keepalived實(shí)現(xiàn)lvs調(diào)度
實(shí)驗(yàn)?zāi)康模?/h2>
用keepalived實(shí)現(xiàn)使用lvs的dr模式來做調(diào)度,調(diào)度算法使用rr模式方便測試。
實(shí)驗(yàn)環(huán)境:
網(wǎng)卡均為eth0沥曹,保證集群中每臺(tái)服務(wù)器的時(shí)間時(shí)相同的髓帽,用ntpdate可以同步奄薇,然后關(guān)閉selinux和iptables。
虛擬ip為172.16.10.1和172.16.10.2(雙主模型抗愁,所以需要兩個(gè)虛擬ip)
兩臺(tái)調(diào)度器ip地址分別為172.16.200.101和172.16.200.102
兩臺(tái)節(jié)點(diǎn)ip地址為172.16.10.3和172.16.10.4
實(shí)驗(yàn)過程:
2.配置節(jié)點(diǎn)服務(wù)器馁蒂,設(shè)置arp響應(yīng)級別和虛擬ip,將這些配置寫到一個(gè)腳本中呵晚,方便管理,如下(注意沫屡,這里要實(shí)現(xiàn)雙主模型饵隙,而且是DR模型,所以節(jié)點(diǎn)主機(jī)和調(diào)度器的vip要一致沮脖,而雙主模型需要兩個(gè)前端的虛擬IP金矛,所以節(jié)點(diǎn)主機(jī)也需要配置兩個(gè)VIP):
在兩個(gè)節(jié)點(diǎn)的/root目錄下,創(chuàng)建文件lvs.sh,然后寫入腳本
vim lvs.sh
#!/bin/bash
vip=172.16.10.2
vip2=172.16.200.100
mask=255.255.255.255
iface="lo:0"
iface2="lo:1"
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
ifconfig $iface $vip netmask $mask broadcast $vip up
ifconfig $iface2 $vip2 netmask $mask broadcast $vip2 up
route add -host $vip dev $iface
route add -host $vip2 dev $iface2
;;
stop)
ifconfig $iface down
ifconfig $iface2 down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $(basename $0) start|stop"
;;
esac
bash lvs.sh start #執(zhí)行腳本勺届,加上start參數(shù)
執(zhí)行完成后可以用ip a l命令來查看兩個(gè)虛擬ip有沒有創(chuàng)建成功驶俊。
3.在兩臺(tái)調(diào)度器上執(zhí)行如下操作:
yum -y install keepalived nginx #安裝keepalived和nginx
echo "sorry form 172.16.10.1" > /usr/share/nginx/html/index.html #這里安裝nginx是為了實(shí)現(xiàn)sorry服務(wù)器,當(dāng)節(jié)點(diǎn)都出問題時(shí)免姿,調(diào)度器的nginx會(huì)放回echo的內(nèi)容饼酿。調(diào)度器2上echo的是 172.16.10.2,這樣方便區(qū)分是由哪個(gè)調(diào)度器工作的
service nginx start
ifconfig eth0:0 172.16.10.2 netmask 255
.255.255.255 broadcast 172.16.10.2 up #在eth0上添加vip
我們可以先裝個(gè)ipvsadm,手動(dòng)配置lvs來測試以下胚膊,合適了再去配置keepalived
yum -y install ipvsadm
ipvsadm -A -t 172.16.10.2:80 -s rr
ipvsadm -a -t 172.16.10.2:80 -r 172.16.10.3 -g
ipvsadm -a -t 172.16.10.2:80 -r 172.16.10.4 -g
然后訪問172.16.10.2就可以調(diào)度到后端的兩個(gè)節(jié)點(diǎn)提供服務(wù),使用for i in {1..10};do curl http://172.16.10.2;done,就會(huì)發(fā)現(xiàn)3和4交替出現(xiàn)故俐。 ,將這個(gè)調(diào)度器的vip刪除紊婉,在另一臺(tái)節(jié)點(diǎn)上同樣上述操作药版,驗(yàn)證時(shí)候需要在客戶端先arp -d 172.16.10.2`將自己的arp緩存刪除,不然還是會(huì)去找之前的調(diào)度器的喻犁。
測試成功后槽片,我們就可以去部署keepalived了:
首先,將ipvsadm手動(dòng)做的lvs先清空株汉,這樣才會(huì)不影響keepalived配置筐乳,如下:
ifconfig eth0:0 down
ipvsadm -C
然后配置keepliaved:
我們先來實(shí)現(xiàn)lvs的dr模式,使用主備模式
vim /etc/keepalived/keepalived.conf
#配置文件中有很多virtual_server段乔妈,我們只保留第一個(gè)蝙云,剩下的給注釋了就行
#下面分別為調(diào)度器1和調(diào)度器2的配置
調(diào)度器1的配置文件
! Configuration File for keepalived
global_defs {
notification_email {
feng@mageedu.com
}
notification_email_from admin@mageedu.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp_mcast_group4 224.224.224.224
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 16
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.10.2
}
}
virtual_server 172.16.10.2 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.0.0
