文章目錄
- 前言
- 一、Keepalived 雙機熱備基礎
- 1.1、Keepalived 概述及安裝
- 1.1.1、Keepalived 的熱備方式
- 1.1.2、Keepalived 的安裝與服務控制
- 1.2、使用Keepalived 實作雙機熱備
- 1.2.1、主服務器的配置
- 1.2.2、備用服務器的配置
- 1.2.3、測驗雙機熱備功能
- 二、LVS+Keepalived 高可用群集 實戰部署
- 2.1、實驗環境
- 2.2、配置主調度器
- 2.2.1、調整/proc 回應引數
- 2.2.2、調整keepalived 引數
- 2.3、配置從調度器
- 2.3.1、調整/proc 回應引數
- 2.3.2、調整keepalived 引數
- 2.4、配置存盤服務器
- 2.5、配置節點服務器
- 2.5.1、配置虛擬IP地址(VIP)
- 2.5.2、調整/proc回應引數
- 2.5.3、安裝httpd 掛載測驗頁
- 2.6、實驗驗證
- 2.6.1、測驗主調度器
- 2.6.2、測驗從調度器
前言
在這個高度資訊化的IT時代,企業的生產系統、業務運營、銷售和支持,以及日常管理等環節越來越依賴于計算機資訊和服務,使得對高可用(HA)技術的應用需求大量上升,以便提供持續的、不間斷的計算機系統或網路服務,
使用Keepalived實作雙機熱備,包括針對IP地址的故障切換,以及在LVS高可用群集中的熱備應用,
一、Keepalived 雙機熱備基礎
1.1、Keepalived 概述及安裝
1.1.1、Keepalived 的熱備方式
Keepalived采用VRRP熱備份協議實作Linux服務器的多機熱備功能
VRRP,虛擬路由冗余協議,是針對路由器的一種備份解決方案
由多臺路由器組成一個熱備組,通過共用的虛擬IP地址對外提供服務
每個熱備組內同一時刻只有一臺主路由器提供服務,其他路由器處于冗余狀態
若當前在線的路由器失效,則其他路由器會根據設定的優先級自動接替虛擬IP地址,繼續提供服務
1.1.2、Keepalived 的安裝與服務控制
在LVS群集環境中應用時,也需用到 lipvsadm管理工具
YUM安裝 Keepalived
啟用 Keepalived服務
[root@localhost ~]# yum -y install keepalived ipvsadm
1.2、使用Keepalived 實作雙機熱備
Keepalived可實作多機熱備,每個熱備組可有多臺服務器,最常用的就是雙機熱備
雙機熱備的故障切換是由虛擬IP地址的漂移來實作,適用于各種應用服務器
本次部署將實作基于web服務的雙機熱備
1.2.1、主服務器的配置
Keepalievd配置目錄位于/etc/keepalievd/
keepalievd.conf是主組態檔
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs{…}區段指定全域引數
vrrp_instance實體名稱{…}區段指定VRRP熱備引數
注釋文字以“!”符號開頭
目錄samples/,提供了許多配置樣例作為參考
常用配置選項
router_id HA_TEST_R1: 本路由器(服務器)的名稱
vrrp_instance VI_1:定義VRRP熱備實體
state MASTER:熱備狀態,MASTER表示主服務器
interface ens33:承載VIP地址的物理介面
virtual_router_id 1:虛擬路由器的ID號,每個熱備組保持一致
priority 100:優先級,數值越大優先級越高
advert_int 1:通告間隔秒數(心跳頻率)
auth_type PASS:認證型別
auth_pass 123456:密碼字串
virtual_ipaddress{vip}:指定漂移地址(VIP),可以有多個,多個漂移地址以逗號分隔
確認配置沒有問題,啟動Keepalived服務,通過ip命令可以查看
[root@localhost keepalived]# systemctl start keepalived ####啟動keepalived
[root@localhost keepalived]# ip addr show dev ens33 ####查看主控制IP地址和漂移地址
1.2.2、備用服務器的配置
Keepalived備份服務器的配置與master的配置有三個選項不同
router_id:設為自由名稱
state:設為BACKUP
priority:值低于主服務器
其他選項與master相同
1.2.3、測驗雙機熱備功能
測驗雙機熱備的效果
主、備機均啟用Web服務,內容相同
先后禁用、啟用主服務器的網卡,執行以下測驗
測驗1:使用ping檢測19216810.72的連通性
測驗2:訪問htt:/192168.10.72,確認可用性及內容變化
測驗3:查看日志檔案/var/log/messages中的變化
二、LVS+Keepalived 高可用群集 實戰部署
2.1、實驗環境
VMware 5臺服務器
IP地址規劃:
漂移地址(VIP):192.168.100.100
主調度器:192.168.100.21
輔調度器:192.168.100.20
WEB服務器1:192.168.100.22
WEB服務器2:192.168.100.23
存盤服務器:192.168.100.24
2.2、配置主調度器
2.2.1、調整/proc 回應引數
[
root@localhost network-scripts]# vi /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
2.2.2、調整keepalived 引數
[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs {
router_id HA_TEST_R1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 1
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.100.100
}
}
virtual_server 192.168.100.100 80 {
delay_loop 15
lb_algo rr
lb_kind DR
persistence 60
protocol TCP
real_server 192.168.100.22 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
real_server 192.168.100.23 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
[root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# ip addr show dev ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:11:0d:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.21/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.100.100/32 brd 192.168.100.100 scope global noprefixroute ens33:0
valid_lft forever preferred_lft forever
inet6 fe80::3069:1a3d:774b:18f/64 scope link noprefixroute
valid_lft forever preferred_lft forever
2.3、配置從調度器
2.3.1、調整/proc 回應引數
[root@localhost network-scripts]# vi /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost network-scripts]# sysctl -p
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
2.3.2、調整keepalived 引數
[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs {
router_id HA_TEST_R2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 1
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.100.100
