返回列表 发帖

CentOS8_Keepalived+LVS

备用调度器 slave:192.168.168.155/24

slave的操作系统为 CentOS Linux release 8.2.2004 (Core)


使用VIP:192.168.168.180
web-1: 192.168.168.130
web-2: 192.168.168.154

图片1.png
2020-7-27 13:21

备注:所有服务器都要在同一内网里。







slave的配置:
[root@redhat8 ~]# dnf -y install keepalived net-tools ipvsadm*


[root@redhat8 ~]# keepalived -v
Keepalived v2.0.10 (11/12,2018)


修改slave的keepalived的配置文件:
cat >/etc/keepalived/keepalived.conf<< EOF
! Configuration File for keepalived
global_defs {
                router_id Slave1  ## 每个参与热备的调度器都要指定不同的名字
}

vrrp_instance VI_1 {
        state SLAVE  ## 热备状态,SLAVE表示备用调度器
        interface ens160  ## 承载VIP地址的物理接口
        virtual_router_id 1  ## 虚拟路由器的ID,每个热备组保持一致
        priority 99  ## 优先级,要低于主调度器
        advert_int 1
        authentication {
                auth_type PASS
                auth_pass 888   ## 自定义密码,密码要一致
                        }
        virtual_ipaddress {
                        192.168.168.180   ## 指定漂移IP地址
                        }
        virtual_ipaddress {
                        192.168.168.181   ## 可以有多个虚拟IP地址
                        }
                }
EOF


开启Keepalived:
[root@redhat8 ~]# systemctl start keepalived
[root@redhat8 ~]# systemctl enable keepalived


安装network服务
[root@redhat8 ~]# yum -y install network-scripts

重启network服务
[root@redhat8 ~]# systemctl restart network

开机自动开启network服务
[root@redhat8 ~]# systemctl enable network



验证:(主要看有没有漂移IP地址出现)
[root@redhat8 ~]# ip addr show dev ens160
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether 00:0c:29:e1:fb:f2 brd ff:ff:ff:ff:ff:ff
    inet 192.168.168.155/24 brd 192.168.168.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet 192.168.168.180/32 scope global ens160
       valid_lft forever preferred_lft forever
    inet 192.168.168.181/32 scope global ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::92ab:5fb4:5373:ad53/64 scope link noprefixroute
       valid_lft forever preferred_lft forever









以下是做Apache/Nginx的集群,使用TCP 80端口。

master和 slave在Web服务器池的配置是一样的:

cat >>/etc/keepalived/keepalived.conf<< EOF
virtual_server 192.168.168.180 80 {
        protocol TCP  ## 用TCP协议检查realserver的状态        
        delay_loop 10  ## 每隔10秒检查realserver的状态
        lb_algo wlc  ## LVS算法
        lb_kind DR  ## LVS模式
        persistence_timeout 60  
## 同一IP的连接60秒内分配到同一台realserver;
## 假如60秒内有任何操作,则客户端始终在同一台Web服务器上;
## 假如60秒内没有任何操作,与客户端的连接会中断!!


      
        real_server 192.168.168.130 80 {
                weight 100  ## 权重
                TCP_CHECK {
                connect_timeout 10  ## 10秒无响应视为超时
                connect_port 80
                        nb_get_retry 3
                        delay_before_retry 4
                        }
}

        real_server 192.168.168.190 80 {
                weight 100  ## 权重
                TCP_CHECK {
                connect_timeout 10  ## 10秒无响应视为超时
                connect_port 80
                        nb_get_retry 3
                        delay_before_retry 4
                        }
}
}     
EOF


重启Keepalived:
[root@redhat8 ~]# systemctl restart keepalived









添加虚拟网卡:
[root@redhat8 ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens160:0
DEVICE=ens160:0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.168.180
NETMASK=255.255.255.255

###

[root@redhat8 ~]# route add -host 192.168.168.180 dev ens160
echo "route add -host 192.168.168.180 dev ens160" >> /etc/rc.local
echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf
sysctl -p
modprobe ip_vs

[root@redhat8 ~]# chmod a+x /etc/rc.d/rc.local


重启network服务
[root@redhat8 ~]# systemctl restart network


[root@redhat8 ~]# ifconfig
ens160: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.168.155  netmask 255.255.255.0  broadcast 192.168.168.255
        inet6 fe80::92ab:5fb4:5373:ad53  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:e1:fb:f2  txqueuelen 1000  (Ethernet)
        RX packets 1287  bytes 122580 (119.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3881  bytes 417578 (407.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

ens160:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.168.180  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 00:0c:29:e1:fb:f2  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 205  bytes 18040 (17.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 205  bytes 18040 (17.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0








创建虚拟服务器:
ipvsadm -A -t 192.168.168.180:80 -s wlc

添加服务器节点:
ipvsadm -a -t 192.168.168.180:80 -r 192.168.168.130:80 -g -w 100
ipvsadm -a -t 192.168.168.180:80 -r 192.168.168.190:80 -g -w 100

备注,删除虚拟服务器:
ipvsadm -D -t 192.168.168.180:80


查看节点状态:( ipvsadm -ln )
图片2.png
2020-7-27 13:22



保存负载分配策略:(服务器重启后也生效)
[root@redhat8 ~]# ipvsadm-save > /etc/sysconfig/ipvsadm-config

确定保存结果:
[root@redhat8 ~]# cat /etc/sysconfig/ipvsadm-config
-A -t redhat8.zhuohua.store:http -s wlc
-a -t redhat8.zhuohua.store:http -r 192.168.168.130:http -g -w 100
-a -t redhat8.zhuohua.store:http -r 192.168.168.190:http -g -w 100



