LBC+DR+HA(LVS DR模式-负载均衡+高可用)服务器集群!
🔧准备.
- 🔧 6台计算机,或6台虚拟机.
- 🔧 操作系统Debian10.
- 🔧 安装类型,全部
最小安装.
博客中的实验环境.
- 物理系统Arch Linux
- 虚拟化平台KVM
- 虚拟机操作系统Debian10
| 名称 | 虚拟化平台 | 虚拟机系统 |
|---|---|---|
| DS(主调度器) | KVM | Debian10 |
| DS1(备用调度器) | KVM | Debian10 |
| RS0(WEB服务器) | KVM | Debian10 |
| RS1(WEB服务器) | KVM | Debian10 |
| CS0(客户机) | KVM | Arch Linux |
| CS0(客户机) | KVM | Debian10 |
博客中虚拟机IP及主机名配置.
| IP | 节点 |
|---|---|
| 192.168.222.66 | DS(主调度器) |
| 192.168.222.111 | RS1(备用调度器) |
| 192.168.222.52 | RS0(WEB服务器) |
| 192.168.222.215 | RS1(WEB服务器) |
| 192.168.222.222 | VIP(虚拟IP) |
| 192.168.222.211 | CS0(客户机) |
| 192.168.222.110 | CS1(客户机) |
修改镜像源.
#--最小安装的Debian10默认不能使用https源,需要安装 apt-transport-https ca-certificates
cat << "EOF" >/etc/apt/sources.list
deb http://mirrors.tuna.tsinghua.edu.cn/debian/ buster main contrib non-free
deb-src http://mirrors.tuna.tsinghua.edu.cn/debian/ buster main contrib non-free
deb http://mirrors.tuna.tsinghua.edu.cn/debian/ buster-updates main contrib non-free
deb-src http://mirrors.tuna.tsinghua.edu.cn/debian/ buster-updates main contrib non-free
deb http://mirrors.tuna.tsinghua.edu.cn/debian/ buster-backports main contrib non-free
deb-src http://mirrors.tuna.tsinghua.edu.cn/debian/ buster-backports main contrib non-free
deb http://mirrors.tuna.tsinghua.edu.cn/debian-security buster/updates main contrib non-free
deb-src http://mirrors.tuna.tsinghua.edu.cn/debian-security buster/updates main contrib non-free
EOF
apt update && \
apt -y install \
apt-transport-https \
ca-certificates #建立本地软件包缓存列表,以及支持https源.
sed 's/http/https/g' /etc/apt/sources.list #修改软件源为https.
apt-get update && \
apt-get -y install \
bash-completion \
vim \
wget \
build-essential #建立软件包缓存列表,安装基本工具,编译环境;配置DS(主调度器)虚拟机.
- 1,操作系统,Debian10,(安装类型最小安装)
- 2,安装keepalived和ipvsadm(使用包管理器)
apt-get update && \
apt-get install keepalived ipvsadm- 3,编译安装keepalived
下载并解压Keepalived源代码.
wget https://www.keepalived.org/software/keepalived-2.2.7.tar.gz #下载Keepalived源代码.
#--解压Keepalived压缩包.
for i in *gz; do
tar -xvf ${i}
done配置Keepalived源代码.
./configure \
--prefix=/usr/local/keepalived/ \
--disable-fwmark \
--sbindir=/usr/local/sbin/ \
--bindir=/usr/local/bin/ \
--with-systemdsystemunitdir=/etc/systemd/system/
#--disable-fwmark 加此项关闭生成防火墙策略
安装Keepalived依赖包.
apt-get update && \
apt-get -y install \
libsnmp-dev \
libnl-route-3-dev \
libnfnetlink-dev \
libipset-dev \
iptables-dev \
libsnmp-dev \
libnl-genl-3-dev
编译并安装Keepalived.
make V=99 -j $(nproc) && \
make install >install.log
修改Keepalivedsystemd服务.
