封尘网

让学习成为一种习惯!

keepalived+LVS

keepalived+LVS高可用架构

一、准备工作

  1. 服务器、操作系统(当前CentOS6.5 x86_64)
    操作系统:CentOS6.5 x86_64
    服务器 (LVS主备各1台,WEB服务器3台)

Nginx负载虚拟IP:10.0.10.20
LVS主:10.0.10.130
LVS备:10.0.10.131
VIP:10.0.10.20
Nginx-01: 10.0.10.132
Nginx-02: 10.0.10.133
Nginx-03: 10.0.10.134

2.关闭SELinux(改完需重启服务器);

关闭SELinux

sed -i 's#^SELINUX=.*#SELINUX=disabled#' /etc/sysconfig/selinux
  1. Iptables关闭

重启服务器: reboot

二、LVS主机安装Keepalived,ipvsadm 【LVS1和LVS2主机上同样安装】

  1. 安装依赖包
yum -y install wget popt popt-devel popt-static libnl libnl-devel kernel-devel

创建软链接:

ln -s /usr/src/kernels/$(uname -r)/ /usr/src/linux

2.安装 Keepalived,ipvsadm(YUM安装)

yum -y install  keepalived ipvsadm

3.配置Keepalived,先备份一下配置文件:

cd /etc/keepalived/
cp keepalived.conf keepalived.conf.$(date +%F)

4.keepalived.conf 配置文件的内容如下:【大致下边两处红色的地方】

! Configuration File for keepalived
global_defs {
    notification_email {
    admin@examplel.com
    }
    notification_email_from admin@examplel.com
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    router_id LVS_DEVEL
}

# VIP1
vrrp_instance VI_1 {
    state BACKUP             #此处两台LVS主机都使用BACKUP
    interface eth0
    lvs_sync_daemon_inteface eth0
    virtual_router_id 51
    priority 100             #权重两台不一样,比如一台为100,另一台为90
    nopreempt                #在权重高的主机加上此语句。
    advert_int 5

authentication {
    auth_type PASS
    auth_pass 1111
    }

virtual_ipaddress {
    10.0.10.20
}

#下边三行为脚本,检测状态,并发邮件提醒。
    notify_master /etc/keepalived/to_master.sh
    notify_backup /etc/keepalived/to_backup.sh
    notify_fault /etc/keepalived/to_fault.sh
}

virtual_server 10.0.10.20 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 60
    protocol TCP
real_server 10.0.10.132 80 {
    weight 1
    TCP_CHECK {
    connect_timeout 3
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
}
real_server 10.0.10.133 80 {
    weight 1
    TCP_CHECK {
    connect_timeout 3
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
}

real_server 10.0.10.134 80 {
    weight 1
    TCP_CHECK {
    connect_timeout 3
    nb_get_retry 3
    delay_before_retry 3
    connect_port 80
    }
}
}

5.修改Keepalived默认配置。

vim /etc/sysconfig/keepalived 把14行注释或者修改为下边的:

6.开启Keepalived的日志功能。

vim /etc/rsyslog.conf 添加下面的配置:

# keepalived -D -d -S 0
local0.*                    /var/log/keepalived.log
SYSLOG

7.重启rsyslog服务和Keepalived服务:
8.

service rsyslog restart
service keepalived restart

把Keepalived加入到开机启动:

chkconfig Keepalived on

以上操作在两台LVS上机主操作,只有在Keepalived.conf配置文件中两处修改一下即可。

三、Nginx主机上操作:【这里直接yum,每台Nginx主机上都要执行】

  1. 安装epel源:
    rpm -ivh http://mirrors.yun-idc.com/epel/epel-release-latest-6.noarch.rpm
    

2.安装Nginx

yum install nginx -y

3.启动Nginx服务

service nginx start

4.在每台Nginx主机上添加虚拟IP:

#!/bin/bash
VIP=10.0.10.20
/etc/rc.d/init.d/functions
case "$1" in
start)
           echo "add nginx vip"
           /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
           /sbin/route add -host $VIP dev lo:0
           echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
           echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
           echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
           echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
       ;;
stop)
           /sbin/ifconfig lo:0 down
           echo "close LVS of RealServer DR"
           echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
           echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
           echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
           echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
           ;;
*)
          echo "Usage: $0 {start|stop}"
          exit 1
esac
exit 0

附编译安装的方法:

yum -y install wget popt popt-devel popt-static libnl libnl-devel kernel-devel openssl-devel libnfnetlink-devel -y
ln -s /usr/src/kernels/$(uname -r)/ /usr/src/linux

1.编译安装Keepalived

wget http://www.keepalived.org/software/keepalived-1.2.20.tar.gz
tar xvf keepalived-1.2.20.tar.gz -C /usr/local/src/
cd /usr/local/src/keepalived-1.2.20/
./configure \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--sysconf=/etc \
--with-kernel-dir=/usr/src/kernels/$(uname -r)/
make
make install

2.编译安装ipvsadm

ipvsadm-1.24版本适用于内核版本号为1.1.8或更新版本。
ipvsadm-1.25适用于2.6.28-rc3或更新版本。
ipvsadm-1.26适用于2.6.28-rc3或更新版本。
一定要注意内核版本号,否则make时会失败

wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz
tar xvf ipvsadm-1.26.tar.gz -C /usr/local/src/
cd /usr/local/src/ipvsadm-1.26/
make
make install

3.添加到系统服务:

chkconfig ipvsadm on
chkconfig keepalived on

其它的配置一样即可。

提醒:本文最后更新于 1277 天前,文中所描述的信息可能已发生改变,请谨慎使用。