負載均衡與高可用綜合實驗
一、集群是什么?
是有一組獨立的計算機系統構成的一個松耦合的多處理系統,作為一個整體向用戶提供一組網絡資源,這些單個的計算機就是集群的節點。
二、集群類型
Load Balance cluster(負載均衡集群)
把負載壓力根據某種算法合理分配到集群中每一臺計算機上,減輕主服務器壓力,降低對主服務器的軟件硬件要求。
High Availability cluster(高可用集群)
當主服務器故障時,備份服務器能夠自動接管主服務器的工作,并且及時切換過去。
HIgh Performance Computing clustering(高性能計算集群)
充分利用每一臺計算機的資源,實現復雜運算的并行處理。
負載均衡集群
LB集群的主要功能就是解決如何在RS前添加一臺主機作為調度器,從而將客戶端請求按照某種算法調度給后主機。
實現方式
硬件調度:F5 A10 Array Radware
軟件調度:Nginx LVS HAproxy
軟件調度按照工作在OSI協議棧的哪一層又可分為:
傳輸層:LVS HAproxy(mode tcp)
應用層:HAproxy(mode http)Nginx
應用類型
HTTP重定向負載均衡
反向代理負載均衡
DNS域名解析負載均衡
調度算法簡介
輪詢(roundrobin-rr),按照客戶端請求順序把客戶端的請求逐一分配到不同后端節點服務器。
加權輪詢,在輪詢算法的基礎上加權重,權重和用戶訪問成正比,權重越大,二逼轉發的請求越多。
最少連接數,將請求分發給后端節點服務器連接數最少的機器。
最快響應,根據后端節點服務器的響應時間來分配請求,響應時間短的優先分配。。
Hash法,對客戶端IP或者訪問的URL進行hash運算。
Nginx反向代理實現負載均衡
網絡拓撲
基礎配置
配置router
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.d/99-sysctl.conf sysctl -p
net.ipv4.ip_forward = 1#開啟偽裝!!!!!
firewall-cmd --add-masquerade
網關指向路由器
nmcli connection modify ens160 ipv4.gateway 10.1.1.20
配置web
dnf -y install nginx;echo "welcome to $(hostname)" > /usr/share/nginx/html/index.html;systemctl enable nginx --now#client訪問
curl 10.1.8.11
welcome to web1.robinkool.cloud
curl 10.1.8.12
welcome to web2.robinkool.cloud
curl 10.1.8.13
welcome to web3.robinkool.cloud
配置lb
dnf -y install nginx
vim /etc/nginx/nginx.conf
#分別在nginx主配置文件中http代碼塊中增加upstream web {server 10.1.8.11:80;server 10.1.8.12:80;server 10.1.8.13:80;}location / {proxy_pass http://web;}systemctl start nginx.service #client1測試
for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -c30 welcome to web3.robinkool.cloud30 welcome to web1.robinkool.cloud30 welcome to web2.robinkool.cloud#client2測試
for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -cwelcome to web1.robinkool.cloudwelcome to web2.robinkool.cloudwelcome to web3.robinkool.cloud
負載均衡-算法
輪詢(round-robin)
默認的調度算法,按照客戶端請求順序逐一分配到不同后端的節點服務器,如果后端節點服務器宕機,宕機的服務器會被自動從節點服務器池中剔除,新的請求分配給正常服務器。
upstream web {server 10.1.8.11:80;server 10.1.8.12:80;server 10.1.8.13:80;
}#測試
for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -c30 welcome to web3.robinkool.cloud30 welcome to web1.robinkool.cloud30 welcome to web2.robinkool.cloud
在rr輪詢算法基礎上加權重,權重值越大,被轉發的請求越多,可根據服務器性能和配置指定權重大小。
upstream web {server 10.1.8.11:80 weight=10;server 10.1.8.12:80 weight=20;server 10.1.8.13:80 weight=30;
}#測試
for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -c15 welcome to web3.robinkool.cloud30 welcome to web1.robinkool.cloud45 welcome to web2.robinkool.cloud
ip哈希(ip_hash)
每個請求按客戶端ip的hash結果分配。當新的請求到達時,先將其客戶端ip通過哈希算法計算出一個值,在隨后的客戶端請求中,客戶ip的哈希值只要相同 ,就會被分配到同一臺服務器。
upstream web {ip_hashserver 10.1.8.11:80;server 10.1.8.12:80;server 10.1.8.13:80;
}#測試
for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -c90 welcome to web3.robinkool.cloud
通用哈希(generic Hash)
請求發送到的服務器有用戶定義的鍵確定,該鍵可以是文本字符串、變量或者組合。
upstream web {hash $request_url;server 10.1.8.11:80;server 10.1.8.12:80;server 10.1.8.13:80;
}#測試
for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -c90 welcome to web3.robinkool.cloud