- 默认安装好的Keepalivedsystemd服务无法正常使用,需要修改哈~
[Unit]
Description=LVS and VRRP High Availability Monitor
After=network-online.target syslog.target
Wants=network-online.target
Documentation=man:keepalived(8)
Documentation=man:keepalived.conf(5)
Documentation=man:genhash(1)
Documentation=https://keepalived.org
[Service]
Type=simple
PIDFile=/run/keepalived.pid
KillMode=process
EnvironmentFile=-/usr/local/keepalived/etc/sysconfig/keepalived
ExecStart=/usr/local/sbin/keepalived -f /usr/local/keepalived/etc/keepalived/keepalived.conf $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target- 4,配置
DS(主调度器)网络.
cat << "EOF" >/etc/network/interfaces.d/enp1s0
# The enp1s0 network config;
auto enp1s0
allow-hotplug enp1s0
iface enp1s0 inet static
address 192.168.222.66
netmask 255.255.255.0
gateway 192.168.222.1
EOF
systemctl daemon-reload && \
systemctl restart networking.service- 5,配置
DS(主调度器)HA高可用主节点.
cat << "EOF" >/etc/keepalived/keepalived.conf
! Configuration File for keepalived
#--Keepalived MASTER Config
global_defs {
notification_email {
root@localhost #默认三个地址,修改可用地址
}
notification_email_from root@localhost
smtp_server localhost
smtp_connect_timeout 30
router_id DS #标识当前节点名字,两个节点的此项需要不相同。
}
#默认的配置文件中,使用第三方 smtp 服务器,但这在现实中几乎没有意义,发不出邮件,我们将其挃定为 localhost,我们也可以将通知信息的发送交给本地 sendmail 服务处理。
vrrp_instance apache { #定义一个实例,一个集群就是一个实例,默认VI_1 可以随意改.
state MASTER #指定A节点为主节点 备用节点上设置为 BACKUP 即可.
interface enp1s0 #绑定虚拟IP 的网络接口.
virtual_router_id 51 #VRRP 组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP 组.
priority 100 #主节点的优先级(1-254 之间),备用节点必须比主节点优先级低.
advert_int 1 #组播信息发送间隔,两个节点设置必须一样.
authentication { #设置验证信息,两个节点必须一致.
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.222.222 #指定虚拟IP,两个节点设置必须一样.
}
}
#类似添加虚拟一个服务 ipvsadm -A -t 192.168.1.70:80 -s rr
virtual_server 192.168.222.222 80 { #对虚拟IP63添加LVS相关内容.
delay_loop 6 #Keepalived 多长时间监测一次 RS.
lb_algo rr #分发算法.
lb_kind DR #DR 模式.
nat_mask 255.255.255.0
persistence_timeout 50 #同一IP50秒内的请求都发到同个real server,这个会影响LVS的RR调度算法,同一IP超过50秒后,再次访问,才会被转发到另一台real server 上,persistence 持久性的意思.
protocol TCP
real_server 192.168.222.215 80 { #配置服务节点 1,需要指定 realserver 的真实 IP 地址和端口,IP不端口之间用空格隔开.
weight 1 #配置服务节点的权值,权值大小用数字表示,数字越大,权值越高,设置权值大小可以为不同性能的服务器.
TCP_CHECK { #这段内容手动添加,爸以前的内容删除.
connect_timeout 3 #表示 3 秒无响应超时.
nb_get_retry 3 #表示重试次数.
delay_before_retry 3 #表示重试间隔.
connect_port 80 #检测端口.
}
}
real_server 192.168.222.52 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
EOF启动DS上的keepalived高可用.
ipvsadm -C &&\
systemctl daemon-reload &&\
systemctl enable --now keepalived.service
配置DS1(备用调度器)虚拟机.
- 1,配置
DS1(备用调度器)备用节点网络.
cat << "EOF" > /etc/network/interfaces.d/enp1s0
# The enp1s0 network config;
auto enp1s0
allow-hotplug enp1s0
iface enp1s0 inet static
address 192.168.222.111
netmask 255.255.255.0
gateway 192.168.222.1
EOF- 2,配置
DS1(备用调度器)HA高可用备用节点.
cat << "EOF" >/etc/keepalived/keepalived.conf
! Configuration File for keepalived
#--Keepalived Backup Config
global_defs {
notification_email {
root@localhost #默认三个地址,修改可用地址
}
notification_email_from root@localhost
smtp_server localhost
smtp_connect_timeout 30
router_id DS1 #标识当前节点名字,两个节点的此项需要不相同.
