Keepalived+LVS 服务器
3.1 问题
使用 Keepalived 为 LVS 调度器提供高可用功能, 防止调度器单点故障, 为用户提供 web 服务:
路由器对外公网 IP 地址为 202.114.106.20
路由器内网 IP 地址为 192.168.0.254
路由是需要设置 SNAT 及 DNAT 功能
LVS1 调度器真实 IP 地址为 192.168.0.10
LVS2 调度器真实 IP 地址为 192.168.0.20
服务器 VIP 地址设置为 192.168.0.253
真实 Web 服务器地址分别为 192.168.0.1,192.168.0.2
使用加权轮询调度算法, 真实服务器权重与其 IP 地址末尾数一致
3.2 方案
使用 5 台虚拟机, 1 台作为 Linux 路由器, 2 台作为 LVS 调度器, 2 台作为 Real Server, 物理机作为客户端, 拓扑结构如图 - 2 所示.
图 - 3
3.3 步骤
实现此案例需要按照如下步骤进行.
步骤一: 配置网络环境
1) 设置 Web 服务器网络参数
- [[email protected] ~]# VIM /etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE=eth0
- ONBOOT=yes
- BOOTPROTO=static
- IPADDR=192.168.0.1
- NETMASK=255.255.255.0
- GATEWAY=192.168.0.254
- DNS1=202.106.0.20
- [[email protected] ~]# VIM /etc/sysconfig/network-scripts/ifcfg-lo:0 #VIP 设置
- DEVICE=lo:0
- ONBOOT=yes
- BOOTPROTO=static
- IPADDR=192.168.0.253
- NETMASK=255.255.255.255
- [[email protected] ~]# VIM /etc/sysctl.conf
- .. ..
- net.ipv4.conf.all.arp_ignore = 1
- net.ipv4.conf.lo.arp_ignore = 1
- net.ipv4.conf.lo.arp_announce = 2
- net.ipv4.conf.all.arp_announce = 2
- [[email protected] ~]# sysctl -p
- [[email protected] ~]# service NetworkManager stop
- [[email protected] ~]# chkconfig NetworkManager off
- [[email protected] ~]# service network restart
- [[email protected] ~]# iptables -F;service iptables save
- ##################
- [[email protected] ~]# VIM /etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE=eth0
- ONBOOT=yes
- BOOTPROTO=static
- IPADDR=192.168.0.2
- NETMASK=255.255.255.0
- GATEWAY=192.168.0.254
- DNS1=202.106.0.20
- [[email protected] ~]# VIM /etc/sysconfig/network-scripts/ifcfg-lo:0 #VIP 设置
- DEVICE=lo:0
- ONBOOT=yes
- BOOTPROTO=static
- IPADDR=192.168.0.253
- NETMASK=255.255.255.255
- [[email protected] ~]# VIM /etc/sysctl.conf
- .. ..
- net.ipv4.conf.all.arp_ignore = 1
- net.ipv4.conf.lo.arp_ignore = 1
- net.ipv4.conf.lo.arp_announce = 2
- net.ipv4.conf.all.arp_announce = 2
- [[email protected] ~]# sysctl -p
- [[email protected] ~]# service NetworkManager stop
- [r[email protected] ~]# chkconfig NetworkManager off
- [[email protected] ~]# service network restart
- [[email protected] ~]# iptables -F;service iptables save
2) 自定义 Web 页面
- [[email protected] ~]# echo "192.168.0.1"> /var/www/html/index.HTML
- [[email protected] ~]# echo "192.168.0.2"> /var/www/HTML/index.HTML
3) 启动 Web 服务器软件
- [[email protected] ~]# service httpd start;chkconfig httpd on
- [[email protected] ~]# service httpd start;chkconfig httpd on
4) 设置 LVS 调度器网络参数
- [[email protected] ~]# VIM /etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE=eth0
- ONBOOT=yes
- BOOTPROTO=static
- IPADDR=192.168.0.10
- NETMASK=255.255.255.0
- GATEWAY=192.168.0.254
- DNS1=202.106.0.20
- [[email protected] ~]# service NetworkManager stop
- [[email protected] ~]# chkconfig NetworkManager off
- [[email protected] ~]# service network restart
- [[email protected] ~]# iptables -F;service iptables save
- [[email protected] ~]# VIM /etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE=eth0
- ONBOOT=yes
- BOOTPROTO=static
- IPADDR=192.168.0.20
- NETMASK=255.255.255.0
- GATEWAY=192.168.0.254
- DNS1=202.106.0.20
- [[email protected] ~]# service NetworkManager stop
- [[email protected] ~]# chkconfig NetworkManager off
- [[email protected] ~]# service network restart
- [[email protected] ~]# iptables -F;service iptables save
5) 设置 Linux 路由器网络参数
- [[email protected] ~]# VIM /etc/sysconfig/network-scripts/ifcfg-eth0
- DEVICE=eth0
- ONBOOT=yes
- BOOTPROTO=static
- IPADDR=202.114.106.20
- DNS1=202.106.0.20
- [[email protected] ~]# VIM /etc/sysconfig/network-scripts/ifcfg-eth1
- DEVICE=eth0
- ONBOOT=yes
- BOOTPROTO=static
- IPADDR=192.168.0.254
- NETMASK=255.255.255.0
- DNS1=202.106.0.20
- [[email protected] ~]# service NetworkManager stop
- [[email protected] ~]# chkconfig NetworkManager off
- [[email protected] ~]# service network restart
- [[email protected] ~]# iptables -F;service iptables save
设置路由参数
6) 设置 Linux 路由器的 SNAT,DNAT 功能
- [[email protected] ~]# sed -i '/ip_forward/s/0/1/' sysctl.conf // 开启路由转发
- [[email protected] ~]# sysctl -p
- [[email protected] ~]# iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -p tcp -j SNAT --to-source 202.114.106.20
- [[email protected] ~]# iptables -t nat -A PREROUTING -d 202.114.106.20 -p tcp --dport 80 -j DNAT --to-destination 192.168.0.253:80
- [[email protected] ~]# service iptables save
NAT 映射设置
步骤二: 调度器安装 Keepalived 与 ipvsadm 软件
注意: 两台 LVS 调度器执行相同的操作.
