keepalived + LVS Architecture

In the LVS architecture, whether it's NAT or Dr mode, when the back-end RS is down, the scheduler will still forward the request to the outage of RS, the result is not what we want, keepalived can solve the problem, it is not only a highly available function, but also load balancing function. In the scheduler installed keepalived no longer need to install IPVSADM, also do not have to write about LVs script, that is, keepalived has been embedded in the LVS function, the complete KEEPALIVED+LVS architecture requires two scheduler to achieve high availability, The only one to provide the dispatch service, and the other to spare.

Environment Introduction

Main keepalived (scheduler): 192.168.153.134

Standby keepalived (Scheduler): 192.168.153.133 (added at the end of the article)

Real Server rs1:192.168.153.135

Real Server rs2:192.168.153.136

vip:192.168.153.110

Installing keepalived on the Scheduler

Yum Install-y keepalived

Edit keepalived configuration file

Vim/etc/keepalived/keepalived.conf

Vrrp_instance Vi_1 {

#备用服务器上为 BACKUP

State MASTER

#绑定vip的网卡为ens33, your NIC and I may not be the same, here need you to change

Interface Ens33

VIRTUAL_ROUTER_ID 51

#备用服务器上为90

Priority 100

Advert_int 1

Authentication {

Auth_type Pass

Auth_pass 111111

}

virtual_ipaddress {

192.168.153.110

}

}

Virtual_server 192.168.153.110 80 {

# (Query Realserver status every 10 seconds)

Delay_loop 10

# (LVS algorithm)

Lb_algo WLC

# (DR Mode)

Lb_kind DR

# (the same IP connection is assigned to the same realserver within 60 seconds)

Persistence_timeout 60

# (check Realserver State with TCP protocol)

Protocol TCP

Real_server 192.168.153.135 80 {

# (weight)

Weight 100

Tcp_check {

# (10 seconds No response timeout)

Connect_timeout 10

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

Real_server 192.168.153.136 80 {

Weight 100

Tcp_check {

Connect_timeout 10

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

}

If the LVs script was previously executed on the scheduler

Ipvsadm-c to empty the Ipvsadm rule.

Systemctl Restart Network can remove the VIP that was previously set

Because the LVS defined on the keepalived is Dr Mode, it is necessary to execute the lvs_dr_rs.sh script on two real server RS (same as the DR Mode script in the previous article introducing LVS)

Executed on two real servers, respectively

bash/usr/local/sbin/lvs_dr_rs.sh

The script is as follows

#/bin/bash
vip=192.168.153.110
#把vip绑定在lo上, is to realize RS directly return the result to the client
Ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up
Route Add-host $vip lo:0
#以下操作为更改arp内核参数, the purpose is to allow RS to successfully send MAC address to the client
#参考文档www. cnblogs.com/lgfeng/archive/2012/10/16/2726308.html
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

Start the keepalived service on the dispatcher after executing the script on the real server RS, respectively

Systemctl Start keepalived

PS aux | grep keepalived Check for keepalived process

Inspection:

Access VIP in Browser (192.168.153.110)

You can perform the IPVSADM-LN command on the dispatcher to view the number of connections

#ipvsadm-ln

Ipvirtual Server version 1.2.1 (size=4096)

Protlocaladdress:port Scheduler Flags

-> remoteaddress:port Forward Weight activeconn inactconn

TCP 192.168.153.110:80 WLC Persistent 60

-> 192.168.153.135:80 Route 100 0 0

-> 192.168.153.136:80 Route 100 4 7

After 153.136nginx is deactivated

#ipvsadm-ln

Ipvirtual Server version 1.2.1 (size=4096)

Protlocaladdress:port Scheduler Flags

-> remoteaddress:port Forward Weight activeconn inactconn

TCP 192.168.153.110:80 WLC Persistent 60

-> 192.168.153.135:80 Route 100 4 0

Success ~

Add standby Scheduler with high available keepalived

Backup (Scheduler): 192.168.153.133

Install keepalived

To configure an alternate keepalived configuration file

Vim/etc/keepalived/keepalived.conf

Vrrp_instance Vi_1 {

#备用服务器上为 BACKUP

State BACKUP

#绑定vip的网卡为ens33, your NIC and I may not be the same, here need you to change

Interface Ens33

VIRTUAL_ROUTER_ID 51

#备用服务器上为90

Priority 90

Advert_int 1

Authentication {

Auth_type Pass

Auth_pass 111111

}

virtual_ipaddress {

192.168.153.110

}

}

Virtual_server 192.168.153.110 80 {

# (Query Realserver status every 10 seconds)

Delay_loop 10

# (LVS algorithm)

Lb_algo WLC

# (DR Mode)

Lb_kind DR

# (the same IP connection is assigned to the same realserver within 60 seconds)

Persistence_timeout 60

# (check Realserver State with TCP protocol)

Protocol TCP

Real_server 192.168.153.135 80 {

# (weight)

Weight 100

Tcp_check {

# (10 seconds No response timeout)

Connect_timeout 10

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

Real_server 192.168.153.136 80 {

Weight 100

Tcp_check {

Connect_timeout 10

Nb_get_retry 3

Delay_before_retry 3

Connect_port 80

}

}

}

Start the keepalived service after the configuration is complete

Systemctl Start keepalived

Disable the keepalived of the main scheduler

Systemctl Stop keepalived

Browsing the Web test is still normal and has switched to backup normally

Start Master Deactivate the backup scheduler

You can still access the Web page. Start Backup Standby

Test successful