Linux下架构高可用性网络----HA+LB+lvs
实验总拓扑:IP规划:
Director1: eth0 192.168.10.136/28
eth1 192.168.11.2/24
Director2: eth0 192.168.10.135/28
eth1 192.168.11.1/24
web1 eth0 192.168.10.133/28
web2 eth0 192.168.10.134/28
注意:ip地址为:192.168.10.136/28的为主Director
案例1:web的HA群集:
拓扑图1:
eth0网卡用Host-Only ,eth1 用vmware 2
# vim/etc/sysconfig/network
# cat/etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=xc.bj.com
# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomainlocalhost
::1 localhost6.localdomain6 localhost6
192.168.10.135xc.bj.com
192.168.10.136zz.bj.com
# hostname xc.bj.com
# hostname
xc.bj.com
exit 退出之后,重新ssh即可修改名字,否则,必须重启
# 名称已经修改
# cat /etc/sysconfig/network
NETWORKING=yes
NETWORKING_IPV6=yes
HOSTNAME=zz.bj.com
同一个网段可以用scp来拷贝!
# scp 192.168.10.135:/etc/hosts /etc/
The authenticity of host '192.168.10.135 (192.168.10.135)' can't be established.
RSA key fingerprint is 87:be:8b:a4:bd:11:11:10:c2:ec:2d:ef:02:68:f6:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.10.135' (RSA) to the list of known hosts.
root@192.168.10.135's password:
hosts 100%242 0.2KB/s 00:00
# cat /etc/hosts
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomainlocalhost
::1 localhost6.localdomain6 localhost6
192.168.10.135xc.bj.com
192.168.10.136zz.bj.com
# hostname zz.bj.com
logout登出,再登陆即可
# ping xc.bj.com
PING xc.bj.com (192.168.10.135) 56(84) bytes of data.
64 bytes from xc.bj.com (192.168.10.135): icmp_seq=1 ttl=64 time=1.06 ms
64 bytes from xc.bj.com (192.168.10.135): icmp_seq=2 ttl=64 time=0.481 ms
# ping zz.bj.com
PING zz.bj.com (192.168.10.136) 56(84) bytes of data.
64 bytes from zz.bj.com (192.168.10.136): icmp_seq=1 ttl=64 time=0.668 ms
64 bytes from zz.bj.com (192.168.10.136): icmp_seq=2 ttl=64 time=0.350 ms
配置本地yum服务器:
# vim /etc/yum.repos.d/rhel-debuginfo.repo
# cat /etc/yum.repos.d/rhel-debuginfo.repo
name=Red Hat Enterprise Linux server
baseurl=file:///mnt/cdrom/Server
enabled=1
gpgcheck=1
gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-redhat-release
把本地yum服务器上的配置拷贝到zz.bj.com 的机器上:
# scp /etc/yum.repos.d/rhel-debuginfo.repo zz.bj.com:/etc/yum.repos.d/The authenticity of host 'zz.bj.com (192.168.10.136)' can't be established.
RSA key fingerprint is 87:be:8b:a4:bd:11:11:10:c2:ec:2d:ef:02:68:f6:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'zz.bj.com' (RSA) to the list of known hosts.
root@zz.bj.com's password:
rhel-debuginfo.repo 100%157 0.2KB/s 00:00
# mkdir /mnt/cdrom
# mount /dev/cdrom /mnt/cdrom
mount: block device /dev/cdrom is write-protected, mounting read-only
# yum install httpd –y
# cd /var/www/html/
# echo "www.xcu.com">index.html
# service httpd start服务的启动是靠hearbeat调用的,这里仅供测试开启
Starting httpd:
# yum install lynx –y
# lynx http://192.168.10.135 能够访问的到!
# service httpd stop
Stopping httpd:
# chkconfig --list |grep httpd 要保证其为off状态
httpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig httpd off 默认把2345 off了!
