前情提要通过本篇博客你可以学会keepalivedLVS实现高可用高性能的webmariadb双主双业务集群架构的详细架构原理keepalived的基本初始化配置还有该双主双业务架构的各个主机的详细环境配置以及keepalived的详细配置最终可以实现IPVS的高可用高性能的webmariadb集群一、实验环境配置1.1 架构图注意IP地址请以主机环境清单为准。1.2 主机环境清单KA1IP172.25.254.50/24NAT网卡VIP172.25.254.100/24172.25.254.200/24KA2IP172.25.254.60/24NAT网卡VIP172.25.254.100/24172.25.254.200/24RS1IP172.25.254.10/24NAT网卡RS2IP172.25.254.20/24NAT网卡1.3 主机环境配置1、配置RS1和RS2主机的IP地址RS1如下RS2如下2、配置KA1和KA2主机的IP地址KA1如下KA2如下以上IP地址请自行配置3、配置KA1和KA2主机的本地解析操作如下[rootKA1 ~]# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.50 KA1 172.25.254.60 KA2 172.25.254.10 RS1 172.25.254.20 RS2 [rootKA1 ~]# scp /etc/hosts 172.25.254.60:/etc/hosts hosts 100% 244 488.6KB/s 00:00以上完成了KA1和KA2主机的本地解析配置4、配置KA1和KA2的时间同步KA1如下KA1修改/etc/chrony.conf配置文件第26行白名单并取消第29行注释核心作用是在网络中所有外部时间源都失效时防止 Chrony 服务完全停止并允许本地服务器继续为网络内的其他客户端提供时间同步服务修改完成后重启chronyd并且设定开机自启动[rootKA1 ~]# systemctl restart chronyd [rootKA1 ~]# systemctl enable --now chronydKA2如下修改/etc/chrony.conf修改时间服务器为KA1主机然后重启并设定开机自启即可[rootKA2 ~]# systemctl restart chronyd [rootKA2 ~]# systemctl enable --now chronyd最后检测KA2是否可以和KA1进行时间同步可见时间同步成功配置正确至此实验主机环境配置结束二、Keepalived初始化配置首先分别在KA1和KA2上安装Keepalived并且设定开机自启动# KA1 [rootKA1 ~]# dnf install keepalived.x86_64 -y [rootKA1 ~]# systemctl enable --now keepalived # KA2 [rootKA2 ~]# dnf install keepalived.x86_64 -y [rootKA2 ~]# systemctl enable --now keepalived2.1 日志分离默认情况下。keepalived的日志会被保存在/var/log/messages文件中这个文件中除了含有keepalived的日志外还有其他服务的日志信息这样不利于对于keepalived的日志进行查看在KA1和KA2主机上均做如下配置此处以KA1为例[rootKA1 ~]# vim /etc/sysconfig/keepalived KEEPALIVED_OPTIONS-D -S 6 [rootKA1 ~]# systemctl restart keepalived.service [rootKA1 ~]# vim /etc/rsyslog.conf local6.* /var/log/keepalived.log [rootKA1 ~]# systemctl restart rsyslog.service #测试 [rootKA1 log]# systemctl restart keepalived [rootKA1 log]# ls /var/log/keepalived.log keepalived.log至此成功实现keepalived的日志分离2.2 子配置文件在主配置文件中如果写入过多的配置不利于对于主配置文件的阅读以KA1为例在keepalived的主配置/etc/keepalived/keepalived.conf文件加入以下内容,然后创建子配置文件目录[rootKA1 ~]# mkdir /etc/keepalived/conf.d以上完成了子配置文件目录的创建后续配置keepalived时将配置文件放在该目录下即可三、LVS相关环境配置1、配置RS1和RS2回环网卡以RS1为例[rootRS1 system-connections]# cp eth0.nmconnection lo.nmconnection -p [rootRS1 system-connections]# vim lo.nmconnection [connection] idlo typeloopback interface-namelo [ipv4] methodmanual address1127.0.0.1/8 address2172.25.254.100/32 address3172.25.254.200/32 [rootRS1 system-connections]# nmcli connection reload [rootRS1 system-connections]# nmcli connection up lo 连接已成功激活D-Bus 活动路径/org/freedesktop/NetworkManager/ActiveConnection/5 [rootRS1 ~]# ip a 1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 172.25.254.100/32 scope global lo valid_lft forever preferred_lft forever inet 172.25.254.200/32 scope global lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:0c:29:41:fa:79 brd ff:ff:ff:ff:ff:ff altname enp3s0 altname ens160 inet 172.25.254.10/24 brd 172.25.254.255 scope global noprefixroute eth0 valid_lft forever preferred_lft forever inet6 fe80::2360:d7ac:9af2:bb39/64 scope link noprefixroute valid_lft forever preferred_lft forever2、禁止arp响应以RS1为例[rootRS1 ~]# vim /etc/sysctl.conf net.ipv4.conf.all.arp_ignore1 net.ipv4.conf.all.arp_announce2 net.ipv4.conf.lo.arp_announce2 net.ipv4.conf.lo.arp_ignore1 [rootRS1 ~]# sysctl -p net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.lo.arp_announce 2 net.ipv4.conf.lo.arp_ignore 13、KA1和KA2安装LVS[rootKA1 ~]# dnf install ipvsadm -y四、业务配置本次实验中我们使用该架构同时提供web服务和数据库服务首先我们需要在RS1和RS2中部署服务3.1 部署web服务和数据库服务3.1.1 