LVS+Keepalived实现负载均衡
LVS和keepalived实现负载均衡
一、测试浮动IP,三步走
1.配置主机名
[root@ser01 ~]# hostnamectl set-hostname ser02 [root@ser01 ~]# su -l
2.关闭防火墙:
[root@ds01 ~]# systemctl stop firewalld [root@ds01 ~]# systemctl disable firewalld [root@ds01 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config [root@ds01 ~]# setenforce 0
3.时钟同步
yum install ntp ntpdate ntpdate cn.pool.ntp.org hwclock --systohc
二、在ser01 、ser02 配置web服务器
[root@ser01 ~]# yum install httpd -y
1 、启动服务
[root@ser01 ~]# systemctl start httpd [root@ser01 ~]# systemctl enable httpd Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
2 、编辑网页测试
vi /var/www/html/index.html this is a test from web01... this is a test from web02...
三、配置LVS 负载调度器
1、 在两个DS节点上配置负载均衡
1.1下载ipvs管理工具
[root@ds01 ~]# yum install ipvsadm -y [root@ds02 ~]# yum install ipvsadm -y
1.2 在ds01 ds02配置LVS(绑定浮动IP)
[root@ds01 ~]# nmcli con sh NAME UUID TYPE DEVICE ens33 c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33 [root@ds01 ~]# nmcli con mod ens33 +ipv4.addr 192.168.131.200/24 [root@ds01 ~]# systemctl restart network [root@ds01 ~]# ipvsadm -A -t 192.168.131.200:80 -s rr [root@ds01 ~]# ipvsadm -a -t 192.168.131.200:80 -r 192.168.131.152:80 -g [root@ds01 ~]# ipvsadm -a -t 192.168.131.200:80 -r 192.168.131.153:80 -g [root@ds01 ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.131.200:80 rr -> 192.168.131.152:80 Route 1 0 0 -> 192.168.131.153:80 Route 1 0 0 ds02 做同样步骤
1.3 在ser01 和 ser02 上配置网络,绑定服务IP到回环网卡上
[root@ser01 ~]# cd /etc/sysconfig/network-scripts/ [root@ser01 network-scripts]# cp ifcfg-lo ifcfg-lo:10 [root@ser01 network-scripts]# vi ifcfg-lo:10 [root@ser01 network-scripts]# systemctl restart network DEVICE=lo IPADDR=192.168.131.200 NETMASK=255.255.255.255 NETWORK=127.0.0.0 If you're having problems with gated making 127.0.0.0/8 a martian, you can change this to something else (255.255.255.255, for example) BROADCAST=127.255.255.255 ONBOOT=yes NAME=loopback
1.4 调整内核参数,关闭ARP响应
vim /etc/sysctl.conf net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2
2、DR 模式主从master 及 backup 机器keepalived 配置对比:
主从库只有优先级不同,其余均相同;
主库ds01:
[root@ds01 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb01 //主库为1
}
vrrp_instance VI_1 {
state MASTER //master 主库
interface ens33 //类型ens33
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.131.200/24 // VIP (浮动IP)
}
}
virtual_server 192.168.131.200 80 { //为浮动IP设置真实服务器
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.255
persistence_timeout 1
protocol TCP
real_server 192.168.131.152 80 { //真实服务器IP地址
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
} real_server 192.168.131.153 80 { //真实服务器IP地址
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
connect_port 80
}
}
}
从库ds02:
[root@ds02 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP //从库
interface ens33 //网卡类型
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.131.200 //浮动IP
}
}
virtual_server 192.168.131.200 80 { //为浮动IP设置添加真实服务器地址
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.255
persistence_timeout 1
protocol TCP
real_server 192.168.131.152 80 { //真实服务器地址
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.131.153 80 { //真实服务器地址
weight 1
TCP_CHECK { //检查
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
3、结果测试
1.分别在ds01 ds02 上查看浮动IP信息
2.在网页上进行访问测试
4、模拟故障切换
1.在Linux终端上写测试脚本
vi test.sh [root@keepalived ~]# cat test.sh #!/bin/bash while true do curl 192.168.131.200 sleep 1 done
2.运行脚本,持续监控
3.模拟故障,查看网卡
在所有主机上分别进行故障检测产 systemctl stop keepalived systemctl stop httpd
四、keepalived 监控
安装killall yum install psmisc
