Board logo

标题: CentOS8_Keepalived+LVS [打印本页]
作者: admin    时间: 2020-7-27 13:28     标题: CentOS8_Keepalived+LVS

备用调度器 slave:192.168.168.155/24 slave的操作系统为 CentOS Linux release 8.2.2004 (Core) 使用VIP:192.168.168.180 web-1: 192.168.168.130 web-2: 192.168.168.154 图片1.png 备注:所有服务器都要在同一内网里。 slave的配置: [root@redhat8 ~]# dnf -y install keepalived net-tools ipvsadm* [root@redhat8 ~]# keepalived -v Keepalived v2.0.10 (11/12,2018) 修改slave的keepalived的配置文件: cat >/etc/keepalived/keepalived.conf<< EOF ! Configuration File for keepalived global_defs { router_id Slave1 ## 每个参与热备的调度器都要指定不同的名字 } vrrp_instance VI_1 { state SLAVE ## 热备状态,SLAVE表示备用调度器 interface ens160 ## 承载VIP地址的物理接口 virtual_router_id 1 ## 虚拟路由器的ID,每个热备组保持一致 priority 99 ## 优先级,要低于主调度器 advert_int 1 authentication { auth_type PASS auth_pass 888 ## 自定义密码,密码要一致 } virtual_ipaddress { 192.168.168.180 ## 指定漂移IP地址 } virtual_ipaddress { 192.168.168.181 ## 可以有多个虚拟IP地址 } } EOF 开启Keepalived: [root@redhat8 ~]# systemctl start keepalived [root@redhat8 ~]# systemctl enable keepalived 安装network服务 [root@redhat8 ~]# yum -y install network-scripts 重启network服务 [root@redhat8 ~]# systemctl restart network 开机自动开启network服务 [root@redhat8 ~]# systemctl enable network 验证:(主要看有没有漂移IP地址出现) [root@redhat8 ~]# ip addr show dev ens160 2: ens160: mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:e1:fb:f2 brd ff:ff:ff:ff:ff:ff inet 192.168.168.155/24 brd 192.168.168.255 scope global noprefixroute ens160 valid_lft forever preferred_lft forever inet 192.168.168.180/32 scope global ens160 valid_lft forever preferred_lft forever inet 192.168.168.181/32 scope global ens160 valid_lft forever preferred_lft forever inet6 fe80::92ab:5fb4:5373:ad53/64 scope link noprefixroute valid_lft forever preferred_lft forever 以下是做Apache/Nginx的集群,使用TCP 80端口。 master和 slave在Web服务器池的配置是一样的: cat >>/etc/keepalived/keepalived.conf<< EOF virtual_server 192.168.168.180 80 { protocol TCP ## 用TCP协议检查realserver的状态 delay_loop 10 ## 每隔10秒检查realserver的状态 lb_algo wlc ## LVS算法 lb_kind DR ## LVS模式 persistence_timeout 60 ## 同一IP的连接60秒内分配到同一台realserver; ## 假如60秒内有任何操作,则客户端始终在同一台Web服务器上; ## 假如60秒内没有任何操作,与客户端的连接会中断!! real_server 192.168.168.130 80 { weight 100 ## 权重 TCP_CHECK { connect_timeout 10 ## 10秒无响应视为超时 connect_port 80 nb_get_retry 3 delay_before_retry 4 } } real_server 192.168.168.190 80 { weight 100 ## 权重 TCP_CHECK { connect_timeout 10 ## 10秒无响应视为超时 connect_port 80 nb_get_retry 3 delay_before_retry 4 } } } EOF 重启Keepalived: [root@redhat8 ~]# systemctl restart keepalived 添加虚拟网卡: [root@redhat8 ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens160:0 DEVICE=ens160:0 ONBOOT=yes BOOTPROTO=static IPADDR=192.168.168.180 NETMASK=255.255.255.255 ### [root@redhat8 ~]# route add -host 192.168.168.180 dev ens160 echo "route add -host 192.168.168.180 dev ens160" >> /etc/rc.local echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf sysctl -p modprobe ip_vs [root@redhat8 ~]# chmod a+x /etc/rc.d/rc.local 重启network服务 [root@redhat8 ~]# systemctl restart network [root@redhat8 ~]# ifconfig ens160: flags=4163 mtu 1500 inet 192.168.168.155 netmask 255.255.255.0 broadcast 192.168.168.255 inet6 fe80::92ab:5fb4:5373:ad53 prefixlen 64 scopeid 0x20 ether 00:0c:29:e1:fb:f2 txqueuelen 1000 (Ethernet) RX packets 1287 bytes 122580 (119.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 3881 bytes 417578 (407.7 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 ens160:0: flags=4163 mtu 1500 inet 192.168.168.180 netmask 255.255.255.255 broadcast 0.0.0.0 ether 00:0c:29:e1:fb:f2 txqueuelen 1000 (Ethernet) lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 205 bytes 18040 (17.6 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 205 bytes 18040 (17.6 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 创建虚拟服务器: ipvsadm -A -t 192.168.168.180:80 -s wlc 添加服务器节点: ipvsadm -a -t 192.168.168.180:80 -r 192.168.168.130:80 -g -w 100 ipvsadm -a -t 192.168.168.180:80 -r 192.168.168.190:80 -g -w 100 备注,删除虚拟服务器: ipvsadm -D -t 192.168.168.180:80 查看节点状态:( ipvsadm -ln ) 图片2.png 保存负载分配策略:(服务器重启后也生效) [root@redhat8 ~]# ipvsadm-save > /etc/sysconfig/ipvsadm-config 确定保存结果: [root@redhat8 ~]# cat /etc/sysconfig/ipvsadm-config -A -t redhat8.zhuohua.store:http -s wlc -a -t redhat8.zhuohua.store:http -r 192.168.168.130:http -g -w 100 -a -t redhat8.zhuohua.store:http -r 192.168.168.190:http -g -w 100 插入防火墙规则:( TCP 80) firewall-cmd --zone=public --add-port=80/tcp --permanent 使规则生效: firewall-cmd --reload ###################################### ###################################### web-1的操作系统为 CentOS release 6.9 (Final) web-2的操作系统为 CentOS Linux release 7.6.1810 (Core) web-1的服务器配置: 笺注:Apache或Nginx的安装这里就省略了 添加虚拟网卡: [root@Zabbix_server ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0 DEVICE=lo:0 ONBOOT=yes BOOTPROTO=static IPADDR=192.168.168.180 NETMASK=255.255.255.255 重启网络服务: [root@Zabbix_server ~]# service network restart ### [root@Zabbix_server ~]# route add -host 192.168.168.180 dev lo:0 echo "route add -host 192.168.168.180 dev lo:0">> /etc/rc.local echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf sysctl -p 重启网络服务: [root@Zabbix_server ~]# service network restart 检验:(主要看有没有漂移IP地址出现) [root@Zabbix_server ~]# ip addr 1: lo: mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet 192.168.168.180/32 brd 192.168.168.180 scope global lo:0 inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:2b:17:3a brd ff:ff:ff:ff:ff:ff inet 192.168.168.130/24 brd 192.168.168.255 scope global eth0 inet6 fe80::20c:29ff:fe2b:173a/64 scope link valid_lft forever preferred_lft forever [root@Zabbix_server ~]# ifconfig eth0 Link encap:Ethernet HWaddr 00:0C:29:2B:17:3A inet addr:192.168.168.130 Bcast:192.168.168.255 Mask:255.255.255.0 inet6 addr: fe80::20c:29ff:fe2b:173a/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:5518 errors:0 dropped:0 overruns:0 frame:0 TX packets:6984 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:861773 (841.5 KiB) TX bytes:5179545 (4.9 MiB) lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:22829 errors:0 dropped:0 overruns:0 frame:0 TX packets:22829 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:1535586 (1.4 MiB) TX bytes:1535586 (1.4 MiB) lo:0 Link encap:Local Loopback inet addr:192.168.168.180 Mask:255.255.255.255 UP LOOPBACK RUNNING MTU:65536 Metric:1 ###### web-2的服务器配置: 笺注:Apache或Nginx的安装这里就省略了 添加虚拟网卡: [root@ser1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0 DEVICE=lo:0 ONBOOT=yes BOOTPROTO=static IPADDR=192.168.168.180 NETMASK=255.255.255.255 ### [root@ser1 ~]#route -bash: route: 未找到命令 [root@ser1 ~]# [root@ser1 ~]#yum -y install net-tools 重启network服务 [root@ser1 ~]# systemctl restart network [root@ser1 ~]# route add -host 192.168.168.180 dev lo:0 echo "route add -host 192.168.168.180 dev lo:0">> /etc/rc.local echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf sysctl -p [root@ser1 ~]# chmod a+x /etc/rc.d/rc.local 重启network服务 [root@ser1 ~]# systemctl restart network 检验:(主要看有没有漂移IP地址出现) [root@ser1 ~]# ip addr 1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 192.168.168.180/32 brd 192.168.168.180 scope global lo:0 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:67:65:1f brd ff:ff:ff:ff:ff:ff inet 192.168.168.190/24 brd 192.168.168.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::ddb2:40d4:7a16:f7a/64 scope link noprefixroute valid_lft forever preferred_lft forever [root@ser1 ~]# ifconfig ens33: flags=4163 mtu 1500 inet 192.168.168.190 netmask 255.255.255.0 broadcast 192.168.168.255 inet6 fe80::ddb2:40d4:7a16:f7a prefixlen 64 scopeid 0x20 ether 00:0c:29:67:65:1f txqueuelen 1000 (Ethernet) RX packets 1338 bytes 100499 (98.1 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 1661 bytes 509927 (497.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73 mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10 loop txqueuelen 1000 (Local Loopback) RX packets 193 bytes 16328 (15.9 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 193 bytes 16328 (15.9 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo:0: flags=73 mtu 65536 inet 192.168.168.180 netmask 255.255.255.255 loop txqueuelen 1000 (Local Loopback) ###### 客户端访问的效果:(要访问漂移IP地址) 图片3.png web-1关闭Apache: [root@Zabbix_server ~]# service httpd stop stop apache... done 图片4.png web-1开启Apache: [root@Zabbix_server ~]# service httpd start start apache... Done web-2关闭Apache: [root@ser1 ~]# systemctl stop httpd 图片5.png 调度服务器要看到轮询效果: [root@redhat8 ~]# ipvsadm -lnc IPVS connection entries pro expire state source virtual destination TCP 10:47 ESTABLISHED 192.168.168.159:1113 192.168.168.180:80 192.168.168.130:80 TCP 14:24 ESTABLISHED 192.168.168.159:1133 192.168.168.180:80 192.168.168.190:80 注释: 正常情况下,客户端会稳定地停留在某一台Web服务器上,访问是不会突然中断的; 同一时刻,只有一台负载调度器在工作; 只要还有一台负载调度器、一台Web服务器还在正常工作,就不会影响到客户端的访问。 如果要修改Web程序池的节点(即修改Web服务器群集),可以先删除虚拟服务器,再重新创建虚拟服务器,并添加服务器节点。 相关文章: CentOS8_Keepalived+LVS(二) CentOS8_NFS共享存储服务 CentOS8_Keepalived双机热备+Apache CentOS6_Keepalived+LVS