# chkconfig --list |grep httpd
httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
没省之前为: chkconfig --level 2345 httpd on
# service httpd status
httpd is stopped
另一台Director上操作如下:
# mkdir /mnt/cdrom
# mount /dev/cdrom /mnt/cdrom
mount: block device /dev/cdrom is write-protected, mounting read-only
# yum install httpd –y
# cd /var/www/html/
# echo "www.zhengzhou.com">index.html
# service httpd start
Starting httpd:
# yum install lynx –y
# lynx http://192.168.10.136
# service httpd stop
Stopping httpd:
# chkconfig --list |grep httpd
httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
# service httpd status
httpd is stopped
# yum localinstall -y heartbeat-2.1.4-9.el5.i386.rpm heartbeat-pils-2.1.4-10.el5.i386.rpm heartbeat-stonith-2.1.4-10.el5.i386.rpm libnet-1.1.4-3.el5.i386.rpm perl-MailTools-1.77-1.el5.noarch.rpm--nogpgcheck
需要用本地yum来解决依赖,所以,用localinstall不检测数字证书nogpgcheck
# cd /etc/ha.d
# ll
total 24
-rwxr-xr-x 1 root root745 Jul 252009 harc
drwxr-xr-x 2 root root 4096 Sep7 10:48 rc.d
-rw-r--r-- 1 root root692 Jul 252009 README.config
drwxr-xr-x 2 root root 4096 Sep7 10:48 resource.d
-rw-r--r-- 1 root root 7862 Jul 252009 shellfuncs
# cd /usr/share/doc/heartbeat-2.1.4/
# ls
apphbd.cf faqntips.html haresources Requirements.html
authkeys faqntips.txt hb_report.html Requirements.txt
AUTHORS GettingStarted.htmlhb_report.txt rsync.html
ChangeLog GettingStarted.txt heartbeat_api.htmlrsync.txt
COPYING ha.cf heartbeat_api.txt startstop
COPYING.LGPL HardwareGuide.html logd.cf
DirectoryMap.txtHardwareGuide.txt README
# cp ha.cf /etc/ha.d/
# cp haresources/etc/ha.d/ 资源定义
# cp authkeys /etc/ha.d/ 双方身份验证
# cd /etc/ha.d/
# ll
total 48
-rw-r--r-- 1 root root 645 Sep7 10:55 authkeys
-rw-r--r-- 1 root root 10539 Sep7 10:55 ha.cf
-rwxr-xr-x 1 root root 745 Jul 252009 harc
-rw-r--r-- 1 root root5905 Sep7 10:55 haresources
drwxr-xr-x 2 root root4096 Sep7 10:48 rc.d
-rw-r--r-- 1 root root 692 Jul 252009 README.config
drwxr-xr-x 2 root root4096 Sep7 10:48 resource.d
-rw-r--r-- 1 root root7862 Jul 252009 shellfuncs
# vim ha.cf
95 bcast eth1
214 nodexc.bj.com
215 nodezz.bj.com
# vim authkeys通过md5
auth 3
3 md5 889ace63c4d4dd2234a149eb187e3f4f
# dd if=/dev/random bs=512 count=1
产生的随机文件:没有of表示输入到屏幕上!
+>c.\.Y?Be?}1_v.K苌.E.躐Q?.. Pi.?吏" V?*?
??使???...$m? ~vm雌.$.侥]bX c.?0+1 records in
0+1 records out
128 bytes (128 B) copied, 0.00155976 seconds, 82.1 kB/s
# dd if=/dev/random bs=512 count=1 |openssl md5
把随机产生的文件用md5加密!
0+1 records in
0+1 records out
128 bytes (128 B) copied, 0.000253127 seconds, 506 kB/s
889ace63c4d4dd2234a149eb187e3f4f
# chmod 600 authkeys
# vim haresources资源管理器
45 zz.bj.com 192.168.10.137/28/eth0/192.168.10.143 httpd
# cp /etc/init.d/httpd resource.d/
# scp ha.cf xc.bj.com:/etc/ha.d/
The authenticity of host 'xc.bj.com (192.168.10.135)' can't be established.
