介绍
LVS 是一种预装在 Linux 系统中,基于四层、具有强大性能的反向代理服务器。ipvsadm 是 LVS 的命令行管理工具。
LVS 特点是:
- 首先它是基于 4 层的网络协议的,抗负载能力强,对于服务器的硬件要求除了网卡外,其他没有太多要求;
- 配置性比较低,这是一个缺点也是一个优点,因为没有可太多配置的东西,大大减少了人为出错的几率;
- 应用范围比较广,不仅仅对 web 服务做负载均衡,还可以对其他应用(mysql)做负载均衡;
- LVS 架构中存在一个虚拟 IP 的概念,需要向 IDC 多申请一个 IP 来做虚拟 IP。
Keepalived 是一个基于 VRRP 协议来实现的服务高可用方案,可以利用其来避免 IP 单点故障,一般与其它负载均衡技术(如 LVS 、HAProxy 、Nginx)一起工作来达到集群的高可用。Keepalived 是 LVS 的扩展项目, 因此它们之间具备良好的兼容性,可直接通过 Keepalived 的配置文件来配置 LVS。
相关术语
- LB (Load Balancer 负载均衡)
- HA (High Available 高可用)
- Failover (失败切换)
- Cluster (集群)
- LVS (Linux Virtual Server Linux 虚拟服务器)
- DS (Director Server),指的是前端负载均衡器节点
- RS (Real Server),后端真实的工作服务器
- VIP (Virtual IP),虚拟的 IP 地址,向外部直接面向用户请求,作为用户请求的目标的 IP 地址
- DIP (Director IP),主要用于和内部主机通讯的 IP 地址
- RIP (Real Server IP),后端服务器的 IP 地址
- CIP (Client IP),访问客户端的 IP 地址
准备
| ip | 用途 | 系统 |
|---|---|---|
| 192.168.121.201 | master1 | centos7 |
| 192.168.121.202 | master2 | centos7 |
| 192.168.121.203 | nginx | centos7 |
| 192.168.121.204 | nginx | centos7 |
| 192.168.121.250 | 虚拟IP |
LVS节点配置 (DR)
192.168.121.201,192.168.121.200
基础软件安装
yum -y install gcc openssl-devel
yum -y install libnl libnl-devel libnfnetlink-devel
yum -y install net-tools vim
安装keepalived(建议源码安装最新版本,centos7默认版本有BUG) 下载地址
tar -zxvf keepalived-2.2.22.tar.gz -C /tmp & cd /tmp/keepalived-2.2.22
./configure --prefix=/usr/local/keepalived && make && make install
配置系统服务/usr/lib/systemd/system/keepalived.service
[Unit]
Description=LVS and VRRP High Availability Monitor
After= network-online.target syslog.target
Wants=network-online.target
[Service]
Type=forking
PIDFile=/var/run/keepalived.pid
KillMode=process
EnvironmentFile=-/usr/local/keepalived/etc/sysconfig/keepalived
ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
配置/etc/keepalived/keepalived.conf
#
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface ens32
virtual_router_id 62
priority 200 # 优先级值设定:MASTER 要比 BACKUP 的值大
advert_int 1 # 通告时间间隔:单位秒,主备要一致
authentication { # 认证机制,主从节点保持一致即可
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.121.250 # VIP,可配置多个
}
}
# LB 配置
virtual_server 192.168.121.250 8080 {
delay_loop 3
lb_algo wrr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.121.202 8080 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 2
connect_port 8080
}
}
real_server 192.168.121.203 8080 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 2
connect_port 8080
}
}
}
master2节点复制之前的配置文件,修改 vrrp_instance VI_1 中的 state 为 BACKUP。
配置完成后,分别重启 Keepalived 服务。
RS节点配置 (DR)
192.168.121.203,192.168.121.202
nginx使用8080端口安装启动(略)
修改/etc/init.d/rs.sh
#!/bin/bash
SNS_VIP=192.168.121.250
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
执行
bash /etc/init.d/rs.sh start
配置完成后,通过 VIP 就可以访问到 RS 上的服务了。
NAT模式配置
LVS节点配置
/etc/keepalived/keepalived.conf
# 修改模式为NAT
lb_kind NAT
开启路由转发功能、
echo 1 > /proc/sys/net/ipv4/ip_forward
重启keepalived
systemctl restart keepalived
RS节点配置
配置路由,设置网关为keepalived上面配置的虚拟地址192.168.121.250
route add default gw 192.168.121.250
