备用调度器 slave:192.168.168.155/24
slave的操作系统为 CentOS Linux release 8.2.2004 (Core)
使用VIP:192.168.168.180
web-1: 192.168.168.130
web-2: 192.168.168.154
备注:所有服务器都要在同一内网里。
slave的配置:
[root@redhat8 ~]# dnf -y install keepalived net-tools ipvsadm*
[root@redhat8 ~]# keepalived -v
Keepalived v2.0.10 (11/12,2018)
修改slave的keepalived的配置文件:
cat >/etc/keepalived/keepalived.conf<< EOF
! Configuration File for keepalived
global_defs {
router_id Slave1 ## 每个参与热备的调度器都要指定不同的名字
}
vrrp_instance VI_1 {
state SLAVE ## 热备状态,SLAVE表示备用调度器
interface ens160 ## 承载VIP地址的物理接口
virtual_router_id 1 ## 虚拟路由器的ID,每个热备组保持一致
priority 99 ## 优先级,要低于主调度器
advert_int 1
authentication {
auth_type PASS
auth_pass 888 ## 自定义密码,密码要一致
}
virtual_ipaddress {
192.168.168.180 ## 指定漂移IP地址
}
virtual_ipaddress {
192.168.168.181 ## 可以有多个虚拟IP地址
}
}
EOF
开启Keepalived:
[root@redhat8 ~]# systemctl start keepalived
[root@redhat8 ~]# systemctl enable keepalived
安装network服务
[root@redhat8 ~]# yum -y install network-scripts
重启network服务
[root@redhat8 ~]# systemctl restart network
开机自动开启network服务
[root@redhat8 ~]# systemctl enable network
验证:(主要看有没有漂移IP地址出现)
[root@redhat8 ~]# ip addr show dev ens160
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:e1:fb:f2 brd ff:ff:ff:ff:ff:ff
inet 192.168.168.155/24 brd 192.168.168.255 scope global noprefixroute ens160
valid_lft forever preferred_lft forever
inet 192.168.168.180/32 scope global ens160
valid_lft forever preferred_lft forever
inet 192.168.168.181/32 scope global ens160
valid_lft forever preferred_lft forever
inet6 fe80::92ab:5fb4:5373:ad53/64 scope link noprefixroute
valid_lft forever preferred_lft forever
以下是做Apache/Nginx的集群,使用TCP 80端口。
master和 slave在Web服务器池的配置是一样的:
cat >>/etc/keepalived/keepalived.conf<< EOF
virtual_server 192.168.168.180 80 {
protocol TCP ## 用TCP协议检查realserver的状态
delay_loop 10 ## 每隔10秒检查realserver的状态
lb_algo wlc ## LVS算法
lb_kind DR ## LVS模式
persistence_timeout 60
## 同一IP的连接60秒内分配到同一台realserver;
## 假如60秒内有任何操作,则客户端始终在同一台Web服务器上;
## 假如60秒内没有任何操作,与客户端的连接会中断!!
real_server 192.168.168.130 80 {
weight 100 ## 权重
TCP_CHECK {
connect_timeout 10 ## 10秒无响应视为超时
connect_port 80
nb_get_retry 3
delay_before_retry 4
}
}
real_server 192.168.168.190 80 {
weight 100 ## 权重
TCP_CHECK {
connect_timeout 10 ## 10秒无响应视为超时
connect_port 80
nb_get_retry 3
delay_before_retry 4
}
}
}
EOF
重启Keepalived:
[root@redhat8 ~]# systemctl restart keepalived
添加虚拟网卡:
[root@redhat8 ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens160:0
DEVICE=ens160:0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.168.180
NETMASK=255.255.255.255
###
[root@redhat8 ~]# route add -host 192.168.168.180 dev ens160
echo "route add -host 192.168.168.180 dev ens160" >> /etc/rc.local
echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf
sysctl -p
modprobe ip_vs
[root@redhat8 ~]# chmod a+x /etc/rc.d/rc.local
重启network服务
[root@redhat8 ~]# systemctl restart network
[root@redhat8 ~]# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.168.155 netmask 255.255.255.0 broadcast 192.168.168.255
inet6 fe80::92ab:5fb4:5373:ad53 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:e1:fb:f2 txqueuelen 1000 (Ethernet)
RX packets 1287 bytes 122580 (119.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3881 bytes 417578 (407.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
ens160:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.168.180 netmask 255.255.255.255 broadcast 0.0.0.0
ether 00:0c:29:e1:fb:f2 txqueuelen 1000 (Ethernet)
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 205 bytes 18040 (17.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 205 bytes 18040 (17.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
创建虚拟服务器:
ipvsadm -A -t 192.168.168.180:80 -s wlc
添加服务器节点:
ipvsadm -a -t 192.168.168.180:80 -r 192.168.168.130:80 -g -w 100
ipvsadm -a -t 192.168.168.180:80 -r 192.168.168.190:80 -g -w 100
备注,删除虚拟服务器:
ipvsadm -D -t 192.168.168.180:80
查看节点状态:( ipvsadm -ln )
保存负载分配策略:(服务器重启后也生效)
[root@redhat8 ~]# ipvsadm-save > /etc/sysconfig/ipvsadm-config
确定保存结果:
[root@redhat8 ~]# cat /etc/sysconfig/ipvsadm-config
-A -t redhat8.zhuohua.store:http -s wlc
-a -t redhat8.zhuohua.store:http -r 192.168.168.130:http -g -w 100
-a -t redhat8.zhuohua.store:http -r 192.168.168.190:http -g -w 100
插入防火墙规则:( TCP 80)
