lvs+keepalived+DR搭建高可用集群
环境准备:
lvsserver1 192.168.1.10
lvsserver2 192.168.1.11
vip 192.168.1.15
rs1 192.168.1.12
rs2 192.168.1.13
lvsserver1和lvsserver2操作:
开启路由转发
临时生效 echo "1" > /proc/sys/net/ipv4/ip_forward
永久生效 vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
1 安装ipvsadm以及keepadlived 2 [root@lvs1 ~]# yum install gcc* c++ * autoconf automake zlib* libxml* ncurses-devel libmcrypt* libtool-ltdl-devel* popt-devel libnl-devel kernel-devel ipvsadm 3 [root@lvs1 ~]# wget http://www.keepalived.org/software/keepalived-1.1.19.tar.gz //不推荐使用最新版本 4 [root@lvs1 ~]# tar -xf keepalived-1.1.19.tar.gz 5 [root@lvs1 ~]# ./configure 6 Keepalived configuration 7 8 ------------------------ 9 10 Keepalived version : 1.1.17 11 Compiler : gcc 12 Compiler flags : -g -O2 13 Extra Lib : -lpopt -lssl -lcrypto 14 Use IPVS Framework : No **使用IPVS框架,也就是负载均衡模块 15 IPVS sync daemon support : No **启用IPVS同步功能 16 Use VRRP Framework : Yes **实现高可用的必须模块 17 Use LinkWatch : No 18 Use Debug flags : No 19 20 当出现这两个为No的时候,则需以下操作 21 22 [root@lvs1 ~]# ./configure --with-kernel-dir=/usr/src/kernels/2.6.32-754.11.1.el6.x86_64/ 23 [root@lvs1 ~]# make 24 [root@lvs1 ~]# make install 25 [root@lvs1 ~]# cp -a /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ 26 [root@lvs1 ~]# cp -a /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ 27 [root@lvs1 ~]# mkdir -p /etc/keepalived 28 [root@lvs1 ~]# cp -a /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ 29 [root@lvs1 ~]# cp -a /usr/local/sbin/keepalived /usr/bin/ 30 [root@lvs1 ~]# cd /etc/keepalived && cp -a keepalived.conf keepalived.conf.bak 31 [root@lvs1 ~]# cat keepalived.conf 32 [root@lvs1 ~]# cat /etc/keepalived/keepalived.conf 33 ! Configuration File for keepalived 34 35 global_defs { 36 router_id LVS_MASTER **标识本节点的字条串,通常通知邮件会用到。一般设置hostname 37 } 38 39 vrrp_instance VI_1 { 40 state MASTER **标识机器的状态,从则为BACKUP 41 interface eth0 **绑定ip地址接口 42 lvs_sync_daemon_inteface eth0 **负载均衡之间的监控接口,类似于HA HeartBeat的心跳线 43 virtual_router_id 51 **虚拟路由id,两台机器必须一样 44 priority 150 **优先级,master必须比backup大,从为100 45 advert_int 1 **发VRRP的间隔时间,即多久一次master选举 46 authentication { **认证区域 47 auth_type PASS 48 auth_pass 123456 49 } 50 virtual_ipaddress { 51 172.30.21.230 **定义一个vip 52 } 53 } 54 55 virtual_server 192.168.1.15 443 { **定义虚拟服务器 56 delay_loop 6 **定义健康检查间隔 57 lb_algo rr **负载均衡调度算法 58 lb_kind DR **负载均衡机制 59 #nat_mask 255.255.255.0 **子网掩码 60 persistence_timeout 50 **会话保持时间,提供动态保持session,同一ip在该时间内分配到同一服务器 61 protocol TCP **转发协议类型,支持TCP/UDP 62 63 real_server 192.168.1.12 443 { **定义节点服务器 64 weight 3 **权重 65 TCP_CHECK { **健康监测方式,支持HTTP_GET,SSL_GET,TCP_CHECK,SNMP_CHECK,MISC_CHECK 66 connect_timeout 3 **无响应时间,单位秒 67 nb_get_retry 3 **重试次数 68 delay_before_retry 3 **重试间隔,单位秒 69 connect_port 443 **监测端口,不指定时默认为real_server端口 70 } 71 } 72 73 real_server 192.168.1.13 443 { 74 weight 3 75 TCP_CHECK { 76 connect_timeout 3 77 nb_get_retry 3 78 delay_before_retry 3 79 connect_port 443 80 } 81 } 82 } 83 84 virtual_server 192.168.1.15 2222 { 85 delay_loop 6 86 lb_algo rr 87 lb_kind DR 88 #nat_mask 255.255.255.0 89 persistence_timeout 50 90 protocol TCP 91 92 real_server 192.168.1.12 2222 { 93 weight 3 94 TCP_CHECK { 95 connect_timeout 3 96 nb_get_retry 3 97 delay_before_retry 3 98 connect_port 2222 99 } 100 } 101 102 real_server 192.168.1.13 2222 { 103 weight 3 104 TCP_CHECK { 105 connect_timeout 3 106 nb_get_retry 3 107 delay_before_retry 3 108 connect_port 2222 109 } 110 } 111 } 112 113 两台机器都启动keepalived以及ipvsadm 114 [root@lvs1 ~]# ip addr **查看vip在哪
rs1和rs2操作:
1 [root@lvs-nginx1 ~]# cat /etc/init.d/lvs 2 #!/bin/bash 3 4 VIP=192.168.1.15 5 6 /etc/rc.d/init.d/functions 7 8 case "$1" in 9 10 start) 11 echo "start LVS of RealServer DR" 12 /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up 13 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore 14 echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce 15 echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore 16 echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce 17 ;; 18 stop) 19 /sbin/ifconfig lo:0 down 20 echo "close LVS of RealServer DR" 21 echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore 22 echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce 23 echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore 24 echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce 25 ;; 26 *) 27 echo "Usage: $0 {start|stop}" 28 exit 1 29 esac 30 31 exit 0 32 33 [root@lvs-nginx1 ~]# /etc/init.d/lvs start 34 [root@lvs-nginx1 ~]# echo "/etc/init.d/lvs start" >> /etc/rc.d/rc.local
最后使用ipvsadm -L查看结果以及切换演练
nginx.conf 开启 stream {
include /etc/nginx/tcp/*.conf;
}
#stream {
upstream aaa_ssh {
server xxxx:2222;
server xxxx:2222;
hash $remote_addr consistent;
}
upstream aaa_ssl {
server xxxx:443;
hash $remote_addr consistent;
}
server {
listen 2222 so_keepalive=on; 因为是22端口,所以开启长连接
proxy_pass aaa_ssh;
proxy_connect_timeout 60;
proxy_timeout 1h;
#include proxy.conf;
}
server {
listen 443;
proxy_pass aaa_ssl;
proxy_connect_timeout 60;
#include proxy.conf;
}
#}