ~]# yum -y install nginx
[root@LVS-RS2 ~]# vim /usr/share/nginx/html/index.html
<h1> Web RS2 </h1>
[root@LVS-RS2 ~]# systemctl start nginx
修改內核參數並添加VIP地址
[root@LVS-RS2 ~]# vim lvs_dr.sh
#!/bin/bash
#
vip=172.16.253.150
mask=255.255.255.255
iface="lo:0"
case $1 in
start)
ifconfig $iface $vip netmask $mask broadcast $vip up
route add -host $vip dev $iface
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
;;
stop)
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $iface down
;;
*)
echo "Usage:$(basename $0) start|stop"
exit 1
;;
esac
[root@LVS-RS1 ~]# bash lvs_dr.sh start
[root@LVS-RS1 ~]# ifconfig
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 172.16.253.150 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
Keepalive集羣
Director節點搭建
keepalive-A網絡
[root@keepaliveA ~]# systemctl restart chronyd \\多臺服務器時間同步 [root@keepaliveA ~]# yum -y install ipvsadm
keepalive-B架構
[root@keepaliveB ~]# systemctl restart chronyd \\多臺服務器時間同步 [root@keepaliveB ~]# yum -y install ipvsadm
keepalive上配置web的sorry server
keepalive-Acurl
[root@keepaliveA ~]# yum -y install nginx [root@keepaliveA ~]# vim /usr/share/nginx/html/index.html </h1> sorry from Director-A(keepalive-A) </h1> [root@keepaliveA ~]# systemctl start nginx
keepalive-B
[root@keepalive-B ~]# yum -y install nginx [root@keepalive-B ~]# vim /usr/share/nginx/html/index.html </h1> sorry from Director-B(keepalive-B) </h1> [root@keepaliveB ~]# systemctl start nginx
keepalive-A配置keepalive
keepalive-A
[root@keepalive-A ~]# iptables -F
[root@keepalive-A ~]# yum -y install keepalived
[root@keepaliveA ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email { \\定義郵件通知設置
jevon@danran.com \\定義郵件接收地址
}
notification_email_from ka_admin@danran.com \\郵件發送者
smtp_server 127.0.0.1 \\郵件server服務器
smtp_connect_timeout 30 \\鏈接超時
router_id keepaliveA \\route的ID信息,自定義
vrrp_mcast_group4 224.103.5.5 \\多播地址段,默認爲224.0.0.18
}
vrrp_instance VI_A {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass qr8hQHuL
}
virtual_ipaddress {
172.16.253.150/32 dev ens33
}
virtual_server 172.16.253.150 80 {
delay_loop 6 \\服務輪詢的時間間隔
lb_algo rr \\定義調度方法;
lb_kind DR \\集羣的類型;
protocol TCP \\服務協議,僅支持TCP;
sorry_server 127.0.0.1 80 \\指定sorry server,且爲本機的wen服務提供的web頁面
real_server 172.16.250.127 80 {
weight 1 \\權重
SSL_GET { \\應用層檢測
url {
path / \\定義要監控的URL
#digest ff20ad2481f97b1754ef3e12ecd3a9cc \\判斷上述檢測機制爲健康狀態的響應的內容的校驗碼;
status_code 200 \\判斷上述檢測機制爲健康狀態的響應碼
}
connect_timeout 3 \\鏈接請求的超時時長;
nb_get_retry 3 \\重試次數
delay_before_retry 1 \\重試以前的延遲時長
}
}
real_server 172.16.253.193 80 {
weight 1
SSL_GET {
url {
path /
#digest ff20ad2481f97b1754ef3e12ecd3a9cc
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
}
[root@keepaliveA ~]# systemctl start keepalived
[root@keepaliveA ~]# ip a l
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:75:dc:3c brd ff:ff:ff:ff:ff:ff
inet 172.16.253.150/32 scope global ens33
valid_lft forever preferred_lft forever
[root@keepaliveA ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.150:80 rr
-> 172.16.250.127:80 Route 1 0 0
-> 172.16.253.193:80 Route 1 0 0
keepalive-B配置keepalive
keepalive-B
[root@keepalive-B ~]# iptables -F
[root@keepalive-B ~]# yum -y install keepalived
[root@keepaliveA ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email { \\定義郵件通知設置
jevon@danran.com \\定義郵件接收地址
}
notification_email_from ka_admin@danran.com \\郵件發送者
smtp_server 127.0.0.1 \\郵件server服務器
smtp_connect_timeout 30 \\鏈接超時
router_id keepaliveA \\route的ID信息,自定義
vrrp_mcast_group4 224.103.5.5 \\多播地址段,默認爲224.0.0.18
}
vrrp_instance VI_A {
state BACKUP
interface ens33
virtual_router_id 51
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass qr8hQHuL
}
virtual_ipaddress {
172.16.253.150/32 dev ens33
}
virtual_server 172.16.253.150 80 {
delay_loop 6 \\服務輪詢的時間間隔
lb_algo rr \\定義調度方法;
lb_kind DR \\集羣的類型;
protocol TCP \\服務協議,僅支持TCP;
sorry_server 127.0.0.1 80 \\指定sorry server,且爲本機的wen服務提供的web頁面
real_server 172.16.250.127 80 {
weight 1 \\權重
