- 傳統LVS的缺陷
- Keepalived工具介紹
- 1.專為LVS和HA設計的一款健康檢查工具
- 2.Keepalived實作原理剖析
- 3.Keepalived實作原理剖析
- 4.Keepalived的實際應用
- Keepalived安裝與啟動
- 1.環境部署
- 2.配置Keepalived master服務器
- 2.1.常用配置選項
- 3.配置Keepalived slave服務器
- LVS+keepalived群集介紹
- 1.主要優勢
- 2.測驗群集
- 案例實操
- 實驗拓撲
- 實驗操作
- 一、配置主服務器
- 1.調整/proc回應引數
- 2.安裝ipvsadm和 keepalived程式
- 3.清除負載分配策略
- 4.調整keepalived引數
- 5.開啟keepalived服務
- 6.查看負載均衡策略
- 二、配置備調度服務器
- 1.調整/proc回應引數
- 2.安裝ipvsadm和 keepalived程式
- 3.清除負載分配策略
- 4.調整keepalived引數
- 5.開啟keepalived服務
- 6.查看負載均衡策略
- 三、.搭建共享儲存
- 四、配置web1服務器
- 1.添加lo:0虛擬網卡VIP地址
- 2.調整/proc回應引數
- 3.設定本地路由
- 4.掛載nfs共享儲存
- 5.測驗掛載狀況,測驗無誤
- 五、配置web2服務器
- 1.添加lo:0虛擬網卡VIP地址
- 2.調整/proc回應引數
- 3.設定本地路由
- 4.掛載nfs共享儲存
- 5.測驗掛載狀況,測驗無誤
- 六、群集測驗
- 1.測驗LVS輪詢狀況,兩次登入,查看負載分配是否正常,輪詢為輪流查看web服務器的資料
- 2.測驗keepalived狀況
傳統LVS的缺陷
- 企業應用中,單臺服務器承擔應用存在單點故障的危險
- 單點故障一旦發生,企業服務將發生中斷,造成極大的危害
Keepalived工具介紹
1.專為LVS和HA設計的一款健康檢查工具
- 支持故障自動切換(Failover)
- 支持節點健康狀態檢查(Health Checking)
- 官方網站: http://www.keepalived.orgl
- 目前多使用2.0以上版本
2.Keepalived實作原理剖析
- Keepalived采用VRRP熱備份協議
- 實作Linux服務器的多機熱備功能
3.Keepalived實作原理剖析
- VRRP(虛擬路由冗余協議)是針對路由器的一種備份解決方案
- 由多臺路由器組成一個熱備組,通過共用的虛擬IP地址對外提供服務
- 每個熱備組內同時只有一臺主路由器提供服務,其他路由器處于冗余狀態
- 若當前在線的路由器失效,則其他路由器會根據設定的優先級自動接替虛擬IP地址,繼續提供服務
4.Keepalived的實際應用
-
Keepalived可實作多機熱備,每個熱備組可有多臺服務器
-
雙機熱備的故障切換是由虛擬IP地址的漂移來實作,適用于各種應用服務器
-
實作基于Web服務的雙機熱備
- 漂移地址:192.168.10.72
- 主、備服務器:192.168.10.73、192.168.10.74
- 提供的應用服務:Web
Keepalived安裝與啟動
1.環境部署
- 在LVS群集環境中應用時,也需用到ipvsadm管理工具
- YUM安裝Keepalived
- 啟用Keepalived服務
2.配置Keepalived master服務器
Keepalived配置目錄位于letc/keepalivedl
keepalived.conf是主組態檔
- global_defs {…}區段指定全域引數
- vrrp_instance 實體名稱{…}區段指定VRRP熱備引數
- 注釋文字以"!"符號開頭
- 目錄samples,提供了許多配置樣例作為參考
2.1.常用配置選項
- router_id HA_TEST_R1:本路由器(服務器)的名稱
- vrrp_instance Vl_1:定義VRRP熱備實體
- state MASTER:熱備狀態,MASTER表示主服務器
- interface ens33:承載VIP地址的物理介面
- virtual_router_id 1 :虛擬路由器的ID號,每個熱備組保持一致
- priority 100:優先級,數值越大優先級越高
- advert_int 1:通告間隔秒數(心跳頻率)
- auth_type PASS:認證型別
- auth_pass 123456:,密碼字串
- virtual_ipaddress { vip}:指定漂移地址(VIP),可以有多個
3.配置Keepalived slave服務器
Keepalived備份服務器的配置與master的配置有三個選項不同
- router_id:設為自有名稱
- state:設為BACKUP
- priority:值低于主服務器
LVS+keepalived群集介紹
- Keepalived的設計目標是構建高可用的LVS負載均衡群集,可以呼叫ipvsadm工具來創建虛擬服務器、管理服務器池,而不僅僅用作雙機熱備
- 使用Keepalived構建LVS群集更加簡便易用
1.主要優勢
- 對LVS負載調度器實作熱備切換,提高可用性
- 對服務器池中的節點進行健康檢查,自動移除失效節點,
- 恢復后再重新加入
2.測驗群集
- 通過主、從調度器的/varllog/messages日志檔案,可以跟蹤故障切換程序
- 可執行“ipvsadm -ln” ."ipvsadm -lnc”等操作命令查看負載分配情況
案例實操
實驗拓撲
實驗操作
一、配置主服務器
1.調整/proc回應引數
[root@localhost ~]# vi /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]# sysctl -p //生效優化的配置
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
2.安裝ipvsadm和 keepalived程式
[root@localhost ~]# yum -y install ipvsadm keepalived
3.清除負載分配策略
[root@localhost ~]# ipvsadm -C
4.調整keepalived引數
[root@localhost keepalived]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.confbak
[root@localhost keepalived]# vim keepalived.conf
global_defs {
router_id HA_TEST_R1
}
state MASTER
interface ens33
virtual_router_id 1
priority 100
auth_type PASS
auth_pass 123456
virtual_ipaddress {
192.168.30.100
}
}
lb_algo rr
lb_kind DR
persistence 60
