一、什么是keepalived?
利用虚拟路由冗余协议(vrrp)技术,实现lvs的高可用,也可以对nginx和haproxy等轻量级带有负载均衡的软件进行高可用。因为keepalived非常轻量级,速度非常快,配置简单,所以受到众多企业运维人员青睐。
参考资料:
--------------------------------------------------------------------------------
二、虚拟路由备份协议
VRRP(Virtual Router Redundancy Protocol,虚拟路由冗余协议)是一种容错协议,这个协议内的所有路由分为主备,平时数据都是由主节点的IP接口接收转发,一旦主节点故障,就自动启动备用节点,夺取主节点的IP,接管主节点的所有转发工作。
--------------------------------------------------------------------------------
三、案例:KeepAlived 实现高可用 LVS
1、环境准备
准备两个http节点:172.16.113.13 172.16.113.14 vip:172.16.13.1
准备两个lvs节点: 172.16.13.13 172.16.13.14 vip:172.16.13.1
测试两个lvs节点可不可以对后面两个http节点进行负载均衡
配置keepalived:172.16.13.13 172.16.13.14 vip:172.16.13.1
测试keepalived对lvs的高可用性
--------------------------------------------------------------------------------
2、网络拓扑图
--------------------------------------------------------------------------------
3、两个http节点上的配置
1)安装并开启http服务,确保80端口开启可用;
2)配置lvs-RS
# vim chk-lvs.sh //写个脚本配置方便多了,只要执行以下就可以了
#!/bin/bash
vip=172.16.13.1
interface="lo:0"
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $interface $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev $interface
;;
stop)
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig $interface down
;;
status)
if ifconfig lo:0 |grep $vip &> /dev/null; then
echo "ipvs is running."
else
echo "ipvs is stopped."
fi
;;
*)
echo "Usage: `basename $0` {start|stop|status}"
exit 1
esac
# service httpd start
# bash chk-lvs start
3)浏览器分别输入172.16.113.13和172.16.113.14测试http服务是否可用
--------------------------------------------------------------------------------
4、准备两个LVS节点并测试可用
1) 安装ipvsadm
2) 配置ipvs规则
3) 测试lvs负载均衡是不是可用
# yum install ipvsadm -y
# vim ipvs.sh
#!/bin/bash
vip=172.16.13.1
rip=('172.16.113.13' '172.16.113.14')
weight=('1' '2')
port=80
scheduler=rr
ipvstype='-g'
case $1 in
start)
iptables -F -t filter
ipvsadm -C
ifconfig eth0:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev eth0:0
echo 1 > /proc/sys/net/ipv4/ip_forward
ipvsadm -A -t $vip:$port -s $scheduler
[ $? -eq 0 ] && echo "ipvs service $vip:$port added." || exit 2
for i in `seq 0 $[${#rip[@]}-1]`; do
ipvsadm -a -t $vip:$port -r ${rip[$i]} $ipvstype -w ${weight[$i]}
[ $? -eq 0 ] && echo "RS ${rip[$i]} added."
done
touch /var/lock/subsys/ipvs
;;
stop)
echo 0 > /proc/sys/net/ipv4/ip_forward
ipvsadm -C
ifconfig eth0:0 down
rm -f /var/lock/subsys/ipvs
echo "ipvs stopped."
;;
status)
if [ -f /var/lock/subsys/ipvs ]; then
echo "ipvs is running."
ipvsadm -L -n
else
echo "ipvs is stopped."
fi
;;
*)
echo "Usage: `basename $0` {start|stop|status}"
exit 3
;;
esac
# bash ipvs.sh start
# ipvsadm -Ln
4)浏览器输入172.16.13.1测试DR模型能不能负载
--------------------------------------------------------------------------------
5、安装配置keepalived