keepalived+LVS高可用架构
一、准备工作
- 服务器、操作系统(当前CentOS6.5 x86_64)
操作系统:CentOS6.5 x86_64
服务器 (LVS主备各1台,WEB服务器3台)
Nginx负载虚拟IP:10.0.10.20
LVS主:10.0.10.130
LVS备:10.0.10.131
VIP:10.0.10.20
Nginx-01: 10.0.10.132
Nginx-02: 10.0.10.133
Nginx-03: 10.0.10.134
2.关闭SELinux(改完需重启服务器);
关闭SELinux
sed -i 's#^SELINUX=.*#SELINUX=disabled#' /etc/sysconfig/selinux
- Iptables关闭
重启服务器: reboot
二、LVS主机安装Keepalived,ipvsadm 【LVS1和LVS2主机上同样安装】
- 安装依赖包
yum -y install wget popt popt-devel popt-static libnl libnl-devel kernel-devel
创建软链接:
ln -s /usr/src/kernels/$(uname -r)/ /usr/src/linux
2.安装 Keepalived,ipvsadm(YUM安装)
yum -y install keepalived ipvsadm
3.配置Keepalived,先备份一下配置文件:
cd /etc/keepalived/
cp keepalived.conf keepalived.conf.$(date +%F)
4.keepalived.conf 配置文件的内容如下:【大致下边两处红色的地方】
! Configuration File for keepalived
global_defs {
notification_email {
admin@examplel.com
}
notification_email_from admin@examplel.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
# VIP1
vrrp_instance VI_1 {
state BACKUP #此处两台LVS主机都使用BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
priority 100 #权重两台不一样,比如一台为100,另一台为90
nopreempt #在权重高的主机加上此语句。
advert_int 5
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.10.20
}
#下边三行为脚本,检测状态,并发邮件提醒。
notify_master /etc/keepalived/to_master.sh
notify_backup /etc/keepalived/to_backup.sh
notify_fault /etc/keepalived/to_fault.sh
}
virtual_server 10.0.10.20 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
#persistence_timeout 60
protocol TCP
real_server 10.0.10.132 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.0.10.133 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 10.0.10.134 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
5.修改Keepalived默认配置。
vim /etc/sysconfig/keepalived
把14行注释或者修改为下边的:
6.开启Keepalived的日志功能。
vim /etc/rsyslog.conf
添加下面的配置:
# keepalived -D -d -S 0
local0.* /var/log/keepalived.log
SYSLOG
7.重启rsyslog服务和Keepalived服务:
8.
service rsyslog restart
service keepalived restart
把Keepalived加入到开机启动:
chkconfig Keepalived on
以上操作在两台LVS上机主操作,只有在Keepalived.conf配置文件中两处修改一下即可。
三、Nginx主机上操作:【这里直接yum,每台Nginx主机上都要执行】
- 安装epel源:
rpm -ivh http://mirrors.yun-idc.com/epel/epel-release-latest-6.noarch.rpm
2.安装Nginx
yum install nginx -y
3.启动Nginx服务
service nginx start
4.在每台Nginx主机上添加虚拟IP:
#!/bin/bash
VIP=10.0.10.20
/etc/rc.d/init.d/functions
case "$1" in
start)
echo "add nginx vip"
/sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
/sbin/route add -host $VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
stop)
/sbin/ifconfig lo:0 down
echo "close LVS of RealServer DR"
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
附编译安装的方法:
yum -y install wget popt popt-devel popt-static libnl libnl-devel kernel-devel openssl-devel libnfnetlink-devel -y
ln -s /usr/src/kernels/$(uname -r)/ /usr/src/linux
1.编译安装Keepalived
wget http://www.keepalived.org/software/keepalived-1.2.20.tar.gz
tar xvf keepalived-1.2.20.tar.gz -C /usr/local/src/
cd /usr/local/src/keepalived-1.2.20/
./configure \
--bindir=/usr/bin \
--sbindir=/usr/sbin \
--sysconf=/etc \
--with-kernel-dir=/usr/src/kernels/$(uname -r)/
make
make install
2.编译安装ipvsadm
ipvsadm-1.24版本适用于内核版本号为1.1.8或更新版本。
ipvsadm-1.25适用于2.6.28-rc3或更新版本。
ipvsadm-1.26适用于2.6.28-rc3或更新版本。
一定要注意内核版本号,否则make时会失败
wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.26.tar.gz
tar xvf ipvsadm-1.26.tar.gz -C /usr/local/src/
cd /usr/local/src/ipvsadm-1.26/
make
make install
3.添加到系统服务:
chkconfig ipvsadm on
chkconfig keepalived on
其它的配置一样即可。