KeepAlived+LVS+Nginx

chenoracle發表於2020-03-12

KeepAlived+LVS+Nginx

 

架構:

角色

安裝軟體

IP

Keepalived +LVS

Keepalived+ipvsadm

192.168.2.221

Keepalived +LVS

Keepalived+ipvsadm

192.168.2.222

Web 叢集1

Nginx

192.168.2.187

Web 叢集2

Nginx

192.168.2.188

虛擬IP

/

192.168.2.223

.Keepalived (221) Keepalived (222) 分別安裝ipvsadm Keepalived

. 配置keepalived.conf

. Web 叢集1(187) Web 叢集2(188) 分別更改arp 核心引數等;

. Web 叢集1(187) Web 叢集2(188) 分別安裝配置nginx

. 測試負載均衡和故障轉移http://192.168.2.223

.Keepalived (221) Keepalived (222) 分別安裝ipvsadm Keepalived

1.1 安裝ipvsadm

--- Keepalived (221) Keepalived (222) 分別執行 

[root@jumplinux01 ~]# rpm -qa|grep ipvsadm

[root@jumplinux01 ~]# yum install ipvsadm -y

1.2 安裝Keepalived

--- Keepalived (221) Keepalived (222) 分別安裝keepalived 

[root@jumplinux01 src]# cd /usr/src/

[root@jumplinux01 src]# rpm -qa|grep openssl-devel

[root@jumplinux01 src]# yum install openssl-devel -y

[root@jumplinux01 src]# wget http://www.keepalived.org/software/keepalived-1.2.7.tar.gz

[root@jumplinux01 src]# wget http://mirror.centos.org/centos/6/os/x86_64/Packages/popt-static-1.13-7.el6.x86_64.rpm 

[root@jumplinux01 src]# pwd

/usr/src

[root@jumplinux01 src]# ll -rth

total 316K

-rw-r--r--  1 root root  22K Jul  3  2011 popt-static-1.13-7.el6.x86_64.rpm

drwxr-xr-x. 2 root root 4.0K Sep 23  2011 kernels

drwxr-xr-x. 2 root root 4.0K Sep 23  2011 debug

-rw-r--r--  1 root root 283K Dec  1  2016 keepalived-1.2.7.tar.gz

[root@jumplinux01 src]# yum -y install popt-static-1.13-7.el6.x86_64.rpm

[root@jumplinux01 src]# yum -y install kernel-devel make gcc openssl-devel libnl* popt* 

[root@jumplinux01 src]# ln -s /usr/src/kernels/2.6.32-220.13.1.el6.x86_64/ /usr/src/linux 

[root@jumplinux01 src]# tar zxvf keepalived-1.2.7.tar.gz 

[root@jumplinux01 src]# cd keepalived-1.2.7

[root@jumplinux01 src]# ./configure --with-kernel-dir=/usr/src/kernels/2.6.32-358.2.1.el6.x86_64/ 

[root@jumplinux01 keepalived-1.2.7]# make && make install

[root@jumplinux01 keepalived-1.2.7]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/

[root@jumplinux01 keepalived-1.2.7]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/

[root@jumplinux01 keepalived-1.2.7]# mkdir /etc/keepalived

[root@jumplinux01 keepalived-1.2.7]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/

[root@jumplinux01 keepalived-1.2.7]# cp /usr/local/sbin/keepalived /usr/sbin/

. 配置keepalived.conf

2.1  Keepalived (221) Keepalived (222) 分別開啟IP Forward 功能

[root@jumplinux01 keepalived-1.2.7]# vi /etc/sysctl.conf

......

# Controls IP packet forwarding

#net.ipv4.ip_forward = 0

net.ipv4.ip_forward = 1

......

2.2  Keepalived (221) 配置keepalived.conf

[root@jumplinux01 keepalived]# pwd

/etc/keepalived

[root@jumplinux01 keepalived]# cp keepalived.conf /root/keepalived.conf.bak

[root@jumplinux01 keepalived-1.2.7]# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived 

global_defs { 

    notification_email {  

        chenjch001@test.com  

    }  

    notification_email_from chenjch002@test.com 

    smtp_server 127.0.0.1 

    smtp_connect_timeout 30 

    router_id LVS_MASTER 

 

vrrp_instance VI_1 { 

    state MASTER 

    interface eth0 

    virtual_router_id 60 

    priority 150 

    advert_int 1 

    authentication { 

        auth_type PASS 

        auth_pass 1111 

    } 

    virtual_ipaddress { 

        192.168.2.223 

    } 

 

virtual_server 192.168.2.223 80 { 

    delay_loop 6 

    lb_algo rr  

    lb_kind DR 

    nat_mask 255.255.255.0 

    persistence_timeout 2 

    protocol TCP 

 

    real_server 192.168.2.187 80 { 

        weight 1 

        TCP_CHECK { 

            connect_timeout 3 

            nb_get_retry 3 

            delay_before_retry 3 

        } 

    } 

 

    real_server 192.168.2.188 80 { 

        weight 1 

        TCP_CHECK { 

            connect_timeout 3 

            nb_get_retry 3 

            delay_before_retry 3 

        } 

    } 

2.3 Keepalived (222) 配置keepalived.conf

[root@jumplinux02 keepalived]# pwd

/etc/keepalived

[root@jumplinux02 keepalived]# cp keepalived.conf /root/keepalived.conf.bak

[root@jumplinux02 keepalived-1.2.7]# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived 

global_defs { 

    notification_email {  

        chenjch001@test.com  

    }  

    notification_email_from chenjch002@test.com 

    smtp_server 127.0.0.1 

    smtp_connect_timeout 30 

    router_id LVS_ BACKUP

 

