显然,只有上一篇的操作,在WEB运维技术中,只能承担一半的角色。
想像一下,如何LVS本身倒了,肿么办?后端的NGINX再多,也只能是干着急,请求过来不呀!
所以,在本篇时,我们来实现LVS永不倒,
其实现的关键技术,就是keepalived + lvs的套装组件。
Keepalived软件起初是专为LVS负载均衡VRRP是Virtual Router Redundancy Protocol(虚拟路由冗余协议)的缩写,VRRP出现的目的就是为了解决静态路由的单点故障问题的,它能保证当个别节点宕机时,整个网络可以不间断地运行。软件设计的,用来管理并监控LVS集群系统中各个服务节点的状态,后来又加入了可以实现高可用的VRRP功能。因此,keepalived除了能够管理LVS软件外,还可以作为其他服务的高可用解决方案软件。
使用keepalived就不用手动配置启动lvs,在主、备lvs上启动keepalived即可。
keepalived是一个类似于layer3, 4 & 5交换机制的软件,也就是我们平时说的第3层、第4层和第5层交换。Keepalived是自动完成,不需人工干涉。
vip:192.168.1.100
lvs-director:192.168.1.111 主lvs
lvs-director:192.168.1.112 备lvs
nginx:192.168.1.113 安装nginx
yum install keepalived
! Configuration File for keepalived global_defs { notification_email { #acassen@firewall.loc #failover@firewall.loc #sysadmin@firewall.loc } #notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state MASTER # 主的Master interface enp0s3 # 绑定端口 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.100 } } virtual_server 192.168.1.100 80 { delay_loop 6 lb_algo rr # 轮询 lb_kind DR # 直接路由 persistence_timeout 0 protocol TCP real_server 192.168.1.113 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
systemctl start keepalived
2: enp0s3:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 08:00:27:47:b2:29 brd ff:ff:ff:ff:ff:ff inet 192.168.1.111/24 brd 192.168.1.255 scope global enp0s3 valid_lft forever preferred_lft forever inet 192.168.1.100/32 scope global enp0s3 valid_lft forever preferred_lft forever inet6 fe80::ba94:f4bb:84eb:30cb/64 scope link valid_lft forever preferred_lft forever
此时,VIP在Master上。
IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.100:80 rr -> 192.168.1.113:80 Route 1 0 0
yum install keepalived
! Configuration File for keepalived global_defs { notification_email { #acassen@firewall.loc #failover@firewall.loc #sysadmin@firewall.loc } #notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state BACKUP # 备份 Backup interface enp0s3 #绑定端口 virtual_router_id 51 priority 99 # 比master要小 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.1.100 } } virtual_server 192.168.1.100 80 { delay_loop 6 lb_algo rr # 轮询算法 lb_kind DR # 调度模式 persistence_timeout 50 protocol TCP real_server 192.168.1.113 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
systemctl start keepalived
2: enp0s3:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 08:00:27:54:7b:f2 brd ff:ff:ff:ff:ff:ff inet 192.168.1.112/24 brd 192.168.1.255 scope global enp0s3 valid_lft forever preferred_lft forever inet6 fe80::9dd2:6328:839d:32c0/64 scope link valid_lft forever preferred_lft forever
此时,VIP不在Backup上。(ipvsadm本也没有记录的,但我测试停过master,所以这里有记录)
IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.1.100:80 rr persistent 50 -> 192.168.1.113:80 Route 1 0 0
ifconfig lo:0 192.168.1.100 netmask 255.255.255.255 broadcast 192.168.1.100 /sbin/route add -host 192.168.1.100 dev lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p >/dev/null 2>&1
其实,也可以弄成一个脚本,实现服务启停的。
SNS_VIP=192.168.1.100 #一定要记得更改为自己的IP噢 /etc/rc.d/init.d/functions case "$1" in start) ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP /sbin/route add -host $SNS_VIP dev lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p >/dev/null 2>&1 echo "RealServer Start OK" ;; stop) ifconfig lo:0 down route del $SNS_VIP >/dev/null 2>&1 echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce echo "RealServer Stoped" ;; *) echo "Usage: $0 {start|stop}" exit 1 esac exit 0
systemctl start nginx
2: enp0s3:mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 08:00:27:54:7b:f2 brd ff:ff:ff:ff:ff:ff inet 192.168.1.112/24 brd 192.168.1.255 scope global enp0s3 valid_lft forever preferred_lft forever inet 192.168.1.100/32 scope global enp0s3 valid_lft forever preferred_lft forever inet6 fe80::9dd2:6328:839d:32c0/64 scope link valid_lft forever preferred_lft forever