LVS+Keepalived+httpd安裝及配置
目錄
1 環境... 1
2 安裝LVS軟體(分别在LVS-Master和LVS-Backup中)... 1
1.1.檢視是否有IPVS子產品... 1
1.2.安裝IPVS管理工具... 1
3 安裝keepalived(分别在LVS-Master和LVS-Backup中)... 1
3.1 安裝keepalived并配置... 1
3.2.啟動keepalived. 1
4 在LVS-Backup上安裝LVS、keepalived并配置... 1
4.1 安裝LVS、keepalived. 1
4.2 配置LVS-Backup的keepalived. 1
4.3啟動LVS-Backup的keeplived服務,并檢查是否生效... 1
5 測試VIP,檢查是否能主備切換。... 1
5.1 檢視主VIP. 1
5.2 檢視備VIP. 1
5.3 日志檢視主備切換... 1
6 配置WEB伺服器,即real server節點1和2. 1
6.1 配置web2. 1
6.2 配置web4. 1
7 負載均衡以及高可用測試... 1
7.1 負載均衡測試... 1
7.2 高可用測試... 1
8 其他常用操作... 1
8.1 關閉LVS. 1
8.2 系統虛拟IP管理:... 1
8.3 檢視LVS的狀态... 1
1 環境
作業系統Centos 6.4 X86_64
LVS-Master:192.168.1.19
LVS-Backup:192.168.1.18
VIP:192.168.1.10
RS01:192.168.1.18
RS02:192.168.1.17
2 安裝LVS軟體(分别在LVS-Master和LVS-Backup中)
1.1.檢視是否有IPVS子產品
LVS是Linux标準核心的一部分,直接被編譯在核心中!
[root@LVS-Master ~]# modprobe -l | grep ipvs #使用modprobe指令檢視
1.2.安裝IPVS管理工具
[root@LVS-Master ~]# yum install ipvsadm
3 安裝keepalived(分别在LVS-Master和LVS-Backup中)
3.1 安裝keepalived并配置
[root@LVS-Master ~]# yum install keepalived
[root@LVS-Master ~]# vi/etc/keepalived/keepalived.conf
vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 10.0.0.1
smtp_connect_timeout30
router_idLVS_7
}
vrrp_instance VI_1 {
state MASTER
interfaceeth0
virtual_router_id 55
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.10/24
}
}
virtual_server192.168.1.10 80 {
delay_loop6
lb_algowrr
lb_kindDR
nat_mask255.255.255.0
persistence_timeout300
protocolTCP
# ipvsadm -A -t192.168.1.10:80 -s wrr -p 20
real_server 192.168.1.19 80 {
weight1
TCP_CHECK{
connect_timeout8
nb_get_retry3
delay_before_retry3
connect_port80
}
}
real_server 192.168.1.18 80 {
weight1
TCP_CHECK{
connect_timeout8
nb_get_retry3
delay_before_retry3
connect_port80
}
}
}
#ipvsadm -a -t 192.168.1.10:80 -r 192.168.1.18:80 -g -w 1
#ipvsadm -a -t 192.168.1.10:80 -r 192.168.1.19:80 -g -w 1
3.2.啟動keepalived
設定keepalived服務自啟動,檢查是否生效
[root@LVS-Master ~]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@LVS-Master ~]# chkconfig keepalived on
[root@LVS-Master keepalived]# ipvsadm -L -n #檢視ipvs規則是否生效
IPVirtual Server version 1.2.1 (size=4096)
ProtLocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.2.33:80 wlc persistent 50
-> 192.168.2.29:80 Route 100 0 0
-> 192.168.2.30:80 Route 100 0 0
4 在LVS-Backup上安裝LVS、keepalived并配置
4.1 安裝LVS、keepalived
[root@LVS-Backup ~]# yum install ipvsadm
[root@LVS-Backup ~]# yum install keepalived
4.2 配置LVS-Backup的keepalived
先從LVS-Master把修改過的keepalived配置檔案複制過來。
[root@LVS-Master keepalived]# scp [email protected]:/etc/keepalived/
[root@LVS-Backup ~]# vi/etc/keepalived/keepalived.conf
隻修改state為BACKUP和priority為90,MASTER為主機伺服器,BACKUP為備用伺服器。
state BACKUP
priority 90
vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 10.0.0.1
smtp_connect_timeout 30
router_idLVS_7
}
vrrp_instanceVI_1 {
state BACKUP
interfaceeth0
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.10/24
}
}
virtual_server192.168.1.10 80 {
delay_loop6
lb_algowrr
lb_kindDR