安装软件
- [[email protected] ~]# yum install -y gcc kernel-devel openssl-devel popt-devel
- [[email protected] ~]# tar -xzf keepalived-1.2.7.tar.gz
- [[email protected] ~]# cd keepalived-1.2.7
- [[email protected] keepalived-1.2.7]# ./configure --sysconf=/etc
- [[email protected] keepalived-1.2.7]# make && make install
- [[email protected] keepalived-1.2.7]# ln -s /usr/local/sbin/keepalived /sbin/
- [[email protected] keepalived-1.2.7]# chkconfig keepalived on
- [[email protected] Pacages]# rpm -ihv ipvsadm-1.25-10.el6.x86_64.rpm
- [[email protected] ~]# yum install -y gcc kernel-devel openssl-devel popt-devel
- [[email protected] ~]# tar -xzf keepalived-1.2.7.tar.gz
- [[email protected] ~]# cd keepalived-1.2.7
- [[email protected] keepalived-1.2.7]# ./configure --sysconf=/etc
- [[email protected] keepalived-1.2.7]# make && make install
- [[email protected] keepalived-1.2.7]# ln -s /usr/local/sbin/keepalived /sbin/
- [[email protected] keepalived-1.2.7]# chkconfig keepalived on
- [[email protected] Pacages]# rpm -ihv ipvsadm-1.25-10.el6.x86_64.rpm
步骤三: 部署 Keepalived 实现 LVS-DR 模式调度器的高可用
1)LVS1 调度器设置 Keepalived, 并启动服务
- [[email protected] ~]# VIM /etc/keepalived/keepalived.conf
- global_defs {
- notification_email {
- [email protected] // 设置报警收件人邮箱
- }
- notification_email_from [email protected] // 设置发件人
- smtp_server 127.0.0.1 // 定义邮件服务器
- smtp_connect_timeout 30
- router_id lvs1 // 设置路由 ID 号
- }
- vrrp_instance VI_1 {
- state MASTER // 主服务器为 MASTER
- interface eth0 // 定义网络接口
- virtual_router_id 50 // 主辅 VRID 号必须一致
- priority 100 // 服务器优先级
- advert_int 1
- authentication {
- auth_type pass
- auth_pass forlvs // 主辅服务器密码必须一致
- }
- virtual_ipaddress { 192.168.0.253 }
- }
- virtual_server 192.168.0.253 80 { // 设置 VIP 为 192.168.0.253
- delay_loop 6
- lb_algo wrr // 设置 LVS 调度算法为 RR
- lb_kind DR // 设置 LVS 的模式为 DR
- persistence_timeout 1
- protocol TCP
- real_server 192.168.0.1 80 {
- weight 1 // 设置权重为 1
- TCP_CHECK {
- connect_timeout 3
- nb_get_retry 3
- delay_before_retry 3
- }
- }
- real_server 192.168.0.2 80 {
- weight 2 // 设置权重为 2
- TCP_CHECK {
- connect_timeout 3
- nb_get_retry 3
- delay_before_retry 3
- }
- }
- [[email protected] ~]# service keepalived start
- [[email protected] ~]# ipvsadm -Ln
2)LVS2 调度器设置 Keepalived
- [[email protected] ~]# VIM /etc/keepalived/keepalived.conf
- global_defs {
- notification_email {
- [email protected] // 设置报警收件人邮箱
- }
- notification_email_from [email protected] // 设置发件人
- smtp_server 127.0.0.1 // 定义邮件服务器
- smtp_connect_timeout 30
- router_id lvs2 // 设置路由 ID 号
- }
- vrrp_instance VI_1 {
- state SLAVE // 从服务器为 SLAVE
- interface eth0 // 定义网络接口
- virtual_router_id 50 // 主辅 VRID 号必须一致
- priority
来源: http://www.bubuko.com/infodetail-3274038.html