锐客网

  1. 首页 > it技术 > >

LVS|LVS +Keepalived + Nginx 双主备架构部署


LVS +Keepalived + Nginx 双主备架构部署

    • 环境说明
    • 部署LVS节点
    • web服务器配置
    • 客户端测试

环境说明 拓扑结构:
LVS|LVS +Keepalived + Nginx 双主备架构部署
文章图片

(图片来源网络,侵删)
rpm包:
ipvsadm-1.27-7.el7.x86_64
keepalived-1.3.5-1.el7.x86_64
nginx-1.12.2
部署LVS节点 LVS1:
1.安装lvs和keepalived
[root@lvs1 ~]# yum -y install keepalived ipvsadm
2. 修改Keepalived配置文件 (lvs1上)
[root@lvs1 ~]# cat/etc/keepalived/keepalived.conf1 ! Configuration File for keepalived 2 3 global_defs { 4notification_email { 5acassen@firewall.loc 6failover@firewall.loc 7sysadmin@firewall.loc 8} 9notification_email_from Alexandre.Cassen@firewall.loc 10smtp_server 192.168.200.1 11smtp_connect_timeout 30 12router_id LVS1 13vrrp_skip_check_adv_addr 14vrrp_strict 15vrrp_garp_interval 0 16vrrp_gna_interval 0 17 } 18 19 vrrp_instance VI_1 {# 第一个主备集群 20state MASTER 21interface eth0 22virtual_router_id 51 23priority 100 24advert_int 1 25authentication { 26auth_type PASS 27auth_pass TANG_ENGINEER#做优先级对比的密码 ,可以自定义 ,但要统一 28} 29virtual_ipaddress { 30192.168.4.33# vip地址1 31} 32 } 33 34 virtual_server 192.168.4.33 80 { 35delay_loop 6 36lb_algo wrr 37lb_kind DR 38protocol TCP 39 40real_server 192.168.4.66 80 {# RS1 41weight 1 42TCP_CHECK {#做tcp端口校验 43connect_timeout 3 44nb_get_retry 3 45delay_before_retry 3 46} 47} 48real_server 192.168.4.77 80 {# RS2 49weight 1 50TCP_CHECK {#做tcp端口校验 51connect_timeout 3 52nb_get_retry 3 53delay_before_retry 3 54} 55} 56 } 57 ###############访问192.168.4.33 时LVS1为主 LVS2为备 58 vrrp_instance VI_2 {# 第二个主备集群 59state MASTER 60interface eth0 61virtual_router_id 50#VRID 值要跟第一个不一样 62priority 10 63advert_int 1 64authentication { 65auth_type PASS 66auth_pass tang_engineer#做优先级对比的密码 ,可以自定义 ,但要统一 67} 68virtual_ipaddress { 69192.168.4.22# vip地址2 70} 71 } 72 73 virtual_server 192.168.4.22 80 { 74delay_loop 6 75lb_algo wrr 76lb_kind DR 77protocol TCP 78 79real_server 192.168.4.66 80 {# RS1 80weight 1 81TCP_CHECK { 82connect_timeout 3 83nb_get_retry 3 84delay_before_retry 3 85} 86} 87real_server 192.168.4.77 80 {# RS2 88weight 1 89TCP_CHECK { 90connect_timeout 3#做tcp端口校验 91nb_get_retry 3 92delay_before_retry 3 93} 94} 95 } ###############访问192.168.4.22 时LVS2为主 LVS1为备

  1. [root@lvs1 ~]# systemctl restart keepalived.service
  2. [root@lvs1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:PortForward Weight ActiveConn InActConn TCP192.168.4.22:80 wrr -> 192.168.4.66:80Route100 -> 192.168.4.77:80Route100 TCP192.168.4.33:80 wrr -> 192.168.4.66:80Route100 -> 192.168.4.77:80Route100

