keepalived+lvs实现双主
keepalived+lvs实现双主
lvs主备方案是当前只有一台lvs工作,这造成资源浪费,可以采用双主结构,让两台lvs当前都进行工作,采用dns轮询方式,当用户访问域名通过dns轮询每台lvs,双主结构需要两个vip,这两个vip要绑定域名。
同样,在每台lvs上安装keepalived软件,当keepalived检测到其中一个lvs宕机则将宕机的vip漂移到活动lvs上,当lvs恢复则vip又重新漂移回来。
1.初始状态
每台lvs绑定一个vip,共两个vip,DNS设置域名对应这两个vip,通过DNS轮询每次解析到不同的vip上即解析到不同的lvs上。
2.其中一个主机宕机
其中一个主机宕机,每台lvs上安装的keepalived程序会检测到对方宕机,将宕机一方的vip漂移至活动的lvs服务器上,这样DNS轮询全部到一台lvs继续对外提供服务。
3.主机恢复
当主机恢复又回到初始状态,每个vip绑定在不同的lvs上。
4.部署实现
添加VI_2策略。
keepalived配置,注意主备关系:
lvs01的vip1是master lvs02是backup
lvs01的vip2是backup lvs02是master
virtual_router_id 区分不同VIP服务,因此不能和上面一个实例一样
lvs01的keepalived配置如下:
vrrp_instance VI_2 { #这里开始是VIP2的相关配置,其实和VIP1大同小异
state BACKUP #VIP1的主机是VIP2的备机
interface eth0
virtual_router_id 52 #区分不同VIP服务,因此不能和上面一个实例一样
priority 90 #备机优先级设置低一点
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { #新增的VIP2
192.168.0.110
}
}
virtual_server 192.168.0.110 80 { #设置VIP2的后端机器,机器是VIP1一模一样,直接拷贝就可以了
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 0
protocol TCP
real_server 192.168.0.200 80 { #同样的后端
weight 1
TCP_CHECK {
connect_timeout 1
nb_get_retry 1
delay_before_retry 1
connect_port 80
}
}
real_server 192.168.0.300 80 { #同样的后端
weight 1
TCP_CHECK {
connect_timeout 1
nb_get_retry 1
delay_before_retry 1
connect_port 80
}
}
}
lvs02的keepalived配置如下:
vrrp_instance VI_2 {
state MASTER #第三处,VIP2此时是主机
interface eth0
virtual_router_id 52
priority 100 #第4处,主机优先级要高于备机
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.110
}
}
virtual_server 192.168.0.110 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 0
protocol TCP
real_server 192.168.0.200 80 {
weight 1
TCP_CHECK {
connect_timeout 1
nb_get_retry 1
delay_before_retry 1
connect_port 80
}
}
real_server 192.168.0.300 80 {
weight 1
TCP_CHECK {
connect_timeout 1
nb_get_retry 1
delay_before_retry 1
connect_port 80
}
}
}
启动两台LVS上的keepalived,可以查到到如下两个VIP的负载均衡配置
[root@CentOS-7-2 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.110:80 rr
-> 192.168.0.200:80 Route 1 0 0
-> 192.168.0.300:80 Route 1 0 0
TCP 192.168.0.100:80 rr
-> 192.168.0.200:80 Route 1 0 0
-> 192.168.0.300:80 Route 1 0 0
查看两台lvs网卡状态是否有vip
正常情况是 lvs01是192.168.0.100 ,lvs02是192.168.0.110
配置两台RS
[xuhongshuo@nginx01 ~]$ cat /etc/rc.d/init.d/realserver-vi2.sh
#!/bin/bash
SNS_VIP=192.168.0.110
#. /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
查看两台RS服务器的网卡状态是否已经绑定了两个vip
[xuhongshuo@nginx01 ~]$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.0.100/32 brd 10.100.38.201 scope global lo:0
valid_lft forever preferred_lft forever
inet 192.168.0.110/32 brd 10.100.38.201 scope global lo:1
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether fe:fc:fe:2d:80:ba brd ff:ff:ff:ff:ff:ff
inet 10.100.38.14/24 brd 10.100.38.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
5.测试
首先确保两个VIP都能正常工作
[root@CentOS-7-4 ~]# curl http://192.168.0.100/
This is 192.168.0.300
[root@CentOS-7-4 ~]# curl http://192.168.0.100/
This is 192.168.0.200
[root@CentOS-7-4 ~]# curl http://192.168.0.100/
This is 192.168.0.300
[root@CentOS-7-4 ~]# curl http://192.168.0.100/
This is 192.168.0.200
[root@CentOS-7-4 ~]# curl http://192.168.0.110/
This is 192.168.0.200
[root@CentOS-7-4 ~]# curl http://192.168.0.110/
This is 192.168.0.300
[root@CentOS-7-4 ~]# curl http://192.168.0.110/
This is 192.168.0.200
[root@CentOS-7-4 ~]# curl http://192.168.0.110/
This is 192.168.0.300
然后停掉VIP2上LVS的keepalived服务,再次测试,服务依然正常,不过所有流量都发往VIP1。
此时,VIP1机器上能查看到两个VIP
[root@CentOS-7-2 ~]# ip a show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:2e:74:89 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.140/24 brd 192.168.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 192.168.0.100/32 scope global eth0
valid_lft forever preferred_lft forever
inet 192.168.0.110/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe2e:7489/64 scope link
valid_lft forever preferred_lft forever
另一台LVS的IP漂移过来
目录 返回
首页