最少連接數(least_conn)
講請求發給后端節點服務器鏈接最少的機器
upstream web {least_conn;server 10.1.8.11:80;server 10.1.8.12:80;server 10.1.8.13:80;
}#測試
for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -c30 welcome to web3.robinkool.cloud30 welcome to web1.robinkool.cloud30 welcome to web2.robinkool.cloud
#least_conn模式支持權重
HAproxy實現負載均衡
HAproxy是一款提供高可用性、負載均衡以及基于TCP(四層)和HTTP(七層)應用的代理軟件,支持虛擬主機。
調度算法
HAproxy有8中負載均衡算法(load balance),分別如下:
round-robin,動態加權輪詢,支持權重,
statuc-rr,靜態輪詢,不支持權重,
leastconn,最小連接數優先處理,
source,源地址哈希算法,
uri,根據uri做哈希算法,
url_param,根據請求的URI參數做哈希,
rdp-cookie(name),根據cookie(name)來鎖定并哈希每一次TCP請求。
HAproxy實踐
通過HAproxy實現4層和7層負載均衡
基礎配置
網絡拓撲
網關和路由配置同Nginx
安裝HAproxy
#停止nginx服務,避免端口占用
systemctl disable nginx --now
dnf -y install haproxy
http模式(七層)
dnf -y install nginx;echo "welcome to $(hostname)" > /usr/share/nginx/html/index.html;systemctl enable nginx --now#client訪問
curl 10.1.8.11
welcome to web1.robinkool.cloud
curl 10.1.8.12
welcome to web2.robinkool.cloud
curl 10.1.8.13
welcome to web3.robinkool.cloud
配置haproxy
#先備份haproxy配置文件
cp /etc/haproxy/haproxy.cfg{,.bak}#修改haproxy配置文件,最后添加
################## web ####################
frontend front_webbind *:80default_backend back_web #默認后端
backend back_webbalance roundrobin #rr輪詢server web1 10.1.8.11:80 checkserver web2 10.1.8.12:80 checkserver web3 10.1.8.13:80 checksystemctl enable haproxy.service --now
Created symlink /etc/systemd/system/multi-user.target.wants/haproxy.service → /usr/lib/systemd/system/haproxy.service.#client[1-2]測試
[root@client1 Zc ~ 15:11:09]# for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -c30 welcome to web1.robinkool.cloud30 welcome to web2.robinkool.cloud30 welcome to web3.robinkool.cloud
[root@client2 Zc ~ 15:14:36]# for i in {1..90};do curl -s 10.1.8.10 ;done|sort|uniq -c30 welcome to web1.robinkool.cloud30 welcome to web2.robinkool.cloud30 welcome to web3.robinkool.cloud#使用haproxy中acl代碼塊實現類似nginx反向代理(通過正則表達式匹配將流量分發到不同后端)
################## web ####################
frontend front_webbind *:80default_backend back_web #默認后端acl test url_reg -i \.txt$ # 定義ACL規則:匹配.txt結尾的URL(不區分大小寫)use_backend test if test # 如果匹配ACL規則"test",則使用名為"test"的后端
backend back_webbalance roundrobin #rr輪詢server web1 10.1.8.11:80 checkserver web2 10.1.8.12:80 checkserver web3 10.1.8.13:80 checkbackend testbalance roundrobin #rr輪詢server web1 10.1.8.11:81 checkserver web2 10.1.8.12:81 checkserver web3 10.1.8.13:81 check#測試環境準備
mkdir /test
echo "hello txt from $(hostname -s)" > /test/index.txt
echo "hello html from $(hostname -s)" > /test/index.html
#準備虛擬主機配置文件
vim /etc/nginx/conf.d/vhost-test.conf
server { listen 81;root /test;
}
systemctl restart nginx#測試
[root@client1 Zc ~ 16:25:53]# curl 10.1.8.11
welcome to web1.robinkool.cloud
[root@client1 Zc ~ 16:26:21]# curl 10.1.8.11:81
hello html from web1
[root@client1 Zc ~ 16:26:29]# curl 10.1.8.11:81/index.txt
hello txt from web1
[root@client1 Zc ~ 16:27:32]# curl 10.1.8.10/index.txt
hello txt from web3
[root@client1 Zc ~ 16:30:31]# curl 10.1.8.10/index.txt
hello txt from web2
