架构图:
1、安装keepalived
keepalived起初是为LVS设计的,专门用来监控集群系统中各个服务节点的状态,后来又加入了VRRP的功能,VRRP是Virtual Router Redundancy Protocol(虚拟路由器冗余协议)的缩写,VRRP出现的目的就是为了解决静态路由出现的单点故障问题,它能够保证网络的不间断、稳定的运行。所以,keepalived一方面具有服务器健康检测功能,另一方面也具有HA cluster功能。
megaium@lvs1:~$ apt-get install keepalivedmegaium@lvs1:~$ vi /etc/keepalived/keepalived.confmegaium@lvs1:~$ cat /etc/keepalived/keepalived.conf#Configuration File for keepalivedglobal_defs { router_id LVS_1 ##keepalived服务器标识}vrrp_instance VI_1 { state MASTER ###指定Keepalived的角色,MASTER表示此主机是主用服务器,BACKUP表示是备用服务器。interface eth0 ### #指定HA监测网络的接口。virtual_router_id 51 ####虚拟路由标识,这个标识是一个数字,并且同一个vrrp实例使用唯一的标识,即同一个vrrp_instance下,MASTER和BACKUP必须是一致的。priority 100 ##定义优先级,数字越大,优先级越高,在一个vrrp_instance下,MASTER的优先级必须大于BACKUP的优先级。advert_int 1 ##设定MASTER与BACKUP负载均衡器之间同步检查的时间间隔,单位是秒。 nopreempt authentication { ###设定验证类型和密码。auth_type PASS ###设置验证类型,主要有PASS和AH两种。auth_pass 1234 ###设置验证密码,在一个vrrp_instance下,MASTER与BACKUP必须使用相同的密码才能正常通信。 } virtual_ipaddress {192.168.2.218}}virtual_server 192.168.2.218 80 { delay_loop 3 ###设置健康检查时间,单位是秒。lb_algo wlc ###设置负载调度算法,详见:http://strongit.blog.51cto.com/10020534/1728596lb_kind DR ###设置LVS实现负载均衡的机制,可以有NAT、TUN和DR三个模式可选。 protocol TCP real_server 192.168.2.201 80 { TCP_CHECK { connect_timeout 3nb_get_retry 3delay_before_retry 3connect_port 80} } real_server 192.168.2.202 80 { TCP_CHECK { connect_timeout 3 ###3秒无响应超时nb_get_retry 3 #重试次数delay_before_retry 3 ##重试间隔connect_port 80} } real_server 192.168.2.203 80 { TCP_CHECK { connect_timeout 3nb_get_retry 3delay_before_retry 3connect_port 80} }}virtual_server 192.168.2.218 5672 { delay_loop 3lb_algo wlc lb_kind DR protocol TCP real_server 192.168.2.201 5672 { TCP_CHECK {# connect_timeout 3nb_get_retry 3delay_before_retry 3connect_port 5672} } real_server 192.168.2.202 5672 { TCP_CHECK {# connect_timeout 3nb_get_retry 3delay_before_retry 3connect_port 5672} } real_server 192.168.2.203 5672 { TCP_CHECK {# connect_timeout 3nb_get_retry 3delay_before_retry 3connect_port 5672} }}global_defs { router_id LVS_2}vrrp_instance VI_2 { state MASTER interface eth0 virtual_router_id 52priority 99nopreempt authentication { auth_type PASS auth_pass 1234} virtual_ipaddress {192.168.2.219}}virtual_server 192.168.2.219 80 { delay_loop 3lb_algo wlc lb_kind DR# persistence_timeout 3 protocol TCP real_server 192.168.2.221 80 { TCP_CHECK {# connect_timeout 3nb_get_retry 1delay_before_retry 1connect_port 80} } real_server 192.168.2.222 80 { TCP_CHECK { # connect_timeout 3nb_get_retry 1delay_before_retry 1connect_port 80} } real_server 192.168.2.223 80 { TCP_CHECK { # connect_timeout 3nb_get_retry 1delay_before_retry 1connect_port 80} } }virtual_server 192.168.2.219 5672 { delay_loop 3lb_algo lblcr lb_kind DR protocol TCP real_server 192.168.2.221 5672 { TCP_CHECK { # connect_timeout 3nb_get_retry 3delay_before_retry 3connect_port 5672} } real_server 192.168.2.222 5672 { TCP_CHECK {#connect_timeout 3nb_get_retry 3delay_before_retry 3connect_port 5672} } real_server 192.168.2.223 5672 { TCP_CHECK {#connect_timeout 3nb_get_retry 3delay_before_retry 3connect_port 5672} }}
在默认情况下,Keepalived在启动时会查找/etc/Keepalived/Keepalived.conf配置文件,如果你的配置文件放在了其它路径下,可以通过“Keepalived -f”参数指定你所在的配置文件路径即可。
keepalived从的配置跟主就只有优先级那个地方不一样,要低于主的优先级,其它地方都一样。
2、web服务器端配置
添加虚拟ip(VIP)
ifconfig lo:0 192.168.2.218 netmask 255.255.255.255 up
3、测试LVS+Keepalived
/etc/init.d/keepalived restart 查看lvs-master日志:
在浏览器里面访问
//192.168.2.218/
即可!当你宕掉lvs-master后,lvs-backup会接管变成lvs-master提供服务,当lvs-master故障恢复后,lvs-backup又会变成原来的状态!
4、实战建议-脑裂
为了解决脑裂问题,需要把主MASTER和备BACKUP各自的keepalived.conf配置文件里面的state 状态都改成BACKUP,优先级分别设置
100
和
90
。
我们常听说脑裂问题,到底什么是脑裂问题呢?
在集群配置中的split-brain现象是指,主从之间互相检测不到心跳,同时抢占资源,导致
服务无法正常访问的情况。所以我们还需要在主备keepalived.conf添加nopreempt 指令!
附realserver.sh脚本文件:摘自()
#!/bin/sh#LVS Client ServerVIP=192.168.111.138case $1 in start) ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP/sbin/route add -host $VIP dev lo:0echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/lo/arp_announceecho "1" >/proc/sys/net/ipv4/conf/all/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p >/dev/null 2>&1echo "RealServer Start OK"exit 0;; stop)ifconfig lo:0 down route del $VIP >/dev/null 2>&1echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "0" >/proc/sys/net/ipv4/conf/lo/arp_announceecho "0" >/proc/sys/net/ipv4/conf/all/arp_ignoreecho "0" >/proc/sys/net/ipv4/conf/all/arp_announceecho "RealServer Stoped OK"exit 1;;*)echo "Usage: $0 {start|stop}";;esac