Keepalived
概念
- keepalived 是Linux下一個輕量級的高可用解決方案
- 主要是通過虛擬路由冗余協議(VRRP)來實現高可用功能
- Virtual Router Redundancy Protocol
- 起初就是為了補充LVS功能而設計的,用于監控LVS集群內后端真實服務器狀態
- 后來加入了VRRP的功能,它出現的目的是為了解決靜態路由出現的單點故障問題
功能
- LVS規則管理
- LVS集群真實服務器狀態監測
- 管理VIP
| 主機名 | IP地址 | 角色 |
|---|---|---|
| pubserver | eth0:192.168.88.240 | ansible主機 |
| client | eth0:192.168.88.10 | 客戶端 |
| lvs1 | eth0:192.168.88.5 | lvs1調度器 |
| lvs2 | eth0:192.168.88.6 | lvs2調度器 |
| web1 | eth0:192.168.88.100 | web服務器 |
| web2 | eth0:192.168.88.200 | web服務器 |
使用Keepalived實現LVS高可用,配置測試高可用負載均衡集群
lvs1和lvs2節點安裝LVS和Keepalived軟件,在ansible主機上使用劇本安裝
vim 11_inst_lvs_kp.yml
---
- name: install soft
hosts: lbs
tasks:
- name: install pkgs??? #安裝軟件
yum:
name: ipvsadm,keepalived
state: present
ansible-playbook 11_inst_lvs_kp.yml
配置lvs1節點Keepalived軟件
vim /etc/keepalived/keepalived.conf
global_defs {
...
router_id lvs1?????????? #集群節點唯一標識
vrrp_iptables??????????? #放行防火墻規則
...
vrrp_strict????????????? #嚴格遵守VRRP規則
...
}
vrrp_instance VI_1 {
state MASTER??????????? #狀態
interface eth0????????? #網卡
virtual_router_id 51??? #虛擬路由唯一標識符
priority 100??????????? #優先級
advert_int 1??????????? #心跳包間隔時間
authentication {??????? #認證方式
auth_type PASS????? #密碼認證
auth_pass 1111????? #集群密碼
}
virtual_ipaddress {???? #定義VIP
192.168.88.15/24 dev eth0 label eth0:0? #VIP地址及綁定網卡和虛接口標簽
}
}
virtual_server 192.168.88.15 80 {?? #定義LVS虛擬服務器
delay_loop 6??????????????????? #健康檢查延時6s開始
lb_algo wrr???????????????????? #調度算法
lb_kind DR????????????????????? #LVS工作模式
persistence_timeout 50????????? #50s內相同客戶端發起請求由同一服務器處理
protocol TCP??????????????????? #虛擬服務器協議
real_server 192.168.88.100 80 { #定義真實服務器
weight 1??????????????????? #權重
TCP_CHECK {???????????????? #健康檢查方式
connect_timeout 3?????? #連接超時時間為3s
nb_get_retry 3????????? #連續3次訪問失敗則認為真實服務器故障
delay_before_retry 3??? #健康檢查包時間間隔
}
}
??? real_server 192.168.88.200 80 {
weight 2
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
# 啟動服務測試
ipvsadm -Ln????????????????????????? #啟動服務前無LVS規則
systemctl enable --now keepalived??? #加入開機自啟并立即啟動
ipvsadm -Ln????????????????????????? #啟動服務后有LVS規則
ip a s | grep 192.168??????????????? #VIP已綁定
client客戶端同一服務器處理請求
for i in {1..6}
> do
>? curl http://192.168.88.15
> done
Welcome to web2
Welcome to web2
Welcome to web2
Welcome to web2
Welcome to web2
Welcome to web2
補充:lvs1節點注釋持久連接時長
vim? /etc/keepalived/keepalived.conf??? ?
...
#persistence_timeout 50
...
systemctl restart keepalived
#client客戶端同一服務器處理請求
for i in {1..6};do curl http://192.168.88.15; done
Welcome to web2
Welcome to web1
Welcome to web2
Welcome to web2
Welcome to web1
Welcome to web2
配置lvs2節點Keepalived軟件
#將lvs1節點的配置文件復制給lvs2節點 這里用rsync -av命令更安全
scp /etc/keepalived/keepalived.conf root@192.168.88.6:/etc/keepalived/
#進入到lvs2節點編輯配置文件
vim /etc/keepalived/keepalived.conf
#修改如下三行
router_id lvs2? #集群節點唯一標識符
state BACKUP??? #狀態
priority 50???? #優先級
ipvsadm -Ln
systemctl start keepalived
ipvsadm -Ln
驗證真實服務器健康檢查
#web1節點停止nginx服務,模擬web1故障
systemctl stop nginx? ?
#lvs1節點和lvs2節點中查看到LVS規則中web1被擦除
ipvsadm -Ln???????????? ?
TCP? 192.168.88.15:80 wrr
-> 192.168.88.200:80??????????? Route?? 2????? 0????????? 0? ?
#web1節點啟動nginx服務???? ?
systemctl start nginx??? #模擬web1修復
#lvs1節點和lvs2節點中的LVS規則中web1被添加回來
ipvsadm -Ln???????????? ?
TCP? 192.168.88.15:80 wrr
-> 192.168.88.100:80??????????? Route?? 1????? 0????????? 0??????? ?
-> 192.168.88.200:80??????????? Route?? 2????? 0????????? 0 ?
驗證高可用負載均衡
#lvs1節點
ip a s | grep 88.15????????? #VIP綁定于lvs1
inet 192.168.88.15/24 scope global secondary eth0:0
systemctl stop keepalived??? #模擬lvs1節點故障
ip a s | grep 88.15????????? #VIP釋放
ipvsadm -Ln????????????????? #LVS規則被清空
#lvs2節點
[root@lvs2 ~]# ip a s | grep 88.15?? #VIP綁定于lvs2
inet 192.168.88.15/24 scope global secondary eth0:0
ipvsadm -Ln
TCP? 192.168.88.15:80 wrr
-> 192.168.88.100:80??????????? Route?? 1????? 0????????? 0??????? ?
-> 192.168.88.200:80??????????? Route?? 2????? 0????????? 0??????? ?
client客戶端查看,不受影響
for i in {1..6}
do
curl http://192.168.88.15
done???????????????????? ?
Welcome to web1
Welcome to web2
Welcome to web2
Welcome to web1
Welcome to web2
Welcome to web2
)
)
)
