0
点赞
收藏
分享

微信扫一扫

12、Keepalived解决LVS的高可用问题(双主双业务模式)并开启sorry server和持久连接

Keepalived解决LVS的高可用问题(双主双业务模式)

12、Keepalived解决LVS的高可用问题(双主双业务模式)并开启sorry server和持久连接_LVS开启sorry server


再安装两台web服务器7、17并配置好页面
[root@ubuntu2004 ~]#echo web1.meng.com `hostname -I` > /var/www/html/index.html
[root@ubuntu2004 ~]#echo web2.meng.com `hostname -I` > /var/www/html/index.html
测试页面内容
[root@rocky8 ~]#curl 10.0.0.7
web1.meng.com 10.0.0.7
[root@rocky8 ~]#curl 10.0.0.17
web2.meng.com 10.0.0.17

给客户端做解析 
(VIP1:10.0.0.100对应www.meng.org)
(VIP2:10.0.0.200对应www.meng.com)
[root@rocky8 ~]#cat /etc/hosts 
10.0.0.100 www.meng.org
10.0.0.200 www.meng.com

访问域名,发现www.meng.org
[root@rocky8 ~]#curl www.meng.org
web2.meng.org 10.0.0.18
[root@rocky8 ~]#curl www.meng.org
web1.meng.org 10.0.0.8
[root@rocky8 ~]#curl www.meng.com
curl: (7) Failed to connect to www.meng.com port 80: Connection refused
[root@rocky8 ~]#curl www.meng.com
curl: (7) Failed to connect to www.meng.com port 80: Connection refused

把以下内容配置到所有keepalived服务器www.meng.com.conf最下面,实现LVS的高可用问题,用http做后端服务器的健康性检查

virtual_server 10.0.0.200 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP

    #sorry_server 127.0.0.1 80

    real_server 10.0.0.7 80 {
        weight 1
        HTTP_GET {
                url {
                    path /index.html
                    status_code 200
                }
                connect_timeout 1
                nb_get_retry 3
                delay_before_retry 1
   }   
 }
   real_server 10.0.0.17 80 {
        weight 2
        HTTP_GET {
                url {
                    path /index.html
                    status_code 200
                }
                connect_timeout 1
                nb_get_retry 3
                delay_before_retry 1
    }  
  } 
}
[root@ka1 conf.d]#systemctl restart keepalived
[root@ka2 conf.d]#systemctl restart keepalived
查看各keepalived节点IP情况
[root@ka1 conf.d]#hostname -I
10.0.0.101 10.0.0.100 192.168.10.100
[root@ka2 conf.d]#hostname -I
10.0.0.102 10.0.0.200 192.168.10.101

节点查看ipvs规则
[root@ka2 conf.d]#ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.100:80 wrr
  -> 10.0.0.8:80                Route   1      0          0         
  -> 10.0.0.18:80                Route   1      0          0         
TCP  10.0.0.200:80 wrr
  -> 10.0.0.7:80                  Route   1      0          0         
  -> 10.0.0.17:80                 Route   2      0          0

由于是DR模型,后端nginx全部机器需配虚拟地址,修改内核(脚本完成)

[root@ubuntu2004 ~]#bash lvs_dr_rs.sh start 
The RS Server is Ready!
[root@ubuntu2004 ~]#ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 10.0.0.200/32 scope global lo:1

配置完成后,客户端访问www.meng.com权重比为2:1

[root@rocky8 ~]#curl www.meng.com
web2.meng.com 10.0.0.17
[root@rocky8 ~]#curl www.meng.com
web2.meng.com 10.0.0.17
[root@rocky8 ~]#curl www.meng.com
web1.meng.com 10.0.0.7

挂掉一台keepalived,观察情况

客户端持续访问
[root@rocky8 ~]#while :;do curl www.meng.com;curl www.meng.org;sleep 1;done
web1.meng.org 10.0.0.101
web2.meng.com 10.0.0.17
web2.meng.org 10.0.0.102
web1.meng.com 10.0.0.7
正常工作

挂掉ka1,持续访问不受影响,但VIP1:10.0.0.100飘到了ka2上
[root@ka2 conf.d]#hostname -I
10.0.0.102 10.0.0.200 10.0.0.100 192.168.10.101

当ka1起来后,VIP1又飘回ka1
[root@ka1 ~]#hostname -I 
10.0.0.101 10.0.0.100 192.168.10.100

sorry server

在两个keepalived机器上安装nginx,作为后端服务器挂了之后的sorry server

[root@ka1 ~]#echo Sorry Server 10.0.0.101 > /var/www/html/index.html
[root@ka1 ~]#curl 127.0.0.1
Sorry Server 10.0.0.101

[root@ka2 ~]#echo Sorry Server 10.0.0.102 > /var/www/html/index.html
[root@ka2 conf.d]#curl 127.0.0.1
Sorry Server 10.0.0.102

启用sorry server(各服务都启用)

[root@ka1 ~]#vim /etc/keepalived/conf.d/www.meng.com.conf 
virtual_server 10.0.0.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP

    sorry_server 127.0.0.1 80  #启用sorry server,当后端nginx挂了之后,访问sorry server页面
[root@ka1 ~]#systemctl restart keepalived

关闭www.meng.com.conf 业务对应的后端所有对应服务器,查看sorry server是否正常

[root@rocky8 ~]#curl www.meng.com
Sorry Server 10.0.0.102
[root@rocky8 ~]#curl www.meng.com
Sorry Server 10.0.0.102
已正常启用

开启持久连接

所有的业务配置文件都做修改
virtual_server 10.0.0.200 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 120   #会话保持时间
    protocol TCP
[root@ka1 ~]#systemctl restart keepalived 

查看实现了会话保持
[root@rocky8 ~]#while :;do curl www.meng.com;curl www.meng.org;sleep 1;done
web1.meng.com 10.0.0.7
web2.meng.org 10.0.0.18
web1.meng.com 10.0.0.7
web2.meng.org 10.0.0.18

防火墙标签把80、443端口绑定在一起,认为一个集群(www.meng.com.conf对应服务进行绑定)

第一步:所有keepalived节点添加标签
iptables -t mangle -A PREROUTING -d 10.0.0.200 -p tcp -m multiport --dports 80,443 -j MARK --set-mark 6

第二步:修改www.meng.com.conf配置文件
virtual_server fwmark 6 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    persistence_timeout 120
    protocol TCP
[root@ka1 ~]#systemctl restart keepalived   

一个整体调度
[root@rocky8 ~]#curl www.meng.com;curl -K https://www.meng.com
web2.meng.com 10.0.0.17
web1.meng.com 10.0.0.7

举报

相关推荐

0 条评论