RSA key fingerprint is 87:be:8b:a4:bd:11:11:10:c2:ec:2d:ef:02:68:f6:0e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'xc.bj.com' (RSA) to the list of known hosts.
root@xc.bj.com's password:
ha.cf 100% 10KB10.3KB/s 00:00
把刚才在zz.bj.com上的配置拷贝到xc.bj.com
# scp zz.bj.com:/root/*.rpm ./
root@zz.bj.com's password:
heartbeat-2.1.4-9.el5.i386.rpm 100% 1599KB 1.6MB/s 00:00
heartbeat-devel-2.1.4-9.el5.i386.rpm 100%286KB 286.5KB/s 00:00
heartbeat-gui-2.1.4-9.el5.i386.rpm 100%225KB 225.5KB/s 00:01
heartbeat-ldirectord-2.1.4-9.el5.i386.rpm 100%109KB 109.1KB/s 00:00
heartbeat-pils-2.1.4-10.el5.i386.rpm 100% 90KB89.9KB/s 00:00
heartbeat-stonith-2.1.4-10.el5.i386.rpm 100%175KB 175.0KB/s 00:00
libnet-1.1.4-3.el5.i386.rpm 100% 55KB55.5KB/s 00:00
perl-MailTools-1.77-1.el5.noarch.rpm 100% 90KB89.9KB/s 00:00
# yum localinstall -y heartbeat-2.1.4-9.el5.i386.rpm heartbeat-pils-2.1.4-10.el5.i386.rpm heartbeat-stonith-2.1.4-10.el5.i386.rpmlibnet-1.1.4-3.el5.i386.rpm perl-MailTools-1.77-1.el5.noarch.rpm --nogpgcheck
root@zz ha.d]# chkconfig --list |grep heartbeat
heartbeat 0:off 1:off 2:on 3:on 4:on 5:on 6:off
# chkconfig heartbeat on
# service heartbeat start
Starting High-Availability services:
2012/09/07_11:30:10 INFO:Resource is stopped
# netstat -tupln |grep http
tcp 0 0 :::80 :::* LISTEN 7134/httpd
本来http服务在两台机器上都是关闭状态,但是,由于这些服务都是资源,由heartbeat自动调用,所以,启动heartbeat后,它会自动调用这些资源!
# tail -f /var/log/messages
Sep7 11:32:39 mail ResourceManager: info: Acquiring resource group: zz.bj.com 192.168.10.137/28/eth0/192.168.10.143 httpd
Sep7 11:32:39 mail IPaddr: INFO:Resource is stopped
Sep7 11:32:39 mail ResourceManager: info: Running /etc/ha.d/resource.d/IPaddr 192.168.10.137/28/eth0/192.168.10.143 start
访问资源测试:
发现另一台设备则:
# ifconfig |less没有虚拟ip
这台设备处于备份状态!
# service httpd status服务关闭状态
httpd is stopped
# watch -n 1 "service httpd status"
隔一秒查看一下http的状态:
模拟一个接口失效了!
# ./hb_standby
2012/09/07_12:01:22 Going standby .
发现没有丢一个包,比较完美!
发现xc.bj.com 机器上的http已开始启动!
网页一刷新,便呈现出来!
如果两台机器上放置的是同一个网页时,不会影响正常访问
权利再夺过来!
# ./hb_takeover
另一台机器的http服务立即就停止掉了!
主服务的heartbeat一旦停掉,另一台自动启用,即资源也开始使用!
# service heartbeat stop
Stopping High-Availability services:
# service httpd status
httpd (pid12275) is running...
# service heartbeat stop
Stopping High-Availability services:
案例2:HA+LB+lvs
拓扑图2:
LVS的HA群集:
两台的heartbeat都停止掉了,即服务也停了!