RS1和RS2http服务配置RS1和RS2均安装apache[rootRS1 ~]# dnf install httpd -yRS1配置测试网页[rootRS1 ~]# echo 172.25.254.10-RS1 /var/www/html/index.html [rootRS1 ~]# curl 172.25.254.10 172.25.254.10-RS1RS2配置测试网页[rootRS2 ~]# echo 172.25.254.20-RS2 /var/www/html/index.html [rootRS2 ~]# curl 172.25.254.20 172.25.254.20-RS2注意实际生产环境中需要两台服务主机提供相同服务此处仅为了后续测试而使用不同的html页面内容3.1.2 RS1和RS2mariadb服务配置RS1与RS2均安装mariadb-server并启动[rootRS1 ~]# dnf install mariadb-server -y [rootRS1 ~]# systemctl enable --now mariadbRS1与RS2均创建角色MariaDB [(none)] create user dragon% identified by 123; Query OK, 0 rows affected (0.002 sec) MariaDB [(none)] grant all on *.* to dragon%; Query OK, 0 rows affected (0.002 sec)注意该数据库配置实际上是分开的两个服务RS1和RS2并没有实现数据库数据共享若需要配置成同一个数据库服务请看博主置顶博文https://blog.csdn.net/2301_79481320/article/details/155075834?fromshareblogdetailsharetypeblogdetailsharerId155075834sharereferPCsharesource2301_79481320sharefromfrom_link3.2 配置keepalived虚拟路由修改KA1主配置文件如下[rootKA1 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { doubledragon163.com } notification_email_from Alexandre.Cassenfirewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id KA1 vrrp_skip_check_adv_addr #vrrp_strict vrrp_garp_interval 1 vrrp_gna_interval 1 vrrp_mcast_group4 224.0.0.44 } include /etc/keepalived/conf.d/*.conf vrrp_instance WEB_VIP { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.25.254.100/24 dev eth0 label eth0:0 } }修改KA2主配置文件如下[rootKA2 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { doubledragon163.com } notification_email_from Alexandre.Cassenfirewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id KA2 vrrp_skip_check_adv_addr #vrrp_strict vrrp_garp_interval 1 vrrp_gna_interval 1 vrrp_mcast_group4 224.0.0.44 } include /etc/keepalived/conf.d/*.conf vrrp_instance WEB_VIP { state BACKUP interface eth0 virtual_router_id 51 priority 80 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.25.254.100/24 dev eth0 label eth0:0 } }3.3 修改keepalived子配置文件KA1如下[rootKA1 ~]# vim /etc/keepalived/conf.d/web.conf virtual_server 172.25.254.100 80 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 172.25.254.10 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 1 retry 3 delay_before_retry 1 } } real_server 172.25.254.20 80 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 80 } } } [rootKA1 ~]# vim /etc/keepalived/conf.d/datebase.conf virtual_server 172.25.254.200 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 172.25.254.10 3306 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 3306 } } real_server 172.25.254.20 3306 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 3306 } } }KA2如下[rootKA2 ~]# vim /etc/keepalived/conf.d/web.conf real_server 172.25.254.10 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 1 retry 3 delay_before_retry 1 } } real_server 172.25.254.20 80 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 80 } } } [rootKA2 ~]# vim /etc/keepalived/conf.d/datebase.conf virtual_server 172.25.254.200 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 172.25.254.10 3306 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 3306 } } real_server 172.25.254.20 3306 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 3306 } } }3.4 重启服务并测试重启KA1和KA2服务[rootKA1 ~]# systemctl restart keepalived.service查看KA1和KA2的VIP可见VIP没有问题进行web访问测试可见web访问测试没有问题进行数据库访问测试可见没有问题VIP漂移测试停止KA1的keepalived可见VIP成功漂移到KA2没有问题至此该实验完成
【Keepalived】Keepalived+LVS--实现IPVS的高可用+高性能的双主双业务架构详细配置流程及解析