}
#默认的配置文件中,使用第三方 smtp 服务器,但这在现实中几乎没有意义,发不出邮件,我们将其挃定为 localhost,我们也可以将通知信息的发送交给本地 sendmail 服务处理。
vrrp_instance apache { #定义一个实例,一个集群就是一个实例,默认VI_1 可以随意改.
state BACKUP #指定A节点为主节点 备用节点上设置为 BACKUP 即可.
interface enp1s0 #绑定虚拟IP 的网络接口.
virtual_router_id 51 #VRRP 组名,两个节点的设置必须一样,以指明各个节点属于同一VRRP 组.
priority 90 #主节点的优先级(1-254 之间),备用节点必须比主节点优先级低.
advert_int 1 #组播信息发送间隔,两个节点设置必须一样.
authentication { #设置验证信息,两个节点必须一致.
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.222.222 #指定虚拟IP,两个节点设置必须一样.
}
}
#类似添加虚拟一个服务 ipvsadm -A -t 192.168.1.70:80 -s rr
virtual_server 192.168.222.222 80 { #对虚拟IP63添加LVS相关内容.
delay_loop 6 #Keepalived 多长时间监测一次 RS.
lb_algo rr #分发算法.
lb_kind DR #DR 模式.
nat_mask 255.255.255.0
persistence_timeout 50 #同一IP50秒内的请求都发到同个real server,这个会影响LVS的RR调度算法,同一IP超过50秒后,再次访问,才会被转发到另一台real server 上,persistence 持久性的意思.
protocol TCP
real_server 192.168.222.215 80 { #配置服务节点 1,需要指定 realserver 的真实 IP 地址和端口,IP不端口之间用空格隔开.
weight 1 #配置服务节点的权值,权值大小用数字表示,数字越大,权值越高,设置权值大小可以为不同性能的服务器.
TCP_CHECK { #这段内容手动添加,爸以前的内容删除.
connect_timeout 3 #表示 3 秒无响应超时.
nb_get_retry 3 #表示重试次数.
delay_before_retry 3 #表示重试间隔.
connect_port 80 #检测端口.
}
}
real_server 192.168.222.52 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
EOF启动DS1上的keepalived高可用.
ipvsadm -C &&\
systemctl daemon-reload &&\
systemctl enable --now keepalived.service
配置RS0(WEB服务器)虚拟机.
- 1,配置
RS0服务器,DIP.
cat << "EOF" >>/etc/network/interfaces.d/enp1s0
# The enp1s0 network config;
auto enp1s0
allow-hotplug enp1s0
iface enp1s0 inet static
address 192.168.222.52
netmask 255.255.255.0
gateway 192.168.222.1
EOF- 2,配置
RS0服务器,VIP.
cat << "EOF" >>/etc/network/interfaces.d/lo:0
# The lo:0:0 network config;
auto lo:0
iface lo:0 inet static
address 192.168.222.222
netmask 255.255.255.255
EOF
systemctl daemon-reload && \
systemctl restart networking.service- 3,配置
RS0服务器,内核参数.
cat << "EOF" >>/etc/sysctl.conf
#----LVS DR
net.ipv4.conf.enp1s0.arp_ignore = 1
net.ipv4.conf.enp1s0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
EOF
sysctl -p配置RS1(WEB服务器)虚拟机.
- 1,配置
RS1服务器,DIP.
cat << "EOF" >/etc/network/interfaces.d/enp1s0
# The enp1s0 network config;
auto enp1s0
allow-hotplug enp1s0
iface enp1s0 inet static
address 192.168.222.215
netmask 255.255.255.0
gateway 192.168.222.1
EOF- 2,配置
RS1服务器,VIP.
cat << "EOF" >/etc/network/interfaces.d/lo:0
# The lo:0:0 network config;
auto lo:1
iface lo:1 inet static
address 192.168.222.222
netmask 255.255.255.255
EOF
systemctl daemon-reload && \
systemctl restart networking.service- 3,配置
RS1服务器,内核参数.
cat << "EOF" >>/etc/sysctl.conf
#----LVS DR
net.ipv4.conf.enp1s0.arp_ignore = 1
net.ipv4.conf.enp1s0.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
EOF
sysctl -p配置CS0(客户机)虚拟机.
无需任何配置,只需安装任意操作系统.*
配置CS1(客户机)虚拟机.
无需任何配置,只需安装任意操作系统.*
测试LVS DR模式 HA高可用集群.
- 使用两台客户端主机请求VIP.
Master和BACKUP同时工作由Master调度.
关闭Master主机BACKUP将替代Master继续调度.
