LVS+Keepalived高可用集群(CentOS7)

Keepalived高可用集群

什么是高可用集群?

keepalived是集群管理中保证集群高可用的一个服务软件,其功能类似于heartbeat,用来防止单点故障。

keepalived故障切换转移原理

keepalived是以VRRP协议为实现基础的,VRRP虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级选举一个backup当master。这样的话就可以保证路由器的高可用了。

keepalived主要的三个模块 core、check和vrrp

1)core模块为keepalived的核心,负责主进程的启动、维护以及全局配置文件的加载和解析。

2)check负责健康检查,包括常见的各种检查方式。

3)vrrp模块是来实现VRRP协议的。

VRRP协议的简单介绍

VRRP(Virtual Router Redundancy Protocol),即虚拟路由冗余协议。VRRP的出现就是为解决静态路由单点故障,通过一种竞选协议机制来将路由任务交给某台VRRP路由器

VRRP所有报文都是通过IP多播(multicast)包(多播地址:224.0.018)形成发送的,虚拟路由器由VRID(范围0-255)和一组IP地址组成,对外表现为一个周知的MAC地址:00-00-5E-00-01{VRID},所以,在一个虚拟路由中,不管谁是MASTER,对外都是相同的MAC和IP(也就是VIP),客户端主机并不需要因为MASTER的改变而修改自己的路由配置,对他们来说,主从切换是透明

在虚拟路由中,只有MASTER的VRRP路由会一直发送VRRP广告包(VRRP Advertisement message),BACKUP不会抢占MASTER,除非它的优先级(priority)比MASTER的更高 ,当MASTER不可用时,BACKUP收不到广告包,多台BACKUP优先级最高的就会抢占为MASTER,这种抢占很快速(一般小于1s),以保证服务的连续性

keepalived的配置文件

1、keepalived的配置文件可以实现LVS功能

2、keepalived可以对LVS下面的集群节点做健康检查

keepalived只有一个配置文件keepalived.conf,里面主要包括以下几个配置区域,分别是global_defs、static_ipaddress、static_routes、vrrp_script、vrrp_instance和virtual_server。

keepalived 服务两大用途:ha failover    &     healthcheck

ha failover:主要实现LB master 和 backup 主机之间故障转移和自动转换,当主负载均衡器(MASTER)失效或出现故障时,BACKUP将自动接管MASTER的工作(VIP资源及相应服务),一旦MASTER负载均衡器修复,master又会接管回他的工作

rs healthcheck:负载均衡定期检查RS的可用性决定是否给其分发请求:当虚拟服务器中的某一个甚至几个真实服务器同时发生故障无法提供服务时,负载均衡器会自动将失效的RS服务器清除出去,从而保证用户访问不会受到影响,当故障的RS修复后,系统又自动把加入转发队列,分发请求提供正常服务

keepalived小结

VRRP协议介绍

1、VRRP(Virtual Router Redundancy Protocol),即虚拟路由冗余协议。VRRP的出现就是解决了静态路由单点故障

2、VRRP是通过一种竞选协议机制来将路由任务交给某台VRRP路由器

3、VRRP通信是用IP多播的方式实现的

4、MASTER发包、BACKUP收包,当BACKUP收不到包时,优先级最高的BACKUP竞选为MASTER

5、VRRP使用了加密协议

LVS+Keepalived环境部署准备

环境准备:两台keepalived服务器

keepalived服务器 1:      内网IP:10.10.10.11      外网IP:20.20.20.11

keepalived服务器 2:      外网IP:10.10.10.12      外网IP:20.20.20.12

真实服务器1:    内网IP:10.10.10.13

真实服务器2:    内网IP:10.10.10.14

LVS+Keepalived调度器网络环境部署

开启并启用网卡子接口

1、关闭网卡守护进程

systemctl stop NetworkManager

systemctl disable NetworkManager

2、开启子接口

[[email protected] ~]# cd /etc/sysconfig/network-scripts/

[[email protected] network-scripts]# cp -a /etc/sysconfig/network-scripts/{ifcfg-lo,ifcfg-lo:0}