[root@client1 Zc ~ 16:30:38]# curl 10.1.8.10/index.txt
hello txt from web1
tcp模式(四層)
配置ssh
配置haproxy
vim /etc/haproxy/haproxy.cfg
################## ssh ####################
listen sshbind *:1022mode tcpbalance roundrobinserver web1 10.1.8.11:22 checkserver web2 10.1.8.12:22 checkserver web3 10.1.8.13:22 checksystemctl restart haproxy#測試
[root@client2 Zc ~ 16:06:28]# for i in {1..90};do ssh root@10.1.8.10 -p 1022 hostname 2>/dev/null ;done |sort|uniq -c30 web1.robinkool.cloud30 web2.robinkool.cloud30 web3.robinkool.cloud
#如果在balance位置將rr改為source 那么在使用ssh登錄時就會固定一個地址。
配置說明
haproxy配置文件有兩部分組成,全局設定和對代理的設定,
其中全局設定(global settings):主要用于定義haproxy進程管理安全性能及相關參數
代理設定(proxies):分為4段:
defaluts:為其他配置提供默認參數,默認配置參數可由下一個defaults重新設定。
fronted:定義一系列監聽的套接字,這些套接字可接受客戶端請求并與之建立連接。
backend:定義后端服務器,前端代理服務器將會把客戶端的請求調度至這些服務器。
listen:定義監聽套接字和后端服務器,類似將fronted和backen段放在一起,通常配置TCP流量,也就是四層代理。
LVS
LVS介紹
Linux虛擬服務器(LVS,Linux Virtual Server),使用負載均衡技術將多臺服務器組成一個虛擬服務器。
LVS術語
調度器:負載均衡器,Director,Virtual Server(VS)
后端服務器:真實服務器,Real Server(RS),Backend Server
調度器一般配兩個ip地址:
VIP:向外提供服務的IP地址
DIP:與后端RS通信的IP地址
RIP:RS的IP地址
CIP:Client的IP地址
LVS由ipvsadm和ipvs組成:
ipvsadm:用戶空間命令行工具,用于在Director上定義集群服務和添加集群上的RS
ipvs:工作與內核上netfilter中INPUT鉤子上的程序代碼
工作原理
客戶端將流量發送給LB,LB將流量發送給服務端,服務端在返回流量的時候有兩種情況,一種是直接發送給客戶端,另一種則是通過LB發送給客戶端。相較于Nginx和HAproxy是在流量返回時通過LB將流量返回給客戶端,并且可以通過LB的緩存,在下次訪問時直接返回請求。
工作模式
NAT模式
通過將請求報文的目標地址和目標端口修改為某RS的IP和PORT來實現報文轉發。
工作原理
客戶端將流量發送給Director,Director將流量再轉發給RS,RS將流量發回給Director,再由Director將流量發給客戶端。所以RS的網關是指向Director的。
網絡拓撲
nmcli connection modify ens160 ipv4.gateway 10.1.8.10;nmcli connection up ens160
nmcli connection modify ens160 ipv4.gateway 10.1.1.10;nmcli connection up ens160
#NAT模式下,Director充當路由器,所以要開啟路由轉發功能
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf sysctl -p
net.ipv4.ip_forward = 1#安裝ipvsamd
dnf -y install ipvsadm
#創建服務啟動文件,如果沒有該文件啟動服務會報錯
touch /etc/sysconfig/ipvsadm
systemctl start ipvsadm
ipvsadm -A -t 10.1.1.10:80 -s rr #-A:添加一個新的虛擬服務 -t 10.1.1.10:80:指定虛擬服務的地址和端口(TCP協議)-s rr:指定調度算法為輪詢(Round Robin)
ipvsadm -a -t 10.1.1.10:80 -r 10.1.8.11 -m #-a:向虛擬服務添加一個真實服務器 -t 10.1.1.10:80:指定要添加到的虛擬服務 -r 10.1.8.11:指定真實服務器地址 -m:使用 NAT(Masquerading)轉發模式
ipvsadm -a -t 10.1.1.10:80 -r 10.1.8.12 -m
ipvsadm -a -t 10.1.1.10:80 -r 10.1.8.13 -m
ipvsadm-save -n > /etc/sysconfig/ipvsadm #生成內容保存到文件中,重啟服務加載該配置
ipvsadm -Ln
#多次訪問驗證
for i in {1..90};do curl -s 10.1.1.10 ;done|sort|uniq -c30 welcome to web1.robinkool.cloud30 welcome to web2.robinkool.cloud30 welcome to web3.robinkool.cloud
ipvsadm -E -t 10.1.1.10:80 -s wrr #-E編輯 w-weight
#修改權重
ipvsadm -e -t 10.1.1.10:80 -r 10.1.8.12 -m -w 2
ipvsadm -e -t 10.1.1.10:80 -r 10.1.8.13 -m -w 3#再次查看
ipvsadm -Ln
for i in {1..90};do curl -s 10.1.1.10 ;done|sort|uniq -c15 welcome to web1.robinkool.cloud30 welcome to web2.robinkool.cloud45 welcome to web3.robinkool.cloud
DR模式
通過為請求報文重新封裝一個MAC首部進行報文轉發,新MAC首部的源MAC是DIP所在網卡的MAC,目標MAC為某RS位在接口的MAC;整個過程源的IP首部不會發生變化(源IP為CIP,目標IP始終為VIP)
工作原理
網絡拓撲
該模式下Director只有一塊網卡
nmcli device disconnect ens192
成功斷開設備 "ens192"。
nmcli connection modify ens160 ipv4.gateway 10.1.8.20
