千家信息网

Linux利用keepalived实现lvs的高可用性的操作方法

发表于:2025-01-27 作者:千家信息网编辑
千家信息网最后更新 2025年01月27日,lvs+keepalived是什么?keepalived工作原理keepalived是集群管理中保证集群高可用的一个服务软件,其功能类似于heartbeat,用来防止单点故障。 keepalived是
千家信息网最后更新 2025年01月27日Linux利用keepalived实现lvs的高可用性的操作方法

lvs+keepalived是什么?

keepalived工作原理

keepalived是集群管理中保证集群高可用的一个服务软件,其功能类似于heartbeat,用来防止单点故障。 keepalived是以VRRP协议为实现基础的,VRRP全称Virtual Router Redundancy Protocol,即虚拟路由冗余协议。 虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以保证路由器的高可用了。

LVS简介

LVS是Linux Virtual Server的简写,意即Linux虚拟服务器,是一个虚拟的服务器集群系统。本项目在1998年5月由章文嵩博士成立,是中国国内最早出现的自由软件项目之一。目前有三种IP负载均衡技术(VS/NAT、VS/TUN和VS/DR),十种调度算法。

本文重点给大家介绍Linux利用keepalived实现lvs的高可用性的操作方法,感兴趣的朋友参考下吧。

单主模型IPVS示例

配置keepalive

高可用的ipvs集群示例:修改keepalived配置文件

修改主机:192.168.234.27的keepalived配置文件

[root@234c27 ~]# vim /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {notification_email {root@localhost //接受邮件地址}notification_email_from keepalived@localhost //发送邮件地址smtp_server 127.0.0.1 //发送邮件服务器IPsmtp_connect_timeout 30 //邮件连接超时时长router_id kptwo //路由idvrrp _mcast_group4 234.10.10.10 //指定vrrp协议的多播地址}vrrp_instance VI_1 { //vrrp协议的state MASTER //lvs的MASTER服务器interface ens37 //virtual_router_id 50 //虚拟路由priority 100 //权重为100.越大越先advert_int 1 //发送组博包的间隔authentication { //验证auth_type PASS //方式为pass( 明文)auth_pass 1111 //密码}virtual_ipaddress { //keepalived虚拟ip10.0.0.100/24}}virtual_server 10.0.0.100 80 { delay_loop 6 //检查后端服务器的时间间隔 lb_algo wrr //定义调度方法 lb_kind DR //集群的类型 #persistence_timeout 50 //持久连接时长 protocol TCP //服务协议,仅支持TCP real_server 192.168.234.47 80 { //后端real_server服务器地址  weight 1 //权重  HTTP_GET { //应用层检测   url {    path / //定义要监控的URL    status_code 200 //判断上述检测机制为健康状态的响应码   }   connect_timeout 3 //连接请求的超时时长   nb_get_retry 3 //重试次数   delay_before_retry 3 //重试之前的延迟时长  } } real_server 192.168.234.57 80 {  weight 2  HTTP_GET {   url {    path /    status_code 200   }   connect_timeout 3   nb_get_retry 3   delay_before_retry 3  } }}

修改主机:192.168.234.37的keepalived配置文件

[root@234c37 ~]# vim /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email {  root@localhost } notification_email_from keepalived@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id kptwo vrrp _mcast_group4 234.10.10.10}vrrp_instance VI_1 { state BACKUP interface ens37 virtual_router_id 50 priority 80 advert_int 1 authentication {  auth_type PASS  auth_pass 1111 } virtual_ipaddress {  10.0.0.100/24 }}virtual_server 10.0.0.100 80 { delay_loop 6 lb_algo wrr lb_kind DR #persistence_timeout 50 protocol TCP sorry_server 127.0.0.1:80 real_server 192.168.234.47 80 {  weight 1  HTTP_GET {   url {    path /    status_code 200   }   connect_timeout 3   nb_get_retry 3   delay_before_retry 3  } } real_server 192.168.234.57 80 {  weight 2  HTTP_GET {   url {    path /    status_code 200   }   connect_timeout 3   nb_get_retry 3   delay_before_retry 3  } }}

查看keepalived

[root@234c37 ~]# systemctl status keepalived● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: inactive (dead)…………[root@234c37 ~]# ipvsadm -LnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port   Forward Weight ActiveConn InActConn//暂无ipvsadm

启动服务

[root@234c27 keepalived]# systemctl start keepalived.service[root@234c27 keepalived]# systemctl status keepalived.service● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since Fri 2018-08-31 20:30:02 CST; 12s ago Process: 9657 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 9658 (keepalived)………………[root@234c27 keepalived]# ipvsadm -LnIP Virtual Server version 1.2.1 (size=4096)Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port   Forward Weight ActiveConn InActConnTCP 10.0.0.100:80 wrr -> 192.168.234.47:80   Route 1  0   0 -> 192.168.234.57:80   Route 2  0   0//启动服务lvs vs已配置好

后端real_server准备

增加ip在网卡上 修改限制arp通告及应答级别 rs1 rs2都做,网关并指向路由

ip a a 10.0.0.100/32 dev ens37echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignoreecho 1 > /proc/sys/net/ipv4/conf/lo/arp_ignoreecho 2 > /proc/sys/net/ipv4/conf/all/arp_announceecho 2 > /proc/sys/net/ipv4/conf/lo/arp_announceroute add default gw 192.168.234.17