[[email protected] network-scripts]# vim ifcfg-lo:0

DEVICE=lo:0

IPADDR=10.10.10.100

NETMASK=255.255.255.255

ONBOOT=yes

NAME=loopback

3、启用子接口

[[email protected] network-scripts]# ifup ifcfg-lo:0

4、修改内核参数

[[email protected] ~]# vim /etc/sysctl.conf

# LVS-DR 网卡重定向

net.ipv4.conf.all.send_redirects = 0   #禁止转发重定向报文

net.ipv4.conf.default.send_redirects = 0

net.ipv4.conf.lo.send_redirects = 0

[[email protected] ~]# sysctl -p

sysctl: setting key "net.ipv4.conf.all.send_redirects": Invalid argument

net.ipv4.conf.all.send_redirects = 0   #禁止转发重定向报文

net.ipv4.conf.default.send_redirects = 0

net.ipv4.conf.lo.send_redirects = 0

真实服务器网络环境配置

开机并启用网卡子接口

1、关闭网卡守护进程

systemctl stop NetworkManager

systemctl disable NetworkManager

2、配置回环子接口

[[email protected] ~]# cd /etc/sysconfig/network-scripts/

[[email protected] network-scripts]# cp -a ifcfg-lo ifcfg-lo:0

[[email protected] network-scripts]# vim ifcfg-lo:0

DEVICE=lo:0

IPADDR=10.10.10.100

NETMASK=255.255.255.255

NETWORK=127.0.0.0

# If you‘re having problems with gated making 127.0.0.0/8 a martian,

# you can change this to something else (255.255.255.255, for example)

BROADCAST=127.255.255.255

ONBOOT=yes

NAME=loopback

[[email protected] network-scripts]# ifup ifcfg-lo:0

[[email protected] network-scripts]# ifconfig

ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500

inet 10.10.10.13  netmask 255.255.255.0  broadcast 10.10.10.255

inet6 fe80::a2d:9ece:c698:b051  prefixlen 64  scopeid 0x20<link>

lo:0: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536

inet 10.10.10.100  netmask 255.255.255.255

loop  txqueuelen 1  (Local Loopback)

3、修改内核参数

[[email protected] ~]# vim /etc/sysctl.conf

#LVS-DR ARP通信行为控制

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.default.arp_ignore = 1

net.ipv4.conf.default.arp_announce = 2

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.lo.arp_announce = 2

[[email protected] ~]# sysctl -p

net.ipv4.conf.all.arp_ignore = 1

net.ipv4.conf.all.arp_announce = 2

net.ipv4.conf.default.arp_ignore = 1

net.ipv4.conf.default.arp_announce = 2

net.ipv4.conf.lo.arp_ignore = 1

net.ipv4.conf.lo.arp_announce = 2

4、添加路由

[[email protected] ~]# route add -host 10.10.10.100 dev lo:0

[[email protected] ~]# route -n

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

0.0.0.0         10.10.10.1      0.0.0.0         UG    0      0        0 ens33

10.10.10.0      0.0.0.0         255.255.255.0   U     0      0        0 ens33

10.10.10.100    0.0.0.0         255.255.255.255 UH    0      0        0 lo

5、将路由添加到开机自启动

[[email protected] ~]# echo "lvs-dr路由记录" >> /etc/rc.local

[[email protected] ~]# echo "route add -host 10.10.10.100 dev lo:0" >> /etc/rc.local

6、启用httpd服务

[[email protected] ~]# yum -y install httpd

[[email protected] ~]# echo "This is RS1" >> /var/www/html/index.html

[[email protected] ~]# systemctl start httpd

[[email protected] ~]# systemctl disable httpd

[[email protected] ~]# curl 127.0.0.1

This is RS1

Keepalived安装

一、下载keepalived

wget https://www.keepalived.org/software/keepalived-2.0.19.tar.gz

wget https://nchc.dl.sourceforge.net/project/rkhunter/rkhunter/1.4.6/rkhunter-1.4.6.tar.gz

二、安装依赖包

[[email protected] ~]# yum -y install kernel-devel popt-devel gcc* openssl-devel libnl3-devel pcre-devel net-snmp-devel libnfnetlink-devel