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.10.3 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.16.10.4 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 61
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.200.100
}
}
virtual_server 172.16.200.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.0.0
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.10.3 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.16.10.4 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
第二臺(tái)調(diào)度器配置如下
! Configuration File for keepalived
global_defs {
notification_email {
feng@mageedu.com
}
notification_email_from admin@mageedu.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node2
vrrp_mcast_group4 224.224.224.224
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 16
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.10.2
}
}
virtual_server 172.16.10.2 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.0.0
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.10.3 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.16.10.4 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 61
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.200.100
}
}
virtual_server 172.16.200.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.0.0
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.10.3 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
real_server 172.16.10.4 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 1
}
}
}
完成后在將兩個(gè)調(diào)度器中的keepalived都啟動(dòng)(注意keepalived不能重啟,有時(shí)候配置會(huì)不生效路召,所以如果之前已經(jīng)啟動(dòng)了勃刨,那么關(guān)閉后在啟動(dòng))
service keepalived start
測試:
在測試主機(jī)上修改/etc/hosts文件,添加如下內(nèi)容
172.16.200.100test.io
172.16.10.2test.io
然后用一個(gè)小循環(huán)來測試:
[root@localhost named]# for i in {1..10};do curltest.io ;done
返回結(jié)果為172.16.10.3和172.16.10.4交替出現(xiàn)股淡,實(shí)驗(yàn)成功
nginx雙主模型高可用集群
1.在兩臺(tái)調(diào)度器上身隐,設(shè)置nginx服務(wù)配置文件,這里使用的nginx版本為1.10.2,所以配置文件可能有點(diǎn)細(xì)微差別
vim /etc/nginx/nginx.conf
在http上下文中定義組
upstream webapp {
server 172.16.10.3;
server 172.16.10.4;
}
vim /etc/nginx/conf.d/test.conf #注意:先將默認(rèn)的default去掉唯灵,要不測試會(huì)報(bào)錯(cuò)
server {
listen 80 default;
server_nametest.io;
location / {
proxy_pass http://webapp;
}
}
nginx -t
nginx -s reload
2.在兩臺(tái)調(diào)度器上贾铝,修改keepalived配置文件:
先將vrrp_instance VI_1和vrrp_instance VI_2這兩個(gè)上下文中的virtual_server先注釋掉(virtual_server就是lvs的配置段,注釋掉以防和nginx段沖突)
然后在global段中定義nginx檢測功能,這段的意思就是當(dāng)檢測到nginx服務(wù)不存在時(shí),就將這個(gè)調(diào)度器的權(quán)重減去10垢揩,注意減去的權(quán)重不能小于主和備的差玖绿,不然減去之后主調(diào)度器的權(quán)重還是表備用的高,如下:
vrrp_script chk_nginx {
script "killall -o nginx"
interval 2
weight -10
fall 2
rise 2
}
然后在兩個(gè)vrrp_instance中,都調(diào)用nginx檢測功能:
在vrrp_instance VI_1和2中都加入這段內(nèi)容
track_script {
chk_nginx
}
然后關(guān)閉keepalived,再啟動(dòng)進(jìn)行測試叁巨,兩個(gè)ip交替出現(xiàn)證明實(shí)驗(yàn)成功