nat_mask255.255.255.0
persistence_timeout300
protocolTCP
#ipvsadm -A -t 192.168.1.10:80 -s wrr -p 20
real_server 192.168.1.18 80 {
weight1
TCP_CHECK{
connect_timeout8
nb_get_retry3
delay_before_retry3
connect_port80
}
}
real_server 192.168.1.17 80 {
weight1
TCP_CHECK{
connect_timeout8
nb_get_retry3
delay_before_retry3
connect_port80
}
}
}
#ipvsadm -a -t 192.168.1.10:80 -r 192.168.1.18:80-g -w 1
#ipvsadm -a -t 192.168.1.10:80 -r 192.168.1.17:80-g -w 1
4.3啟動LVS-Backup的keeplived服務,并檢查是否生效
[root@LVS-Backup ~]# /etc/init.d/keepalived start
[root@LVS-Backup ~]# chkconfig keepalived on
[root@LVS-Backup keepalived]# ipvsadm -L -n #檢視ipvs規則是否生效
IPVirtual Server version 1.2.1 (size=4096)
ProtLocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.2.33:80 wlc persistent 50
-> 192.168.2.29:80 Route 100 0 0
-> 192.168.2.30:80 Route 100 0 0
5 測試VIP,檢查是否能主備切換。
5.1 檢視主VIP
啟動keeplived後,先用ip addr顯示主備伺服器的VIP情況,當主備伺服器同時啟用keepalived時,隻有主伺服器擁有VIP位址,備伺服器沒有。
[root@LVS-Master~]# ip addr
1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:50:56:a6:00:13 brdff:ff:ff:ff:ff:ff
inet 192.168.2.32/24 brd 192.168.2.255scope global eth0
inet 192.168.2.33/32 scope global eth0 #可以看到主伺服器擁有192.168.2.33這個VIP位址
inet6 fe80::250:56ff:fea6:13/64 scope link
valid_lft forever preferred_lft forever
[root@LVS-Backup~]# ip addr
1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWNqlen 1000
link/ether 08:00:27:77:d3:82 brdff:ff:ff:ff:ff:ff
inet 192.168.2.31/24 brd 192.168.2.255scope global eth0 #可以到看備伺服器沒有192.168.2.33這個VIP位址
inet6 fe80::a00:27ff:fe77:d382/64 scopelink
valid_lft forever preferred_lft forever
5.2 檢視備VIP
當停止主伺服器的keepalived服務,再檢視下主備伺服器VIP位址,發現VIP位址已從主伺服器轉移到了備伺服器;
[root@LVS-Master
Stopping keepalived: [ OK ]
[root@LVS-Master
[root@mobankeepalived]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@mobankeepalived]# ip add
1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:48:9b:89 brdff:ff:ff:ff:ff:ff
inet 192.168.1.19/24 brd 192.168.1.255scope global eth0 #主伺服器keepalived停止後,VIP位址将移除
inet6 fe80::20c:29ff:fe48:9b89/64 scopelink
valid_lft forever preferred_lft forever
[root@mobankeepalived]#
[root@LVS-Backup
[root@rs01keepalived]# ip add
1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:7b:a7:5e brdff:ff:ff:ff:ff:ff
inet 192.168.1.18/24 brd 192.168.1.255scope global eth0
inet 192.168.1.10/24 scope global secondaryeth0 #可以看到VIP位址已轉移到備伺服器,繼續提供服務
inet6 fe80::20c:29ff:fe7b:a75e/64 scopelink
valid_lft forever preferred_lft forever
[root@rs01keepalived]#
5.3 日志檢視主備切換
1) 當主伺服器停止keepalived後,主備伺服器相關日志
[root@LVS-Master~]# service keepalived stop
Stopping keepalived: [ OK ]
主伺服器日志
Sep 2 17:39:13 LVS-Master kernel: IPVS:__ip_vs_del_service: enter
Sep 2 17:39:13 LVS-Master Keepalived[13192]:Stopping Keepalived v1.2.7 (02/21,2013) #主伺服器停掉後
Sep 2 17:39:13 LVS-Master Keepalived_vrrp[13195]:VRRP_Instance(VI_1) sending 0 priority
Sep 2 17:39:13 LVS-Master Keepalived_vrrp[13195]:VRRP_Instance(VI_1) removing protocol VIPs.
