LB/LVS之KeepAlived
来源:互联网 发布:php加密方式 编辑:程序博客网 时间:2024/05/02 00:31
基于LVS LB集群解决方案一:LVS + KeepAlived
KeepAlived在该项目中的功能:
1. 实现调度器的HA
2. 对RealServer做健康检查
3. 动态维护IPVS路由表
http://www.keepalived.org
=================================================================================
拓扑结构:
Client: CIP: 192.168.122.1
Director: VIP:192.168.122.100
DIP: director1 192.168.122.2 director2 192.168.122.3
Real Server: RIP: 192.168.122.10 192.168.122.20 192.168.122.30
VIP: 192.168.122.100 192.168.122.100 192.168.122.100
DNS Server: www.uplook.com ===> 192.168.122.100
注:主/备Directory VIP由高可用软件添加
一、实施步骤
1. 准备工作(集群中所有主机)
IP, hostname, hosts, iptables, SELinux, ssh trust, ntp
[root@uplook ~]# cat /etc/hosts
127.0.0.1 localhost
192.168.122.2 director1.uplook.com director1
192.168.122.3 director2.uplook.com director1
192.168.122.10 node1.uplook.com node1
192.168.122.20 node2.uplook.com node2
192.168.122.30 node3.uplook.com node3
2. RS配置
配置好网站服务器,测试所有RS //为了测试效果,提供不同的页面
[root@uplook ~]# ip addr add dev lo 192.168.122.100/32 //在lo接口上绑定VIP
方法一:不对VIP的ARP请求响应
[root@uplook ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore //non-arp
[root@uplook ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
方法二:不对VIP的ARP请求响应
[root@uplook ~]# arptables -A IN -d 192.168.122.100 -j DROP
[root@uplook ~]# arptables -A OUT -s 192.168.122.100 -j mangle --mangle-ip-s <real_ip>
[root@uplook ~]# service arptables_jf save
[root@uplook ~]# chkconfig arptables_jf on
3. 主/备调度器安装软件
[root@master ~]# yum -y install ipvsadm keepalived
[root@backup ~]# yum -y install ipvsadm keepalived
=================================================================================
源码安装方法
ipvsadm
[root@uplook ~]# yum -y install ipvsadm kernel-headers kernel-devel openssl-devel popt-devel
KeepAlived
[root@uplook keepalived-1.2.1]# ./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-358.el6.x86_64/
Keepalived configuration
---------------------------------------------
Keepalived version : 1.2.1
Compiler : gcc
Compiler flags : -g -O2 -DETHERTYPE_IPV6=0x86dd
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework : Yes
Use Debug flags : No
[root@uplook keepalived-1.2.1]# make
[root@uplook keepalived-1.2.1]# make install
=================================================================================
4. 主/备调度器Keepalived配置
Master
获得Real Server测试页面的MD5SUM值 <用于对Real Server健康检查>
[root@uplook ~]# genhash -s 192.168.122.10 -p 80 -u /test.html //RS网站的主目录
MD5SUM = c5f42eddf777ef2d2b0f7263c094c20e
[root@uplook ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id director1 //辅助改为director2
}
vrrp_instance VI_1 {
state MASTER //辅助改为BACKUP
interface eth0 //心跳接口,尽量单独连接心跳
virtual_router_id 80 //MASTER,BACKUP一致
priority 100 //辅助改为50
advert_int 1 设置同步时间间隔
authentication { 设置验证类型和密码
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { 设置lvs vip
192.168.122.100
}
}
virtual_server 192.168.122.100 80 {
delay_loop 6 健康检查时间间隔
lb_algo rr 负载均衡调度算法
lb_kind DR 负载均衡转发规则
nat_mask 255.255.255.0
persistence_timeout 50 设置会话保持时间
protocol TCP
real_server 192.168.122.10 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.122.20 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.122.30 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
BACKUP
5. 启动KeepAlived(主备均启动)
[root@uplook ~]# chkconfig keepalived on
[root@uplook ~]# service keepalived start
[root@uplook ~]# tail -f /var/log/messages
[root@uplook ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.122.100:80 wrr
-> 192.168.122.10:80 Route 1 0 0
-> 192.168.122.20:80 Route 3 0 0
-> 192.168.122.30:80 Route 3 0 0
[root@uplook ~]# ipvsadm -Ln -c
IPVS connection entries
pro expire state source virtual destination
TCP 01:57 FIN_WAIT 192.168.1.254:58698 192.168.122.100:80 192.168.122.10:80
TCP 01:57 FIN_WAIT 192.168.1.254:58699 192.168.122.100:80 192.168.122.20:80
TCP 01:57 FIN_WAIT 192.168.1.254:58695 192.168.122.100:80 192.168.122.20:80
TCP 01:56 FIN_WAIT 192.168.1.254:58691 192.168.122.100:80 192.168.122.20:80
TCP 01:58 FIN_WAIT 192.168.1.254:58700 192.168.122.100:80 192.168.122.20:80
TCP 01:58 FIN_WAIT 192.168.1.254:58702 192.168.122.100:80 192.168.122.10:80
TCP 01:58 FIN_WAIT 192.168.1.254:58703 192.168.122.100:80 192.168.122.20:80
TCP 01:57 FIN_WAIT 192.168.1.254:58696 192.168.122.100:80 192.168.122.20:80
TCP 01:57 FIN_WAIT 192.168.1.254:58693 192.168.122.100:80 192.168.122.20:80
二、测试
所有分发器和Real Server都正常
主分发器故障及恢复
Real Server故障及恢复
三、Keepalived不抢占
nopreempt 仅针对BACKUP
- LB/LVS之KeepAlived
- LB/LVS之KeepAlived总结
- LB 集群之 LVS
- LB/LVS之NAT实战
- LB-lvs
- HA之LVS+KeepAlived
- LB(负载均衡)集群之LVS详解
- LVS + Keepalived之nat模式
- LVS + Keepalived之tun模式
- 负载均衡之LVS+keepalived
- LVS+Keepalived
- lvs keepalived
- LVS+keepalived
- lvs+keepalived
- lvs+keepalived
- LVS+keepalived
- LVS+keepalived
- LVS+Keepalived
- Windows未能启动,原因可能是最近更改了硬件或软件,解决此问题的步骤...
- 第一天深入了解 指针 引用吧
- JavaScript的null类型说明
- 【分布式Tensorflow(0.11.0)问题 未解决】 alexnet_v2/pool1/MaxPool : tensor_in must be 4-dimensional
- 启动tomcat小猫不显示
- LB/LVS之KeepAlived
- 考试篇(5.2) NSE4 题库 14. 高可用性 ❀ 飞塔 (Fortinet) 网络安全专家
- 搭建Hadoop2.5.2环境
- Ajax学习---1(初步了解)
- unity截屏脚本
- Android 打包获取release版apk
- HDU 1195Open the Lock(bfs)
- 走进数据结构之排序(二)---希尔排序
- hadoop作业执行之TaskTracker