LVS-DR負載均衡
server1:作爲LinuxDirector
1.安裝ipvsadm(rh6.5需要配置yum源)
[root@server1 ~]# cat /etc/yum.repos.d/rhel-source.repo
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.254.79/rhel6.5
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[HighAvailability]
name=HighAvailability
baseurl=http://172.25.254.79/rhel6.5/HighAvailability
enabled=1
gpgcheck=0
[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.254.79/rhel6.5/LoadBalancer
enabled=1
gpgcheck=0
[ResilientStorage]
name=ResilientStorage
baseurl=http://172.25.254.79/rhel6.5/ResilientStorage
enabled=1
gpgcheck=0
[ScalableFileSystem]
name=ScalableFileSystem
baseurl=http://172.25.254.79/rhel6.5/ScalableFileSystem
enabled=1
gpgcheck=0
添加ipvsadm策略,將real-server與LinuxDIrector通過VIP綁定
[root@server1 ~]# ipvsadm -A -t 172.25.254.100:80 -s rr ##添加VIP策略
[root@server1 ~]# ipvsadm -a -t 172.25.254.100:80 -r 172.25.254.241:80 -g ##與172.25.254.241綁定
[root@server1 ~]# ipvsadm -a -t 172.25.254.100:80 -r 172.25.254.1:80 -g
[root@server1 ~]# ipvsadm -l ##list ipvsadm table
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.254.100:http rr
-> server3:http Route 1 0 0
-> server2:http Route 1 0 0
[root@server1 ~]# /etc/init.d/ipvsadm save #保存策略
[root@server1 ~]# ip addr add 172.25.254.100/24 dev eth0 #給網卡添加real_server ip
[root@server1 ~]# ip addr | grep 100/24
inet 172.25.254.100/24 scope global secondary eth0
server2:(real-server)
[root@server2 ~]# /etc/init.d/arptables_jf start ##使客戶機不能直接通過100端口訪問
[root@server2 ~]# service httpd start
Redirecting to /bin/systemctl start httpd.service
[root@server2 ~]# echo "server2" > /var/www/html/index.html
[root@server2 ~]# curl localhost
server2
[root@server2 ~]# ip addr add 172.25.254.100/24 dev eth0 ##通過VIP對Director識別
server3:(real-server)
[root@server3 ~]# /etc/init.d/arptables_jf start
[root@server3 ~]# echo "server3" > /var/www/html/index.html
[root@server3 ~]# curl localhost
server3
[root@server3 ~]# ip addr add 172.25.254.100/24 dev eth0
foundation(客戶機):
lvs調度器將數據幀中的mac地址動態地更改server2或server3的mac地址,將修改後的數據幀發送到局域網上,server2/3發現目標的VIP是我這個設備上的,就根據路由表,直接相應客戶端。
##輪詢測試
[root@79 ~]# curl 172.25.254.100
server2
[root@79 ~]# curl 172.25.254.100
server3
[root@79 ~]# curl 172.25.254.100
server2
[root@79 ~]# curl 172.25.254.100
server3
[root@79 lvs]# arp -d 172.25.254.100 ##清理100的arp緩存
[root@79 lvs]# arp -e 172.25.254.100 ##查看ip源mac地址
Address HWtype HWaddress Flags Mask Iface
172.25.254.100 ether 52:54:00:95:05:b1 C br0
[root@79 lvs]# ip addr ##mac地址與server1相同
18: vnet2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UNKNOWN qlen 500
link/ether fe:54:00:95:05:b1 brd ff:ff:ff:ff:ff:ff
二、Ldirectord 實現lvs健康檢查
ldirectord用來實現LVS負載均衡資源在主、備節點間的故障轉移。在首次啓動時,ldirectord可以自動創建IPVS表。此外,它還可以監控各RealServer的運行狀態,一旦發現某RealServer運行異常時,還可以將其從IPVS表中移除。
ldirectord 進程通過向RealServer的RIP發送資源訪問請求並通過由RealServer返回的響應信息來確定RealServer的運行狀態。在 Director上,每一個VIP需要一個單獨的ldirectord進程。如果RealServer不能正常響應Director上 ldirectord的請求,ldirectord進程將通過ipvsadm命令將此RealServer從IPVS表中移除。而一旦 RealServer再次上線,ldirectord會將其重新添加至IPVS表中
[root@server1 ~]# yum install -y ldirectord-3.9.5-3.1.x86_64.rpm
[root@server1 ~]# cd /etc/ha.d/
[root@server1 ha.d]# ls
resource.d shellfuncs
[root@server1 ha.d]# cp /usr/share/doc/ldirectord-3.9.5/ldirectord.cf /etc/ha.d/
[root@server1 ha.d]# vim ldirectord.cf
virtual=172.25.27.100:80 # 此項用來定義LVS服務及其使用的VIP和PORT
real=172.25.254.1:80 gate # 定義RealServer,語法:real=RIP:port gate|masq|ipip [weight]
real=172.25.254.241:80 gate
