LVS和keepalived实现负载均衡

一、测试浮动IP，三步走

1.配置主机名

[root@ser01 ~]# hostnamectl set-hostname ser02
[root@ser01 ~]# su -l

2.关闭防火墙：

[root@ds01 ~]# systemctl stop firewalld
[root@ds01 ~]# systemctl disable firewalld
[root@ds01 ~]# sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config 
[root@ds01 ~]# setenforce 0

3.时钟同步

yum install ntp ntpdate

ntpdate cn.pool.ntp.org

hwclock --systohc

二、在ser01 、ser02 配置web服务器

[root@ser01 ~]# yum install httpd -y

1 、启动服务

[root@ser01 ~]# systemctl start httpd
[root@ser01 ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.

2 、编辑网页测试

vi /var/www/html/index.html
this is a test from web01...
this is a test from web02...

三、配置LVS 负载调度器

1、 在两个DS节点上配置负载均衡

1.1下载ipvs管理工具

[root@ds01 ~]# yum install ipvsadm -y

[root@ds02 ~]# yum install ipvsadm -y

1.2 在ds01 ds02配置LVS（绑定浮动IP）

[root@ds01 ~]# nmcli con sh
NAME   UUID                                  TYPE      DEVICE 
ens33  c96bc909-188e-ec64-3a96-6a90982b08ad  ethernet  ens33  

[root@ds01 ~]# nmcli con mod ens33 +ipv4.addr 192.168.131.200/24
[root@ds01 ~]# systemctl restart network
[root@ds01 ~]# ipvsadm -A -t 192.168.131.200:80 -s rr
[root@ds01 ~]# ipvsadm -a -t 192.168.131.200:80 -r 192.168.131.152:80 -g
[root@ds01 ~]# ipvsadm -a -t 192.168.131.200:80 -r 192.168.131.153:80 -g

[root@ds01 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.131.200:80 rr
  -> 192.168.131.152:80           Route   1      0          0         
  -> 192.168.131.153:80           Route   1      0          0        

ds02 做同样步骤

1.3 在ser01 和 ser02 上配置网络，绑定服务IP到回环网卡上

[root@ser01 ~]# cd /etc/sysconfig/network-scripts/

[root@ser01 network-scripts]# cp ifcfg-lo ifcfg-lo:10

[root@ser01 network-scripts]# vi ifcfg-lo:10

[root@ser01 network-scripts]# systemctl restart network

DEVICE=lo
IPADDR=192.168.131.200
NETMASK=255.255.255.255
NETWORK=127.0.0.0
If you're having problems with gated making 127.0.0.0/8 a martian,
you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback

1.4 调整内核参数，关闭ARP响应

vim /etc/sysctl.conf

net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2

2、DR 模式主从master 及 backup 机器keepalived 配置对比：

主从库只有优先级不同，其余均相同；

主库ds01：
[root@ds01 keepalived]# cat keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lb01                            //主库为1
}

vrrp_instance VI_1 {        
    state MASTER                            //master 主库
    interface ens33                            //类型ens33
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.131.200/24                    //    VIP （浮动IP）
    }
}
virtual_server 192.168.131.200 80 {            //为浮动IP设置真实服务器
        delay_loop 6
        lb_algo wrr
        lb_kind DR
        nat_mask 255.255.255.255
        persistence_timeout 1
        protocol TCP
        real_server 192.168.131.152 80 {        //真实服务器IP地址
            weight 1
            TCP_CHECK {
            connect_timeout 8
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    } real_server 192.168.131.153 80 {            //真实服务器IP地址
        weight 1
        TCP_CHECK {
        connect_timeout 8
        nb_get_retry 3
        connect_port 80
    }
  }
}

从库ds02:
[root@ds02 keepalived]# cat keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lb02
}

vrrp_instance VI_1 {
    state BACKUP                        //从库
    interface ens33                        //网卡类型
    virtual_router_id 51
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.131.200                    //浮动IP
    }
}
virtual_server 192.168.131.200 80 {        //为浮动IP设置添加真实服务器地址
        delay_loop 6
        lb_algo wrr
        lb_kind DR
        nat_mask 255.255.255.255
        persistence_timeout 1
        protocol TCP
        real_server 192.168.131.152 80 {        //真实服务器地址
            weight 1
            TCP_CHECK {
                connect_timeout 8
                nb_get_retry 3
                delay_before_retry 3
                connect_port 80
        }
    }
        real_server 192.168.131.153 80 {        //真实服务器地址
            weight 1
            TCP_CHECK {                            //检查
                connect_timeout 8
                nb_get_retry 3
                delay_before_retry 3
                connect_port 80
        }
    }
}

3、结果测试

1.分别在ds01 ds02 上查看浮动IP信息

2.在网页上进行访问测试

4、模拟故障切换

1.在Linux终端上写测试脚本

vi test.sh

[root@keepalived ~]# cat test.sh 
#!/bin/bash
while true
do
curl 192.168.131.200
sleep 1
done

2.运行脚本，持续监控

3.模拟故障，查看网卡

在所有主机上分别进行故障检测产

systemctl stop keepalived

systemctl stop httpd

四、keepalived 监控

安装killall yum install psmisc