当前位置: 首页 > article >正文

web高可用集群(lvs负载均衡+keepalved高可用)

web高可用集群(lvs负载均衡+keepalved高可用)

主机IP地址
VIP192.168.88.88
DS1(MASTER)192.168.88.38
DS2(BACKUP)192.168.88.66
web1192.168.88.10
web2192.168.88.20
                              |
             +----------------+-----------------+
             |                                  |
192.168.88.38|----     VIP:192.168.88.88  ----|192.168.88.66
     +-------+--------+                +--------+-------+
     | 	    DS1       |                |       DS2      |
     | LVS+Keepalived |                | LVS+Keepalived |
     +-------+--------+                +--------+-------+
             |			                |
             +----------------+-----------------+
                              |
  +------------+              |               +------------+
  |     RS1    |192.168.88.10 |  192.168.88.20|     RS2    |
  | Web Server +--------------+---------------+ Web Server |
  +------------+                              +------------+
#架构图如上图所示。DS1、DS2 为两个 LB 节点,RS1、RS2 为两个真实的服务节点,通过一个虚拟的 IP 地址对外提供服务。
配置DS
#配置 Keepalived
[root@lvs1 ~]# yum install ipvsadm keepalived -y
DS1(MASTER节点)
[root@lvs1 ~]# vim /etc/keepalived/keepalived.conf
[root@lvs1 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
 
global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lvs1
}
 
vrrp_instance VI_1 { 
    state MASTER   # 两个 DS,一个为 MASTER 一个为 BACKUP
    interface ens37    # 当前 IP 对应的网络接口,通过 ifconfig 查询
    virtual_router_id 51  # 虚拟路由 ID(0-255),在一个 VRRP 实例中主备服务器 ID 必须一样
    priority 90    # 优先级值设定:MASTER 要比 BACKUP 的值大
    advert_int 1  # 通告时间间隔:单位秒,主备要一致
    authentication {   # 认证机制,主从节点保持一致即可
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.88.88/24   # VIP,可配置多个
    }
}
 
virtual_server 192.168.88.88 80 {
    delay_loop 6    # 设置健康状态检查时间
    lb_algo rr      # 调度算法,这里用了 rr 轮询算法
    lb_kind DR       # 这里测试用了 Direct Route 模式
    persistence_timeout 50   # 持久连接超时时间
    protocol TCP
 
    real_server 192.168.88.10 80 {
        weight 1
        TCP_CHECK {
        connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 192.168.88.20 80 {
        weight 1
        TCP_CHECK {
        connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
DS2(BACKUP) 节点
[root@proxy ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
 
global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id proxy
}
 
vrrp_instance VI_1 {
    state BACKUP
    interface ens37
    virtual_router_id 51
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.88.88/24
    }
}
 
virtual_server 192.168.88.88 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 0
    protocol TCP
 
    real_server 192.168.88.10 80 {
        weight 1
        TCP_CHECK {
        connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 192.168.88.20 80 {
        weight 1
        TCP_CHECK {
        connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
#配置完成后,分别重启 Keepalived 服务。
[root@proxy ~]# systemctl restart keepalived.service 
配置 RS
需要在 RS 的网卡上配置 lo 为 VIP。配置脚本如下
#!/bin/bash 
SNS_VIP=192.168.88.88
case "$1" in
start)
       ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
       /sbin/route add -host $SNS_VIP dev lo:0
       echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
       sysctl -p >/dev/null 2>&1
       echo "RealServer Start OK"
       ;;
stop)
       ifconfig lo:0 down
       route del $SNS_VIP >/dev/null 2>&1
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
       echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
       echo "RealServer Stoped"
       ;;
*)
       echo "Usage: $0 {start|stop}"
       exit 1
esac
exit 0
本地创建完后,并执行。
[root@web ~]# chmod +x lo.sh 
[root@web ~]# ./lo.sh start
配置完成后,通过 VIP 就可以访问到 RS 上的服务了。
HA 测试