nmcli connection up ens160
nmcli connection modify ens160 ipv4.gateway 10.1.1.20
nmcli connection up ens160
配置router
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.d/99-sysctl.conf sysctl -p
net.ipv4.ip_forward = 1#開啟偽裝!!!!!
firewall-cmd --add-masquerade
配置LVS-RS
nmcli connection add type dummy ifname dummy con-name dummy ipv4.addresses 10.1.8.100/32 ipv4.method manual
連接 "dummy" (156d22e0-3f26-44a2-9260-56afa56ebfc9) 已成功添加。
nmcli connection up dummy
連接已成功激活(D-Bus 活動路徑:/org/freedesktop/NetworkManager/ActiveConnection/5)#web[1-3]配置arp參數,關閉arp對dummy網卡的解析
cat >> /etc/sysctl.conf << EOF
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> net.ipv4.conf.dummy.arp_ignore = 1
> net.ipv4.conf.dummy.arp_announce = 2
> EOF
sysctl -p
配置LVS-DS
#添加虛擬網卡
nmcli connection add type dummy ifname dummy con-name dummy ipv4.addresses 10.1.8.100/32 ipv4.method manual
nmcli connection up dummy#清空ipvsadm規則
ipvsadm -C
ipvsadm -Ln
ipvsadm -A -t 10.1.1.10:80 -s rr
ipvsadm -a -t 10.1.1.10:80 -r 10.1.8.11
ipvsadm -a -t 10.1.1.10:80 -r 10.1.8.12
ipvsadm -a -t 10.1.1.10:80 -r 10.1.8.13
ipvsadm-save -n > /etc/sysconfig/ipvsadm
ipvsadm -Ln
for i in {1..90};do curl -s 10.1.8.100 ;done|sort|uniq -c 30 welcome to web1.robinkool.cloud30 welcome to web2.robinkool.cloud30 welcome to web3.robinkool.cloud
NAT 模式拓撲
客戶端 → LVS(VIP:10.1.1.10) → NAT 轉換 → RS(10.1.8.11/12)↑_________________________↓ # 響應流量也經過 LVS
DR 模式拓撲
客戶端 → LVS(VIP:10.1.1.10) → MAC 重寫 → RS(10.1.1.11/12)↓______________________________↑ # 響應直接返回客戶端
配置關鍵區別
NAT 模式配置
# 添加虛擬服務(VIP)
ipvsadm -A -t 10.1.1.10:80 -s rr# 添加真實服務器(RS),指定 NAT 模式(-m)
ipvsadm -a -t 10.1.1.10:80 -r 10.1.8.11 -m
ipvsadm -a -t 10.1.1.10:80 -r 10.1.8.12 -m
RS 要求:
使用私有 IP(如
10.1.8.11
)默認網關必須指向 LVS 的內網 IP(如
10.1.8.10
)
DR 模式配置
# 添加虛擬服務(VIP)
ipvsadm -A -t 10.1.1.10:80 -s rr# 添加真實服務器(RS),指定 DR 模式(-g)
ipvsadm -a -t 10.1.1.10:80 -r 10.1.1.11 -g
ipvsadm -a -t 10.1.1.10:80 -r 10.1.1.12 -g
RS 要求:
- 需要配置虛擬網卡:
nmcli connection add type dummy ifname dummy con-name dummy ipv4.address 10.1.8.100/32 ipv4.method manual
- 禁止 RS 響應 VIP 的 ARP 請求:
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
- RS 的網關指向真實路由器(非 LVS)。
Keepalived
keepalived是一個用c語言編寫的路由軟件,目標是為了Linux系統和基于Linux的基礎設施的負載均衡和高可用性提供簡單而健壯的設施。
Keepalived+LVS(DR)+Apache+NFS
web[1-3]添加vmnet2網卡,且網關指向router10.1.8.20
ha1和ha2的網關指向router10.1.8.20
dnf -y install httpd;echo "welcome to $(hostname)" > /var/www/html/index.html;systemctl enable httpd --now
dnf -y install nfs-utils
id apache
mount 10.1.2.100:/data/www /var/www/html
df -h
echo "10.1.2.100:/data/www /var/www/html nfs defaults 0 0" >> /etc/fstab
systemctl daemon-reload
mount -a
dnf -y install httpd;echo "welcome to $(hostname)" > /var/www/html/index.html;systemctl enable httpd --now
dnf -y install nfs-utils
mount 10.1.2.100:/data/www /var/www/html/
dnf -y install httpd;echo "welcome to $(hostname)" > /var/www/html/index.html;systemctl enable httpd --now
dnf -y install nfs-utils
mount 10.1.2.100:/data/www /var/www/html/
dnf -y install nfs-utils
mkdir -p /data/www
