版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/Dream_ya/article/details/81349944
一、Keepablived介绍
1、简介
Keepalived是一个用C语言编写的软件。该项目的主要目标是为Linux系统和基于Linux的基础架构提供简单而强大的负载均衡及高可用性。 负载平衡框架依赖于众所周知且广泛使用的Linux虚拟服务器(IPVS)内核模块,提供Layer4负载均衡。 Keepalived实现了健康检查,自适应地维护和管理负载均衡的服务器。 另一方面,VRRP协议实现了高可用性。 VRRP是路由器故障转移的基础。 Keepalived框架可以单独使用,也可以和其它服务(例如:Nginx、Haproxy、Mysql)一起使用,使用较灵活,我们可以通过官网来获取它的信息。
2、Keepalived高可用原理
在Keepalived服务正常工作时,主Master节点会不断地向备节点发送(多播的方式)心跳消息,用以告诉备BACKUP节点自己还活着,当主Mater节点发生故障时,就无法发送心跳消息,备节点接收不到心跳,便会调用自身的接管程序,接管主Master节点的IP资源及服务。而当主Master节点恢复时,备BACKUP节点又会释放主节点故障时自身接管的IP资源及服务,恢复到原来的备用角色。
3、VRRP协议
虚拟路由冗余协议(Virtual Router Redundancy Protocol,简称VRRP)是由IETF提出的解决局域网中配置静态网关出现单点失效现象的路由协议,1998年已推出正式的RFC2338协议标准。
VRRP是通过一种竞选机制来将路由任务交给某台VRRP路由器。
VRRP是通过多播的方式实现高可用对之间通信。
工作时主节点(Master)发包,备节点接收,当备节点接受不到数据包时,就启动接管程序接管主节点的资源。备节点可以多个,通过优先级进行竞选,但一般Keepalived工作中都是一对。
VRRP使用了加密协议加密数据,但Keepalived官方目前还是推荐使用明文的方式配置认证类型和密码。
二、实验环境
1、安装环境
官网下载链接:http://www.keepalived.org/download.html
百度网盘链接: https://pan.baidu.com/s/1gk3ra1-tOsNy-SAnTL16CA 密码: pw7s
注意:selinux iptables off
操作系统:Red Hat Enterprise Linux Server release 6.5 (Santiago)
| 主机名 | IP | 安装服务 | 功能说明 |
|---|---|---|---|
| server1(Master) | 10.10.10.1 | Keepalived、ipvsadm | 实现高可用及负载均衡(HA+LB) |
| server2 | 10.10.10.2 | Apache、arptables | 展示web界面和arp抑制 |
| server3 | 10.10.10.3 | Apache、arptables | 展示web界面和arp抑制 |
| server4(Backup) | 10.10.10.4 | Keepalived、ipvsadm | 实现高可用及负载均衡(HA+LB) |
2、yum源
[root@server1 ~]# vim /etc/yum.repos.d/yum.repo
[rhel6.5]
name=rhel6.5
baseurl=http://10.10.10.250/rhel6.5
gpgcheck=0
[HighAvailability]
name=HighAvailability
baseurl=http://10.10.10.250/rhel6.5/HighAvailability
gpgcheck=0
[LoadBalancer]
name=LoadBalancer
baseurl=http://10.10.10.250/rhel6.5/LoadBalancer
gpgcheck=0
[ScalableFileSystem]
name=ScalableFileSystem
baseurl=http://10.10.10.250/rhel6.5/ScalableFileSystem
gpgcheck=0
[ResilientStorage]
name=ResilientStorage
baseurl=http://10.10.10.250/rhel6.5/ResilientStorage
gpgcheck=0三、安装Keepalived
1、安装ipvsadm
[root@server1 ~]# yum install -y ipvsadm2、编译Keepalived
[root@server1 ~]# tar xf /root/keepalived-2.0.0.tar.gz
[root@server1 ~]# cd /root/keepalived-2.0.0
[root@server1 keepalived-2.0.0]# yum install -y gcc openssl-devel ###安装依赖
[root@server1 keepalived-2.0.0]# make && make install
3、进行软连接
[root@server1 keepalived-2.0.0]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d
[root@server1 keepalived-2.0.0]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server1 keepalived-2.0.0]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@server1 keepalived-2.0.0]# ln -s /usr/local/keepalived/sbin/keepalived /sbin
[root@server1 keepalived-2.0.0]# chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
[root@server1 keepalived-2.0.0]# /etc/init.d/keepalived restart ###查看启动是否成功四、配置Keepalived(server1、4)
1、安装mailx
[root@server1 ~]# yum install -y mailx2、配置Keepalived.conf(server1)