配置完双机热备后,我们就可以测试下,节点发生故障后以及 LB 切换失败后,能否保证服务的 HA。

在 LB 的主节点上输入 ip a,可以看到 VIP 目前已经正确配置在网卡上。

[root@lvs1 ~]# ip a
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:48:b3:7b brd ff:ff:ff:ff:ff:ff
    inet 192.168.88.38/24 brd 192.168.88.255 scope global noprefixroute ens37
       valid_lft forever preferred_lft forever
    inet 192.168.88.88/24 scope global secondary ens37
       valid_lft forever preferred_lft forever
    inet6 fe80::dbb5:b534:a44a:a21/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
# 查看负载均衡的配置
[root@lvs1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.88.88:80 rr
  -> 192.168.88.10:80             Route   1      0          0         
  -> 192.168.88.20:80             Route   1      0          0  
访问一下 VIP。
[root@ceph01 ~]# curl 192.168.88.88
test1
[root@ceph02 ~]# curl 192.168.88.88
test2[root@ceph03 ~]# curl 192.168.88.88
test1
[root@ceph03 ~]# curl 192.168.88.88
test1
看到服务可正常轮询
#此时手动停止一个 RS,再次访问 VIP
[root@web ~]# systemctl stop nginx
#LVS 会自动剔除无法访问的服务
[root@lvs1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.88.88:80 rr
  -> 192.168.88.20:80             Route   1      0          1 
[root@ceph01 ~]# curl 192.168.88.88
test2
[root@ceph02 ~]# curl 192.168.88.88
test2
[root@ceph03 ~]# curl 192.168.88.88
test2
访问请求全都发送到剩下的web节点上。
[root@web ~]# systemctl start nginx
重启后,服务会被自动添加。
[root@lvs1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.88.88:80 rr
  -> 192.168.88.10:80             Route   1      0          0         
  -> 192.168.88.20:80             Route   1      0          3   
#如果此时,手动停止 MASTER 上的 Keepalived,模拟 LB MASTER 节点挂了,VIP 会自动飘到 BACKUP LB 上。
[root@lvs1 ~]# ip a
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:48:b3:7b brd ff:ff:ff:ff:ff:ff
    inet 192.168.88.38/24 brd 192.168.88.255 scope global noprefixroute ens37
       valid_lft forever preferred_lft forever
    inet 192.168.88.88/24 scope global secondary ens37
       valid_lft forever preferred_lft forever
    inet6 fe80::dbb5:b534:a44a:a21/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@lvs1 ~]# systemctl stop keepalived.service 
[root@lvs1 ~]# ip a
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:48:b3:7b brd ff:ff:ff:ff:ff:ff
    inet 192.168.88.38/24 brd 192.168.88.255 scope global noprefixroute ens37
       valid_lft forever preferred_lft forever
    inet6 fe80::dbb5:b534:a44a:a21/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
[root@proxy ~]# ip a
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:e4:cd:ac brd ff:ff:ff:ff:ff:ff
    inet 192.168.88.66/24 brd 192.168.88.255 scope global noprefixroute ens37
       valid_lft forever preferred_lft forever
    inet 192.168.88.88/24 scope global secondary ens37
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fee4:cdac/64 scope link 
       valid_lft forever preferred_lft forever
[root@ceph01 ~]# curl 192.168.88.88
test1
[root@ceph02 ~]# curl 192.168.88.88
test2
[root@ceph03 ~]# curl 192.168.88.88
test1
web节点正常访问。  
此时,如果重启 MASTER 后,VIP 又会飘回去。MASTER 的优先级高于 BACKUP,从而实现 HA。
[root@lvs1 ~]# systemctl start keepalived.service 
[root@lvs1 ~]# ip a
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:48:b3:7b brd ff:ff:ff:ff:ff:ff
    inet 192.168.88.38/24 brd 192.168.88.255 scope global noprefixroute ens37
       valid_lft forever preferred_lft forever
    inet 192.168.88.88/24 scope global secondary ens37
       valid_lft forever preferred_lft forever
    inet6 fe80::dbb5:b534:a44a:a21/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

http://www.kler.cn/a/272847.html

相关文章:

  • 无人机技术架构剖析!
  • go chan底层分析
  • 基于YOLOv8与CGNet的鸟类智能识别系统 深度学习图像分类 鸟类目标检测与分类 图像特征提取 模型优化与应用 数据可视化(源码+指导+定制)
  • 从字符串使用看Golang和Rust对内存使用的区别
  • 人工智能任务19-基于BERT、ELMO模型对诈骗信息文本进行识别与应用
  • 学成在线_内容管理模块_创建模块工程
  • OpenvSwitch 配置 Trunk 端口实验
  • 人工智能需要的数学基础有哪些?
  • opc客户端
  • DARTS: DIFFERENTIABLE ARCHITECTURE SEARCH
  • linux系统kubernetes的pod的状态
  • 【vue baidu-map】实现百度地图展示基地,鼠标悬浮标注点展示详细信息
  • C语言深入理解指针(4)
  • KD-Tree的原理及其在KNN中的应用(附Python代码)
  • flask 继续学习
  • 微信小程序小案例实战
  • c语言大小写字母的转换
  • 用C语言链表实现图书管理
  • 23.1 微服务理论基础
  • 本人遇到大数据面试题和参考答案(超过1万字精华版)
  • LLM大模型统一封装接口解决方案
  • 论文笔记:Llama 2: Open Foundation and Fine-Tuned Chat Models
  • VMware 16下载安装,多图详细版
  • vue3+element-plus中dialog对话框组件去掉遮罩层后可以操作底层页面,以及弹窗嵌套弹窗如何去掉遮罩层且可以操作底层页面
  • MySQL学习Day32——数据库备份与恢复
  • 阿里云服务器配置怎么选择?