三、安装keepalived

[[email protected] ~]# tar -xf keepalived-2.0.19.tar.gz

[[email protected] ~]# tar -xf rkhunter-1.4.6.tar.gz

[[email protected] ~]# cd keepalived-2.0.19/

[[email protected] kernels]# ./configure --prefix=/  --with-kernel=/usr/src/kernels/3.10.0-1062.el7.x86_64

[[email protected] keepalived-2.0.19]# make && make install

[[email protected] keepalived-2.0.19]# cp -a /root/keepalived-2.0.19/keepalived/etc/init.d/keepalived /etc/init.d/

[[email protected] keepalived-2.0.19]# cp -a /root/keepalived-2.0.19/keepalived/keepalived.service /etc/systemd/system/

[[email protected] ~]# chmod -R 755 /etc/init.d/keepalived    #给keepalived启动程序赋权

[[email protected] ~]# systemctl enable keepalived.service    #将keepalived设置为开机自启

[[email protected] ~]# systemctl start keepalived.service

[[email protected] keepalived]# vim /var/run/keepalived.pid

[[email protected] keepalived]# vim /lib/systemd/system/keepalived.service

[Unit]

Description=LVS and VRRP High Availability Monitor

After=network-online.target syslog.target

Wants=network-online.target

[Service]

Type=forking

PIDFile=/run/keepalived.pid

KillMode=process

EnvironmentFile=-//etc/sysconfig/keepalived

ExecStart=//sbin/keepalived $KEEPALIVED_OPTIONS

ExecReload=/bin/kill -HUP $MAINPID

[[email protected] ~]# systemctl daemon-reload

四、配置keepalived.conf配置文件

主keepalived调度器配置

[[email protected] network-scripts]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

router_id R1                  #两边可以不一样

}

vrrp_instance VI_1 {

state MASTER                    #配置MASTER和BACKUP

interface ens32                 #心跳网卡

virtual_router_id 51            #虚拟器路由器ID,主备要一致

priority 100                    #优先级

advert_int 1                    #检查心跳间隔时间,单位秒

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

10.10.10.100/24 dev ens32   #VIP和工作端口号

}

}

virtual_server 10.10.10.100 80 {        #LVS配置,VIP

delay_loop 3                   #服务论询的时间间隔

lb_algo rr                     #LVS调度算法

lb_kind DR                     #LVS集群模式

protocol TCP

real_server 10.10.10.13 80 {        #真实服务器IP

weight 1

TCP_CHECK {

connect port 80

connect timeout 3

nb_get_retry 3

delay_before_retry 4

}

}

real_server 10.10.10.14 80 {

weight 1

TCP_CHECK {

connect port 80

connect timeout 3

nb_get_retry 3

delay_before_retry 4

}

}

主keepalived调度器配置

! Configuration File for keepalived

global_defs {

router_id R2                  #两边可以不一样

}

vrrp_instance VI_1 {

state BACKUP                    #配置MASTER和BACKUP

interface ens33                 #心跳网卡

virtual_router_id 51            #虚拟器路由器ID,主备要一致

priority 80                    #优先级

advert_int 1                    #检查心跳间隔时间,单位秒

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

10.10.10.100/24 dev ens33   #VIP和工作端口号

}

}

virtual_server 10.10.10.100 80 {        #LVS配置,VIP

delay_loop 3                   #服务论询的时间间隔

lb_algo rr                     #LVS调度算法

lb_kind DR                     #LVS集群模式

protocol TCP

real_server 10.10.10.13 80 {        #真实服务器IP

weight 1

TCP_CHECK {

connect port 80

connect timeout 3

nb_get_retry 3

delay_before_retry 4

}

}

real_server 10.10.10.14 80 {

weight 1

TCP_CHECK {

connect port 80

connect timeout 3

nb_get_retry 3

delay_before_retry 4

}

}

五、配置keepalived服务

[[email protected] ~]# systemctl start keepalived.service

[[email protected] ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  10.10.10.100:80 rr

