Keepalived+LVS | Keepalived+Nginx
keepalived+lvs
準備4臺虛擬機器分別為server1,server2,server3,server4(server1為主機,4為備機)
安裝
- 安裝包
keepalived-1.2.5.tar.gz
tar zxf keepalived-1.2.5.tar.gz- 依賴性解決
yum install -y ipvsadm kernel-devel openssl-devel popt-devel libnl-devel gcc make編譯安裝
./configure –prefix=/usr/local/keepalived ##keepalived路徑編譯結果:
Keepalived configuration
—————————————————
Keepalived version : 1.2.5
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lpopt -lssl -lcrypto -lnl
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
IPVS use libnl : No
Use VRRP Framework : Yes
Use VRRP VMAC : Yes
SNMP support : No
Use Debug flags : No
make && make installkeepalived + lvs
配置keepalived
server1與server4同:
ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/etc/keepalived /etc/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin keepalived主配置檔案:
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost ##接收警報的email地址,可新增多個
}
notification_email_from keepalived@server1 ##郵件的傳送地址
smtp_server 127.0.0.1 ##設定smtp server地址為本機
smtp_connect_timeout 30 ##連線smtp伺服器超時時間
router_id LVS_DEVEL ##loadbalancer的標識,用於email警報
}
vrrp_instance VI_1 {
state MASTER ##設定本機為主,server4為BACKUP,此狀態由priority的值決定,priority值大則為MASTER
interface eth0 ##HA檢測網路介面
virtual_router_id 87 ##vrid,主備機的vrid必須相同,取值0-255
priority 100 ##優先順序
advert_int 1 ##主備之間的通告間隔秒數
authentication { ##主備切換時的認證
auth_type PASS ##驗證型別,主要有PASS和AH兩種
auth_pass 1111 ##設定驗證密碼,在一個vrrp_instance下,MASTER與BACKUP必須使用相同的密碼才能正常通訊
}
virtual_ipaddress { ##設定虛擬IP地址,可以設定多個虛擬IP地址,每行一個
172.25.36.100
}
}
virtual_server 172.25.36.100 80 { ##定義虛擬伺服器
delay_loop 6 ##每隔6秒檢查realserver狀態
lb_algo rr ##lvs排程演算法為輪叫rr
lb_kind DR ##lvs使用DR模式
nat_mask 255.255.255.0
#persistence_timeout 50 ##連線後端伺服器,50S內不會負載均衡
protocol TCP ##指定轉發協議型別,有tcp和udp兩種
real_server 172.25.36.2 80 { ##配置服務節點
weight 1 ##服務節點權值
TCP_CHECK { ##realserver的狀態檢測部分
connect_timeout 3 ##3秒無響應超時
nb_get_retry 3 ##重試次數為3次
delay_before_retry 3 ##重試間隔
}
real_server 172.25.36.3 80 { ##配置服務節點
weight 1 ##服務節點權值
TCP_CHECK { ##realserver的狀態檢測部分
connect_timeout 3 ##3秒無響應超時
nb_get_retry 3 ##重試次數為3次
delay_before_retry 3
}
/etc/init.d/keepalived start
scp /etc/keepalived/keepalived.conf root@172.25.36.4:/etc/keepalived/server4:
vim /etc/keepalived/keepalived.conf ##只修改這兩處
vrrp_instance VI_1 {
state BACKUP
priority 50
}
/etc/init.d/keepalived startserver2,server3:
ip addr add 172.25.36.100/32 dev eth0
/etc/init.d/httpd start測試:
1.真機curl 172.25.36.100
server1的mac地址為09:9f
2.server1:
/etc/init.d/keepalived stop真機:curl 172.25.36.100
server4的mac地址為46:f9
3.server4:
/etc/init.d/keepalived stop
server1:
/etc/init.d/keepalived start
curl 172.25.36.100(server1接管)
keepalived為單執行緒,其下由兩個子程序
第一個子程序:vrrp協議,實現高可用
第二個子程序:健康檢查,維護LVS的策略
keepalived+LVS+vsftp
server2,server3:
yum install -y arptables_jf
arptables -A IN -d 172.25.36.100 -j DROP ##將RS接受到的172.25.36.100包丟棄
arptables -A OUT -s 172.25.36.100 -j mangle --mangle-ip-s 172.25.36.3 ##將源時172.25.36.100的請求傳送給172.25.36.3
/etc/init.d/arptables_jf save
/etc/init.d/arptables_jf start檢視arptables:
arptables -L
server1,server4中keepalived.conf同時新增如下:
vim /etc/keepalived/keepalived.conf
virtual_server 172.25.36.100 21 { ##vsftpd埠為21埠
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50 ##連線後端伺服器,50S內不會負載均衡
protocol TCP
real_server 172.25.36.2 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.36.3 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
/etc/init.d/keepalived restart檢視配置是否生效:
ipvsadm -l
server2,server3中:
yum install vsftpd -y
/etc/init.d/vsftpd start
mkdir /var/ftp/server2(server3) ##方便測試看出效果測試:
1.真機:lftp 172.25.36.100 -> ls
2.server1:
/etc/init.d/keepalived stop
真機:lftp 172.25.36.100(server4會接管keepalived)
3.server3:
/etc/init.d/vsftpd stop
真機:lftp 172.25.36.100
keepalived + nginx
配置nginx:
server1(nginx所在主機):
http {
upstream westos { ##新增westos負載均衡組
server 172.25.36.2:80;
server 172.25.36.3:80;
}
server {
listen 80;
server_name www.westos.org; ##新增訪問域名
location / {
proxy_pass http://westos; ##訪問westos負載均衡組
}
}
nginx -s reload
scp -r nginx/ server4:/usr/local/server4:
/usr/local/nginx/sbin/nginx -t ##檢查nginx配置檔案是否出錯
/usr/local/nginx/sbin/nginx ##執行nginxserver2,server3:
/etc/init.d/httpd start ##執行httpd(port 80)在測試主機上將解析加入:
vim /etc/hosts
172.25.36.100 www.westos.org
測試:
主機web:www.westos.org(有輪詢)
輪詢
配置keepalived:
keepalived服務(server1,server4):
cd /opt
vim nginx_check.sh
#!/bin/bash
curl http://127.0.0.1/index.html -o /dev/null -s || /usr/local/lnmp/nginx/sbin/nginx ##檢測nginx是否執行,若沒有執行則執行nginx
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop &> /dev/null ##若不能執行nginx則關閉本機keepalived由備機server4接管
fivim /etc/keepalived/keepalived.conf
vrrp_script nginx_check {
script /opt/nginx_check.sh ##指令碼位置
interval 2 ##檢查間隔兩秒
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@server1
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 87
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.36.100/24
}
track_script {
nginx_check ##指令碼資源為nginx_check
}測試:
1.server1:
/etc/init.d/keepalived start
nginx -s stop ##停止執行nginx
真機web:
www.westos.org ##可以正常訪問,因為keepalived中指令碼每兩秒檢測,檢測到nginx關閉而開啟了nginx
2.server1:
mv /usr/local/lnmp/nginx/ /mnt/
/etc/init.d/keepalived start
真機web:
www.westos.org ##可以正常訪問,因為keepalived在server1中被停止執行後由備機server4接管