備伺服器日志
Sep 2 17:39:14 LVS-Backup Keepalived_vrrp[979]:VRRP_Instance(VI_1) Transition to MASTER STATE
Sep 2 17:39:15 LVS-Backup Keepalived_vrrp[979]:VRRP_Instance(VI_1) Entering MASTER STATE #備轉為MASTER,并設定VIP位址為192.168.2.33
Sep 2 17:39:15 LVS-Backup Keepalived_vrrp[979]:VRRP_Instance(VI_1) setting protocol VIPs.
Sep 2 17:39:15 LVS-Backup Keepalived_vrrp[979]:VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.2.33
Sep 2 17:39:15 LVS-BackupKeepalived_healthcheckers[978]: Netlink reflector reports IP 192.168.2.33 added
Sep 2 17:39:20 LVS-Backup Keepalived_vrrp[979]:VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.2.33
2) 當主伺服器重新開機keepalived後,主備伺服器相關日志
[root@LVS-Master~]# service keepalived start
Starting keepalived: [ OK ]
主伺服器日志
Sep 2 17:41:28 LVS-Master Keepalived_vrrp[13231]:VRRP_Instance(VI_1) Transition to MASTER STATE
Sep 2 17:41:29 LVS-Master Keepalived_vrrp[13231]:VRRP_Instance(VI_1) Entering MASTER STATE #主伺服器重新開機後,從新接手MASTER角色,并拿回VIP位址192.168.2.33
Sep 2 17:41:29 LVS-Master Keepalived_vrrp[13231]:VRRP_Instance(VI_1) setting protocol VIPs.
Sep 2 17:41:29 LVS-MasterKeepalived_healthcheckers[13230]: Netlink reflector reports IP 192.168.2.33added
Sep 2 17:41:29 LVS-Master Keepalived_vrrp[13231]:VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.2.33
備伺服器日志
Sep 2 17:41:28 LVS-Backup Keepalived_vrrp[979]:VRRP_Instance(VI_1) Received higher prio advert
Sep 2 17:41:28 LVS-Backup Keepalived_vrrp[979]:VRRP_Instance(VI_1) Entering BACKUP STATE #備伺服器從MASTER又變回了BACKUP,并移除VIP位址192.168.2.33
Sep 2 17:41:28 LVS-Backup Keepalived_vrrp[979]:VRRP_Instance(VI_1) removing protocol VIPs.