# yum remove httpd
两台机器上都卸掉http
# cat /etc/yum.repos.d/rhel-debuginfo.repo
name=Red Hat Enterprise Linux server
baseurl=file:///mnt/cdrom/Server
enabled=1
gpgcheck=1
gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-redhat-release
name=Red Hat Enterprise Linux cluster
baseurl=file:///mnt/cdrom/Cluster
enabled=1
gpgcheck=1
gpgkey=file:///mnt/cdrom/RPM-GPG-KEY-redhat-release
# scp /etc/yum.repos.d/rhel-debuginfo.repo xc.bj.com:/etc/yum.repos.d/
两台机器都用:
# yum install ipvsadm –y
# chkconfig --list |grep ipvs
ipvsadm 0:off 1:off 2:off 3:off 4:off 5:off 6:off
# service ipvsadm status
ipvsadm is stopped
# ipvsadm -A -t 192.168.10.137:80 -s rr
# ipvsadm -a -t 192.168.10.137:80 -r 192.168.10.133 -g
# ipvsadm -a -t 192.168.10.137:80 -r 192.168.10.134 -g
# service ipvsadm save
Saving IPVS table to /etc/sysconfig/ipvsadm:
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.134:80 Route 1 0 0
-> 192.168.10.133:80 Route 1 0 0
# service ipvsadm stop
Clearing the current IPVS table:
# service ipvsadm start
Clearing the current IPVS table:
Applying IPVS configuration:
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.133:80 Route 1 0 0
-> 192.168.10.134:80 Route 1 0 0
# service ipvsadm stop
Clearing the current IPVS table:
把刚才的配置拷贝到192.168.10.136/28的机器 上!
# scp /etc/sysconfig/ipvsadmzz.bj.com:/etc/sysconfig/
root@zz.bj.com's password:
ipvsadm 100%136 0.1KB/s 00:00
# vim haresources
45 zz.bj.com 192.168.10.137/28/eth0/192.168.10.143 ipvsadm
# cp /etc/init.d/ipvsadm resource.d/ 控制脚本也拷贝过去
# scp haresources zz.bj.com:/etc/ha.d/ 刚修改的东西拷到另一台机器上
# service ipvsadm status
ipvsadm is stopped
# service heartbeat start
logd is already running
Starting High-Availability services:
2012/10/15_17:04:49 INFO:Resource is stopped
# tail -f /var/log/messages
在其机器上查看:
# service ipvsadm start
Clearing the current IPVS table:
Applying IPVS configuration:
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.133:80 Route 1 0 0
-> 192.168.10.134:80 Route 1 0 0
# service ipvsadm stop
Clearing the current IPVS table:
# service ipvsadm status
ipvsadm is stopped
# service heartbeat start
Starting High-Availability services:
2012/10/15_16:44:39 INFO:Resource is stopped
# cp /etc/init.d/ipvsadm resource.d/
cp: overwrite `resource.d/ipvsadm'? y
# ifconfig |less
发现已经有虚拟ip
eth0 Link encap:EthernetHWaddr 00:0C:29:5B:98:33
inet addr:192.168.10.136Bcast:192.168.10.143Mask:255.255.255.240
inet6 addr: fe80::20c:29ff:fe5b:9833/64 Scope:Link
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
RX packets:11573 errors:0 dropped:0 overruns:0 frame:0
TX packets:10445 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3679371 (3.5 MiB)TX bytes:4107158 (3.9 MiB)
Interrupt:67 Base address:0x2000
eth0:0 Link encap:EthernetHWaddr 00:0C:29:5B:98:33
inet addr:192.168.10.137Bcast:192.168.10.143Mask:255.255.255.240
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
Interrupt:67 Base address:0x2000
eth1 Link encap:EthernetHWaddr 00:0C:29:5B:98:3D
inet addr:192.168.11.2Bcast:192.168.11.255Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe5b:983d/64 Scope:Link
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
RX packets:5849 errors:0 dropped:0 overruns:0 frame:0
TX packets:4255 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1451433 (1.3 MiB)TX bytes:1043240 (1018.7 KiB)
Interrupt:67 Base address:0x2080
# tail -f /var/log/messages
# ipvsadm –ln 已启动起来了!
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.133:80 Route 1 0 0
-> 192.168.10.134:80 Route 1 0 0
备份机上查看状态:
# watch -n 1 "ipvsadm -ln"
主机上模拟接口失效状态:
# cd /usr/lib/heartbeat/
# ./hb_standby
2012/09/07_14:19:11 Going standby .