firewall-cmd --zone=public --add-port=80/tcp --permanent
使规则生效:
firewall-cmd --reload
######################################
######################################
web-1的操作系统为 CentOS release 6.9 (Final)
web-2的操作系统为 CentOS Linux release 7.6.1810 (Core)
web-1的服务器配置:
笺注:Apache或Nginx的安装这里就省略了
添加虚拟网卡:
[root@Zabbix_server ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.168.180
NETMASK=255.255.255.255
重启网络服务:
[root@Zabbix_server ~]# service network restart
###
[root@Zabbix_server ~]# route add -host 192.168.168.180 dev lo:0
echo "route add -host 192.168.168.180 dev lo:0">> /etc/rc.local
echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf
sysctl -p
重启网络服务:
[root@Zabbix_server ~]# service network restart
检验:(主要看有没有漂移IP地址出现)
[root@Zabbix_server ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet 192.168.168.180/32 brd 192.168.168.180 scope global lo:0
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:2b:17:3a brd ff:ff:ff:ff:ff:ff
inet 192.168.168.130/24 brd 192.168.168.255 scope global eth0
inet6 fe80::20c:29ff:fe2b:173a/64 scope link
valid_lft forever preferred_lft forever
[root@Zabbix_server ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:2B:17:3A
inet addr:192.168.168.130 Bcast:192.168.168.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe2b:173a/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5518 errors:0 dropped:0 overruns:0 frame:0
TX packets:6984 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:861773 (841.5 KiB) TX bytes:5179545 (4.9 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:22829 errors:0 dropped:0 overruns:0 frame:0
TX packets:22829 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:1535586 (1.4 MiB) TX bytes:1535586 (1.4 MiB)
lo:0 Link encap:Local Loopback
inet addr:192.168.168.180 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:65536 Metric:1
######
web-2的服务器配置:
笺注:Apache或Nginx的安装这里就省略了
添加虚拟网卡:
[root@ser1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.168.180
NETMASK=255.255.255.255
###
[root@ser1 ~]#route
-bash: route: 未找到命令
[root@ser1 ~]#
[root@ser1 ~]#yum -y install net-tools
重启network服务
[root@ser1 ~]# systemctl restart network
[root@ser1 ~]# route add -host 192.168.168.180 dev lo:0
echo "route add -host 192.168.168.180 dev lo:0">> /etc/rc.local
echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf
sysctl -p
[root@ser1 ~]# chmod a+x /etc/rc.d/rc.local
重启network服务
[root@ser1 ~]# systemctl restart network
检验:(主要看有没有漂移IP地址出现)
[root@ser1 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.168.180/32 brd 192.168.168.180 scope global lo:0
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:67:65:1f brd ff:ff:ff:ff:ff:ff
inet 192.168.168.190/24 brd 192.168.168.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::ddb2:40d4:7a16:f7a/64 scope link noprefixroute
valid_lft forever preferred_lft forever
[root@ser1 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.168.190 netmask 255.255.255.0 broadcast 192.168.168.255
inet6 fe80::ddb2:40d4:7a16:f7a prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:67:65:1f txqueuelen 1000 (Ethernet)
RX packets 1338 bytes 100499 (98.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1661 bytes 509927 (497.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 193 bytes 16328 (15.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 193 bytes 16328 (15.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.168.180 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
######
客户端访问的效果:(要访问漂移IP地址)
web-1关闭Apache:
[root@Zabbix_server ~]# service httpd stop
stop apache... done
web-1开启Apache:
[root@Zabbix_server ~]# service httpd start
start apache... Done
web-2关闭Apache:
[root@ser1 ~]# systemctl stop httpd
调度服务器要看到轮询效果:
[root@redhat8 ~]# ipvsadm -lnc
IPVS connection entries
pro expire state source virtual destination
TCP 10:47 ESTABLISHED 192.168.168.159:1113 192.168.168.180:80 192.168.168.130:80
TCP 14:24 ESTABLISHED 192.168.168.159:1133 192.168.168.180:80 192.168.168.190:80
注释:
正常情况下,客户端会稳定地停留在某一台Web服务器上,访问是不会突然中断的;
同一时刻,只有一台负载调度器在工作;
只要还有一台负载调度器、一台Web服务器还在正常工作,就不会影响到客户端的访问。
如果要修改Web程序池的节点(即修改Web服务器群集),可以先删除虚拟服务器,再重新创建虚拟服务器,并添加服务器节点。
相关文章:
CentOS8_Keepalived+LVS(二)
CentOS8_NFS共享存储服务
CentOS8_Keepalived双机热备+Apache
CentOS6_Keepalived+LVS |