Sep 2 17:41:28 LVS-BackupKeepalived_healthcheckers[978]: Netlink reflector reports IP 192.168.2.33removed
6 配置WEB伺服器,即realserver節點1和2
由于采用的是DR方式排程,Real_Server會以LVS的VIP來直接回複Client,是以需要在Real_Server的lo上開啟LVS的VIP來與Client建立通信
6.1 配置web2
[root@web2~]# vi /etc/init.d/lvsrs #編輯一個lvsrs腳本,并放到/etc/init.d/下
#!/bin/bash
#description: start Real Server
VIP=192.168.1.10
./etc/rc.d/init.d/functions
case"$1" in
start)
echo " Start LVS of Real Server"
/sbin/ifconfig lo:0 $VIP broadcast $VIPnetmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfig lo:0 down
echo "close LVS Directorserver"
echo "0">/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0">/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0">/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
[root@web2~]# chmod 755 /etc/init.d/lvsrs #給新增lvsrs腳本一個755權限
[root@web2~]# service lvsrs start #啟動lvsrs服務,我環境啟動時出錯,給一個functions 755權限,按各自環境操作
/etc/init.d/lvsrs: line 7:./etc/rc.d/init.d/functions: Permission denied
Start LVS ofReal Server
[[email protected]]# chmod 755 /etc/rc.d/init.d/functions #給functions 755權限
[root@web2~]# service lvsrs start #啟動lvsrs服務
Start LVS ofReal Server
[root@web2~]# ifconfig #檢視已有一個VIP位址
lo:0 Link encap:Local Loopback
inet addr:192.168.1.10 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
[root@web2~]# echo "service lvsrs start" >> /etc/rc.local #把lvsrs服務添加到開機啟動,否則下次啟動電腦後,還需手動啟動。
[root@web2~]# yum install httpd
[root@web2~]# vi /var/www/html/index.html
<h1>Welcome to web2(192.168.2.29)</h1>
[root@web2~]# service httpd start
6.2 配置web4
配置同上
[root@web4~]# scp [email protected]:/etc/init.d/lvsrs /etc/init.d/
[root@web4~]# chmod 755 /etc/rc.d/init.d/functions
[root@web4~]# service lvsrs start
Start LVS ofReal Server
[root@web4~]# echo "service lvsrs start" >> /etc/rc.local
[root@web4~]# ifconfig
lo:0 Link encap:Local Loopback
inet addr:192.168.1.10 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:16436 Metric:1
[root@web4~]# yum install httpd
[root@web4~]# vi /var/www/html/index.html
<h1>Welcome to web4(192.168.2.30)</h1>
[root@web4~]# service httpd start
7 負載均衡以及高可用測試
7.1 負載均衡測試
(1)兩台WEB伺服器都工作正常,通路VIP位址時,可以被負載到兩台WEB伺服器上。
(2)停掉一台WEB伺服器的http服務後,通路VIP位址時,被負載到正常的WEB伺服器上。
7.2 高可用測試
(1)兩台DR的keepalived伺服器正常時,VIP位址在主伺服器,提供正常服務。
(2)當關閉主伺服器的keepalived後,VIP位址自動轉移到備伺服器上,當主伺服器重新開機keepalived服務後,VIP自動轉移回主伺服器,備伺服器繼續備用,實作了高可用負載均衡。
8 其他常用操作
8.1 關閉LVS
(1)在real伺服器上執行
#service lvsrs stop
(2)LVS伺服器上執行
killall-9 keepalived;ipvsadm -C
8.2 系統虛拟IP管理:
檢視虛拟IP位址
# ip address list
删除虛拟IP位址
# ip addr del 192.168.1.205 dev eth0
[root@mobankeepalived]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdiscnoqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet127.0.0.1/8 scope host lo
inet6::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP>mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:48:9b:89 brd ff:ff:ff:ff:ff:ff
inet192.168.1.19/24 brd 192.168.1.255 scope global eth0
inet192.168.1.10/24 scope global secondary eth0
inet6fe80::20c:29ff:fe48:9b89/64 scope link
valid_lft forever preferred_lft forever
[root@moban keepalived]#
8.3 檢視LVS的狀态
#ipvsadm -ln
ipvsadm -L-n
[root@mobankeepalived]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
->RemoteAddress:Port ForwardWeight ActiveConn InActConn
TCP 192.168.1.10:80 wrr persistent 300
->192.168.1.17:80 Route 1 0 0
->192.168.1.18:80 Route 1 0 0
[root@moban keepalived]#