LVS+Keepalived 高可用群集(理論+實戰部署)
前言
在這個高度資訊化的IT時代,企業的生產系統、業務運營、銷售和支援,以及日常管理等環節越來越依賴於計算機資訊和服務,使得對高可用(HA)技術的應用需求大量上升,以便提供持續的、不間斷的計算機系統或網路服務。
使用Keepalived實現雙機熱備,包括針對IP地址的故障切換,以及在LVS高可用群集中的熱備應用。
一、Keepalived 雙機熱備基礎
1.1、Keepalived 概述及安裝
1.1.1、Keepalived 的熱備方式
Keepalived採用VRRP熱備份協議實現Linux伺服器的多機熱備功能
VRRP,虛擬路由冗餘協議,是針對路由器的一種備份解決方案
由多臺路由器組成一個熱備組,通過共用的虛擬IP地址對外提供服務
每個熱備組內同一時刻只有一臺主路由器提供服務,其他路由器處於冗餘狀態
若當前線上的路由器失效,則其他路由器會根據設定的優先順序自動接替虛擬IP地址,繼續提供服務
1.1.2、Keepalived 的安裝與服務控制
在LVS群集環境中應用時,也需用到 lipvsadm管理工具
YUM安裝 Keepalived
啟用 Keepalived服務
[root@localhost ~]# yum -y install keepalived ipvsadm
1.2、使用Keepalived 實現雙機熱備
Keepalived可實現多機熱備,每個熱備組可有多臺伺服器,最常用的就是雙機熱備
雙機熱備的故障切換是由虛擬IP地址的漂移來實現,適用於各種應用伺服器
本次部署將實現基於web服務的雙機熱備
1.2.1、主伺服器的配置
Keepalievd配置目錄位於/etc/keepalievd/
keepalievd.conf是主配置檔案
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs{…}區段指定全域性引數
vrrp_instance例項名稱{…}區段指定VRRP熱備引數
註釋文字以“!”符號開頭
目錄samples/,提供了許多配置樣例作為參考
常用配置選項
router_id HA_TEST_R1: 本路由器(伺服器)的名稱
vrrp_instance VI_1:定義VRRP熱備例項
state MASTER:熱備狀態,MASTER表示主伺服器
interface ens33:承載VIP地址的物理介面
virtual_router_id 1:虛擬路由器的ID號,每個熱備組保持一致
priority 100:優先順序,數值越大優先順序越高
advert_int 1:通告間隔秒數(心跳頻率)
auth_type PASS:認證型別
auth_pass 123456:密碼字串
virtual_ipaddress{vip}:指定漂移地址(VIP),可以有多個,多個漂移地址以逗號分隔
確認配置沒有問題,啟動Keepalived服務,通過ip命令可以檢視
[root@localhost keepalived]# systemctl start keepalived ####啟動keepalived
[root@localhost keepalived]# ip addr show dev ens33 ####檢視主控制IP地址和漂移地址
1.2.2、備用伺服器的配置
Keepalived備份伺服器的配置與master的配置有三個選項不同
router_id:設為自由名稱
state:設為BACKUP
priority:值低於主伺服器
其他選項與master相同
1.2.3、測試雙機熱備功能
測試雙機熱備的效果
主、備機均啟用Web服務,內容相同
先後禁用、啟用主伺服器的網路卡,執行以下測試
測試1:使用ping檢測19216810.72的連通性
測試2:訪問htt:/192168.10.72,確認可用性及內容變化
測試3:檢視日誌檔案/var/log/messages中的變化
二、LVS+Keepalived 高可用群集 實戰部署
2.1、實驗環境
VMware 5臺伺服器
IP地址規劃:
漂移地址(VIP):192.168.100.100
主排程器:192.168.100.21
輔排程器:192.168.100.20
WEB伺服器1:192.168.100.22
WEB伺服器2:192.168.100.23
儲存伺服器:192.168.100.24
2.2、配置主排程器
2.2.1、調整/proc 響應引數
[
root@localhost network-scripts]# vi /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
2.2.2、調整keepalived 引數
[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs {
router_id HA_TEST_R1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 1
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.100.100
}
}
virtual_server 192.168.100.100 80 {
delay_loop 15
lb_algo rr
lb_kind DR
persistence 60
protocol TCP
real_server 192.168.100.22 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
real_server 192.168.100.23 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
[root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# ip addr show dev ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:11:0d:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.21/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.100.100/32 brd 192.168.100.100 scope global noprefixroute ens33:0
valid_lft forever preferred_lft forever
inet6 fe80::3069:1a3d:774b:18f/64 scope link noprefixroute
valid_lft forever preferred_lft forever
2.3、配置從排程器
2.3.1、調整/proc 響應引數
[root@localhost network-scripts]# vi /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
2.3.2、調整keepalived 引數
[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs {
router_id HA_TEST_R2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 1
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.100.100
}
}
virtual_server 192.168.100.100 80 {
delay_loop 15
lb_algo rr
lb_kind DR
persistence 60
protocol TCP
real_server 192.168.100.22 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
real_server 192.168.100.23 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
[root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# ip addr show dev ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:48:b8:83 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.20/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::e438:b533:985e:cf94/64 scope link noprefixroute
valid_lft forever preferred_lft forever
2.4、配置儲存伺服器
首先檢視nfs-utils 和rpcbind 是否安裝,若沒有用yum安裝即可
