RedHat 7配置keepalived+LVS实现高可用的Web负载均衡

时间:2017-03-27 12:29 来源:网管之家整理 字体:[ ] 评论:

RedHat 7配置keepalived+LVS实现高可用的Web负载均衡,架构图如下:

wKioL1jRRPeiDbASAABlB8iS-po529.png

一、测试环境

计算机名

操作系统

IP地址

VIP

安装的软件

RH7-LVS01

Redhat 7.2

192.168.10.31

192.168.10.30

ipvsadm 1.27、keepalived 1.2.13

RH7-LVS02

Redhat 7.2

192.168.10.32

ipvsadm 1.27、keepalived 1.2.13

RH7-Web-01

Redhat 7.2

192.168.10.33

——

Apache httpd 2.4

RH7-Web-02

Redhat 7.2

192.168.10.34

——

Apache httpd 2.4

二、安装配置lvs与keepalived1、分别在两台lvs服务器rh7-lvs01和rh7-lvs02上安装ipvsadm和keepalived[root@rh7-lvs01 ~]# yum install ipvsadm keepalived -y

wKioL1jP4O6SqLI7AAHB8sNfDV0042.png

[root@rh7-lvs02 ~]# yum install ipvsadm keepalived -y

wKioL1jP4O-iDOezAAEd6Dm9V78700.png

2、修改rh7-lvs01上的keepalived配置文件,按以下内容进行修改,将rh7-lvs01配置为MASTER节点,并设置LVS的负载均衡模式为DR模式[root@rh7-lvs01 ~]# vi /etc/keepalived/keepalived.conf

!ConfigurationFileforkeepalived

global_defs{
notification_email{
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_fromAlexandre.Cassen@firewall.loc
smtp_server192.168.200.1
smtp_connect_timeout30
router_idLVS_DEVEL
}

vrrp_instanceVI_1{
stateMASTER#MASTER
interfaceeno16777736
virtual_router_id52
priority100#必须比BACKUP的值大
advert_int1
authentication{
auth_typePASS
auth_pass1111
}
virtual_ipaddress{
192.168.10.30#VIP
}
}

virtual_server192.168.10.3080{
delay_loop6
lb_algorr#轮询算法
lb_kindDR#DR模式
#persistence_timeout50
protocolTCP

real_server192.168.10.3380{
weight1
TCP_CHECK{
connect_timeout3
nb_get_retry3
delay_before_retry3
}
}

real_server192.168.10.3480{
weight1
TCP_CHECK{
connect_timeout3
nb_get_retry3
delay_before_retry3
}
}
}

3、修改rh7-lvs02上的keepalived配置文件,按以下内容进行修改,其实只有2处地方与主节点的配置文件不同,即state 要修改为Backup,priority数值要比master的小[root@rh7-lvs02 ~]# vi /etc/keepalived/keepalived.conf

!ConfigurationFileforkeepalived

global_defs{
notification_email{
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_fromAlexandre.Cassen@firewall.loc
smtp_server192.168.200.1
smtp_connect_timeout30
router_idLVS_DEVEL
}

vrrp_instanceVI_1{
stateBACKUP#BACKUP
interfaceeno16777736
virtual_router_id52
priority90#必须比MASTER的值小
advert_int1
authentication{
auth_typePASS
auth_pass1111
}
virtual_ipaddress{
192.168.10.30#VIP
}
}

virtual_server192.168.10.3080{
delay_loop6
lb_algorr#轮询算法
lb_kindDR#DR模式
#persistence_timeout50
protocolTCP

real_server192.168.10.3380{
weight1
TCP_CHECK{
connect_timeout3
nb_get_retry3
delay_before_retry3
}
}

real_server192.168.10.3480{
weight1
TCP_CHECK{
connect_timeout3
nb_get_retry3
delay_before_retry3
}
}
}

4、在rh7-lvs01上设置keepalived开机自动启动,并启动keepalived服务[root@rh7-lvs01 keepalived]# systemctl enable keepalived[root@rh7-lvs01 keepalived]# systemctl start keepalived

wKiom1jP4PCzPsd6AABme0eQNdg621.png

5、观察rh7-lvs01的日志可观察到keepalived启动后所发生的一连串动作,根据配置文件的参数进入了MASTER状态,并绑定了VIP地址

[root@rh7-lvs01 ~]#tail -f /var/log/messages

wKioL1jP4PKSc5YpAARkxWQhapk227.png

6、查看rh7-lvs01的IP地址,可以看到VIP已经绑定到网卡上

wKiom1jP4PPxh_Z6AAEkgnoz5Hc949.png

7、在rh7-lvs02上设置keepalived开机自动启动,并启动keepalived服务[root@rh7-lvs02 keepalived]# systemctl enable keepalived[root@rh7-lvs02 keepalived]# systemctl start keepalived

wKioL1jP4PPCPNh-AAB1fb6ZCrk188.png

8、观察rh7-lvs02的日志可观察到keepalived启动后所发生的一连串动作,根据配置文件的参数进入了BACKUP状态

wKiom1jP4PbCgmhjAAOsbFD1Qeo952.png

9、查看rh7-lvs02的IP地址,可以看到VIP不在网卡上

wKioL1jP4Pbj1maNAAEA5C6QFvo032.png

10、查看LVS的状态,可以看到VIP和两台Realserver的相关信息

wKiom1jP4Pnxs2N7AABuOZyNQ8A848.png

11、由于DR模式是后端两台realserver在响应请求时直接将数据包发给客户端,无需再经过LVS,这样减轻了LVS的负担、提高了效率,但由于LVS分发给realserver的数据包的目的地址是VIP地址,因此必须把VIP地址绑定到realserver的回环网卡lo上,否则realserver会认为该数据包不是发给自己因此会丢弃不作响应。另外由于网络接口都会进行ARP广播响应,因此当其他机器也有VIP地址时会发生冲突,故需要把realserver的lo接口的ARP响应关闭掉。我们可以用以下脚本来实现VIP绑定到lo接口和关闭ARP响应。

wKiom1jP4PfSCEi6AACp0OKXoG8873.png

12、执行该脚本设置该脚本开机自动执行,查看IP地址,发现lo接口已经绑定了VIP地址

wKioL1jP4Pig5JL-AAFe6T48blw712.png

13、同理,在RH7-Web-02上也绑定了VIP地址到lo接口上

wKioL1jP4PnikbpxAADEmuUOL04203.png

Top_arrow