图片附件: 图片1.png (2020-7-27 13:21, 74.88 KB) / 下载次数 186
http://blog.zhuohua.store/attachment.php?aid=9883&k=0a56b24d9881e32fd008a457fec317cd&t=1714316900&sid=GYIlzz



图片附件: 图片2.png (2020-7-27 13:22, 38.85 KB) / 下载次数 172
http://blog.zhuohua.store/attachment.php?aid=9884&k=2324a848fa5634043028987e6d174266&t=1714316900&sid=GYIlzz



图片附件: 图片3.png (2020-7-27 13:23, 17.38 KB) / 下载次数 178
http://blog.zhuohua.store/attachment.php?aid=9885&k=9b49b8dd20119735ac94b14ad6e68081&t=1714316900&sid=GYIlzz



图片附件: 图片4.png (2020-7-27 13:23, 17.29 KB) / 下载次数 176
http://blog.zhuohua.store/attachment.php?aid=9886&k=c335d164a5c7bd54eee1cbdb8a9852a3&t=1714316900&sid=GYIlzz



图片附件: 图片5.png (2020-7-27 13:24, 17.38 KB) / 下载次数 184
http://blog.zhuohua.store/attachment.php?aid=9887&k=a8de586d3b09eae0ee24414e94fe2c43&t=1714316900&sid=GYIlzz





欢迎光临 blog.zhuohua.store (http://blog.zhuohua.store/) Powered by Discuz! 7.2