一、Keepalived
1.概述
- Keepalived使用HA(High Available双机集群系统),指高可用性集群,是保证业务连续性的有效解决方案,一般有两个或两个以上的节点,且分为活动节点及备用节点。
- Keepalived的作用是检测服务器的状态,如果有一台web服务器宕机,或工作出现故障,Keepalived将检测到,并将有故障的服务器从系统中剔除,同时使用其他服务器代替该服务器的工作,当服务器工作正常后Keepalived自动将服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的服务器。
- Keepalived使用VRRP协议实现故障转换
2.特点
-
解决服务器单点故障问题
-
支持服务器健康状态检查和故障切换
3.VRRP(虚拟路由冗余协议)
-
将多个设备组成一个备份组
-
通过公用的虚拟IP对外提供服务
-
同一时刻只有一台设备提供服务,其余设备处于冗余状态
-
当当前在线设备故障后,由其他设备根据优先级自动替换虚拟IP
二、LVS_DR+Keepalived案例
环境准备:
服务器名称 | 作用 | IP地址 |
---|---|---|
Web01 | 第一台网站服务器 | 192.168.1.10 |
Web02 | 第二台网站服务器 | 192.168.1.20 |
Lvs_ha01 | 第一台网站负载均衡和高可用服务器 | 192.168.1.100 |
Lvs_ha02 | 第二台网站负载均衡和高可用服务器 | 192.168.1.200 |
Gateway | 网关(代替路由器) | 192.168.1.1 |
- 群集VIP(virtual IP)地址:192.168.1.254
五台服务器,两台Web、两台LVS,都一块网卡设置为vmnet1;剩余一台为网关,需两块网卡,第一块vmnnet1、第二块桥接
部署Web-1
1.配置IP地址
vim /etc/sysconfig/network-scrips/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.10
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
cp /etc/sysconfig/network-scrips/ifcfg-lo /etc/sysconfig/network-scrips/ifcfg-lo:0
vim /etc/sysconfig/network-scrips/ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
IPADDR=192.168.1.254
NETMASK=255.255.255.255
/etc/init.d/network restart
2.配置安装YUM
rm -rf /etc/yum.repos.d/*
vim /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///mnt
gpgcheck=0
mount /dev/cdrom /mnt
3.部署httpd
yum -y install httpd && echo "This is Web1" >/var/www/html/index.html
/etc/init.d/httpd start && chkconfig --level 35 httpd on
4.修改内核参数和路由
vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
sysctl -p
route add -host 192.168.1.254 dev lo:0 && echo "route add -host 192.168.1.254 dev lo:0" >>/etc/rc.local
部署Web-2
1.配置IP地址
vim /etc/sysconfig/network-scrips/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.20
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
cp /etc/sysconfig/network-scrips/ifcfg-lo /etc/sysconfig/network-scrips/ifcfg-lo:0
vim /etc/sysconfig/network-scrips/ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
IPADDR=192.168.1.254
NETMASK=255.255.255.255
/etc/init.d/network restart
2.配置安装YUM
rm -rf /etc/yum.repos.d/*
vim /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///mnt
gpgcheck=0
mount /dev/cdrom /mnt
3.部署httpd
yum -y install httpd && echo "This is Web2" >/var/www/html/index.html
/etc/init.d/httpd start && chkconfig --level 35 httpd on
4.修改内核参数和路由
vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
sysctl -p
route add -host 192.168.1.254 dev lo:0 && echo "route add -host 192.168.1.254 dev lo:0" >>/etc/rc.local
部署LVS+HA-1
1.配置IP
vim /etc/sysconfig/network-scrips/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.100
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
/etc/init.d/network restart
2.配置YUM并安装依赖包
rm -rf /etc/yum.repos.d/*
vim /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///mnt