protocol TCP
real_server 192.168.30.22 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
real_server 192.168.30.33 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
下面是上述腳本解釋
global_defs {
router_id HA_TEST_R1 ####本路由器的服務器名稱 HA_TEST_R1
}
vrrp_instance VI_1 { ####定義VRRP熱備實列
state MASTER ####熱備狀態,master表示主服務器
interface ens33 ####表示承載VIP地址的物理介面
virtual_router_id 1 ####虛擬路由器的ID號,每個熱備組保持一致
priority 100 ####優先級,優先級越大優先級越高
advert_int 1 ####通告間隔秒數(心跳頻率)
authentication { ####認證資訊,每個熱備組保持一致
auth_type PASS ####認證型別
auth_pass 123456 ####認證密碼
}
virtual_ipaddress { ####漂移地址(VIP),可以是多個
192.168.100.10
}
}
virtual_server 192.168.100.10 80 { ####虛擬服務器地址(VIP)、埠
delay_loop 15 ####健康檢查的時間間隔(秒)
lb_algo rr ####輪詢調度演算法
lb_kind DR ####直接路由(DR)群集作業模式
persistence 60 ####連接保持時間(秒),若啟用請去掉!號
protocol TCP ####應用服務采用的是TCP協議
real_server 192.168.100.42 80 { ####第一個WEB站點的地址,埠
weight 1 ####節點的權重
TCP_CHECK { ####健康檢查方式
connect_port 80 ####檢查埠目標
connect_timeout 3 ####連接超時(秒)
nb_get_retry 3 ####重試次數
delay_before_retry 4 ####重試間隔(秒)
}
}
5.開啟keepalived服務
[root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@localhost keepalived]# ip addr show dev ens33 //查看ens33地址,開啟keepalived服務后自動生成VIP地址,不需要手動配置
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:2e:3b:31 brd ff:ff:ff:ff:ff:ff
inet 192.168.30.10/24 brd 192.168.30.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.30.100/32 scope global ens33 ##這里可以看到VIP地址了
……省略部分
6.查看負載均衡策略
[root@localhost ~]# ipvsadm -ln //策略自動添加
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.30.100:80 rr
-> 192.168.30.22:80 Route 1 0 0
-> 192.168.30.33:80 Route 1 0 0
二、配置備調度服務器
1.調整/proc回應引數
[root@localhost ~]# vi /etc/sysctl.conf
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]# sysctl -p //生效優化的配置
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
2.安裝ipvsadm和 keepalived程式
[root@localhost ~]# yum -y install ipvsadm keepalived
3.清除負載分配策略
[root@localhost ~]# ipvsadm -C
4.調整keepalived引數
[root@localhost keepalived]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.confbak
[root@localhost keepalived]# vim keepalived.conf
global_defs {
router_id HA_TEST_R2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 1
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.30.100
}
}
virtual_server 192.168.30.100 80 {
delay_loop 15
lb_algo rr
lb_kind DR
persistence 60
protocol TCP
real_server 192.168.30.22 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
real_server 192.168.30.33 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
下面是上述腳本解釋
global_defs {
router_id HA_TEST_R2 ####本路由器的服務器名稱 HA_TEST_R2
}
vrrp_instance VI_1 { ####定義VRRP熱備實列
state BACKUP ####熱備狀態,backup表示輔服務器
interface ens33 ####表示承載VIP地址的物理介面
virtual_router_id 1 ####虛擬路由器的ID號,每個熱備組保持一致
priority 99 ####優先級,優先級越大優先級越高
advert_int 1 ####通告間隔秒數(心跳頻率)
authentication { ####認證資訊,每個熱備組保持一致
auth_type PASS ####認證型別
auth_pass 123456 ####認證密碼
}
virtual_ipaddress { ####漂移地址(VIP),可以是多個
192.168.100.10
}
}
5.開啟keepalived服務
root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@localhost keepalived]# ip addr show dev ens33 //現在是查看不到VIP地址的,因為是備選服務器