LVS2:
(步骤和lvs1相同,对比keepalived文件)
1 ! Configuration File for keepalived 2 3 global_defs { 4notification_email { 5acassen@firewall.loc 6failover@firewall.loc 7sysadmin@firewall.loc 8} 9notification_email_from Alexandre.Cassen@firewall.loc 10smtp_server 192.168.200.1 11smtp_connect_timeout 30 12router_id LVS1 13vrrp_skip_check_adv_addr 14vrrp_strict 15vrrp_garp_interval 0 16vrrp_gna_interval 0 17 } 18 19 vrrp_instance VI_1 {# 第一个主备集群 20state MASTER 21interface eth0 22virtual_router_id 51# 第一个主备集群的VRID 23priority 100 24advert_int 1 25authentication { 26auth_type PASS 27auth_pass TANG_ENGINEER#做优先级对比的密码 ,可以自定义 ,但要统一 28} 29virtual_ipaddress { 30192.168.4.33# vip地址1 31} 32 } 33 34 virtual_server 192.168.4.33 80 { 35delay_loop 6 36lb_algo wrr 37lb_kind DR 38protocol TCP 39 40real_server 192.168.4.66 80 { 41weight 1 42TCP_CHECK {#做tcp端口校验 43connect_timeout 3 44nb_get_retry 3 45delay_before_retry 3 46} 47} 48real_server 192.168.4.77 80 { 49weight 150TCP_CHECK {#做tcp端口校验 51connect_timeout 3 52nb_get_retry 3 53delay_before_retry 3 54} 55} 56 } 57 ############ 58 vrrp_instance VI_2 { 59state BAKEUP 60interface eth1 61virtual_router_id 50# 第二个主备集群的VRID 62priority 10 63advert_int 1 64authentication { 65auth_type PASS 66auth_pass tang_engineer#做优先级对比的密码 ,可以自定义 ,但要统一 67} 68virtual_ipaddress { 69192.168.4.22# vip地址2 70} 71 } 72 73 virtual_server 192.168.4.22 80 {#定义集群二 74delay_loop 6 75lb_algo wrr 76lb_kind DR 77protocol TCP 78 79real_server 192.168.4.66 80 {#RS1 80weight 1 81TCP_CHECK {#做tcp端口校验 82connect_timeout 3 83nb_get_retry 3 84delay_before_retry 3 85} 86} 87real_server 192.168.4.77 80 {#RS2 88weight 1 89TCP_CHECK {#做tcp端口校验 90connect_timeout 3 91nb_get_retry 3 92delay_before_retry 3 93} 94} 95 }

查看LVS节点的VIP
LVS1的VIP为:192.168.4.33
[root@lvs1 ~]# ip a s eth0
inet 192.168.4.22/22 scope global eth0
LVS2的VIP为:192.168.4.22
[root@lvs1 ~]# ip a s eth0
inet 192.168.4.22/32 scope global eth0
web服务器配置 VIP地址配置
[root@web1 ~]# cp /etc/sysconfig/network-scripts/ifcfg- \ l{o,o:0,o:1}
[root@web1 ~]#cat /etc/sysconfig/network-scripts/ifcfg-\ l{o:0,o:1}
DEVICE=lo:0 IPADDR=192.168.4.33 NETMASK=255.255.255.255 NETWORK=192.168.4.33 BROADCAST=192.168.4.33 ONBOOT=yes NAME=lo:0DEVICE=lo:1 IPADDR=192.168.4.22 NETMASK=255.255.255.255 NETWORK=192.168.4.22 BROADCAST=192.168.4.22 ONBOOT=yes NAME=lo:1

忽略ARP广播
[root@web1 ~]# cat /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_anounce = 2
激活VIP
[root@web1 ~]# systemctl restart network
[root@web1 ~]# ifconfig lo:0
lo:0: flags=73 mtu 65536
inet 192.168.4.33 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
[root@web1 ~]# ifconfig lo:1
lo:1: flags=73 mtu 65536
inet 192.168.4.22 netmask 255.255.255.255
loop txqueuelen 1 (Local Loopback)
注:web1 和 web2 的配置一致所以采用 rsync 同步后激活VIP即可
部署web测试页面,开启web服务
[root@web1 ~]#echo Holle world > /usr/local/nginx/html/index.html
(web1 和 web2 已经做了 网页目录的实时同步 )
[root@web1 ~]#ss -antpu |grep nginx
tcp LISTEN 0 128 *:80 : users:((“nginx”,pid=2147,fd=6),(“nginx”,pid=2146,fd=6))
[root@web2 ~]#ss -antpu |grep nginx
tcp LISTEN 0 128 *:80 : users:((“nginx”,pid=2147,fd=6),(“nginx”,pid=2146,fd=6))
客户端测试 [root@yaya ~]# curl 192.168.4.33
Holle world
[root@yaya ~]# curl 192.168.4.22
Holle world
【LVS|LVS +Keepalived + Nginx 双主备架构部署】可以看到通过访问不同的VIP地址均可收到相同的页面信息
以上架构均已通过测试上线,有不队之处欢迎指出
谢谢

    推荐阅读


    上一篇:html和css

    下一篇:jQuery中的自动分页和自动播放