-> 10.10.10.13:80               Route   1      0          2

-> 10.10.10.14:80               Route   1      0          2

测试

一、测试服务器是否实现负载均衡

[[email protected] ~]# curl 10.10.10.100

This is RS2

[[email protected] ~]# curl 10.10.10.100

This is RS1

[[email protected] ~]# curl 10.10.10.100

This is RS2

[[email protected] ~]# curl 10.10.10.100

This is RS1

二、测试停止主keepalived,是否可以正常访问

[[email protected] ~]# systemctl stop keepalived.service

[[email protected] ~]# curl 10.10.10.100

This is RS1

[[email protected] ~]# curl 10.10.10.100

This is RS2

[[email protected] ~]# curl 10.10.10.100

This is RS1

[[email protected] ~]# curl 10.10.10.100

This is RS2

[[email protected] ~]# ip a        #查看负载均衡IP状态,MASTER上有VIP虚拟IP

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:0f:a9:92 brd ff:ff:ff:ff:ff:ff

inet 10.10.10.12/24 brd 10.10.10.255 scope global ens33

valid_lft forever preferred_lft forever

inet 10.10.10.100/24 scope global secondary ens33

valid_lft forever preferred_lft forever

inet6 fe80::f3fd:bcb0:3ff8:f5ae/64 scope link

valid_lft forever preferred_lft forever

3: ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:0f:a9:9c brd ff:ff:ff:ff:ff:ff

[[email protected] ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet 10.10.10.100/32 brd 10.10.10.100 scope global lo:0

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:fe:30:9b brd ff:ff:ff:ff:ff:ff

inet 10.10.10.11/24 brd 10.10.10.255 scope global ens32

valid_lft forever preferred_lft forever

inet6 fe80::a939:89f8:1beb:5ca7/64 scope link

valid_lft forever preferred_lft forever

3: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:fe:30:a5 brd ff:ff:ff:ff:ff:ff

三、测试主keepalived 恢复正常后,能否抢回MASTER的位置

[[email protected] ~]# systemctl start keepalived.service

[[email protected] ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  10.10.10.100:80 rr

-> 10.10.10.14:80               Route   1      0          0

[[email protected] ~]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

valid_lft forever preferred_lft forever

inet 10.10.10.100/32 brd 10.10.10.100 scope global lo:0

valid_lft forever preferred_lft forever

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: ens32: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:fe:30:9b brd ff:ff:ff:ff:ff:ff

inet 10.10.10.11/24 brd 10.10.10.255 scope global ens32

valid_lft forever preferred_lft forever

inet 10.10.10.100/24 scope global secondary ens32

valid_lft forever preferred_lft forever

inet6 fe80::a939:89f8:1beb:5ca7/64 scope link

valid_lft forever preferred_lft forever

3: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:fe:30:a5 brd ff:ff:ff:ff:ff:ff

当主Keepalived恢复正常后,立即变为MASTER

三、当一台真实服务器停止服务后,测试是否能正常访问

[[email protected] ~]# systemctl stop httpd

[[email protected] ~]# ipvsadm -Ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  10.10.10.100:80 rr

-> 10.10.10.14:80               Route   1      0          0

[[email protected] ~]# curl 10.10.10.100

This is RS2

[[email protected] ~]# curl 10.10.10.100

This is RS2

[[email protected] ~]# curl 10.10.10.100

This is RS2

[[email protected] ~]# curl 10.10.10.100

This is RS2

原文地址:https://www.cnblogs.com/chenyun1/p/12563323.html

时间: 2024-10-28 15:38:24

LVS+Keepalived高可用集群(CentOS7)的相关文章

linux企业常用服务---lvs+Keepalived高可用集群

部署前准备: iptables和selinux没配置,关掉 挂载系统镜像作为本地yum源,修改yum文件 源码包准备keepalived-1.2.13.tar.gz 环境介绍: 主服务器ip:192.168.100.157(keeplived+lvs) 从服务器ip:192.168.100.156(keeplived+lvs) 节点服务器ip:192.168.100.153-192.168.100.155(httpd) 集群vip:192.168.100.95 1.安装keepalived(在两