vrrp_instance VI_1 { 

    state BACKUP 

    interface eth0 

    virtual_router_id 60 

    priority 100 

    advert_int 1 

    authentication { 

        auth_type PASS 

        auth_pass 1111 

    } 

    virtual_ipaddress { 

        192.168.2.223 

    } 

 

virtual_server 192.168.2.223 80 { 

    delay_loop 6 

    lb_algo rr  

    lb_kind DR 

    nat_mask 255.255.255.0 

    persistence_timeout 2 

    protocol TCP 

 

    real_server 192.168.2.187 80 { 

        weight 1 

        TCP_CHECK { 

            connect_timeout 3 

            nb_get_retry 3 

            delay_before_retry 3 

        } 

    } 

 

    real_server 192.168.2.188 80 { 

        weight 1 

        TCP_CHECK { 

            connect_timeout 3 

            nb_get_retry 3 

            delay_before_retry 3 

        } 

    } 

. Web 叢集1(187) Web 叢集2(188) 分別更改arp 核心引數等

Web 叢集1(187) Web 叢集1(188) 分別執行:

keepalived 的配置檔案中定義的LVS 模式為DR 模式,還需要在兩臺rs 上執行lvs_dr_rs.sh 指令碼。

[root@rac1 ~]# vi /usr/local/sbin/lvs_dr_rs.sh

#/bin/bash

vip=192.168.2.223

# vip 繫結在lo 上,是為了實現rs 直接把結果返回給客戶端

ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up

route add -host $vip lo:0

# 以下操作為更改arp 核心引數,目的是為了讓rs 順利傳送mac 地址給客戶端

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

[root@rac1 ~]# chmod a+x /usr/local/sbin/lvs_dr_rs.sh

[root@rac1 ~]# sh /usr/local/sbin/lvs_dr_rs.sh

[root@rac1 ~]# ip addr|grep 192.168.2.223

    inet 192.168.2.223/32 brd 192.168.2.223 scope global lo:0

[root@rac2 ~]# ip addr|grep 192.168.2.223

inet 192.168.2.223/32 brd 192.168.2.223 scope global lo:0

. Web 叢集1(187) Web 叢集2(188) 分別安裝配置nginx

4.1 Web 叢集1(187) Web 叢集2(188) 分別安裝nginx

[root@rac1 local]# cd /usr/local/

[root@rac1 local]# wget http://nginx.org/download/nginx-1.11.5.tar.gz

[root@rac1 local]# yum install gcc-c++ pcre pcre-devel zlib zlib-devel openssl openssl-devel -y     

[root@rac1 local]# tar -zxvf nginx-1.11.5.tar.gz

[root@rac1 local]# mv /usr/local/nginx-1.11.5 /usr/local/nginx

[root@rac1 local]# cd /usr/local/nginx

[root@rac1 nginx-1.11.5]# ./configure

[root@rac1 nginx-1.11.5]# make

[root@rac1 nginx-1.11.5]# make install

[root@rac1 system]# /usr/local/nginx/sbin/nginx

[root@rac2 nginx-1.11.5]# /usr/local/nginx/sbin/nginx

[root@rac1 system]# ps -ef|grep nginx

root     11866     1  0 17:35 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx

nobody   11867 11866  0 17:35 ?        00:00:00 nginx: worker process

root     11886  3579  0 17:35 pts/1    00:00:00 grep --color=auto nginx

4.2 Web 叢集1(187) Web 叢集2(188) 分別配置nginx

Web 叢集1(187) Web 叢集2(188) 分別替換不同的html ,方便輪詢測試;

[root@rac2 html]# pwd

/usr/local/nginx/html/index.html 替換成awr.html gpr.html

. 測試負載均衡和故障轉移

5.1 測試負載均衡

負載方式:rr 輪詢

瀏覽器輸入 http://192.168.2.223/

[root@jumplinux01 ~]# ipvsadm -lnc

IPVS connection entries

pro expire state       source             virtual            destination

TCP 00:01  NONE        192.168.90.105:0   192.168.2.223:80   192.168.2.188:80

TCP 00:00  ESTABLISHED 192.168.90.105:63625 192.168.2.223:80   192.168.2.188:80

兩秒後重新整理頁面

http://192.168.2.223/

頁面不同了,輪詢成功

5.2 測試故障轉移

Web 叢集2(188) 殺掉nginx 服務

[root@rac2 ~]# ps -ef|grep nginx

root     11046     1  0 Oct29 ?        00:00:00 nginx: master process /usr/local/nginx/sbin/nginx

nobody   11047 11046  0 Oct29 ?        00:00:04 nginx: worker process

root     19625 19401  0 15:36 pts/0    00:00:00 grep --color=auto nginx

[root@rac2 ~]# kill -9 11046

[root@rac2 ~]# kill -9 11047

[root@rac2 ~]# ps -ef|grep nginx

root     19665 19401  0 15:36 pts/0    00:00:00 grep --color=auto nginx

瀏覽器輸入 http://192.168.2.223/

間隔一段時間多長重新整理,頁面不變,也沒有報錯

[root@jumplinux01 ~]# ipvsadm -lnc

IPVS connection entries

pro expire state       source             virtual            destination

TCP 00:00  NONE        192.168.90.105:0   192.168.2.223:80   192.168.2.187:80

啟動nginx 後,可以重新整理到另一個頁面了

[root@rac2 ~]# /usr/local/nginx/sbin/nginx


歡迎關注我的微信公眾號"IT小Chen",共同學習,共同成長!!!

來自 “ ITPUB部落格 ” ,連結:http://blog.itpub.net/29785807/viewspace-2679873/,如需轉載,請註明出處,否則將追究法律責任。