安裝好後啟動兩個服務
[root@localhost ~]# systemctl start nfs
[root@localhost ~]# systemctl start rpcbind
[root@localhost ~]# mkdir /opt/51xit /opt/52xit
[root@localhost ~]# vi /etc/exports
/opt/51xit 192.168.100.0/24(rw,sync)
/opt/52xit 192.168.100.0/24(rw,sync)
[root@localhost ~]# systemctl restart rpcbind
[root@localhost ~]# systemctl restart nfs
[root@localhost ~]# systemctl enable nfs
[root@localhost ~]# systemctl enable rpcbind
[root@localhost ~]# echo "this is www.51xit.top" > /opt/51xit/index.html
[root@localhost ~]# echo "this is www.52xit.top" > /opt/52xit/index.html
2.5、配置節點伺服器
2.5.1、配置虛擬IP地址(VIP)
防火牆和核心防護均關閉,檢視是否安裝nfs-utils
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.100
NETMASK=255.255.255.255
ONBOOT=yes
[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# ifconfig
省略部分內容
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.100.100 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
省略部分內容
[root@localhost network-scripts]# vi /etc/rc.local
/sbin/route add -host 192.168.100.100 dev lo:0
[root@localhost network-scripts]# route add -host 192.168.100.100 dev lo:0
2.5.2、調整/proc響應引數
[root@localhost network-scripts]# vi /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost network-scripts]# sysctl -p
前面配置兩臺節點伺服器都一樣
2.5.3、安裝httpd 掛載測試頁
下面分別掛載兩臺節點伺服器
[root@localhost ~]# showmount -e 192.168.100.24
Export list for 192.168.100.24:
/opt/52xit 192.168.100.0/24
/opt/51xit 192.168.100.0/24
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# mount 192.168.100.24:/opt/51xit /var/www/html/
[root@localhost ~]# vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Thu Aug 6 12:23:03 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=a1c935eb-f211-43a5-be35-2a9fef1f6a89 /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
/dev/cdrom /mnt iso9660 defaults 0 0
192.168.100.24:/opt/51xit/ /var/www/html/ nfs defaults,_netdev 0 0
[root@localhost ~]# systemctl start httpd
測試登入是否正常
[root@localhost ~]# showmount -e 192.168.100.24
Export list for 192.168.100.24:
/opt/52xit 192.168.100.0/24
/opt/51xit 192.168.100.0/24
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# mount 192.168.100.24:/opt/52xit /var/www/html/
[root@localhost ~]# vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Thu Aug 6 12:23:03 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=a1c935eb-f211-43a5-be35-2a9fef1f6a89 /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
/dev/cdrom /mnt iso9660 defaults 0 0
192.168.100.24:/opt/52xit/ /var/www/html/ nfs defaults,_netdev 0 0
[root@localhost ~]# systemctl start httpd
測試登入是否正常
2.6、實驗驗證
2.6.1、測試主排程器
開啟抓包工具,會發現192.168.100.21主排程器,一直在發VRRP報文
真機瀏覽器輸入192.168.100.100
等一分鐘重新整理或者重新輸入
主排程器正常!!!
2.6.2、測試從排程器
停止主伺服器的keepadlive
[root@localhost keepalived]# systemctl stop keepalived
開啟抓包工具,會發現192.168.100.20從排程器,一直在發VRRP報文
真機瀏覽器輸入192.168.100.100
等一分鐘重新整理或者重新輸入
從排程器正常!!
相關文章
- LVS+Keepalived高可用群集
- LVS+keepalived高可用
- LVS+Keepalived群集
- LVS+Keepalived 實現高可用負載均衡負載
- MySQL——MHA高可用群集部署及故障測試MySql
- MySQL高可用群集MHA部署及故障測試分析MySql
- Pfsense HA(高可用性群集)
- Kubernetes實戰:高可用叢集的搭建和部署
- nt高可用部署
- springcloud-高可用部署SpringGCCloud
- 高可用(keepalived)部署方案
- RocketMQ實戰系列從理論到實戰MQ
- LVS負載均衡群集概念、NAT模式LVS負載均衡實戰部署負載模式
- 以太坊開發實戰學習-高階Solidity理論 (五)Solid
- keeplied + nginx +tomcat 高可用部署NginxTomcat
- Spark Standalone模式 高可用部署Spark模式
- Keepalived高可用叢集部署
- Canal高可用架構部署架構
- 實現高可用的兩種方案與實戰
- Tensorflow-keras 理論 & 實戰Keras
- 官方工具|MySQL Router 高可用原理與實戰MySql
- Nginx + Keepalived 高可用叢集部署Nginx
- Spring Cloud 實戰二:Client的建立和高可用SpringCloudclient
- MongoDB高階應用之高可用方案實戰(4)MongoDB
- LVS和keepalived高可用叢集部署
- kubeadm部署Kubernetes1.13.3高可用版本
- Zabbix 6.0:原生高可用(HA)方案部署
- CapitalOne - Artifactory高可用叢集的自動化部署實踐API
- 阿里雲Polardb國產資料庫高可用部署實踐阿里資料庫
- 分散式事務理論加實戰分散式
- 伺服器群集—LVS負載均衡群集(LVS-NAT部署)伺服器負載
- kubernetes 1.15.1 高可用部署 -- 從零開始
- Kafka高可用叢集部署與配置指南Kafka
- Gitlab倉庫管理系統-高可用部署Gitlab
- 部署Kubernetes v1.22.10高可用叢集
- 在Rainbond上部署高可用Apollo叢集AI
- 基於 Rainbond 部署 DolphinScheduler 高可用叢集AI
- kubeadm部署高可用版Kubernetes1.21[更新]