安装httpd服务 写好网页文件

启动服务

image

多主模型IPVS示例

配置keepalive

高可用的ipvs集群示例:修改keepalived配置文件

修改主机:192.168.234.27的keepalived配置文件

[root@234c27 keepalived]# vim /etc/keepalived/keepalived.confglobal_defs {  notification_email {   root@localhost  }  notification_email_from keepalived@localhost  smtp_server 127.0.0.1  smtp_connect_timeout 30  router_id kpone  vrrp _mcast_group4 234.10.10.10}vrrp_instance VI_1 {  state MASTER  interface ens37  virtual_router_id 50  priority 100  advert_int 1  authentication {    auth_type PASS    auth_pass 1111  }  virtual_ipaddress {    10.0.0.100/24  }}vrrp_instance VI_2 {  state BACKUP  interface ens37  virtual_router_id 51  priority 80  advert_int 1  authentication {    auth_type PASS    auth_pass 2222  }  virtual_ipaddress {    10.0.0.200/24  }}virtual_server 10.0.0.100 80 {  delay_loop 6  lb_algo wrr  lb_kind DR  #persistence_timeout 50  protocol TCP  #sorry_server 127.0.0.1:80  real_server 192.168.234.47 80 {    weight 1    HTTP_GET {      url {       path /       status_code 200      }      connect_timeout 3      nb_get_retry 3      delay_before_retry 3    }  }}virtual_server 10.0.0.200 80 {  delay_loop 6  lb_algo wrr  lb_kind DR  #persistence_timeout 50  protocol TCP  #sorry_server 127.0.0.1:80  real_server 192.168.234.57 80 {    weight 1    HTTP_GET {      url {       path /       status_code 200      }      connect_timeout 3      nb_get_retry 3      delay_before_retry 3    }  }}

修改主机:192.168.234.37的keepalived配置文件

[root@234c37 ~]# vim /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs {  notification_email {   root@localhost  }  notification_email_from keepalived@localhost  smtp_server 127.0.0.1  smtp_connect_timeout 30  router_id kptwo  vrrp _mcast_group4 234.10.10.10}vrrp_instance VI_1 {  state BACKUP  interface ens37  virtual_router_id 50  priority 80  advert_int 1  authentication {    auth_type PASS    auth_pass 1111  }  virtual_ipaddress {    10.0.0.100/24  }}vrrp_instance VI_2 {  state MASTER  interface ens37  virtual_router_id 51  priority 100  advert_int 1  authentication {    auth_type PASS    auth_pass 2222  }  virtual_ipaddress {    10.0.0.200/24  }}virtual_server 10.0.0.100 80 {  delay_loop 6  lb_algo wrr  lb_kind DR  #persistence_timeout 50  protocol TCP  #sorry_server 127.0.0.1:80  real_server 192.168.234.47 80 {    weight 1    HTTP_GET {      url {       path /       status_code 200      }      connect_timeout 3      nb_get_retry 3      delay_before_retry 3    }  }}virtual_server 10.0.0.200 80 {  delay_loop 6  lb_algo wrr  lb_kind DR  #persistence_timeout 50  protocol TCP  #sorry_server 127.0.0.1:80  real_server 192.168.234.57 80 {    weight 1    HTTP_GET {      url {       path /       status_code 200      }      connect_timeout 3      nb_get_retry 3      delay_before_retry 3    }  }}

让10.0.0.100的ip优先分配至192.168.234.47 192.168.234.57备用

让10.0.0.200的ip优先分配至192.168.234.57 192.168.234.47备用

后端real_server准备

修改192.168.234.57的vip为10.0.0.200/32

  [root@234c27 keepalived]# ipvsadm -Ln  IP Virtual Server version 1.2.1 (size=4096)  Prot LocalAddress:Port Scheduler Flags   -> RemoteAddress:Port      Forward Weight ActiveConn InActConn  TCP 10.0.0.100:80 wrr   -> 192.168.234.47:80      Route  1   0     0  TCP 10.0.0.200:80 wrr  -> 192.168.234.57:80      Route  1   0     0

现在宕掉一个lvs

  [root@234c27 keepalived]# systemctl stop keepalived.service  [root@234c27 keepalived]# ipvsadm -Ln  IP Virtual Server version 1.2.1 (size=4096)  Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port      Forward Weight ActiveConn InActConn

依然提供服务

 [root@234c37 ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096)  Prot LocalAddress:Port Scheduler Flags  -> RemoteAddress:Port      Forward Weight ActiveConn InActConn  TCP 10.0.0.100:80 wrr   -> 192.168.234.47:80      Route  1   0     21  TCP 10.0.0.200:80 wrr   -> 192.168.234.57:80      Route  1   0     39

后一个实现基于前一个的基础上修改来的

假设要实现sorry_server

1.把rs服务都停掉。然后在lvs上安装apache或者nginx服务

2.将keepalived配置文件中的

virtual_server 10.0.0.200 80 {  delay_loop 6  lb_algo wrr  lb_kind DR  #persistence_timeout 50  protocol TCP  #sorry_server 127.0.0.1:80 //这一行来修改 写出服务出错之后的页面  real_server 192.168.234.57 80 {    weight 1    HTTP_GET {      url {       path /       status_code 200      }      connect_timeout 3      nb_get_retry 3      delay_before_retry 3    }  }}
0