chown 48:48 /data/www
echo "/data/www 10.1.2.0/24(rw)" > /etc/exports #將準備好的路徑已讀寫方式共享給2.0網段的主機
systemctl enable nfs-server.service --now
systemctl status nfs-server.service
echo "im nfs" > /data/www/index.html
echo "10.1.2.11 web1.robinkool.cloud" >> /etc/hosts
echo "10.1.2.12 web2.robinkool.cloud" >> /etc/hosts
echo "10.1.2.13 web3.robinkool.cloud" >> /etc/hostscurl http://web2.robinkool.cloud
curl http://web3.robinkool.cloud
curl http://web1.robinkool.cloud
配置LVS-RS(Real Server)
nmcli connection add type dummy ifname dummy con-name dummy ipv4.method manual ipv4.addresses 10.1.8.100/32
nmcli connection up dummycat >> /etc/sysctl.conf << EOF
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> net.ipv4.conf.dummy.arp_ignore = 1
> net.ipv4.conf.dummy.arp_announce = 2
> EOF
sysctl -p
配置HA和LVS-DS(Director Server)
dnf -y install keepalived ipvsadm
cp /etc/keepalived/keepalived.conf{,.ori}vim /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {router_id ha1
}vrrp_instance nginx {state MASTERinterface ens160virtual_router_id 51priority 150advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.8.100/24}
}virtual_server 10.1.8.100 80 {delay_loop 6lb_algo rrlb_kind DRprotocol TCPreal_server 10.1.8.11 80 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.12 80 {weight 2TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.13 80 {weight 2TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}
}systemctl enable keepalived.service --now
dnf -y install keepalived ipvsadm
cp /etc/keepalived/keepalived.conf{,.ori}vim /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {router_id ha2
}vrrp_instance apache {state BACKUPinterface ens160virtual_router_id 51priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.8.100/24}
}virtual_server 10.1.8.100 80 {delay_loop 6lb_algo rrlb_kind DRprotocol TCPreal_server 10.1.8.11 80 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.12 80 {weight 2TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.13 80 {weight 2TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}
}systemctl enable keepalived --now
ipvsadm -Ln
#使用keepalived后再使用ipvsadm命令查看發現已經分配完畢
功能性測試
#輪詢測試前在web[1-3]中取消/var/www/html的掛載
while true ;do curl -s http://10.1.8.100;sleep 1;done
當模式設置為rr、dr時,訪問測試一直顯示同一個地址的測試頁面是因為配置文件中的會話保持代碼沒有注釋掉。
高可用性測試
init 0
客戶端訪問不受影響
負載均衡測試
umount /var/www/html
systemctl stop httpd
Keepalived+LVS+Mariadb
Mariadb復制原理
把一個服務器上執行過的sql語句在別的服務器上重復執行一遍,這樣只要兩個數據庫的初態是一樣的,那么就能一直同步,這種復制和重復都是mysql自動實現的。
實驗環境
dnf -y install mariadb-server
vim /etc/my.cnf.d/mariadb-server.cnf #在[mysqld]代碼塊中添加如下代碼
server-id=1/2
log_bin=mysql-bin
relay_log=mysql-relay-bin
binlog-ignore-db=information_schema
binlog-ignore-db=performance_schema
systemctl enable mariadb --now
mysql_secure_installation
#設置密碼為redhat
Mariadb主從設置
mysql -uroot -predhat
grant replication slave,replication client on *.* to 'repl'@'10.1.8.12' identified by 'redhat';
flush privileges;
show master status\G; #查詢主庫狀態
mysql -uroot -predhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 18
