一 基础环境
1.1 IP规划
OS:CentOS 6.8 64位
1.2 架构规划
二 高可用LVS负载均衡集群部署
2.1 NTP部署
操作略,具体可参考N01.1.1-常见服务《NTP》。
注意:为了保证集群的稳定性,强烈建议在所有节点均部署NTP同步服务,保证所有时钟一致。
2.2 部署httpd集群
1 [root@RServer01 ~]# yum -y install httpd 2 [root@RServer01 ~]# service iptables stop 3 [root@RServer01 ~]# chkconfig iptables off 4 [root@RServer01 ~]# vi /etc/selinux/config 5 SELINUX=disabled 6 [root@master ~]# setenforce 0 #关闭SELinux及防火墙
注意:后端所有Real服务器节点都需要安装,用于模拟测试。
建议:为了测试方便,建议所有节点关闭防火墙和SELinux,若未关闭防火墙也可通过下列方式放通:
1 firewall-cmd --permanent–-add-service=keepalived 2 firewall-cmd --reload
2.3 安装Keepalived
1 [root@lvsmaster ~]# yum -y install gcc gcc-c++ make kernel-devel kernel-tools kernel-tools-libs kernel libnl libnl-devel libnfnetlink-devel openssl-devel wget openssh-clients #安装基础环境及依赖 2 [root@lvsmaster ~]# ln -s /usr/src/kernels/`uname -r` /usr/src/linux 3 [root@lvsmaster ~]# wget http://www.keepalived.org/software/keepalived-1.3.6.tar.gz 4 [root@lvsmaster ~]# tar -zxvf keepalived-1.3.6.tar.gz #编译安装Keepalived 5 [root@lvsmaster ~]# cd keepalived-1.3.6/ 6 [root@lvsmaster keepalived-1.3.6]# ./configure --prefix=/usr/local/keepalived 7 [root@Master keepalived-1.3.9]# make && make install
注意:CentOS6.8安装高于1.3.6版本会出现未知错误。
2.4 添加启动相关服务
1 [root@lvsmaster ~]# mkdir /etc/keepalived 2 [root@lvsmaster ~]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ 3 [root@lvsmaster ~]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ 4 [root@lvsmaster ~]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ 5 [root@lvsmaster ~]# vi /etc/init.d/keepalived #创建Keepalived启动脚本,如附件 6 #!/bin/sh 7 # 8 # keepalived High Availability monitor built upon LVS and VRRP 9 # 10 # chkconfig: - 86 14 11 # description: Robust keepalive facility to the Linux Virtual Server project 12 # with multilayer TCP/IP stack checks. 13 14 ### BEGIN INIT INFO 15 # Provides: keepalived 16 # Required-Start: $local_fs $network $named $syslog 17 # Required-Stop: $local_fs $network $named $syslog 18 # Should-Start: smtpdaemon httpd 19 # Should-Stop: smtpdaemon httpd 20 # Default-Start: 21 # Default-Stop: 0 1 2 3 4 5 6 22 # Short-Description: High Availability monitor built upon LVS and VRRP 23 # Description: Robust keepalive facility to the Linux Virtual Server 24 # project with multilayer TCP/IP stack checks. 25 ### END INIT INFO 26 27 # Source function library. 28 . /etc/rc.d/init.d/functions 29 30 exec="/usr/sbin/keepalived" 31 prog="keepalived" 32 config="/etc/keepalived/keepalived.conf" 33 34 [ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog 35 36 lockfile=/var/lock/subsys/keepalived 37 38 start() { 39 [ -x $exec ] || exit 5 40 [ -e $config ] || exit 6 41 echo -n $"Starting $prog: " 42 daemon $exec $KEEPALIVED_OPTIONS 43 retval=$? 44 echo 45 [ $retval -eq 0 ] && touch $lockfile 46 return $retval 47 } 48 49 stop() { 50 echo -n $"Stopping $prog: " 51 killproc $prog 52 retval=$? 53 echo 54 [ $retval -eq 0 ] && rm -f $lockfile 55 return $retval 56 } 57 58 restart() { 59 stop 60 start 61 } 62 63 reload() { 64 echo -n $"Reloading $prog: " 65 killproc $prog -1 66 retval=$? 