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:e5:5e:bb brd ff:ff:ff:ff:ff:ff
inet 192.168.30.11/24 brd 192.168.30.255 scope global noprefixroute ens33
……省略部分
6.查看負載均衡策略
[root@localhost ~]# ipvsadm -ln //策略自動添加
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.30.100:80 rr
-> 192.168.30.22:80 Route 1 0 0
-> 192.168.30.33:80 Route 1 0 0
[root@localhost ~]# tail -f /var/log/messages //查看日志可以觀察負載情況
三、.搭建共享儲存
[root@localhost ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.30.44 netmask 255.255.255.0 broadcast 192.168.30.255
inet6 fe80::a52a:406e:6512:1c66 prefixlen 64 scopeid 0x20<link>
[root@localhost ~]# route -n //查看路由表,看網關
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.30.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
[root@localhost ~]# rpm -q nfs-utils //查看nfs是否安裝
nfs-utils-1.3.0-0.61.el7.x86_64
[root@localhost ~]# rpm -q rpcbind //查看rpcbind是否安裝
rpcbind-0.2.0-47.el7.x86_64
[root@localhost ~]# yum -y install nfs-utils //確實安裝了
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Package 1:nfs-utils-1.3.0-0.61.el7.x86_64 already installed and latest version
Nothing to do
[root@localhost ~]# yum -y install rpcbind //安裝遠程呼叫
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
Package rpcbind-0.2.0-47.el7.x86_64 already installed and latest version
Nothing to do
[root@localhost ~]# systemctl start nfs //啟動nfs
[root@localhost ~]# systemctl enable nfs //設定開機自啟
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
[root@localhost ~]# systemctl start rpcbind
[root@localhost ~]# systemctl enable rpcbind
[root@localhost ~]# vi /etc/exports //設定共享名單
/opt/web1 192.168.30.0/24(rw,sync)
/opt/web2 192.168.30.0/24(rw,sync)
[root@localhost ~]# systemctl restart nfs
[root@localhost ~]# systemctl restart rpcbind
[root@localhost ~]# showmount -e //查看共享目錄
Export list for localhost.localdomain:
/opt/web2 192.168.30.0/24
/opt/web1 192.168.30.0/24
[root@localhost web2]# exportfs -vr
exporting 192.168.30.0/24:/opt/web2
exporting 192.168.30.0/24:/opt/web1
[root@localhost ~]# mkdir /opt/web1/ /opt/web1/
[root@localhost ~]# vi /opt/web1/index.html //制作web1的網頁
<html>
<title>I'm Web1</title>
<body><h1>I'm Web1</h1></body>
<img src="web1.jpg" />
</html>
[root@localhost ~]# vi /opt/web2/index.html //制作web2的網頁
<html>
<title>I'm Web2</title>
<body><h1>I'm Web2</h1></body>
<img src="web2.png" />
</html>
四、配置web1服務器
1.添加lo:0虛擬網卡VIP地址
[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-enslo:0
DEVICE=lo:0
IPADDR=192.168.30.100
NETMASK=255.255.255.255
ONBOOT=yes
[root@localhost network-scripts]# ifup lo:0 //開啟lo:0網卡
[root@localhost network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.30.33 netmask 255.255.255.0 broadcast 192.168.30.255
……省略部分
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.30.100 netmask 255.255.255.255
2.調整/proc回應引數
[root@localhost network-scripts]# vi /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@mysql2 network-scripts]# sysctl -p //生效引數
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
3.設定本地路由
[root@localhost network-scripts]# vi /etc/rc.local //設定開機項
