LVS+Keepalived高可用集群與KVM

一、實(shí)現(xiàn)LVS+Keepalived高可用集群

1、架構(gòu)圖

image.png

2、編譯安裝keepalived

選項(xiàng)--disable-fwmark 可用于禁用iptables規(guī)則,可防止VIP無(wú)法訪問(wèn),無(wú)此選項(xiàng)默認(rèn)會(huì)啟用ipatbles規(guī)則

yum install -y gcc curl openssl-devel libnl3-devel net-snmp-devel 

./configure --prefix=/usr/local/keepalived --disable-fwmark
make && make install

cd /usr/local/keepalived

[root@lvs1 keepalived]# sbin/keepalived -v
Keepalived v2.2.2 (03/05,2021)

Copyright(C) 2001-2021 Alexandre Cassen, <acassen@gmail.com>

Built with kernel headers for Linux 3.10.0
Running on Linux 3.10.0-1062.el7.x86_64 #1 SMP Wed Aug 7 18:08:02 UTC 2019
Distro: CentOS Linux 7 (Core)
...

3、準(zhǔn)備郵件通知腳本(當(dāng)有keepalived節(jié)點(diǎn)故障時(shí)發(fā)送郵件到指定郵箱)

通知腳本說(shuō)明:
當(dāng)前節(jié)點(diǎn)成為主節(jié)點(diǎn)時(shí)觸發(fā)的腳本 notify_master <STRING>|<QUOTED-STRING>
當(dāng)前節(jié)點(diǎn)轉(zhuǎn)為備節(jié)點(diǎn)時(shí)觸發(fā)的腳本 notify_backup <STRING>|<QUOTED-STRING>
當(dāng)前節(jié)點(diǎn)轉(zhuǎn)為“失敗”狀態(tài)時(shí)觸發(fā)的腳本 notify_fault <STRING>|<QUOTED-STRING>
通用格式的通知觸發(fā)機(jī)制,一個(gè)腳本可完成以上三種狀態(tài)的轉(zhuǎn)換時(shí)的通知 notify <STRING>|<QUOTED-STRING>

/etc/keepalived/notify.sh

#!/bin/bash
#
contacts='kk399012523@163.com'

notify() {
        mailsubject="$(hostname) to be $1, vip floating"
        mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
        echo "$mailbody" | mail -s "$mailsubject" $contacts
}
case $1 in
master)
        notify master
        ;;
backup)
        notify backup
        ;;
fault)
        notify fault
        ;;
*)
        echo "Usage: $(basename $0) {master|backup|fault}"
        exit 1
        ;;
esac

chmod a+x /etc/keepalived/notify.sh

4、配置郵箱(兩個(gè)keepalived節(jié)點(diǎn)安裝mailx)

yum -y install mailx

vim /etc/mail.rc

set from=xxx@163.com
set smtp=smtp.163.com
set smtp-auth-user=xxx@163.com
set smtp-auth-password=xxx
set smtp-auth=login

# 發(fā)送郵件測(cè)試
echo "Test Mail"| mail -s Warning xxx@163.com

5、創(chuàng)建主配置文件

lvs1節(jié)點(diǎn)主配置文件

vim /etc/keepalived/keepalived.conf

global_defs {
   notification_email {
        kk399012523@163.com
   }
   notification_email_from kk399012523@163.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lvs1.demo
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.100.10
}

include /etc/keepalived/conf.d/*.conf

lvs2節(jié)點(diǎn)主配置文件

vim /etc/keepalived/keepalived.conf

global_defs {
   notification_email {
        kk399012523@163.com
   }
   notification_email_from kk399012523@163.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id lvs2.demo
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.100.10
}

include /etc/keepalived/conf.d/*.conf

6、創(chuàng)建子配置文件 (/etc/keepalived/conf.d)

lvs1的子配置文件

mkdir /etc/keepalived/conf.d
vim /etc/keepalived/conf.d/web1.conf

vrrp_instance web_1 {
    state MASTER
    interface eth0
    virtual_router_id 57
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        10.0.0.100/24 dev eth0 label eth0:1
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}

lvs2的子配置文件

mkdir /etc/keepalived/conf.d
vim /etc/keepalived/conf.d/web1.conf

vrrp_instance web_1 {
    state BACKUP
    interface eth0
    virtual_router_id 57
    priority 80          #修改優(yōu)先級(jí)
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        10.0.0.100/24 dev eth0 label eth0:1
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}

經(jīng)測(cè)試,此時(shí)VIP 10.0.0.100漂在 lvs1上,當(dāng)lvs1掛了后,VIP會(huì)漂到 lvs2 上,并發(fā)送郵件通知 lvs2 成為主節(jié)點(diǎn)。