Server version: 10.3.39-MariaDB-log MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]> change master to master_host='10.1.8.11',-> master_user='repl',-> master_password='redhat',-> master_port=3306,-> master_log_file='mysql-bin.000002',-> master_log_pos=1998,-> master_connect_retry=30;
Query OK, 0 rows affected (0.007 sec)
show slave status\G;
驗證:主庫db1中創建新庫test,在從庫db2中查看會同步,但是在db2中刪除test庫,db1中不受影響
所以此時在db2中創建從庫db1
grant replication slave,replication client on *.* to 'repl'@'10.1.8.11' identified by 'redhat';
Query OK, 0 rows affected (0.000 sec)
flush privileges;
Query OK, 0 rows affected (0.000 sec)show master status\G;
*************************** 1. row ***************************File: mysql-bin.000003Position: 805Binlog_Do_DB:
Binlog_Ignore_DB: information_schema,performance_schema
1 row in set (0.000 sec)ERROR: No query specified
change master to master_host='10.1.8.12',-> master_user='repl',-> master_password='redhat',-> master_port=3306,-> master_log_file='mysql-bin.000003',-> master_log_pos=805,-> master_connect_retry=30;
start slave;
show slave status\G;
配置LVS-RS
#增加虛擬網卡
nmcli connection add type dummy ifname dummy con-name dummy ipv4.method manual ipv4.addresses 10.1.8.100/32
nmcli connection up dummy#配置arp參數,關閉arp對dummy網卡的解析
cat >> /etc/sysctl.conf << EOF
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> net.ipv4.conf.dummy.arp_ignore = 1
> net.ipv4.conf.dummy.arp_announce = 2
> EOF
sysctl -p
配置HA和LVS-DS
dnf -y install keepalived ipvsadm
cp /etc/keepalived/keepalived.conf{,.ori}vim /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {router_id ha1
}vrrp_instance nginx {state MASTERinterface ens160virtual_router_id 51priority 110advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.8.100/24}
}virtual_server 10.1.8.100 3306 {delay_loop 6lb_algo rrlb_kind DRprotocol TCPreal_server 10.1.8.11 3306 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.12 3306 {weight 2TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}
}systemctl enable keepalived.service --now
dnf -y install keepalived ipvsadm
cp /etc/keepalived/keepalived.conf{,.ori}vim /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {router_id ha2
}vrrp_instance nginx {state BACKUPinterface ens160virtual_router_id 51priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.8.100/24}
}virtual_server 10.1.8.100 3306 {delay_loop 6lb_algo rrlb_kind DRprotocol TCPreal_server 10.1.8.11 3306 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.12 3306 {weight 2TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}
}systemctl enable keepalived.service --now
測試
mysql -uroot -predhat
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 51
Server version: 10.3.39-MariaDB-log MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]> grant all privileges on *.* to 'robinkool'@'%' identified by 'redhat';
Query OK, 0 rows affected (0.001 sec)MariaDB [(none)]> flush privileges;
Query OK, 0 rows affected (0.001 sec)MariaDB [(none)]> quit
Bye
dnf -y install mariadb
mysql -u robinkool -predhat -h 10.1.8.100;
