服务器故障:(服务器故障包括:服务器宕机、web服务终止、网线松动等等)
①当lvs-master故障时,无法再接受用户请求并将请求转发给真实的web服务器(即便真实web服务器正常)从而导致整个web服务的瘫痪,也就是lvs控制器存在单点故障问题。
②当lvs-master正常时,真实地web服务器如web1-realserver故障。此时lvs-master并不知道真实服务器是否在正常提供web服务,所以仍然在向故障的web1-realserver转发用户请求。这样的结果是用户请求无法被故障web服务器相应,某些用户可以访问网站有些则无法访问。
基于以上的问题,我们需要想办法实现对lvs控制器和web服务器的健康监测,一旦服务出现问题能保证服务不中断的情况下排除故障。即增加lvs控制器实现主备模式避免单点故障约白远 境 收蟱eb服务结点并当它恢复后再自动添加到群集中这样的功能,这就是LVS+keepalived能实现的功能。整个线上环境由Linuxtone的站长netseek提供,这里表示感谢,整个系统的拓补如下:
|
名称
|
IP
|
|
LVS-DR-Master
|
61.164.122.6
|
|
LVS-DR-BACKUP
|
61.164.122.7
|
|
LVS-DR-VIP
|
61.164.122.8
|
|
WEB1-Realserver
|
61.164.122.9
|
|
WEB2-Realserver
|
61.164.122.10
|
实施步骤:
①在realserver主机上实行脚本realserver,为lo:0绑定VIP地址61.164.122.8,这步分别在二个web主机上61.164.122.9、61.164.122.10实施。这步提前做,是因为以后的过程中这一步是不会发生更改的。 #vim /usr/local/sbin/realserver
#!/bin/bash
SNS_VIP=61.164.122.8
. /etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
②为二台lvs主机安装lvs脚本,这步并非必要。做完这步时可以检测到用软件实现了LVS/DR的双机互备机制,但并不能实现的智能自动增加删除故障的web站点,所以这个靠keepalived来实现。过程如下:
#mkdir /usr/local/src/lvs
#cd /usr/local/src/lvs
#wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz
#ln -s /usr/src/kernels/2.6.18-53.el5PAE-i686/ /usr/src/linux
#tar zxvf ipvsadm-1.24.tar.gz
#cd ipvsadm-1.24
#make
#make install
#vi /usr/local/sbin/lvs.sh
#!/bin/bash
#website director vip.
SNS_VIP=61.164.122.8
SNS_RIP1=61.164.122.9
SNS_RIP2=61.164.122.10
. /etc/rc.d/init.d/functions
logger $0 called with $1
case "$1" in
start)
# set squid vip
/sbin/ipvsadm --set 30 5 60
/sbin/ifconfig eth0:0 $SNS_VIP broadcast $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP up
/sbin/route add -host $SNS_VIP dev eth0:0
/sbin/ipvsadm -A -t $SNS_VIP:80 -s wrr -p 3
/sbin/ipvsadm -a -t $SNS_VIP:80 -r $SNS_RIP1:80 -g -w 1
/sbin/ipvsadm -a -t $SNS_VIP:80 -r $SNS_RIP2:80 -g -w 1
touch /var/lock/subsys/ipvsadm >/dev/null 2>&1
;;
stop)
/sbin/ipvsadm -C
/sbin/ipvsadm -Z
ifconfig eth0:0 down
route del $SNS_VIP
rm -rf /var/lock/subsys/ipvsadm >/dev/null 2>&1
echo "ipvsadm stoped"
;;
status)
if [ ! -e /var/lock/subsys/ipvsadm ];then
echo "ipvsadm stoped"
exit 1
else
echo "ipvsadm OK"
fi
;;
*)
echo "Usage: $0 {start|stop|status}"
exit 1
esac
exit 0
③关闭lvs脚本./lvs stop,编辑keepalived.conf文件,用keepalived实现负载均衡及高可用性。
a)Keepalved的安装
#wget http://www.keepalived.org/software/keepalived-1.1.15.tar.gz
#tar zxvf keepalived-1.1.15.tar.gz
#cd keepalived-1.1.15
#./configure
#make
#make install
将keepalived做成启动脚务,方便管理:
#cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
#cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
#mkdir /etc/keepalived
#cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
#cp /usr/local/sbin/keepalived /usr/sbin/
#service keepalived start|stop
b)Keealived的配置
1、配置在主负载均衡服务器上配置keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
yuhongchun027@163.com
}
notification_email_from sns-lvs@gmail.com
smtp_server 127.0.0.1
# smtp_connect_timeout 30
router_id LVS_DEVEL
} #VIP1
vrrp_instance VI_1 {
state MASTER#备份服务器上将MASTER改为BACKUP
interface eth0
virtual_router_id 51
priority 100#备份服务上将100改为99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
61.164.122.8
}
} virtual_server 61.164.122.8 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
persistence_timeout 60
protocol TCP real_server 61.164.122.9 80 {
weight 3
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 61.164.122.10 80 {
weight 3
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
2、BACKUP服务器同上配置,先安装lvs再按装keepalived,仍后配置/etc/keepalived/keepalived.conf,只需将红色标示的部分改一下即可。
3、停掉lvs脚本,分别在二台lvs机上启动servcie keepalived start就可实现负载均衡及高可用集群。
※值得注意的是:
1、你必须向你的服务器所在机房IDC多申请一个IP供VIP使用。
2、服务器的iptables、SElinux均关闭;在生产环境中,我就遇到了iptables的NAT转发问题,导致了lvs失败。
3、修改keepalved.conf文件请直接修改/etc/keealived/keepalived.conf,因为keepalived启动时会以这个为默认。
4、系统排障时多用ipvsadm -ln和tail -f /var/log/messages。以上架构我在生产环境、局域网、虚拟机下均实现,有兴趣的同志可以对照实验,有问题的话欢迎来信交流yuhongchun027@163.com(抚琴煮酒)
