| 主机名 | ip | 系统 | 用途 |
|---|---|---|---|
| client | 10.36.192.206 | centos7.9 | 客户端 |
| keepalived-master | 10.36.192.215 | centos7.9 | 分发器 |
| keepalived-slave | 10.36.192.228 | centos7.9 | 备用分发器 |
| nginx1 | 10.36.192.244 | centos7.9 | web1 |
| nginx2 | 10.46.192.224 | centos7.9 | web2 |
| vip | 10.36.192.99 |
LVS_Director + KeepAlived
KeepAlived在该项目中的功能:
- 管理IPVS的路由表(包括对RealServer做健康检查)
- 实现调度器的HA
http://www.keepalived.org
Keepalived所执行的外部脚本命令建议使用绝对路径
关闭所有服务器防火墙和selinux
分发器
[root@keepalived-master ~]# yum -y install ipvsadm keepalived
[root@keepalived-master ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs-keepalived-master
}
vrrp_instance VI_1 {
state MASTER
interface ens33 #VIP绑定接口
virtual_router_id 50 #VRID 同一组集群,主备一致
priority 100 #本节点优先级,辅助改为50
advert_int 1 #检查间隔,默认为1s
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.36.192.99/32 # 可以写多个vip
}
}
virtual_server 10.36.192.99 80 { #LVS配置
delay_loop 3
lb_algo rr #LVS调度算法
lb_kind DR #LVS集群模式(路由模式)
net_mask 255.255.255.0
protocol TCP #健康检查使用的协议
real_server 10.36.192.244 80 {
weight 1
inhibit_on_failure #当该节点失败时,把权重设置为0,而不是从IPVS中删除
TCP_CHECK { #健康检查
connect_port 80 #检查的端口
connect_timeout 3 #连接超时的时间
}
}
real_server 10.36.192.224 80 {
weight 1
inhibit_on_failure
TCP_CHECK {
connect_timeout 3
connect_port 80
}
}
}[root@keepalived-master ~]# systemctl start keepalived
[root@keepalived-master ~]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
备用分发器
[root@lvs-keepalived-slave ~]# yum -y install ipvsadm keepalived
[root@keepalived-slave ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs-keepalived-slave
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
nopreempt #不抢占资源
virtual_router_id 50
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.36.192.99/32
}
}
virtual_server 10.36.192.99 80 {
delay_loop 3
lb_algo rr
lb_kind DR
net_mask 255.255.255.0
protocol TCP
real_server 10.36.192.244 80 {
weight 1
inhibit_on_failure
TCP_CHECK {
connect_port 80
connect_timeout 3
}
}
real_server 10.36.192.224 80 {
weight 1
inhibit_on_failure
TCP_CHECK {
connect_timeout 3
connect_port 80
}
}
}
[root@keepalived-slave ~]# systemctl start keepalived
[root@keepalived-slave ~]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@keepalived-master ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.36.192.99:80 rr
-> 10.36.192.224:80 Route 0 0 0
-> 10.36.192.244:80 Route 0 0 0
所有RS配置(nginx1,nginx2)2台服务器都安装nginx
配置好网站服务器,测试所有RS
[root@nginx1 ~]# yum -y install nginx
[root@nginx1 ~]# ip addr add dev lo 10.36.192.99/32
[root@nginx1 ~]# echo “nginx1” > /usr/share/nginx/html/index.html
[root@nginx2 ~]# yum -y install nginx
[root@nginx2 ~]# ip addr add dev lo 10.36.192.99/32
[root@nginx2 ~]# echo “nginx2” > /usr/share/nginx/html/index.html
[root@nginx1 ~]# echo “net.ipv4.conf.all.arp_ignore = 1” >> /etc/sysctl.conf #忽略arp广播
[root@nginx1 ~]# echo “net.ipv4.conf.all.arp_announce = 2” >> /etc/sysctl.conf #匹配精确ip地址
[root@nginx1 ~]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
[root@nginx1 ~]# systemctl start nginx
[root@nginx2 ~]# systemctl start nginx
#添加开启启动时自动绑定vip
[root@nginx1 ~]# echo “ip addr add dev lo 10.36.192.99/32” >> /etc/rc.local
[root@nginx1 ~]# chmod +x /etc/rc.local
访问网站时关闭所有服务器nginx长链接
[root@nginx1 ~]# vim /etc/nginx/nginx.conf
keepalive_timeout 0; #将默认65改成0
[root@nginx1 ~]# systemctl restart nginx
使用客户端访问vip
当分发器和备用分发器都正常时vip在分发器上
当分发器坏掉后自动切换到备用分发器上
LB集群测试
所有分发器和Real Server都正常
主分发器故障及恢复