科技网站首页wordpress导航加title
目录
一、LVS+Keepalived高可用群集
1、实验环境
2、 主和备keepalived的配置
2.1 yum安装ipvsadm和keepalived工具
2.2 添加ip_vs模块并开启ipvsadm
2.3 修改keepalived的配置文件
2.4 调整proc响应参数,关闭linux内核的重定向参数响应
2.5 将主服务器的keepalived的配置文件远程传输到备服务器上,并进行必要的修改
3、 真实web服务器的配置(web1,web2配置一样)
3.1 下载httpd服务
3.2 配置VIP地址
3.3 修改配置,使得系统只响应目的ip为本地ip的请求
3.4 配置访问默认页面内容
4、测试
4.1 将主服务器关闭
二、非抢占模式
三、延迟抢占
一、LVS+Keepalived高可用群集
1、实验环境
主keepalived:192.168.80.100 lvs
备keepalived:192.168.80.101 lvs
web1:192.168.80.102
web2:192.168.80.103
vip:192.168.80.188
客户机访问
2、 主和备keepalived的配置
2.1 yum安装ipvsadm和keepalived工具
#关闭防火墙和selinux服务
[root@localhost ~]#systemctl stop firewalld.service
[root@localhost ~]#setenforce 0#yum安装keepalived和ipvsadm工具
[root@localhost ~]#yum install ipvsadm keepalived -y
2.2 添加ip_vs模块并开启ipvsadm
#添加ip_vs模块
[root@localhost ~]#modprobe ip_vs
[root@localhost ~]#cat /proc/net/ip_vs
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port Forward Weight ActiveConn InActConn
#保存原来的配置并开启ipvsadm
[root@localhost keepalived]#ipvsadm-save > /etc/sysconfig/ipvsadm
[root@localhost keepalived]#systemctl start ipvsadm.service
2.3 修改keepalived的配置文件
[root@localhost keepalived]#cd /etc/keepalived/
[root@localhost keepalived]#cp keepalived.conf keepalived.conf.bak
#复制一份,备份使用#修改keepalived的配置文件
[root@localhost keepalived]#vim keepalived.conf
global_defs {router_id HA_TEST_R2 ####本路由器的服务器名称 HA_TEST_R2
}
vrrp_instance VI_1 { ####定义VRRP热备实列state BACKUP ####热备状态,backup表示辅服务器interface ens33 ####表示承载VIP地址的物理接口virtual_router_id 1 ####虚拟路由器的ID号,每个热备组保持一致priority 99 ####优先级,优先级越大优先级越高advert_int 1 ####通告间隔秒数(心跳频率)authentication { ####认证信息,每个热备组保持一致auth_type PASS ####认证类型auth_pass 123456 ####认证密码}virtual_ipaddress { ####漂移地址(VIP),可以是多个192.168.100.10}
}#需要修改项
global_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 127.0.0.1#修改邮箱指向自己(10行)smtp_connect_timeout 30router_id LVS_01#指定服务器名称主备需要不一样(12行)vrrp_skip_check_adv_addr#vrrp_strict#14行需要注释否则服务启动有问题vrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_instance VI_1 {state MASTER#指定服务器类型MASTER为主 BACKUP为备(20行)interface ens33#修改网卡名称为ens33(21)virtual_router_id 10#指定虚拟路由器的ID号主备需要一致#nopreempt #非抢占模式两个节点都需要配置去掉注释priority 100#设定优先级数字越大优先级越高,准备需要不一样advert_int 1#通告间隔(查看是否存活)authentication {auth_type PASS#认证类型auth_pass 123456#修改验证密码,主备需要一样(27行)}virtual_ipaddress {192.168.80.188#指定群集vip地址}
}
virtual_server 192.168.80.188 80 {delay_loop 6#健康间隔时间6秒lb_algo rr#调度算法轮询lb_kind DR#lvs模式为DR persistence_timeout 0#连接保持时间改为0 否则 无法体现效果protocol TCP#采用协议real_server 192.168.91.102 80 {#43行修改地址为真实主机地址weight 1#45行删除#节点权重TCP_CHECK{connect_port 80#检查目标端口connect_timeout 3#连接超时 nb_get_retry 3#重试次数delay_before_retry 3#重试间隔时间}}real_server 192.168.80.103 80 {#第二个weight 1TCP_CHECK{connect_port 80connect_timeout 3nb_get_retry 3delay_before_retry 3}}
2.4 调整proc响应参数,关闭linux内核的重定向参数响应
#启动服务、查看虚拟网卡vip
systemctl start keepalived
ip addr show dev ens33 #调整proc响应参数,关闭Linux内核的重定向参数响应
vim /etc/sysctl.conf
net.ipv4.ip_forward = 1
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0#刷新一下
sysctl -p
2.5 将主服务器的keepalived的配置文件远程传输到备服务器上,并进行必要的修改
[root@localhost keepalived]#scp keepalived.conf root@192.168.80.101:/etc/keepalived/[root@localhost keepalived]#vim keepalived.conf
#备份keepalive
12 router_id LVS_02
20 state BACKUP
23 priority 99
[root@localhost keepalived]#systemctl start keepalived.service
[root@localhost keepalived]#ipvsadm
[root@localhost keepalived]#ipvsadm -ln
[root@localhost keepalived]#vim /etc/sysctl.conf
[root@localhost keepalived]#sysctl -p
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
3、 真实web服务器的配置(web1,web2配置一样)
3.1 下载httpd服务
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install -y httpd
3.2 配置VIP地址
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vim ifcfg-lo:0[root@localhost network-scripts]# cat /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.80.188
NETMASK=255.255.255.255
NETWORK=127.0.0.0[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# systemctl restart network
3.3 修改配置,使得系统只响应目的ip为本地ip的请求
[root@localhost network-scripts]# vim /etc/sysctl.conf
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost network-scripts]# route add -host 192.168.80.188 lo:0
3.4 配置访问默认页面内容
4、测试
4.1 将主服务器关闭
此时虚拟VIP在备用服务器,且依旧可以访问网站
关闭主服务器,我们也可以抓包来看变化
--关闭主服务器时,是192.168.80.101
--开启主服务器后,主服务器会抢占,因为主服务器优先级高,又会变成主服务器,192.168.80.100
二、非抢占模式
默认模式使用的 抢占式,上面的实验使用的就是抢占模式
主节点会抢占回来,会造成两次网络动荡。
#注意:要关闭 VIP抢占,必须将各 keepalived 服务器state配置为BACKUP
#1主机配置
vrrp_instance VI_1 {state BACKUP #都为BACKUPinterface ens33virtual_router_id 66priority 100 #优先级高advert_int 1nopreempt #添加此行,都为nopreempt
#2主机配置
vrrp_instance VI_1 {state BACKUP #都为BACKUPinterface ens33virtual_router_id 66priority 80 #优先级低advert_int 1nopreempt #添加此行,都为nopreempt
三、延迟抢占
#延迟抢占
preempt_delay # #指定抢占延迟时间为#s,默认延迟300s
#注意:需要各keepalived服务器state为BACKUP,并且不要启用 vrrp_strict
#1主机配置
vrrp_instance VI_1 {state BACKUP #都为BACKUPinterface eth0virtual_router_id 66priority 100 #优先级高advert_int 1 preempt_delay 30 #抢占延迟模式,默认延迟300s#2主机配置
vrrp_instance VI_1 {state BACKUP #都为BACKUPinterface eth0virtual_router_id 66priority 80 #优先级低advert_int 1 priority 80 #优先级高advert_int 1 preempt_delay 60 #抢占延迟模式,默认延迟300s