前情提要通过本篇博客你可以学会keepalivedLVS实现高可用高性能的webmariadb双主双业务集群架构的详细架构原理keepalived的基本初始化配置还有该双主双业务架构的各个主机的详细环境配置以及keepalived的详细配置最终可以实现IPVS的高可用高性能的webmariadb集群一、实验环境配置1.1 架构图注意IP地址请以主机环境清单为准。1.2 主机环境清单KA1IP172.25.254.50/24NAT网卡VIP172.25.254.100/24172.25.254.200/24KA2IP172.25.254.60/24NAT网卡VIP172.25.254.100/24172.25.254.200/24RS1IP172.25.254.10/24NAT网卡RS2IP172.25.254.20/24NAT网卡1.3 主机环境配置1、配置RS1和RS2主机的IP地址RS1如下RS2如下2、配置KA1和KA2主机的IP地址KA1如下KA2如下以上IP地址请自行配置3、配置KA1和KA2主机的本地解析操作如下[rootKA1 ~]# vim /etc/hosts 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 172.25.254.50 KA1 172.25.254.60 KA2 172.25.254.10 RS1 172.25.254.20 RS2 [rootKA1 ~]# scp /etc/hosts 172.25.254.60:/etc/hosts hosts 100% 244 488.6KB/s 00:00以上完成了KA1和KA2主机的本地解析配置4、配置KA1和KA2的时间同步KA1如下KA1修改/etc/chrony.conf配置文件第26行白名单并取消第29行注释核心作用是在网络中所有外部时间源都失效时防止 Chrony 服务完全停止并允许本地服务器继续为网络内的其他客户端提供时间同步服务修改完成后重启chronyd并且设定开机自启动[rootKA1 ~]# systemctl restart chronyd [rootKA1 ~]# systemctl enable --now chronydKA2如下修改/etc/chrony.conf修改时间服务器为KA1主机然后重启并设定开机自启即可[rootKA2 ~]# systemctl restart chronyd [rootKA2 ~]# systemctl enable --now chronyd最后检测KA2是否可以和KA1进行时间同步可见时间同步成功配置正确至此实验主机环境配置结束二、Keepalived初始化配置首先分别在KA1和KA2上安装Keepalived并且设定开机自启动# KA1 [rootKA1 ~]# dnf install keepalived.x86_64 -y [rootKA1 ~]# systemctl enable --now keepalived # KA2 [rootKA2 ~]# dnf install keepalived.x86_64 -y [rootKA2 ~]# systemctl enable --now keepalived2.1 日志分离默认情况下。keepalived的日志会被保存在/var/log/messages文件中这个文件中除了含有keepalived的日志外还有其他服务的日志信息这样不利于对于keepalived的日志进行查看在KA1和KA2主机上均做如下配置此处以KA1为例[rootKA1 ~]# vim /etc/sysconfig/keepalived KEEPALIVED_OPTIONS-D -S 6 [rootKA1 ~]# systemctl restart keepalived.service [rootKA1 ~]# vim /etc/rsyslog.conf local6.* /var/log/keepalived.log [rootKA1 ~]# systemctl restart rsyslog.service #测试 [rootKA1 log]# systemctl restart keepalived [rootKA1 log]# ls /var/log/keepalived.log keepalived.log至此成功实现keepalived的日志分离2.2 子配置文件在主配置文件中如果写入过多的配置不利于对于主配置文件的阅读以KA1为例在keepalived的主配置/etc/keepalived/keepalived.conf文件加入以下内容,然后创建子配置文件目录[rootKA1 ~]# mkdir /etc/keepalived/conf.d以上完成了子配置文件目录的创建后续配置keepalived时将配置文件放在该目录下即可三、LVS相关环境配置1、配置RS1和RS2回环网卡以RS1为例[rootRS1 system-connections]# cp eth0.nmconnection lo.nmconnection -p [rootRS1 system-connections]# vim lo.nmconnection [connection] idlo typeloopback interface-namelo [ipv4] methodmanual address1127.0.0.1/8 address2172.25.254.100/32 address3172.25.254.200/32 [rootRS1 system-connections]# nmcli connection reload [rootRS1 system-connections]# nmcli connection up lo 连接已成功激活D-Bus 活动路径/org/freedesktop/NetworkManager/ActiveConnection/5 [rootRS1 ~]# ip a 1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 172.25.254.100/32 scope global lo valid_lft forever preferred_lft forever inet 172.25.254.200/32 scope global lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc mq state UP group default qlen 1000 link/ether 00:0c:29:41:fa:79 brd ff:ff:ff:ff:ff:ff altname enp3s0 altname ens160 inet 172.25.254.10/24 brd 172.25.254.255 scope global noprefixroute eth0 valid_lft forever preferred_lft forever inet6 fe80::2360:d7ac:9af2:bb39/64 scope link noprefixroute valid_lft forever preferred_lft forever2、禁止arp响应以RS1为例[rootRS1 ~]# vim /etc/sysctl.conf net.ipv4.conf.all.arp_ignore1 net.ipv4.conf.all.arp_announce2 net.ipv4.conf.lo.arp_announce2 net.ipv4.conf.lo.arp_ignore1 [rootRS1 ~]# sysctl -p net.ipv4.conf.all.arp_ignore 1 net.ipv4.conf.all.arp_announce 2 net.ipv4.conf.lo.arp_announce 2 net.ipv4.conf.lo.arp_ignore 13、KA1和KA2安装LVS[rootKA1 ~]# dnf install ipvsadm -y四、业务配置本次实验中我们使用该架构同时提供web服务和数据库服务首先我们需要在RS1和RS2中部署服务3.1 部署web服务和数据库服务3.1.1 RS1和RS2http服务配置RS1和RS2均安装apache[rootRS1 ~]# dnf install httpd -yRS1配置测试网页[rootRS1 ~]# echo 172.25.254.10-RS1 /var/www/html/index.html [rootRS1 ~]# curl 172.25.254.10 172.25.254.10-RS1RS2配置测试网页[rootRS2 ~]# echo 172.25.254.20-RS2 /var/www/html/index.html [rootRS2 ~]# curl 172.25.254.20 172.25.254.20-RS2注意实际生产环境中需要两台服务主机提供相同服务此处仅为了后续测试而使用不同的html页面内容3.1.2 RS1和RS2mariadb服务配置RS1与RS2均安装mariadb-server并启动[rootRS1 ~]# dnf install mariadb-server -y [rootRS1 ~]# systemctl enable --now mariadbRS1与RS2均创建角色MariaDB [(none)] create user dragon% identified by 123; Query OK, 0 rows affected (0.002 sec) MariaDB [(none)] grant all on *.* to dragon%; Query OK, 0 rows affected (0.002 sec)注意该数据库配置实际上是分开的两个服务RS1和RS2并没有实现数据库数据共享若需要配置成同一个数据库服务请看博主置顶博文https://blog.csdn.net/2301_79481320/article/details/155075834?fromshareblogdetailsharetypeblogdetailsharerId155075834sharereferPCsharesource2301_79481320sharefromfrom_link3.2 配置keepalived虚拟路由修改KA1主配置文件如下[rootKA1 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { doubledragon163.com } notification_email_from Alexandre.Cassenfirewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id KA1 vrrp_skip_check_adv_addr #vrrp_strict vrrp_garp_interval 1 vrrp_gna_interval 1 vrrp_mcast_group4 224.0.0.44 } include /etc/keepalived/conf.d/*.conf vrrp_instance WEB_VIP { state MASTER interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.25.254.100/24 dev eth0 label eth0:0 } }修改KA2主配置文件如下[rootKA2 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { doubledragon163.com } notification_email_from Alexandre.Cassenfirewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id KA2 vrrp_skip_check_adv_addr #vrrp_strict vrrp_garp_interval 1 vrrp_gna_interval 1 vrrp_mcast_group4 224.0.0.44 } include /etc/keepalived/conf.d/*.conf vrrp_instance WEB_VIP { state BACKUP interface eth0 virtual_router_id 51 priority 80 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.25.254.100/24 dev eth0 label eth0:0 } }3.3 修改keepalived子配置文件KA1如下[rootKA1 ~]# vim /etc/keepalived/conf.d/web.conf virtual_server 172.25.254.100 80 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 172.25.254.10 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 1 retry 3 delay_before_retry 1 } } real_server 172.25.254.20 80 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 80 } } } [rootKA1 ~]# vim /etc/keepalived/conf.d/datebase.conf virtual_server 172.25.254.200 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 172.25.254.10 3306 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 3306 } } real_server 172.25.254.20 3306 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 3306 } } }KA2如下[rootKA2 ~]# vim /etc/keepalived/conf.d/web.conf real_server 172.25.254.10 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 1 retry 3 delay_before_retry 1 } } real_server 172.25.254.20 80 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 80 } } } [rootKA2 ~]# vim /etc/keepalived/conf.d/datebase.conf virtual_server 172.25.254.200 3306 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 172.25.254.10 3306 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 3306 } } real_server 172.25.254.20 3306 { weight 1 TCP_CHECK { connect_timeout 5 retry 3 delay_before_retry 3 connect_port 3306 } } }3.4 重启服务并测试重启KA1和KA2服务[rootKA1 ~]# systemctl restart keepalived.service查看KA1和KA2的VIP可见VIP没有问题进行web访问测试可见web访问测试没有问题进行数据库访问测试可见没有问题VIP漂移测试停止KA1的keepalived可见VIP成功漂移到KA2没有问题至此该实验完成
