LVS+KeepAlived+Nginx高可用软负载方案
LVS+KeepAlived+Nginx高可用软负载方案
LVS是Linux Virtual Server的简称,也就是Linux虚拟服务器。 通过LVS达到的负载均衡技术和Linux操作系统实现一个高性能高可用的Linux服务器群集,它具有良好的可靠性,可拓展性和可操作性。从而以低廉的成本实现负载均衡。 Keepalived的作用是检测服务器的状态,如果有一台web服务器宕机,或工作出现故障,Keepalived将检测到,并将有故障的服务器从系统中剔除,同时使用其他服务器代替该服务器的工作,当服务器工作正常后Keepalived自动将服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的服务器。
1. 环境说明
192.168.100.113: keepalived-master
192.168.100.114: keepalived-backup
192.168.100.202: VIP
192.168.100.117: nginx-1
192.168.100.118: nginx-22. 拓扑图
keepalived实现虚拟IP(VIP),client访问VIP,连接到keepalived-master,keepliaved-master服务器通过LVS轮询机制将请求负载到nginx-1和nginx-2。
3. 部署nginx
安装ngixn安装ngixn
在192.168.100.117和192.168.100.118部署nginx
yum install gcc gcc-c++ pcre-devel openssl-devel -y
cd /opt
wget http://nginx.org/download/nginx-1.18.0.tar.gz
tar -zxvf nginx-1.18.0.tar.gz
cd nginx-1.18.0 && \
./configure --prefix=/opt/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_realip_module --with-stream
make && make install修改nginx默认首页内容修改nginx默认首页内容
vim /opt/nginx/html/index.html192.168.100.117服务器:
将 Welcome to nginx! 改为 Welcome to nginx!--117
192.168.100.118服务器:
将 Welcome to nginx! 改为 Welcome to nginx!--118
启动两台nginx服务
/opt/nginx/sbin/nginx访问nginx首页 http://192.168.100.117 http://192.168.100.118 浏览器可返回 Welcome to nginx!–117 Welcome to nginx!–118 的页面则nginx配置完成
4. lo网卡配置脚本
此环境配置LVS DR 模式,需要在后端nginx服务器lo网卡配置LVS的VIP
vim /etc/init.d/realserver
#虚拟的vip 改为自己环境的vip
SNS_VIP=192.168.100.202
/etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0chmod 755 /etc/init.d/realserver
chmod 755 /etc/rc.d/init.d/functions
service realserver start4. 部署keepalived
在192.168.100.113和192.168.100.114部署keepalived
安装依赖
yum install -y gcc openssl-devel libnl libnl-devel libnfnetlink-devel wget下载并安装keepalived
su - root
cd ~
wget https://www.keepalived.org/software/keepalived-2.0.10.tar.gz
tar -zxvf keepalived-2.0.10.tar.gz
mv keepalived-2.0.10 /usr/local/keepalived
cd /usr/local/keepalived
./configure
make && make install
mkdir /etc/keepalived
cp /usr/local/keepalived/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/sbin/keepalived /usr/sbin/加入开机启动
cp /usr/local/keepalived/keepalived/etc/init.d/keepalived /etc/rc.d/init.d/{hide}
配置keepalived
vim /etc/keepalived/keepalived.conf
192.168.100.113配置:
! Configuration File for keepalived
global_defs {
router_id NG # 设置lvs的id,在一个网络内应该是唯一的
}
vrrp_instance VI_1 {
state MASTER #指定Keepalived的角色,MASTER为主,BACKUP为备 一定大写
interface eth0 #服务器网卡名
virtual_router_id 51 #虚拟路由编号,主备要一致
priority 100 #定义优先级,数字越大,优先级越高,主必须大于备
advert_int 1 #检查间隔,默认为1s
authentication { #这里配置的密码最多为8位,主备要一致,否则无法正常通讯
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.202 #定义虚拟IP(VIP)为192.168.100.202,可多设,每行一个
}
}
virtual_server 192.168.100.202 80 {
delay_loop 6 # 设置健康检查时间,单位是秒
lb_algo rr #rr代表正常轮询模式,正式环境建议使用wlc加权最小连接数轮询
lb_kind DR #DR模式:返回请求时,不走LVS,直接返回到客户端。
nat_mask 255.255.255.0
persistence_timeout 0
protocol TCP
real_server 192.168.100.117 80 { #后端服务器地址
weight 1 # 配置节点权值,数字越大权重越高
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.100.118 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}192.168.100.114配置:
! Configuration File for keepalived
global_defs {
router_id NG
}
vrrp_instance VI_1 {
state BACKUP #此处改为BACKUP,一定要大写**
interface eth0
virtual_router_id 51
priority 90 #此处改为90,要比master小**
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.202
}
}
virtual_server 192.168.100.202 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.100.117 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.100.118 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}keepalived
/etc/init.d/keepalived start
/etc/init.d/keepalived restart
/etc/init.d/keepalived stop5. 测试LVS负载
VIP 将会自动配置到在192.168.100.113上,如果192.168.100.113宕机,VIP会漂移到192.168.100.114。 浏览器访问VIP: http://192.168.100.202 会交替返回 Welcome to nginx!–117 Welcome to nginx!–118 两个页面,则LVS负载均衡配置成功。
6. LVS管理工具-ipvsadm
在192.168.100.113和192.168.100.114安装
yum install ipvsadm -y查看当前配置的虚拟服务和各个RS的权重
ipvsadm -Ln查看当前ipvs模块中记录的连接(可用于观察转发情况)
ipvsadm -lnc查看lvs的超时时间
ipvsadm -L --timeout优化连接超时时间
ipvsadm --set 1 10 300这里的TCP的连接超时时间最好和keepalived中的persistence_timeout超时时间保持一致;persistence_timeout的超时时间表示指定时间内,同ip的请求会转发到同一个服务。
{message type=“info”}如果本文对你有帮助,请点个赞吧!{/message}