[root@server1 ~]# vim /etc/keepalived/keepalived.conf
###配置邮件,此处可以不配置,通过mail可以查看邮件
global_defs {
notification_email {
root@localhost
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict ###不关闭可能导致VIP不通
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0 ###根据自己网卡名设置
virtual_router_id 51 ###路由id
priority 100 ###优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.10.100 ###VIP
}
}
virtual_server 10.10.10.100 80 {
delay_loop 6
lb_algo rr ###使用RR模式,方便演示
lb_kind DR ###使用DR模式
#persistence_timeout 50 ###50s连续访问一台,如果vsftpd的高可用就需要打开此参数
protocol TCP
###下面为轮询的二台服务器
real_server 10.10.10.2 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 10.10.10.3 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
[root@server1 ~]# /etc/init.d/keepalived restart3、安装server4
(1)安装ipvsadm
[root@server4 ~]# yum install -y ipvsadm(2)发送及进行软连接
[root@server1 ~]# scp -r /usr/local/keepalived/ [email protected]:/usr/local/
[root@server4 ~]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d
[root@server4 ~]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server4 ~]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@server4 ~]# ln -s /usr/local/keepalived/sbin/keepalived /sbin(3)配置keepalived.conf
[root@server4 ~]# vim /etc/keepalived/keepalived.conf 
[root@server4 ~]# /etc/init.d/keepalived restart五、server2、3安装及配置
1、安装arptables、Apache
[root@server2 ~]# yum install -y arptables_jf httpd2、配置Apache
[root@server2 ~]# echo "server2" >/var/www/html/index.html
[root@server2 ~]# /etc/init.d/httpd restart3、arptables配置
[root@server2 ~]# ip addr add 10.10.10.100/24 dev eth0 ###设置VIP
[root@server2 ~]# arptables -A IN -d 10.10.10.100 -j DROP ###对VIP不进行响应
[root@server2 ~]# arptables -A OUT -s 10.10.10.100 -j mangle --mangle-ip-s 10.10.10.2 ###server3只需要把2改成3即可,其他都相同
[root@server2 ~]# /etc/init.d/arptables_jf save ###保存策略4、查看加入的配置
[root@server2 ~]# cat /etc/sysconfig/arptables ###想删策略清除此文件重启服务arptables_jf即可
# Generated by arptables-save v0.0.8 on Thu Aug 2 20:38:26 2018
*filter
:IN ACCEPT [0:0]
:OUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
[0:0] -A IN -d 10.10.10.100 -j DROP
[0:0] -A OUT -s 10.10.10.100 -j mangle --mangle-ip-s 10.10.10.2
COMMIT
# Completed on Thu Aug 2 20:38:26 2018六、测试
1、负载均衡及健康检查
(1)负载均衡
[root@dream ~]# curl 10.10.10.100
server3
[root@dream ~]# curl 10.10.10.100
server2
[root@dream ~]# curl 10.10.10.100
server3(2)健康检查
[root@server2 ~]# /etc/init.d/httpd stop[root@dream ~]# curl 10.10.10.100
server3
[root@dream ~]# curl 10.10.10.100
server3
[root@dream ~]# curl 10.10.10.100
server32、高可用测试
(1)关闭keepalived
[root@server2 ~]# /etc/init.d/httpd restart
[root@server1 ~]# /etc/init.d/keepalived stop(2)发现VIP跑到server4上
(3)负载均衡依然正常
[root@dream ~]# curl 10.10.10.100
server2
[root@dream ~]# curl 10.10.10.100
server3
[root@dream ~]# curl 10.10.10.100
server2Keepalived+LVS的高可用负载均衡集群搭建就此完成了!!!