Keepalived结合lvs-dr、haporxy和nginx实现高可用
一、keepalived双主模式结合lvs-dr模式实现后端服务器的检测
1.修改两台keepalived配置文件(两台配置一样)
[root@CentOS7-1]#vim /etc/keepalived/keepalived.conf
#vrrp_strict(注释掉这行)
include /etc/keepalived/conf/*.conf(在文件末尾添加)
2.修改两台keepalived实例配置文件,配置虚拟IP地址
[root@CentOS7-1]#vim /etc/keepalived/conf/instance.conf
vrrp_instance N46-1 {
state MASTER
interface eth0
virtual_router_id 66
priority 100
advert_int 1
unicast_src_ip 10.0.0.47
unicast_peer {
10.0.0.57
}
authentication {
auth_type PASS
auth_pass magedu
}
virtual_ipaddress {
10.0.0.188 dev eth0 label eth0:0
}
}
vrrp_instance N46-2 {
state BACKUP
interface eth0
virtual_router_id 67
priority 90
advert_int 1
unicast_src_ip 10.0.0.47
unicast_peer {
10.0.0.57
}
authentication {
auth_type PASS
auth_pass magedu
}
virtual_ipaddress {
10.0.0.189 dev eth0 label eth0:1
}
}
[root@CentOS7-1]#systemctl start keepalived
[root@CentOS7-1]#ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.47 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::250:56ff:fe3d:b08b prefixlen 64 scopeid 0x20<link>
ether 00:50:56:3d:b0:8b txqueuelen 1000 (Ethernet)
RX packets 65485 bytes 6707593 (6.3 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 67544 bytes 6063456 (5.7 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.188 netmask 255.255.255.255 broadcast 0.0.0.0
ether 00:50:56:3d:b0:8b txqueuelen 1000 (Ethernet)
[root@CentOS7-2]#vim /etc/keepalived/conf/instance.conf
vrrp_instance N46-1 {
state BACKUP
interface eth0
virtual_router_id 66
priority 90
advert_int 1
unicast_src_ip 10.0.0.57
unicast_peer {
10.0.0.47
}
authentication {
auth_type PASS
auth_pass magedu
}
virtual_ipaddress {
10.0.0.188 dev eth0 label eth0:0
}
}
vrrp_instance N46-2 {
state MASTER
interface eth0
virtual_router_id 67
priority 100
advert_int 1
unicast_src_ip 10.0.0.57
unicast_peer {
10.0.0.47
}
authentication {
auth_type PASS
auth_pass magedu
}
virtual_ipaddress {
10.0.0.189 dev eth0 label eth0:1
}
}
[root@CentOS7-2]#systemctl start keepalived
[root@CentOS7-2]#ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.57 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::250:56ff:fe28:ae93 prefixlen 64 scopeid 0x20<link>
ether 00:50:56:28:ae:93 txqueuelen 1000 (Ethernet)
RX packets 50899 bytes 5512515 (5.2 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 69725 bytes 5275489 (5.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.189 netmask 255.255.255.255 broadcast 0.0.0.0
ether 00:50:56:28:ae:93 txqueuelen 1000 (Ethernet)
3.配置lvs-dr模式(两台配置一样)
[root@CentOS7-1]#vim /etc/keepalived/conf/lvs_188.conf
virtual_server 10.0.0.188 80 {
delay_loop 3
lb_algo wrr
lb_kind DR
protocol TCP
real_server 10.0.0.27 80 {
weight 1
HTTP_GET {
url {
path /index.html(在web服务器配置测试页面)
status_code 200
}
}
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
}
}
[root@CentOS7-1]#vim /etc/keepalived/conf/lvs_189.conf
virtual_server 10.0.0.189 80 {
delay_loop 3
lb_algo wrr
lb_kind DR
protocol TCP
real_server 10.0.0.37 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
}
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
}
}
4.后端其中两台web服务器需要绑定vip地址
[root@Web-1]#vim lvs_dr.sh
#!/bin/bash
vip='10.0.0.188'
lb='lo:1'
mask='255.255.255.255'
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $lb $vip netmask $mask
echo "The RS Server is Ready!"
;;
stop)
ifconfig $lb down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "The RS Server is Canceled!"
;;
*)
echo "usage:$0 {start|stop}"
exit 1
;;
esac
[root@Web-1]#bash lvs_dr.sh start
[root@Web-1]#ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.27 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::250:56ff:fe38:ecae prefixlen 64 scopeid 0x20<link>
ether 00:50:56:38:ec:ae txqueuelen 1000 (Ethernet)
RX packets 42276 bytes 3810034 (3.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 32689 bytes 4497272 (4.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:1: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 10.0.0.188 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
[root@Web-2]#bash lvs_dr.sh start
[root@Web-2]#ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.0.37 netmask 255.255.255.0 broadcast 10.0.0.255
inet6 fe80::250:56ff:fe38:ecae prefixlen 64 scopeid 0x20<link>
ether 00:50:56:38:ec:ae txqueuelen 1000 (Ethernet)
RX packets 42276 bytes 3810034 (3.6 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 32689 bytes 4497272 (4.2 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo:1: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 10.0.0.189 netmask 255.255.255.255
loop txqueuelen 1000 (Local Loopback)
5.通过lvsadm命令查看绑定状态
[root@CentOS7-1]#ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.0.188:80 wrr
-> 10.0.0.27:80 Route 1 0 0
TCP 10.0.0.189:80 wrr
-> 10.0.0.37:80 Route 1 0 0
二、keepalived检测haproxy主备状态(nginx配置相同,只需要把haproxy改成nginx即可)
1.修改keepalived配置文件在全局配置添加
[root@CentOS7-1]#vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "/etc/keepalived/chk_haproxy.sh"
interval 1
weight -80
fall 3
rise 5
timeout 2
}
include /etc/keepalived/conf/*.conf
2.编写检测haproxy状态脚本
[root@CentOS7-1]#vim /etc/keepalived/chk_haproxy.sh
#!/bin/bash
/usr/bin/killall -0 haproxy
[root@CentOS7-1]#chmod +x /etc/keepalived/chk_haproxy.sh
3.修改instance配置文件
[root@CentOS7-1]#vim /etc/keepalived/conf/instance.conf
vrrp_instance N46-1 {
state MASTER
interface eth0
virtual_router_id 66
priority 100
advert_int 1
unicast_src_ip 10.0.0.47
unicast_peer {
10.0.0.57
}
authentication {
auth_type PASS
auth_pass magedu
}
virtual_ipaddress {
10.0.0.188 dev eth0 label eth0:0
}
track_script {
chk_haproxy
}
}
[root@CentOS7-1]#systemctl start keepalived
4.停止主的haproxy服务,检测虚拟ip是否漂移到备用服务器
浙公网安备 33010602011771号