}
}
virtual_server 192.168.100.100 80 {
delay_loop 15
lb_algo rr
lb_kind DR
persistence 60
protocol TCP
real_server 192.168.100.22 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
real_server 192.168.100.23 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
[root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# ip addr show dev ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:48:b8:83 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.20/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::e438:b533:985e:cf94/64 scope link noprefixroute
valid_lft forever preferred_lft forever
2.4、配置存盤服務器
首先查看nfs-utils 和rpcbind 是否安裝,若沒有用yum安裝即可
安裝好后啟動兩個服務
[root@localhost ~]# systemctl start nfs
[root@localhost ~]# systemctl start rpcbind
[root@localhost ~]# mkdir /opt/51xit /opt/52xit
[root@localhost ~]# vi /etc/exports
/opt/51xit 192.168.100.0/24(rw,sync)
/opt/52xit 192.168.100.0/24(rw,sync)
[root@localhost ~]# systemctl restart rpcbind
[root@localhost ~]# systemctl restart nfs
[root@localhost ~]# systemctl enable nfs
[root@localhost ~]# systemctl enable rpcbind
[root@localhost ~]# echo "this is www.51xit.top" > /opt/51xit/index.html
[root@localhost ~]# echo "this is www.52xit.top" > /opt/52xit/index.html
2.5、配置節點服務器
2.5.1、配置虛擬IP地址(VIP)
防火墻和核心防護均關閉,查看是否安裝nfs-utils
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.100.100
NETMASK=255.255.255.255
ONBOOT=yes
[root@localhost network-scripts]# ifup lo:0
[root@localhost network-scripts]# ifconfig
省略部分內容
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.100.100 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
省略部分內容
[root@localhost network-scripts]# vi /etc/rc.local
/sbin/route add -host 192.168.100.100 dev lo:0
[root@localhost network-scripts]# route add -host 192.168.100.100 dev lo:0
2.5.2、調整/proc回應引數
[root@localhost network-scripts]# vi /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost network-scripts]# sysctl -p
前面配置兩臺節點服務器都一樣
2.5.3、安裝httpd 掛載測驗頁
下面分別掛載兩臺節點服務器
[root@localhost ~]# showmount -e 192.168.100.24
Export list for 192.168.100.24:
/opt/52xit 192.168.100.0/24
/opt/51xit 192.168.100.0/24
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# mount 192.168.100.24:/opt/51xit /var/www/html/
[root@localhost ~]# vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Thu Aug 6 12:23:03 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=a1c935eb-f211-43a5-be35-2a9fef1f6a89 /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
/dev/cdrom /mnt iso9660 defaults 0 0
192.168.100.24:/opt/51xit/ /var/www/html/ nfs defaults,_netdev 0 0
[root@localhost ~]# systemctl start httpd
測驗登錄是否正常
[root@localhost ~]# showmount -e 192.168.100.24
Export list for 192.168.100.24:
/opt/52xit 192.168.100.0/24
/opt/51xit 192.168.100.0/24
[root@localhost ~]# yum -y install httpd
[root@localhost ~]# mount 192.168.100.24:/opt/52xit /var/www/html/
[root@localhost ~]# vi /etc/fstab
#
# /etc/fstab
# Created by anaconda on Thu Aug 6 12:23:03 2020
#
# Accessible filesystems, by reference, are maintained under '/dev/disk'
# See man pages fstab(5), findfs(8), mount(8) and/or blkid(8) for more info
#
/dev/mapper/centos-root / xfs defaults 0 0
UUID=a1c935eb-f211-43a5-be35-2a9fef1f6a89 /boot xfs defaults 0 0
/dev/mapper/centos-swap swap swap defaults 0 0
/dev/cdrom /mnt iso9660 defaults 0 0
192.168.100.24:/opt/52xit/ /var/www/html/ nfs defaults,_netdev 0 0
[root@localhost ~]# systemctl start httpd
測驗登錄是否正常
2.6、實驗驗證
2.6.1、測驗主調度器
打開抓包工具,會發現192.168.100.21主調度器,一直在發VRRP報文
真機瀏覽器輸入192.168.100.100
等一分鐘重繪或者重新輸入
主調度器正常!!!
2.6.2、測驗從調度器
停止主服務器的keepadlive
[root@localhost keepalived]# systemctl stop keepalived
打開抓包工具,會發現192.168.100.20從調度器,一直在發VRRP報文
真機瀏覽器輸入192.168.100.100
等一分鐘重繪或者重新輸入
從調度器正常!!
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/124436.html
標籤:其他