21.高可用之keepalived
keepalived实现wrrp热网关备份:
配置网关上的keepalived,配置文件如下
主:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from root@node1.com //管理员邮箱
smtp_server 127.0.0.1 //邮箱服务器
smtp_connect_timeout 30 //邮箱连接超时
router_id CentOS7-node1 //本地主机名
vrrp_mcast_vgroup4 224.0.100.9 //进行心跳测试的组播地址
}
vrrp_instance vr { //定义一个网络名字vr
state MASTER //此设备状态为MASTER
interface enp0s3 //端口
virtual_router_id 51 //定义一个唯一的标识缟号
priority 100 //定义此设备的优先级
advert_int //每一次进行组播的时间间隔
authentication { //认证方式
auth_type PASS //认证类型
auth_pass 1111 //认证字符串
}
virtual_ipaddress { //虚拟地址
172.18.35.111/16 dev enp0s3 虚拟地址与设备
}
}
备:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc高可用之keepalived
keepalived实现wrrp热网关备份:
配置网关上的keepalived,配置文件如下
主:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@f
}
notification_email_from root@node2.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id CentOS6-node2
vrrp_mcast_vgroup4 224.0.100.9
}
vrrp_instance vr {
state BACKUP
interface eth0
virtual_router_id 51
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.35.111/16 dev eth0
}
} 配置含意同上
keepalived的双主模式:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from root@node1.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id CentOS7-node1
vrrp_mcast_vgroup4 224.0.100.9
}
vrrp_instance vr { //第一个vr主
state MASTER
interface enp0
virtual_router_id 51 //第一个主的唯一缟号
priority 100 //第一个主的优先级
advert_int 1 //组播间隔时间
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.35.111/16 dev enp0s3 //第一个热备的地址与接口
}
}
vrrp_instance vr1 { //第二个从vr1
state BACKUP //定义了备
interface enp0s3 //定义接口
virtual_router_id 52 //定义第二个唯一值
priority 98 //定义备份服务器的优先级
advert_int 1 //定义组播广播间隔时间
authentication {
auth_type PASS
auth_pass 1235 //定义了第二个热备的认证字符
}
virtual_ipaddress {
172.18.35.112/16 dev enp0s3 //定义了第二个热备的地址与接口
}
}
keepalived实现LVS的高可用性
拓扑图:
keepalived_LVS_HA.png
配置RS脚本:
!/bin/bash
VIP=”172.18.35.103″
Device=”lo:0″
MASK=”255.255.255.255″
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
ifconfig $Device $VIP netmask $MASK broadcast $VIP up
route add -host $VIP dev $Device
;;
stop)
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
ifconfig $Device down
route del -host $VIP dev $Device
;;
*)
echo “Usage $(basename $0) {start|stop}”;;
esac
配置VS的keepalived:配置文件内容如下
keepalived主服务器配置
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from root@node1.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id CentOS7-node1
vrrp_mcast_vgroup4 224.0.100.9
}
vrrp_instance vr {
state MASTER
interface enp0s3
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.35.103/16 dev enp0s3
}
}
virtual_server 172.18.35.103 80 { //配置LVS的VIP与vprot
delay_loop 3 //延迟时间
lb_algo wrr //采用wrr算法
lb_kind DR //使用LVS的DR模型
#persistence_timeout 30 //这个是定义长连接时间的
protocol TCP //使用的传输层协议,目前只支持TCP协议
sorry_server 127.0.0.1 80 //定义的sorry服务器的地址与端口
real_server 172.18.250.38 80 { //定义一个RS,此处说明地址与端口
weight 2 //服务器性能参数,权重
HTTP_GET { //定义健康监测,此处为应用协议
url {
path / //访问的uri
status_code 200 //反回响应状态码
}
}
}
real_server 172.18.250.24 80 { //第二个RS
weight 1
HTTP_GET {
url {
path /
status 200
}
}
}
connect_timeout 1
ng_get_retry 3
delay_before_retry 1
}
keepalived从服务器配置:
同主的配置,只有vrrp略有差异,下面为vrrp段配置
vrrp_instance vr {
state BACKUP
interface eth0
virtual_router_id 51
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.35.103/16 dev eth0
}
}
keepalived实现LVS的双主模式
这里贴keepalive的主配置文件,其它配置与上一示例相同,配置内容如下
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from root@node1.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id CentOS7-node1
vrrp_mcast_vgroup4 224.0.100.9
}
vrrp_instance vr {
state MASTER
interface enp0s3
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.18.35.103/16 dev enp0s3
}
}
vrrp_instance vr1 {
state BACKUP
interface enp0s3
virtual_router_id 52
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
172.18.35.111/16 dev enp0s3
}
}
virtual_server 172.18.35.103 80 {
delay_loop 3
lb_algo wrr
lb_kind DR
#persistence_timeout 30
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.18.250.38 80 {
weight 2
HTTP_GET {
url {
path /
status 200
}
}
}
real_server 172.18.250.24 80 {
weight 1
HTTP_GET {
url {
path /
status 200
}
}
}
connect_timeout 1
ng_get_retry 3
delay_before_retry 1
}
virtual_server 172.18.35.111 80 {
delay_loop 3
lb_algo wrr
lb_kind DR
#persistence_timeout 30
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.18.250.38 80 {
weight 1
HTTP_GET {
url {
path /
status 200
}
}
}
connect_timeout 1
ng_get_retry 3
delay_before_retry 1
}
virtual_server 172.18.35.111 80 {
delay_loop 3
lb_algo wrr
lb_kind DR
#persistence_timeout 30
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.18.250.38 80 {
weight 1
HTTP_GET {
url {
path /
status 200
}
}
}
real_server 172.18.250.24 80 {
weight 1
HTTP_GET {
url {
path /
status 200
}
}
}
connect_timeout 1
ng_get_retry 3
delay_before_retry 1
}
注:由于这个双主需要的是两VIP,所以备RS上必须建立两个回环地址也就是lo:0与lo:1,两次配置一样,也需要添加路由
使用keepalived配置nginx负载均衡的高可用性
配置nginx,在http段加入如下内容,将所有的server全部注释掉,两个nginx配置相同
upstream websrvs{
ip_hash;
server 172.18.250.38 weight=1;
server 172.18.250.24 weight=2;
}
server {
listen *:80;
location / {
proxy_pass http://websrvs;
}
}
在master上配置keepalived
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from root@node1.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id CentOS7-node1
vrrp_mcast_vgroup4 224.0.100.9
}
vrrp_script nginx_check {
script “killall -0 nginx && exit 0 || exit 1”
interval 1
weight 5
full 2
rise 1
}
vrrp_instance vr {
state MASTER
interface enp0s3
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
nginx_check
}
virtual_ipaddress {
172.18.35.103/16 dev enp0s3
}
}
原创文章,作者:gaomei,如若转载,请注明出处:http://www.178linux.com/75748