67 echo 68 return $retval 69 } 70 71 force_reload() { 72 restart 73 } 74 75 rh_status() { 76 status $prog 77 } 78 79 rh_status_q() { 80 rh_status &>/dev/null 81 } 82 83 84 case "$1" in 85 start) 86 rh_status_q && exit 0 87 $1 88 ;; 89 stop) 90 rh_status_q || exit 0 91 $1 92 ;; 93 restart) 94 $1 95 ;; 96 reload) 97 rh_status_q || exit 7 98 $1 99 ;; 100 force-reload) 101 force_reload 102 ;; 103 status) 104 rh_status 105 ;; 106 condrestart|try-restart) 107 rh_status_q || exit 0 108 restart 109 ;; 110 *) 111 echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" 112 exit 2 113 esac 114 exit $ 115 [root@lvsmaster ~]# chmod u+x /etc/rc.d/init.d/keepalived 116 [root@lvsmaster ~]# vi /etc/keepalived/keepalived.conf 117 ! Configuration File for keepalived 118 …… 119 smtp_connect_timeout 30 120 router_id LVS_Master #表示运行Keepalived服务器的一个标识 121 } 122 123 vrrp_instance VI_1 { 124 state MASTER #指定Keepalived的角色 125 interface eth0 #指定HA监测网络的接口 126 virtual_router_id 51 #同一个vrrp实例使用唯一的标识,即同一个vrrp_instance下,Master和Backup必须是一致的 128 priority 100 #定义优先级,数值越大,优先级越高 129 advert_int 1 #设定Mater和Backup负载均衡器之间同步检查时间间隔 130 authentication { 131 auth_type PASS 132 auth_pass 1111 133 } 134 virtual_ipaddress { 135 172.24.8.100 #设置虚拟IP地址 136 } 137 } 138 139 virtual_server 172.24.8.100 80 { 140 delay_loop 6 #运行情况检查时间 141 lb_algo rr #设置负载均衡算法 142 lb_kind DR #设置LVS实现负载均衡的机制,有NAT/DR/TUN 143 persistence_timeout 50 #会话保持时间 144 protocol TCP #指定转发类型 145 146 real_server 172.24.8.12 80 { 147 weight 1 #服务节点的权值,数值越大,权值越高 148 TCP_CHECK { 149 connect_timeout 5 #表示无响应超时时间,单位是秒 150 nb_get_retry 3 #表示重试次数 151 delay_before_retry 3 #表示重试间隔 152 } 153 } 154 real_server 172.24.8.13 80 { 155 weight 1 156 TCP_CHECK { 157 connect_timeout 5 158 nb_get_retry 3 159 delay_before_retry 3 160 } 161 } 162 } 163 [root@lvsmaster ~]# scp /etc/keepalived/keepalived.conf 172.24.8.11:/etc/keepalived/keepalived.conf 164 [root@lvsbackup ~]# vi /etc/keepalived/keepalived.conf 165 state BACKUP 166 priority 80
注意;备用Director Server上需要修改状态为BACKUP和priority优先级。
2.5 安装IPVS管理工具
1 [root@lvsmaster ~]# yum -y install ipvsadm
2.6 配置Real Server节点
在LVS的DR和TUN模式下,用户访问请求到大Real Server后,Real Server的响应报文直接返回给用户,而不需经过Director Server。因此,需要在每个Real Server上配置虚拟VIP地址。
注意:回环接口绑定vip,且禁止arp请求等操作,可通过以下脚本实现:脚本可留言索要。
1 [root@RServer01 ~]# vi /etc/init.d/lvsrs 2 [root@RServer01 ~]# chmod u+x /etc/init.d/lvsrs
2.7 启动集群
1 [root@RServer01 ~]# service httpd start 2 [root@RServer01 ~]# chkconfig httpd on 3 [root@RServer02 ~]# service httpd start 4 [root@RServer02 ~]# chkconfig httpd on 5 6 [root@lvsmaster ~]# service keepalived start 7 [root@lvsmaster ~]# chkconfig keepalived on 8 [root@lvsbackup ~]# service keepalived start 9 [root@lvsbackup ~]# chkconfig keepalived on 10 11 [root@RServer01 ~]# service lvsrs start 12 [root@RServer02 ~]# service lvsrs start
三 测试集群
3.1 高可用功能测试
停止主Director Server服务器的Keepalived,观察/var/log/messages日志,可知备机会立刻变为MASTER,并且接管主机的虚拟ip资源。重启主Director Server服务器的Keepalived,备机会重新恢复为BACKUP角色。
具体测试略。
3.2 负载均衡测试
1 [root@RServer01 ~]# echo 'This is Real Server01!' >>/var/www/html/index.html 2 [root@RServer01 ~]# echo 'This is Real Server02!' >>/var/www/html/index.html
然后浏览器访问:http://172.24.8.100,并不断的刷新,能分别看到Server01和Server02即可。
3.3 故障切换测试
1 [root@RServer01 ~]# service httpd stop
当关掉其中一个Real Server时,访问VIP,只会显示还处于集群中的web节点。