fallback=127.0.0.1:80 gate # 定義RealServer,語法:real=RIP:port gate|masq|ipip [weight]
service=http # 定義基於什麼服務來測試RealServer;
scheduler=rr # 調度算法爲rr
#persistent=600 # 持久連接超時時間;
#netmask=255.255.255.255
protocol=tcp # 定義此虛擬服務用到的協議;
checktype=negotiate # ldirectord進程用於監控RealServer的方法;{negotiate|connect|A number|off}
checkport=80 # 指健康檢查使用的端口;
request="index.html" # 檢查RealServer用到的頁面
receive="Test Page" # 檢查RealServer用到的頁面內容
virtualhost=www.x.y.z
[root@server1 ha.d]# /etc/init.d/ldirectord start
當把server2的apache關掉後
[root@server1 ~]# ipvsadm -L
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.254.100:http rr
-> server3:http Route 1 0 0
foundation:
[root@79 ~]# curl 172.25.254.100
server3
[root@79 ~]# curl 172.25.254.100
server3
提供當後端RS全部宕掉後,返回的fallback頁面,爲本機httpd服務:
三、keepalived高可用
Keepalived是基於vrrp協議的一款高可用軟件。Keepalived有一臺主服務器和多臺備份服務器,在主服務器和備份服務器上面部署相同的服務配置,使用一個虛擬IP地址對外提供服務,當主服務器出現故障時,虛擬IP地址會自動漂移到備份服務器。
1.源碼安裝Keepalived
[root@server1 ~]# /etc/init.d/ldirectord stop #由於ldirectord 與Keepalived衝突,必須將ldirectord停掉
[root@server1 ~]# /etc/init.d/ldirectord stop
Stopping ldirectord... Success
##由於ldirectord 開機自啓,所以必須將其開機自啓關掉
[root@server1 ~]# chkconfig ldirectord off
[root@server1 ~]# tar zxf keepalived-1.3.6.tar.gz
[root@server1 ~]# cd keepalived-1.3.6
[root@server1 ~]# ./configure --prefix=/usr/local/keepalived --with-init=SYSV
[root@server1 ~]# make
[root@server1 ~]# make install
2.Keepalived配置
root@server1 etc]# cd /usr/local/keepalived/etc/rc.d/init.d/
[root@server1 init.d]# ls
Keepalived
##由於keepalived所識別的環境與當前系統不符,所以需要製作軟鏈接
[root@server1 init.d]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@server1 init.d]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server1 init.d]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
[root@server1 init.d]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@server1 keepalived]# cd /usr/local/keepalived/etc/rc.d/init.d/
[root@server1 init.d]# chmod +x keepalived #加可執行權限
[root@server1 keepalived]# cd /etc/keepalived
[root@server1 keepalived]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.lo
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100
}
}
virtual_server 172.25.27.100 80 { ##虛擬主機
delay_loop 6
lb_algo rr
lb_kind DR ##是使用的DR模型
# persistence_timeout 50 ##先將此註釋掉,可以更加直觀的感受到兩臺rs使用的DR進行的輪轉
protocol TCP
real_server 172.25.27.2 80 {
##real_server主機地址和端口兩臺rs均是使用的80端口
weight 1 ##權重是可以自己進行修改的,在實際使用中,權重使用的不一樣是因爲,權重較重一方的服務器性能更加好
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.254.141 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
foundation:
[root@79 ~]# curl 172.25.254.100
server2
[root@79 ~]# curl 172.25.254.100
server3
[root@79 ~]# curl 172.25.254.100
server2
[root@79 ~]# curl 172.25.254.100
server3
3.keepalived的bacup配置
打開server4作爲從服務器,當主服務器故障時,從服務器會替代它的工作,並把故障的服務器剔除。
將server4按照前面步驟佈置keeplived ,可直接將server1的keeplived 配置文件複製過來,進行稍作修改
[root@server4 keepalived]# vim keepalived.conf #修改state 和 priority
vrrp_instance VI_1 {
state BACKUP #將狀態由原來的master 改爲備用
interface eth0
virtual_router_id 51
priority 50 #更改優先級
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
[root@server4 keepalived]# /etc/init.d/keepalived start
[root@server4 ~]# ip addr add 172.25.254.100/24 dev eth0 #添加real_server ip
server1:
[root@server1~]#echo c > /proc/sysrq-trigger #故意讓系統崩潰,實現宕機的目的
foundation:
檢測仍能正常工作
[root@79 ~]# curl 172.25.254.100
server2
[root@79 ~]# curl 172.25.254.100
server3
[root@79 ~]# curl 172.25.254.100
server2
[root@79 ~]# curl 172.25.254.100
server3
測試並查看IP 和mac 地址,發現此時服務已經完全有server4接管,從而實現了lvs集羣高可用