CentOS 6.4下LVS+Keepalived的高可用(LVS/DR模式)

LVS负载均衡机制:

LVS工作在网络层。相对于其它负载均衡的解决办法,比如DNS域名轮流解析、应用层负载的调度、客户端的调度等,它的效率是非常高的。LVS的通过控制IP来实现负载均衡。IPVS是其具体的实现模块。IPVS的主要作用:安装在Director Server上面,在Director Server虚拟一个对外访问的IP(VIP)。用户访问VIP,到达Director Server,Director Server根据一定的规则选择一个Real Server,处理完成后然后返回给客户端数据。这些步骤产生了一些具体的问题,比如如何选择具体的Real Server,Real Server如果返回给客户端数据等等。IPVS为此有三种机制:

1.VS/NAT(Virtual Server via Network Address Translation),即网络地址翻转技术实现虚拟服务器。当请求来到时,Diretor server上处理的程序将数据报文中的目标地址(即虚拟IP地址)改成具体的某台Real Server,端口也改成Real Server的端口,然后把报文发给Real Server。Real Server处理完数据后,需要返回给Diretor Server,然后Diretor server将数据包中的源地址和源端口改成VIP的地址和端口,最后把数据发送出去。由此可以看出,用户的请求和返回都要经过Diretor Server,如果数据过多,Diretor Server肯定会不堪重负。

2.VS/TUN(Virtual Server via IP Tunneling),即IP隧道技术实现虚拟服务器。它跟VS/NAT基本一样,但是Real server是直接返回数据给客户端,不需要经过Diretor server,这大大降低了Diretor server的压力。

3.VS/DR(Virtual Server via Direct Routing),即用直接路由技术实现虚拟服务器。跟前面两种方式,它的报文转发方法有所不同,VS/DR通过改写请求报文的MAC地址,将请求发送到Real Server,而Real Server将响应直接返回给客户,免去了VS/TUN中的IP隧道开销。这种方式是三种负载调度机制中性能最高最好的,但是必须要求Director Server与Real Server都有一块网卡连在同一物理网段上

//环境介绍

#VS/DR模式下,Direct server在VIP:80端口监听用户请求,改写请求报文的MAC地址,将请求负载到real server上,real server将响应直接返回给用户,因此所有的主机必须在同一个网段,且real server可以直接与用户通信

1.主机配置
DIRECT SERVER:10.10.54.155 
vip:10.10.54.151
DIRECT BACKUP:10.10.54.156
vip:10.10.54.151

real server:10.10.54.222(80) --nginx
real server:10.10.54.226(80) --nginx

//软件安装

1.所需软件

ipvsadm-1.26.tar.gz

keepalived-1.2.9.tar.gz

2.安装ipvsadm

shell> yum -y install wget libnl* popt* gcc.x86_64 gcc-c++.x86_64 gcc-objc++.x86_64 kernel-devel.x86_64 make popt-static.x86_64

shell> tar xvf ipvsadm-1.26.tar.gz

shell> cd ipvsadm-1.26

shell> ./configure && make && make install

3.安装keepalived

shell> yum install -y net-snmp.x86_64 net-snmp-devel.x86_64

shell> tar xvf keepalived-1.2.9.tar.gz

shell> cd keepalived-1.2.9

shell> ./configure && make && make install

shell> ./configure --prefix=/usr/local/keepalived --enable-snmp --sysconfdir=/etc

shell> cp /usr/local/keepalived/sbin/keepalived /sbin/

shell> cp /usr/local/keepalived/bin/genhash /bin/


//【real server上操作】

1.编辑realserver脚本

shell> vim /etc/init.d/realserver

-----------------------------------------------------

#!/bin/bash

#description:start realserver

#script_name:realserver_config

VIP=10.10.54.151#虚拟IP

source/etc/init.d/functions

case"$1"in

start)

echo"start LVS of realserver."

/sbin/ifconfiglo:0 $VIP broadcast $VIP netmask 255.255.255.255 up

echo"1"> /proc/sys/net/ipv4/conf/lo/arp_ignore

echo"2"> /proc/sys/net/ipv4/conf/lo/arp_announce

echo"1"> /proc/sys/net/ipv4/conf/all/arp_ignore

echo"2"> /proc/sys/net/ipv4/conf/all/arp_announce

;;

stop)

/sbin/ifconfiglo:0 down

echo"0"> /proc/sys/net/ipv4/conf/lo/arp_ignore

echo"0"> /proc/sys/net/ipv4/conf/lo/arp_announce

echo"0"> /proc/sys/net/ipv4/conf/all/arp_ignore

echo"0"> /proc/sys/net/ipv4/conf/all/arp_announce

;;

*)

echo"Usage: $0 {start|stop}"

exit1

esac

-----------------------------------------------------------------

2.shell> /etc/init.d/realserverstart


//【Direct server上操作】

1.[master]修改配置文件

shell> vim /etc/keepalived/keepalived.conf

---------------------------------------------

global_defs {

notification_email {

lij@ssr.com

}

notification_email_from lij@ssr.com

smtp_server lij@ssr.com

smtp_connect_timeout 30

router_id LVS_MASTER2

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 51

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

10.10.54.151/24dev eth0 label eth0:1#虚拟IP,用户可见IP

}

}

virtual_server 10.10.54.151 80 {

delay_loop 6

lb_algo rr

lb_kind DR

# nat_mask 255.255.255.0

# persistence_timeout 50

protocol TCP

real_server 10.10.54.157 80 {#real server上80端口

weight 1

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

connect_port 80

}

}

real_server 10.10.54.159 80 {

weight 1

TCP_CHECK {

connect_timeout 3

nb_get_retry 3

delay_before_retry 3

connect_port 80

}

}

}

#查看IPVS表

shell> ipvsadm -ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 10.10.54.151:80 rr

-> 10.10.54.157:80 Route 1 0 0

-> 10.10.54.159:80 Route 1 0 0

--------------------------------------------------


2.【backup server】修改配置文件

---------------------------------------------------

global_defs {

notification_email {

lij@ssr.com

}

notification_email_from lij@ssr.com

smtp_server lij@ssr.com

smtp_connect_timeout 30

router_id LVS_BACKUP #改1

}

vrrp_instance VI_1 {

state MASTER #改2

interface eth0

virtual_router_id 51

priority 80 #改3

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

...

}

#backup上查看IPVS表

shell> ipvsadm -ln

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

-> RemoteAddress:Port Forward Weight ActiveConn InActConn

TCP 10.10.54.151:80 rr

-> 10.10.54.157:80 Route 1 0 0

-> 10.10.54.159:80 Route 1 0 0

-----------------------------------------------

推荐阅读:

Haproxy+Keepalived搭建Weblogic高可用负载均衡集群

Keepalived+HAProxy配置高可用负载均衡

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/495956b2d97c52293f15db4ae97949d1.html