/sbin/route add -host 192.168.30.100 dev lo:0 //添加VIP到本地路由,即直連路由
[root@localhost network-scripts]# route add -host 192.168.30.100 dev lo:0
[root@mysql2 network-scripts]# route -n //查看路由表,VIP添加成功
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.30.11 0.0.0.0 UG 100 0 0 ens33
192.168.30.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.30.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
4.掛載nfs共享儲存
[root@localhost ~]# yum -y install nfs-utils
[root@localhost ~]# showmount -e 192.168.30.44 //若查看不到,可能是nfs服務器發布失敗,去nfs服務器再次發布一下:exportsfs
Export list for 192.168.30.44:
/opt/web2 192.168.30.0/24
/opt/web1 192.168.30.0/24
[root@mysql2 ~]# yum -y install httpd
[root@mysql2 ~]# systemctl start httpd
[root@mysql2 ~]# systemctl enable httpd
[root@localhost html]# vi /etc/fstab
192.168.30.44:/opt/web1 /var/www/html nfs defaults,_netdev 0 0
[root@localhost html]# mount 192.168.30.44:/opt/web1 /var/www/html/
5.測驗掛載狀況,測驗無誤
五、配置web2服務器
1.添加lo:0虛擬網卡VIP地址
[root@localhost html]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]#cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vi ifcfg-enslo:0
DEVICE=lo:0
IPADDR=192.168.30.100
NETMASK=255.255.255.255
ONBOOT=yes
[root@localhost network-scripts]# systemctl restart network
[root@localhost network-scripts]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.30.22 netmask 255.255.255.0 broadcast 192.168.30.255
……省略部分
lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 192.168.30.100 netmask 255.255.255.255
2.調整/proc回應引數
[root@localhost network-scripts]# vi /etc/sysctl.conf
########插入下面配置,解決ARP映射問題引數
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@mysql2 network-scripts]# sysctl -p //生效配置
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
3.設定本地路由
[root@localhost network-scripts]# vi /etc/rc.local
/sbin/route add -host 192.168.30.100 dev lo:0 //添加VIP本地訪問路由
[root@localhost network-scripts]# route add -host 192.168.30.100 dev lo:0
[root@mysql2 network-scripts]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.30.11 0.0.0.0 UG 100 0 0 ens33
192.168.30.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
192.168.30.100 0.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
4.掛載nfs共享儲存
[root@localhost ~]# yum -y install nfs-utils
[root@localhost ~]# showmount -e 192.168.30.44 //若查看不到,可能是nfs服務器發布失敗,去nfs服務器再次發布一下:exportsfs
Export list for 192.168.30.44:
/opt/web2 192.168.30.0/24
/opt/web1 192.168.30.0/24
[root@mysql2 ~]# yum -y install httpd
[root@mysql2 ~]# systemctl start httpd
[root@mysql2 ~]# systemctl enable httpd
[root@localhost html]# vi /etc/fstab
192.168.30.44:/opt/web1 /var/www/html nfs defaults,_netdev 0 0
[root@localhost html]# mount 192.168.30.44:/opt/web1 /var/www/html/
5.測驗掛載狀況,測驗無誤
六、群集測驗
1.測驗LVS輪詢狀況,兩次登入,查看負載分配是否正常,輪詢為輪流查看web服務器的資料
2.測驗keepalived狀況
2.1、登入網頁并抓包在兩臺調度服務器都在線的情況下,抓取到主服務器發出的VRRP報文
ping通VIP地址,并查看ARP表對應的MAC地址資訊,此時為master的MAC地址
2.2,關閉master的keepalived功能,再次測驗,由備服務器發出報文
再次ping通VIP地址,并查看ARP表對應的MAC地址資訊,此時已經轉變成Backup備服務器的MAC地址了
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/128749.html
標籤:其他
上一篇:大神們,本人急需一個基于3次B樣條小波用于弱目標檢測的MATLAB程式,自己加圖片就能運行那種,濾波降噪分解重構全的,酬勞可談急