7、利用 keepalived 生成 LVS 的虛擬服務(wù)器配置 (兩個(gè)節(jié)點(diǎn)一樣)

vim /etc/keepalived/conf.d/lvs_web1.conf

virtual_server 10.0.0.100 80 {
        delay_loop 3
        lb_algo rr
        lb_kind DR
        protocol TCP
        sorry_server 127.0.0.1 80
        real_server 10.0.0.11 80 {
            weight 1
            HTTP_GET {
                url {
                    path /
                    status_code 200
                }
                connect_timeout 1
                nb_get_retry 3
                delay_before_retry 1
            }
        }
        real_server 10.0.0.12 80 {
            weight 1
            HTTP_GET {
                url {
                    path /
                    status_code 200
                }
                connect_timeout 1
                nb_get_retry 3
                delay_before_retry 1
            }
        }
}

8、重啟keepalived,安裝ipvsadm工具查看生成的 lvs 規(guī)則

yum -y install ipvsadm

[root@lvs1 keepalived]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.100:80 rr
  -> 10.0.0.71:80                 Route   1      0          0         
  -> 10.0.0.72:80                 Route   1      0          0

9、準(zhǔn)備兩臺(tái)web服務(wù)器綁定VIP至web服務(wù)器的 lo 網(wǎng)卡,分別修改內(nèi)核參數(shù)限制響應(yīng)級(jí)別和通告級(jí)別

[root@nginx1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@nginx1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@nginx1 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@nginx1 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce

[root@nginx1 ~]# ifconfig lo:1 10.0.0.100/32

[root@nginx1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 10.0.0.100/0 scope global lo:1
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever

[root@nginx2 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@nginx2 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@nginx2 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@nginx2 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@nginx2 ~]# ifconfig lo:1 10.0.0.100/32
[root@nginx2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet 10.0.0.100/0 scope global lo:1
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever

測(cè)試,訪問(wèn) VIP 10.0.0.100 已經(jīng)可以輪詢(xún)調(diào)度

image.png

故障模擬:掛掉 lvs1,可以看到 lvs 規(guī)則已經(jīng)轉(zhuǎn)移到 lvs2上,并收到郵件通知。

[root@lvs2 conf.d]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  10.0.0.100:80 rr
  -> 10.0.0.71:80                 Route   1      0          0         
  -> 10.0.0.72:80                 Route   1      0          0

二、KVM的安裝配置

1、宿主機(jī)環(huán)境準(zhǔn)備

KVM需要宿主機(jī)CPU必須支持虛擬化功能,在vmware workstation上使用虛擬機(jī)做宿主機(jī),那么必須要在虛擬機(jī)配置界面的處理器選項(xiàng)中開(kāi)啟虛擬機(jī)化功能。

image.png

2、查看宿主機(jī)是否開(kāi)啟虛擬化(Intel CPU 對(duì)應(yīng) vmx ;AMD CPU 對(duì)應(yīng) svm)

grep -Em 1 "vmx|svm" /proc/cpuinfo
image.png
image.png

3、KVM 相關(guān)工具包介紹

  • qemu-kvm:為kvm提供底層仿真支持
  • libvirt-daemon:libvirtd守護(hù)進(jìn)程,管理虛擬機(jī)
  • libvirt-client:用戶(hù)端軟件,提供客戶(hù)端管理命令
  • libvirt-daemon-driver-qemu:libvirtd連接qemu的驅(qū)動(dòng)
  • libvirt:使用最多的KVM虛擬化管理工具和應(yīng)用程序接口,即通過(guò)libvirt調(diào)用KVM創(chuàng)建虛擬機(jī),libvirt是KVM通用的訪問(wèn)API,其不但能管理KVM,還能管理VMware、Xen、Hyper-V、virtualBox等虛擬化方案。
  • virt-manager:圖形界面管理工具,其底層也是調(diào)用libvirt API來(lái)完成對(duì)虛擬機(jī)的操作,包括虛擬機(jī)的創(chuàng)建、刪除、啟動(dòng)、停止以及一些簡(jiǎn)單的監(jiān)控功能等。
  • virt-install: 虛擬機(jī)命令行安裝工具
  • virsh:命令行工具是基于 libvirt API 創(chuàng)建的命令行工具,它可以作為圖形化的 virt-manager 應(yīng)用的備選工具。virsh 命令可以被用來(lái)創(chuàng)建虛擬化任務(wù)管理腳本,如安裝、啟動(dòng)和停止虛擬機(jī)
  • virt-viewer:通過(guò) VNC 和 SPICE 協(xié)議顯示虛擬機(jī)器圖形控制臺(tái)的最小工具。該工具在其同名軟件包中(virtviewer)
  • cockpit:CentOS8 專(zhuān)門(mén)提供的基于Web的虛擬機(jī)管理界面

4、libvirt 結(jié)構(gòu)圖

image.png

5、CentOS7 安裝KVM

yum -y install qemu-kvm libvirt virt-manager virt-install

systemctl start libvirtd
systemctl enable libvirtd

6、使用 virt-manager 圖形化虛擬機(jī)管理工具創(chuàng)建虛擬機(jī)

export DISPLAY=10.0.0.1:0.0
virt-manager
image.png
image.png
image.png

圖形化界面新建虛擬機(jī),跟VMware操作類(lèi)似。

7、使用 virt-install 命令創(chuàng)建虛擬機(jī)

