参考链接(若读一下文章感到不适,移步)
LVS负责多台WEB端的负载均衡(LB);Keepalived负责LVS的高可用(HA)使用Keepalived为LVS调度器提供高可用功能,防止调度器单点故障,为用户提供Web服务:
-
LVS1调度器真实IP地址为192.168.37.52(MASTER)
-
LVS2调度器真实IP地址为192.168.37.53(BACKUP)
-
服务器VIP地址设置为192.168.37.60
-
真实Web服务器地址分别为192.168.37.51、192.168.37.52
实验拓扑图:
![在这里插入图片描述](https://img8.php1.cn/3cdc5/fe07/a6e/217c373c60165611.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L3FxXzM4NzQzNzI2,size_16,color_FFFFFF,t_70)
实验步骤:
实验准备:
配置yum源(自行解决或使用系统自带)
全局设置:
# systemctl stop firewalld.service //关闭防火墙
# systemctl disable firewalld.service //关闭开机自启
# firewall-cmd --state //查看
# setenforce 0 //设置SELinux 为宽松模式
- 安装软件
1.在两台Web主机上安装http 或(NGINX)这里我用http,配置WEB服务器 pc51 / pc52
#yum -y install httpd
#systemctl start httpd
#systemctl enable httpd
[root@web1 ~] #echo " 192.168.37.51 " > /var/www/html/index.html
[root@web2 ~] #echo " 192.168.37.52 " > /var/www/html/index.html
#cat lvs-web.sh
脚本内容
vip=192.168.37.60
mask='255.255.255.255'
dev=lo:1case $1 in
start)echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignoreecho 1 > /proc/sys/net/ipv4/conf/lo/arp_ignoreecho 2 > /proc/sys/net/ipv4/conf/all/arp_announceecho 2 > /proc/sys/net/ipv4/conf/lo/arp_announceifconfig $dev $vip netmask $mask #broadcast $vip up#route add -host $vip dev $devecho "The RS Server is Ready!";;
stop)ifconfig $dev downecho 0 > /proc/sys/net/ipv4/conf/all/arp_ignoreecho 0 > /proc/sys/net/ipv4/conf/lo/arp_ignoreecho 0 > /proc/sys/net/ipv4/conf/all/arp_announceecho 0 > /proc/sys/net/ipv4/conf/lo/arp_announceecho "The RS Server is Canceled!";;
*)echo "Usage: $(basename $0) start|stop"exit 1;;
esac# bash lvs-web.sh start //执行脚本完成配置
2.在LVS-1和LVS-2两台主机上安装ipvsadm和keepalived
# yum install ipvsadm keepalived -y
3.Keepalived配置详解
[root@lvs1 ~]# vim /etc/keepalived/keepalived.conf // Master配置好的信息如下
! Configuration File for keepalived
notification_email { #邮件通知机制,当keepalived发生故障时,进行发邮件通知root@localhost.com #可以将其修改也可以将其改为本机}notification_email_from root@localhost.com #邮件从哪里发出去smtp_server 127.0.0.1 #本机的smtp服务器地址smtp_connect_timeout 30 #smtp的连接超时时长router_id n1 #虚拟路由的表示符一般写本机,确保每个节点都不相同vrrp_skip_check_localhostadv_addr #跳过检查数据报文,默认会检查。vrrp_strict #严格遵循vrrp协议,没有vip,单播地址,ipv6地址将无法启动vrrp_iptables #不生成iptables规则vrrp_mcast_group4 224.0.0.18 #组播,默认情况下向224.0.0.18发送组播消息vrrp_garp_interval 0 #arp报文发送延迟vrrp_gna_interval 0 #消息发送延迟}vrrp_instance VI_1 { state MASTER ## LVS-1配置了为主,另外一台LVS-2配置为BACKUPinterface ens33 ## 注意匹配网卡名virtual_router_id 51 ## 虚拟路由ID(0-255),在一个VRRP实例中主备服务器ID必须一样priority 100 ## 优先级值设定:MASTER要比BACKUP的值大advert_int 3 ## 通告时间间隔:单位秒,主备要一致authentication { ##认证机制auth_type PASS ## 默认PASS; 有两种:PASS或AH auth_pass 1111 ## 默认1111; 可多位字符串,但仅前8位有效}virtual_ipaddress {192.168.37.60 dev ens33 label ens33:0 //VIP地址## 虚拟IP;可多个,写法为每行一个}
}
virtual_server 192.168.37.60 80 {delay_loop 3 ## 设置健康状态检查时间lb_algo rr ## 调度算法,这里用了rr轮询算法,便于后面测试查看lb_kind DR ## 这里测试用了Direct Route 模式,# persistence_timeout 1 ## 持久连接超时时间,先注释掉,不然在单台上测试时,全部会被lvs调度到其中一台Real Serverprotocol TCPreal_server 192.168.37.50 80 {weight 1TCP_CHECK {connect_timeout 10 ##设置响应超时时间nb_get_retry 3 ##设置超时重试次数delay_before_retry 3 ##设置超时重试间隔时间connect_port 80}}real_server 192.168.37.51 80 {weight 1TCP_CHECK {connect_timeout 10nb_get_retry 3delay_before_retry 3connect_port 80}}
}
[root@lvs2 ~]# vim /etc/keepalived/keepalived.conf //同样,修改BACKUP上的配置文件,如下! Configuration File for keepalivedglobal_defs {router_id LVS
}vrrp_instance VI_1 {state BACKUPinterface ens33virtual_router_id 51priority 80advert_int 3authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.37.60 dev ens33 label ens33:0}
}
virtual_server 192.168.37.60 80 {delay_loop 3lb_algo rrlb_kind DR# persistence_timeout 1protocol TCPreal_server 192.168.37.50 80 {weight 1TCP_CHECK {connect_timeout 10nb_get_retry 3delay_before_retry 3connect_port 80}}real_server 192.168.37.51 80 {weight 1TCP_CHECK {connect_timeout 10nb_get_retry 3delay_before_retry 3connect_port 80}}
}
启动keepalived
# systemctl start keepalived
# systemctl enable keepalived
# ip a |grep ens33:0 //查看vip
#ipvsadm -Ln //服务器表
客户端测试
#curl 192.168.37.60 //或下面的方法
# while true ; do curl 1192.168.37.60; sleep 1;done //每秒执行一次curl 192.168.37.60