CentOS 7.3 部署LVS + Keepalived 高可用集群

双击热备 在这个高度信息化的IT时代,企业的生产系统,业务运营,销售个支持 以及日常管理环节越来越依赖计算机信息和服务,使得对高可用(HA) 技术的应用需求大量上升,以便提供持续的,不间断计算机或网络 vs服务器和web-server他们必须在同一个网段内,因为LVS转发包的时候,是直接修改了包目标的MAC地址,直接扔给了rs,基于MAC地址的修改是活动在OSI二层数据链路层的,工作在数据链路层的网络设备就是交换机了,所以必须在一个交换机下面,也就是一个局域网内为啥抑制real-server的A

keepalived高可用集群技术介绍及实战演练

一.Keepalived是什么 Keepalived的作用是检测服务器的状态,如果有一台web服务器宕机,或工作出现故障,Keepalived将检测到,并将有故障的服务器从系统中剔除,同时使用其他服务器代替该服务器的工作,当服务器工作正常后Keepalived自动将服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的服务器. 二.Keepalived的特性 配置文件简单:配置文件比较简单,可通过简单配置实现高可用功能 稳定性强:keepalived是一个类似于

Keepalived高可用集群。

Keepalived高可用集群 Keepalived介绍 Keepalived软件起初是专门为LVS负载均衡软件设计的,用来管理并监控LVS集群系统中各个服务节点的状态,后来又加入了可以实现高可用的VRRP功能.因此,Keepalived除了能够管理LVS软件外,还可以作为其他服务(例如:Nginx,Haproxy,MySQL等)的高可用解决方案软件. Keepalived软件主要是通过VRRP协议实现高可用功能的.VRRP是Virtual Router Redundancy Protocol(

Nginx+Keepalived高可用集群应用实践

Nginx+Keepalived高可用集群应用实践 1.Keepalived高可用软件 1.1 Keepalived服务的三个重要功能 1.1.1管理LVS负载均衡软件 早期的LVS软件,需要通过命令行或脚本实现管理,并且没有针对LVS节点的健康检查功能.为了解决LVS的这些使用不便问题,Keepalived诞生了,可以说,Keepalived软件起初是专为解决LVS的问题而诞生的.因此,Keepalived和LVS的感情很深,他们的关系如同夫妻一样,可以紧密地结合,愉快地工作.Keepaliv

Keepalived高可用集群应用场景与配置

1.Keepalived单实例主备模式集群方案 这是最简单的模式,不只考虑高可用集群,先不考虑后方的Nginx负载均衡集群,即后端的服务器集群,参考下面的图示: 其对应的Keepalived核心配置如下: lb01 global_defs { notification_email { [email protected] [email protected] [email protected] } notification_email_from [email protected] smtp_serv

heartbeat+ldirector+lvs实现高可用集群

7.heartbeat+ldirector+lvs实现高可用集群 在lvs的DR模式基础下进行该实验. heartbeat工作原理: heartbeat最核心的包括两个部分,心跳监测部分和资源接管部分,心跳监测可以通过网络链路和串口进行,而且支持冗余链路,它们之间相互发送报文来 告诉对方自己当前的状态,如果在指定的时间内未收到对方发送的报文,那么就认为对方失效,这时需启动资源接管模块来接管运行在对方主机上的资源或者服务. 两台 调度服务器 :    Heartbeat仅仅是个HA软件,它仅能完成

Keepalived高可用集群

Keepalived高可用集群 keepalived高可用集群是指一个主服务器,一个备份服务器,共同使用一个虚拟的ip地址,当主服务器宕掉之后,备份服务器开始工作,这样就避免了访问事故. 搭建keepalived高可用集群 [master] #yum -y install keepalived #vim /etc/keepalived/keepalived.conf vrrp_instance webha { state MASTER 主服务器 interface eth0 网卡口 priori

部署Memcached+magent+keepalived高可用集群

Memcached+magent+keepalived高可用集群 magent是一款开源的代理服务软件,我们可以通过他来实现缓存数据的同步,当然这里说的同步不是说memcached之间就能互相通讯了, 而magent可以同时连接多个memcached节点, 通过magent绑定的VIP从客户端登录memcached写入数据,其他节点的memcached数据也会同步.? 案例环境 主机名称 IP 主要软件 memcached主 192.168.200.128 Magent.memcached.li