雖然使用virt-manager 可以方便的管理虛擬機(jī),但如果需要批量進(jìn)行虛擬機(jī)的創(chuàng)建管理,命令行工具virtinstall
更加適合

7.1、利用 qemu-img命令創(chuàng)建虛擬磁盤(pán)

注意:qemu-img create 一定要確認(rèn)對(duì)應(yīng)路徑下沒(méi)有此文件,如果存在將覆蓋原文件

[root@kvm images]# qemu-img create -f qcow2 /var/lib/libvirt/images/centos7.qcow2 10G
Formatting '/var/lib/libvirt/images/centos7.qcow2', fmt=qcow2 size=10737418240 encryption=off cluster_size=65536 lazy_refcounts=off

[root@kvm images]# cd /var/lib/libvirt/images
[root@kvm images]# ll -h
total 196K
-rw-r--r-- 1 root root 193K Mar 20 02:14 centos7.qcow2

查看虛擬磁盤(pán)大小,是根據(jù)使用多少動(dòng)態(tài)增長(zhǎng)。

7.2、利用 osinfo-query命令查看支持的OS版本

image.png

7.3、創(chuàng)建虛擬機(jī)光盤(pán)啟動(dòng)并手動(dòng)安裝

創(chuàng)建默認(rèn)NAT模式的虛擬機(jī),并不自動(dòng)打開(kāi)virt-viewer連接console,需要手動(dòng)打開(kāi)virt-manager 連接,并手動(dòng)安裝系統(tǒng)。

virt-install --virt-type kvm \
--name centos7 \
--ram 1024 \
--vcpus 1 \
--cdrom=/data/kvm/CentOS-7-x86_64-Minimal-2009.iso \
--disk=/var/lib/libvirt/images/centos7.qcow2 \
--network network=default \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--os-variant=centos7.0

Starting install...
Domain installation still in progress. You can reconnect to 
the console to complete the installation process.

virt-install 命令即啟動(dòng)安裝程序,按提示完成安裝即可
image.png

8、創(chuàng)建虛擬機(jī)從光盤(pán)啟動(dòng)并利用kickstart自動(dòng)安裝系統(tǒng)
8.1、創(chuàng)建虛擬磁盤(pán)

qemu-img create -f qcow2 /var/lib/libvirt/images/centos7-kickstart.qcow2 10G

8.2、準(zhǔn)備 yum 倉(cāng)庫(kù)

yum -y install httpd
systemctl enable httpd
systemctl start httpd
mkdir -pv /var/www/html/centos/{6,7,8}/os/x86_64/

vim /etc/fstab
/data/kvm/CentOS-7-x86_64-Minimal-2009.iso /var/www/html/centos/7/os/x86_64/  iso9660 defaults 0 0

mount /dev/sr0 /var/www/html/centos/7/os/x86_64/
mount -a

8.3、準(zhǔn)備kickstart應(yīng)答文件

mkdir -p /var/www/html/ks
vim /var/www/html/ks/centos7.cfg

ignoredisk --only-use=vda
zerombr
text
reboot
clearpart --all --initlabel
selinux --disabled
firewall --disabled
url --url=http://10.0.0.131/centos/8/os/x86_64/
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
bootloader --append="net.ifnames=0" --location=mbr --boot-drive=vda
network --bootproto=dhcp --device=eth0 --ipv6=auto --activate
network --hostname=centos8.magedu.org
rootpw --iscrypted
$6$j9YhzDUnQVnxaAk8$qv7rkMcPAEbV5yvwsP666DXWYadd3jYjkA9fpxAo9qYotjGGBUclCGoP1TRv
gHBpqgc5n0RypMsPTQnVDcpO01
firstboot --enable
skipx
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
user --name=ken --password=6oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="ken"

autopart --type=lvm
%packages
@^minimal-environment
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
%post
useradd mage
echo magedu | passwd --stdin mage &> /dev/null
%end

8.4、使用virt-install 命令創(chuàng)建虛擬機(jī)(方法一)

virt-install --virt-type kvm \
--name centos7-kickstart \
--ram 1024 \
--vcpus 1 \
--cdrom=/data/kvm/CentOS-7-x86_64-Minimal-2009.iso \
--disk=/var/lib/libvirt/images/centos7-kickstart.qcow2 \
--network network=default \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--os-variant=centos7.0 \

在安裝引導(dǎo)界面中按下 Tab 鍵,輸入ks文件路徑 ks=10.0.0.131/ks/centos7.cfg

image.png

方法二:

使用 --extra-args 配合 --location 選項(xiàng)配置kickstart應(yīng)答文件進(jìn)行安裝

virt-install --virt-type kvm \
--name centos7-kickstart \
--ram 1024 \
--vcpus 1 \
--location=/data/kvm/CentOS-7-x86_64-Minimal-2009.iso \
--disk=/var/lib/libvirt/images/centos7-kickstart.qcow2 \
--network network=default \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--os-variant=centos7.0 \
--extra-args="ks=http://10.0.0.131/ks/centos7.cfg"
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡(jiǎn)書(shū)系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容