标签:集群 高可用 lvs keepalived dr
实验环境:
虚拟机:VMware Workstation 12.1 pro
操作系统:CentOS 7
keepalived-1.2.13-7.el7.x86_64
ipvsadm-1.27-7.el7.x86_64
httpd-2.4.6-40.el7.centos.x86_64
IP规划:
DR-MASTER-DIP:172.18.1.110
VIP:172.18.1.88
DR-BACKUP-DIP:172.18.1.111
VIP:172.18.1.88
RS1:172.18.1.130
RS1-lo:0 :172.18.1.88
RS2:192.168.10.12
RS2-lo:0 :172.18.1.88
实验拓扑图
稍后补...
老规矩,开始前将所有主机的iptables和selinux关闭或者设置允许策略
systemctl stop iptables.service systemctl disable iptables.service setenforce 0 vim /etc/selinux/config SELINUX=disable
DR中安装keepalived和ipvsadm
yum -y install keepalived ipvsadm
配置DR1-MASTER
! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DR1 } ! DR1为主,DR2为备 vrrp_instance VI_1 { state MASTER interface eno16777736 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.18.1.88 dev eno16777736 label eno16777736:0 } } virtual_server 172.18.1.88 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.0.0 persistence_timeout 50 protocol TCP real_server 172.18.1.130 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 172.18.1.131 80 { weight 2 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } ! DR1为备,DR2为主 vrrp_instance VI_2 { state BACKUP interface eno16777736 virtual_router_id 51 priority 98 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.18.1.88 dev eno16777736 label eno16777736:0 } } virtual_server 172.18.1.88 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.0.0 persistence_timeout 50 protocol TCP real_server 172.18.1.130 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 172.18.1.131 80 { weight 2 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
配置DR2-BACKUP
! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DR1 } ! DR1为主,DR2为备 vrrp_instance VI_1 { state BACKUP interface eno16777736 virtual_router_id 51 priority 98 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.18.1.88 dev eno16777736 label eno16777736:0 } } virtual_server 172.18.1.88 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.0.0 persistence_timeout 5 protocol TCP real_server 172.18.1.130 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 172.18.1.131 80 { weight 2 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } ! DR1为备,DR2为主 vrrp_instance VI_2 { state MASTER interface eno16777736 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.18.1.88 dev eno16777736 label eno16777736:0 } } virtual_server 172.18.1.88 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.0.0 persistence_timeout 50 protocol TCP real_server 172.18.1.130 80 { weight 1 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 172.18.1.131 80 { weight 2 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
RS1和RS2分别安装nginx服务并提供一个测试页面
yum -y install nginx ... 省略安装过程
分别在/usr/share/nginx/html目录下创建测试页
RS1创建
vim /usr/share/nginx/html/index.html <h1>RS-1</h1>
RS2创建
vim /usr/share/nginx/html/index.html <h1>RS-2</h1>
为RS1和RS2的lo:0接口别名配置VIP,并限制报文转发。编写脚本实现了
#!/bin/bash # vip=172.18.1.88 case $1 in start) #限制arp的响应和通告 echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce #设置接口IP ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up #添加路由 route add -host $vip dev lo:0 ;; stop) #不限制arp的响应和通告 echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce #设置接口IP ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 down ;; *) echo "Nothing to do." exit 6 ;; esac
分别在RS1和RS2执行
./rs-lo.sh start
启动DR1和DR2的keepalived服务,并启动RS1和RS2的nginx服务
在另一主机访问
curl 172.18.1.88
本文出自 “心境脱俗,宁静致远” 博客,请务必保留此出处http://zhaoyongtao.blog.51cto.com/10955972/1775862
keepalived-lvs-dr-主主模型实现高可用负载均衡
标签:集群 高可用 lvs keepalived dr
原文地址:http://zhaoyongtao.blog.51cto.com/10955972/1775862