当前位置：首页 > news >正文

Keepalived+LVS部署高可用集群

news 2025/6/28 1:35:06

文章目录

- Keepalived+LVS(DR)部署高可用Web集群
- - 集群环境
  - MASTER配置
  - BACKUP配置
  - 检查Virtual IP是否漂移
  - IPVS检查
  - - MASTER
    - BACKUP
  - Real Server配置
  - - 附上个人写的小脚本
  - 测试
  - - 停用Real Server某一台的Apache服务
    - 停用Master上的keepalived检测Backup是否接管资源

Keepalived+LVS(DR)部署高可用Web集群

集群环境

主机	角色	服务
192.168.110.134	MASTER	Keepalived
192.168.110.137	BACKUP	Keepalived
192.168.110.136	Real server1	HTTPD
192.168.110.145	Real server2	HTTPD

MASTER配置

global_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_BACKUPvrrp_skip_check_adv_addrvrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_instance VI_1 {state MASTERinterface ens33virtual_router_id 51priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.110.252}
}virtual_server 192.168.110.252 80 {delay_loop 6lb_algo wrrlb_kind DRpersistence_timeout 50protocol TCPreal_server 192.168.110.136 80 {weight 1TCP_CHECK {retry 3connect_timeout 3nb_get_retry 3delay_before_retry 3conncet_port 80}}real_server 192.168.110.136 80 {weight 1TCP_CHECK {retry 3connect_timeout 3nb_get_retry 3delay_before_retry 3conncet_port 80}}}
}

BACKUP配置

global_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_BACKUPvrrp_skip_check_adv_addrvrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_instance VI_1 {state BACKUPinterface ens160virtual_router_id 51priority 50advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.110.252}
}virtual_server 192.168.110.252 80 {delay_loop 6lb_algo wrrlb_kind DRpersistence_timeout 50protocol TCPreal_server 192.168.110.136 80 {weight 1TCP_CHECK{connect_timeout 3retry 3delay_before_retry 3connect_port 80}}real_server 192.168.110.145 80 {weight 1TCP_CHECK{connect_timeout 3retry 3delay_before_retry 3connect_port 80}}}
}

检查Virtual IP是否漂移

[root@keepalived ~]# ip addr| grep "252"inet 192.168.110.252/32 scope global ens33
[root@localhost ~]# ip addr| grep "252"
[root@localhost ~]# #关闭服务Keepalived-MASTER
[root@keepalived ~]# systemctl stop keepalived.service 
[root@keepalived ~]# ip addr| grep "252"
[root@keepalived ~]# 
[root@localhost ~]# ip addr| grep "252"inet 192.168.110.252/32 scope global ens160

IPVS检查

前提下载ipvsadm

MASTER

[root@keepalived ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.110.252:80 wrr persistent 50-> 192.168.110.136:80           Route   1      0          0         -> 192.168.110.145:80           Route   1      0          0

BACKUP

[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.110.252:80 wrr persistent 50-> 192.168.110.136:80           Route   1      0          0         -> 192.168.110.145:80           Route   1      0          0

Real Server配置

#将VIP绑定至环回网卡
[root@webserver ~]# ifconfig lo:eth1 192.168.110.252 netmask 255.255.255.255 up
#ARP抑制
[root@webserver ~]# echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@webserver ~]# echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@webserver ~]# route add -host 192.168.110.252 dev lo

附上个人写的小脚本

#!/bin/bash
read -p "Enter the Virtual IP : " vip
ifconfig lo:eth1 $vip netmask 255.255.255.255 up
if [ $? -eq 0 ]
thenecho -e "\033[32m OK \033[0m" 
elseecho -e "\033[31m Failed \033[0m"
fi
echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
if [ $? -eq 0 ]
thenecho -e "\033[32m OK \033[0m" 
elseecho -e "\033[31m Failed \033[0m"
fi
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
if [ $? -eq 0 ]
thenecho -e "\033[32m OK \033[0m" 
elseecho -e "\033[31m Failed \033[0m"
fi
route add -host $vip dev lo
if [ $? -eq 0 ]
thenecho -e "\033[32m OK \033[0m" 
elseecho -e "\033[31m Failed \033[0m"
fi

大家可以根据自己需要做调整。

测试

停用Real Server某一台的Apache服务

#在Master上动态监测
[root@keepalived ~]# watch -n 0.5 ipvsadm -ln 
#RS
[root@docker ~]# systemctl stop httpd

这里效果需要自己方能看出来。

停用Master上的keepalived检测Backup是否接管资源

#停用前
C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145
#停用后
[root@keepalived ~]# systemctl stop keepalived.service
C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145C:\Users\SuperMe>curl 192.168.110.252
Web Test Of 192.168.110.145[root@localhost ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags-> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.110.252:80 wrr persistent 50-> 192.168.110.136:80           Route   1      0          0         -> 192.168.110.145:80           Route   1      0          5#可以看出来资源被接管后145被访问了5此