插入防火墙规则:( TCP 80)
firewall-cmd --zone=public --add-port=80/tcp --permanent

使规则生效:
firewall-cmd --reload














######################################
######################################


web-1的操作系统为 CentOS release 6.9 (Final)
web-2的操作系统为 CentOS Linux release 7.6.1810 (Core)


web-1的服务器配置:
笺注:Apache或Nginx的安装这里就省略了

添加虚拟网卡:
[root@Zabbix_server ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.168.180
NETMASK=255.255.255.255


重启网络服务:
[root@Zabbix_server ~]# service network restart

###
[root@Zabbix_server ~]# route add -host 192.168.168.180 dev lo:0
echo "route add -host 192.168.168.180 dev lo:0">> /etc/rc.local
echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf
sysctl -p


重启网络服务:
[root@Zabbix_server ~]# service network restart


检验:(主要看有没有漂移IP地址出现)
[root@Zabbix_server ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet 192.168.168.180/32 brd 192.168.168.180 scope global lo:0
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:2b:17:3a brd ff:ff:ff:ff:ff:ff
    inet 192.168.168.130/24 brd 192.168.168.255 scope global eth0
    inet6 fe80::20c:29ff:fe2b:173a/64 scope link
       valid_lft forever preferred_lft forever



[root@Zabbix_server ~]# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:0C:29:2B:17:3A  
          inet addr:192.168.168.130  Bcast:192.168.168.255  Mask:255.255.255.0
          inet6 addr: fe80::20c:29ff:fe2b:173a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:5518 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6984 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:861773 (841.5 KiB)  TX bytes:5179545 (4.9 MiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:65536  Metric:1
          RX packets:22829 errors:0 dropped:0 overruns:0 frame:0
          TX packets:22829 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:1535586 (1.4 MiB)  TX bytes:1535586 (1.4 MiB)

lo:0      Link encap:Local Loopback  
          inet addr:192.168.168.180  Mask:255.255.255.255
          UP LOOPBACK RUNNING  MTU:65536  Metric:1








######

web-2的服务器配置:
笺注:Apache或Nginx的安装这里就省略了

添加虚拟网卡:
[root@ser1 ~]# vi /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.168.180
NETMASK=255.255.255.255

###

[root@ser1 ~]#route
-bash: route: 未找到命令
[root@ser1 ~]#
[root@ser1 ~]#yum -y install net-tools

重启network服务
[root@ser1 ~]# systemctl restart network

[root@ser1 ~]# route add -host 192.168.168.180 dev lo:0
echo "route add -host 192.168.168.180 dev lo:0">> /etc/rc.local
echo "net.ipv4.conf.all.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.all.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.default.arp_announce = 2">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_ignore = 1">> /etc/sysctl.conf
echo "net.ipv4.conf.lo.arp_announce = 2">> /etc/sysctl.conf
sysctl -p

[root@ser1 ~]# chmod a+x /etc/rc.d/rc.local



重启network服务
[root@ser1 ~]# systemctl restart network


检验:(主要看有没有漂移IP地址出现)
[root@ser1 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 192.168.168.180/32 brd 192.168.168.180 scope global lo:0
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:67:65:1f brd ff:ff:ff:ff:ff:ff
    inet 192.168.168.190/24 brd 192.168.168.255 scope global noprefixroute ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::ddb2:40d4:7a16:f7a/64 scope link noprefixroute
       valid_lft forever preferred_lft forever



[root@ser1 ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.168.190  netmask 255.255.255.0  broadcast 192.168.168.255
        inet6 fe80::ddb2:40d4:7a16:f7a  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:67:65:1f  txqueuelen 1000  (Ethernet)
        RX packets 1338  bytes 100499 (98.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1661  bytes 509927 (497.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 193  bytes 16328 (15.9 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 193  bytes 16328 (15.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo:0: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 192.168.168.180  netmask 255.255.255.255
        loop  txqueuelen 1000  (Local Loopback)











######
客户端访问的效果:(要访问漂移IP地址)
图片3.png
2020-7-27 13:23



web-1关闭Apache:
[root@Zabbix_server ~]# service httpd stop
stop apache...  done


图片4.png
2020-7-27 13:23







web-1开启Apache:
[root@Zabbix_server ~]# service httpd start
start apache...  Done

web-2关闭Apache:
[root@ser1 ~]# systemctl stop httpd


图片5.png
2020-7-27 13:24














调度服务器要看到轮询效果:
[root@redhat8 ~]# ipvsadm -lnc
IPVS connection entries
pro expire state       source             virtual            destination
TCP 10:47  ESTABLISHED 192.168.168.159:1113 192.168.168.180:80 192.168.168.130:80
TCP 14:24  ESTABLISHED 192.168.168.159:1133 192.168.168.180:80 192.168.168.190:80

注释:
正常情况下,客户端会稳定地停留在某一台Web服务器上,访问是不会突然中断的;
同一时刻,只有一台负载调度器在工作;
只要还有一台负载调度器、一台Web服务器还在正常工作,就不会影响到客户端的访问。




如果要修改Web程序池的节点(即修改Web服务器群集),可以先删除虚拟服务器,再重新创建虚拟服务器,并添加服务器节点。






相关文章:
CentOS8_Keepalived+LVS(二)
CentOS8_NFS共享存储服务
CentOS8_Keepalived双机热备+Apache

CentOS6_Keepalived+LVS

返回列表