SSL_GET { \\應用層檢測
url {
path / \\定義要監控的URL
#digest ff20ad2481f97b1754ef3e12ecd3a9cc \\判斷上述檢測機制爲健康狀態的響應的內容的校驗碼;
status_code 200 \\判斷上述檢測機制爲健康狀態的響應碼
}
connect_timeout 3 \\鏈接請求的超時時長;
nb_get_retry 3 \\重試次數
delay_before_retry 1 \\重試以前的延遲時長
}
}
real_server 172.16.253.193 80 {
weight 1
SSL_GET {
url {
path /
#digest ff20ad2481f97b1754ef3e12ecd3a9cc
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
}
[root@keepaliveB ~]# systemctl start keepalived
[root@keepalive-B ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.253.150:http rr
-> 172.16.250.127:http Route 1 0 0
-> 172.16.253.193:http Route 1 0 0
訪問測試
client測試
[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
當keepalive-A故障時
[root@keepaliveA ~]# systemctl stop keepalived
keepalive-B自動成爲MASTER主節點,則LVS的director調度服務器切換爲keepalive-B上,LVS-RS1和LVS-RS2的web服務正常使用
client訪問測試
[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
當keepalive-A修恢復正常時,keepalive-A再次成爲MASTER主節點
[root@keepaliveA ~]# systemctl start keepalived
[root@keepaliveA ~]# ip a l
: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:75:dc:3c brd ff:ff:ff:ff:ff:ff
inet 172.16.253.150/32 scope global ens33
valid_lft forever preferred_lft forever
當LVS-RS1的web服務故障時
[root@LVS-RS1 ~]# iptables -A INPUT -p tcp --dport 80 -j REJECT
client訪問
[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
<h1> Web RS2 </h1>
<h1> Web RS2 </h1>
<h1> Web RS2 </h1>
<h1> Web RS2 </h1>
當LVS-RS1和LVS-RS2的web服務所有故障時
[root@LVS-RS1 ~]# iptables -A INPUT -p tcp --dport 80 -j REJECT [root@LVS-RS2 ~]# iptables -A INPUT -p tcp --dport 80 -j REJECT
client訪問到的時sorry server服務器,且sorry server服務器爲keepalive-A
[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
</h1> sorry from Director-A(keepalive-A) </h1>
</h1> sorry from Director-A(keepalive-A) </h1>
</h1> sorry from Director-A(keepalive-A) </h1>
</h1> sorry from Director-A(keepalive-A) </h1>
</h1> sorry from Director-A(keepalive-A) </h1>
當keepalive-A故障時
[root@keepaliveA ~]# systemctl stop keepalived.service
client訪問sorry server服務頁面,且sorry server服務器爲keepalive-B
[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
</h1> sorry from Director-B(keepalive-B) </h1>
</h1> sorry from Director-B(keepalive-B) </h1>
</h1> sorry from Director-B(keepalive-B) </h1>
</h1> sorry from Director-B(keepalive-B) </h1>
</h1> sorry from Director-B(keepalive-B) </h1>
LVS-RS1的web服務恢復正常後
[root@LVS-RS1 ~]# iptables -F
client訪問測試
[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
<h1> Web RS1 </h1>
<h1> Web RS1 </h1>
<h1> Web RS1 </h1>
<h1> Web RS1 </h1>
<h1> Web RS1 </h1>
LVS-RS1和LVS-RS2的web服務所有恢復正常後
[root@LVS-RS1 ~]# iptables -F [root@LVS-RS2 ~]# iptables -F
client訪問測試
[root@client ~]# for i in {1..10};do curl http://172.16.253.150;done
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
<h1> Web RS1 </h1>
<h1> Web RS2 </h1>
保存及重載規則
保存:建議保存至/etc/sysconfig/ipvsadm
ipvsadm-save > /PATH/TO/IPVSADM_FILE ipvsadm -S > /PATH/TO/IPVSADM_FILE systemctl stop ipvsadm.service
重載:
ipvsadm-restore < /PATH/FROM/IPVSADM_FILE ipvsadm -R < /PATH/FROM/IPVSADM_FILE systemctl restart ipvsadm.service
keepalive節點經過DNS域名解析指向實現
獲取web主頁面內容的校驗碼
[root@keepaliveA ~]# genhash -s 172.16.250.127 -p 80 -u /
相關文章
- 1. keepalive+nginx集羣架構文檔
- 2. TCP之keepalive
- 3. keepalive
- 4. KeepAlive
- 5. keepalive+lvs,keepalive+nginx配置
- 6. 網絡編程之 keepalive(zz)
- 7. Vue.js(23)之 keepAlive和activated
- 8. 高性能業務架構解決方案(Keepalive+MySQL)
- 9. Java之架構(0) - 架構之路
- 10. lvs+keepalive
- 更多相關文章...
- • Docker 架構 - Docker教程
- • 互聯網系統應用架構基礎分析 - 紅包項目實戰
- • 互聯網組織的未來:剖析GitHub員工的任性之源
- • 常用的分佈式事務解決方案
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. js中 charCodeAt
- 2. Android中通過ViewHelper.setTranslationY實現View移動控制(NineOldAndroids開源項目)
- 3. 【Android】日常記錄:BottomNavigationView自定義樣式,修改點擊後圖片
- 4. maya 文件檢查 ui和數據分離 (一)
- 5. eclipse 修改項目的jdk版本
- 6. Android InputMethod設置
- 7. Simulink中Bus Selector出現很多? ? ?
- 8. 【Openfire筆記】啓動Mac版Openfire時提示「系統偏好設置錯誤」
- 9. AutoPLP在偏好標籤中的生產與應用
- 10. 數據庫關閉的四種方式
歡迎關注本站公眾號,獲取更多信息