gpgcheck=0
mount /dev/cdrom /mnt
yum -y install kernel-devel openssl-devel popt-devel ipvsadm
3.安装keepalived
tar zxvf keepalived-1.2.2.tar.gz -C /usr/src/
cd /usr/src/keepalived-1.2.2/
./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86_64/
make &&make install
chkconfig --add keepalived && chkconfig keepalived on
4.编辑HA配置文件
vim /etc/keepalived/keepalived.conf
global_defs {
router_id HA_TEST_R1 ##本服务器的名称
}
vrrp_instance VI_1 { ##定义VRRP热备实例
state MASTER ##MASTER表示主服务器
interface eth0 ##承载VIP地址的物理接口
virtual_router_id 1 ##虚拟路由器的ID号
priority 100 ##优先级,数值越大优先级越高
advert_int 1 ##通告间隔秒数(心跳频率)
authentication { ##认证信息
auth_type PASS ##认证类型
auth_pass 123456 ##密码字串
}
virtual_ipaddress {
192.168.1.254 ##指定漂移地址(VIP)
}
virtual_server 192.168.1.254 80 {
delay_loop 15 ##检测时间间隔
lb_algo rr ##LVS调度算法
lb_kind DR ##LVS的模式
protocol TCP
real_server 192.168.1.10 80 {
weight 1 ##权值
TCP_CHECK {
connect_port 80 ##健康检查端口
connect_timeout 3 ##连接超时时间
nb_get_retry 3 ##重连次数
delay_before_retry 4 ##重连时间
}
}
real_server 192.168.1.20 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
5.加载lvs模块
modprobe ip_vs && echo "modprobe ip_vs" >>/etc/rc.local
部署LVS+HA-2
1.配置IP
vim /etc/sysconfig/network-scrips/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.200
NETMASK=255.255.255.0
GATEWAY=192.168.1.1
/etc/init.d/network restart
2.配置YUM并安装依赖包
rm -rf /etc/yum.repos.d/*
vim /etc/yum.repos.d/local.repo
[local]
name=local
baseurl=file:///mnt
gpgcheck=0
mount /dev/cdrom /mnt
yum -y install kernel-devel openssl-devel popt-devel ipvsadm
3.安装keepalived
tar zxvf keepalived-1.2.2.tar.gz -C /usr/src/
cd /usr/src/keepalived-1.2.2/
./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86_64/
make &&make install
chkconfig --add keepalived && chkconfig keepalived on
4.编辑HA配置文件
scp root@192.168.1.100:/etc/keepalived/keepalived.conf /etc/keepalived/
vim /etc/keepalived/keepalived.conf
global_defs {
router_id HA_TEST_R2 ##本服务器的名称
}
vrrp_instance VI_1 { ##定义VRRP热备实例
state BACKUP ##MASTER表示主服务器,BACKUP代表从
priority 60 ##优先级,数值越大优先级越高
5.加载lvs模块
modprobe ip_vs && echo "modprobe ip_vs" >>/etc/rc.local
Gateway(充当连接公网的路由器)
1.配置IP
vim /etc/sysconfig/network-scrips/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.1
NETMASK=255.255.255.0
cp /etc/sysconfig/network-scrips/ifcfg-eth0 /etc/sysconfig/network-scrips/ifcfg-eth1
vim /etc/sysconfig/network-scrips/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=dhcp
/etc/init.d/network restart
2.开启路由转发
vim /etc/sysctl.conf
7 net.ipv4.ip_forward = 1
sysctl -p
3.编写防火墙规则
/etc/init.d/iptables stop
iptables -t nat -I PREROUTING -d 192.168.10.139 -i eth1 (公网接口) -p tcp --dport 80 -j DNAT --to-destination 192.168.1.254:80
/etc/init.d/iptables save && chkconfig --level 35 iptables on
访问测试
HA1:/etc/init.d/keepalived restart
HA2:/etc/init.d/keepalived restart //重启keepalived服务
IE:http://192.168.10.139 //访问公网地址测试故障转移