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 81
Server version: 10.3.39-MariaDB-log MariaDB ServerCopyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.MariaDB [(none)]>
#登錄成功
systemctl stop keepalived.service
client1登錄mysql連接正常。
systemctl stop mariadb.service
client2登錄mysql連接正常。
?Keepalived+LVS(DR)+Apache++NFS+MySql+Php
umount /var/www/html
cat > /var/www/html/phpinfo.php << 'EOF'
> <?php phpinfo(); ?>
> EOF
mysql -u root -predhat
MariaDB [(none)]> CREATE DATABASE ecshop;
MariaDB [(none)]> CREATE USER ecshop@'%' IDENTIFIED BY 'redhat';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON ecshop.* TO ecshop@'%';
MariaDB [(none)]> FLUSH PRIVILEGES;
MariaDB [(none)]> exit
dnf -y install php php-mysqlnd
systemctl restart httpd
mount -a #將nfs目錄掛載
df -h #查看確認掛載
dnf -y install lrzsz
rz -E
unzip ECShop_V4.1.20_UTF8_release20250416_88250602410669.zip
cp -a ECShop_V4.1.20_UTF8_release20250416/source/ecshop/* /data/www/
chown -R 48:48 /data/www/
rm -f /data/www/index.html
#瀏覽器直接訪問10.1.8.11/index.php
nmcli connection add type dummy ifname dummy2 con-name dummy2 ipv4.method manual ipv4.addresses 10.1.8.200/32
nmcli connection up dummy2
sysctl net.ipv4.conf.dummy2.arp_ignore=1
sysctl net.ipv4.conf.dummy2.arp_announce=2
! Configuration File for keepalivedglobal_defs {router_id ha1
}vrrp_instance apache {state MASTERinterface ens160virtual_router_id 51priority 150advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.8.100/24}
}virtual_server 10.1.8.100 80 {delay_loop 6lb_algo rrlb_kind DRprotocol TCPpersistence_timeout 50real_server 10.1.8.11 80 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.12 80 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.13 80 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}
}vrrp_instance db {state BACKUPinterface ens160virtual_router_id 52priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.8.200/24}
}
virtual_server 10.1.8.200 3306 {delay_loop 6lb_algo rrlb_kind DRprotocol TCPreal_server 10.1.8.11 3306 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.12 3306 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}
}
! Configuration File for keepalivedglobal_defs {router_id ha2
}vrrp_instance apache {state BACKUPinterface ens160virtual_router_id 51priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.8.100/24}
}virtual_server 10.1.8.100 80 {delay_loop 6lb_algo rrlb_kind DRprotocol TCPpersistence_timeout 50real_server 10.1.8.11 80 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.12 80 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.13 80 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}
}vrrp_instance db {state MASTERinterface ens160virtual_router_id 52priority 150advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.8.200/24}
}
virtual_server 10.1.8.200 3306 {delay_loop 6lb_algo rrlb_kind DRprotocol TCPreal_server 10.1.8.11 3306 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}real_server 10.1.8.12 3306 {weight 1TCP_CHECK {connect_timeout 3retry 3delay_before_retry 3}}
}