备份机上watch -n 1 "ipvsadm -ln" 立即转变
ifconfig |less 多了vip
eth0 Link encap:EthernetHWaddr 00:0C:29:1B:D6:40
inet addr:192.168.10.135Bcast:192.168.10.143Mask:255.255.255.240
inet6 addr: fe80::20c:29ff:fe1b:d640/64 Scope:Link
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
RX packets:10387 errors:0 dropped:0 overruns:0 frame:0
TX packets:7743 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3557930 (3.3 MiB)TX bytes:945775 (923.6 KiB)
Interrupt:67 Base address:0x2000
eth0:0 Link encap:EthernetHWaddr 00:0C:29:1B:D6:40
inet addr:192.168.10.137Bcast:192.168.10.143Mask:255.255.255.240
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
Interrupt:67 Base address:0x2000
eth1 Link encap:EthernetHWaddr 00:0C:29:1B:D6:4A
inet addr:192.168.11.1Bcast:192.168.11.255Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe1b:d64a/64 Scope:Link
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
RX packets:6909 errors:0 dropped:0 overruns:0 frame:0
TX packets:8599 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1697015 (1.6 MiB)TX bytes:2118388 (2.0 MiB)
# ./hb_takeover 权利夺回!
备份服务器上已看不到vip
备份机上watch -n 1 "ipvsadm -ln" 立即看不到列表
后台服务器realserver1:
# sysctl -a |grep arp
dev.parport.parport0.devices.lp.timeslice = 200
dev.parport.parport0.devices.active = none
dev.parport.parport0.modes = PCSPP,TRISTATE
dev.parport.parport0.dma = -1
dev.parport.parport0.irq = 7
dev.parport.parport0.base-addr = 888 0
dev.parport.parport0.spintime = 500
dev.parport.default.spintime = 500
dev.parport.default.timeslice = 200
net.ipv4.conf.eth0.arp_accept = 0
net.ipv4.conf.eth0.arp_ignore = 0
net.ipv4.conf.eth0.arp_announce = 0
net.ipv4.conf.eth0.arp_filter = 0
net.ipv4.conf.eth0.proxy_arp = 0
net.ipv4.conf.lo.arp_accept = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
net.ipv4.conf.lo.arp_filter = 0
net.ipv4.conf.lo.proxy_arp = 0
net.ipv4.conf.default.arp_accept = 0
net.ipv4.conf.default.arp_ignore = 0
net.ipv4.conf.default.arp_announce = 0
net.ipv4.conf.default.arp_filter = 0
net.ipv4.conf.default.proxy_arp = 0
net.ipv4.conf.all.arp_accept = 0
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.all.arp_filter = 0
net.ipv4.conf.all.proxy_arp = 0
# echo "net.ipv4.conf.eth0.arp_announce=2">>/etc/sysctl.conf
# echo "net.ipv4.conf.all.arp_announce=2">>/etc/sysctl.conf
# echo "net.ipv4.conf.lo.arp_ignore=1">>/etc/sysctl.conf
# echo "net.ipv4.conf.all.arp_ignore=1">>/etc/sysctl.conf
# sysctl –p
net.ipv4.ip_forward = 0
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
kernel.sysrq = 0
kernel.core_uses_pid = 1
net.ipv4.tcp_syncookies = 1
kernel.msgmnb = 65536
kernel.msgmax = 65536
kernel.shmmax = 4294967295
kernel.shmall = 268435456
net.ipv4.conf.eth0.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.all.arp_ignore = 1
# service network restart
Shutting down interface eth0:
Shutting down loopback interface:
Bringing up loopback interface:
Bringing up interface eth0:
# ifconfig
eth0 Link encap:EthernetHWaddr 00:0C:29:10:D7:4F
inet addr:192.168.10.133Bcast:192.168.10.143Mask:255.255.255.240
inet6 addr: fe80::20c:29ff:fe10:d74f/64 Scope:Link
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
RX packets:1177 errors:0 dropped:0 overruns:0 frame:0
TX packets:764 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:130489 (127.4 KiB)TX bytes:126400 (123.4 KiB)
Interrupt:67 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNINGMTU:16436Metric:1
RX packets:8 errors:0 dropped:0 overruns:0 frame:0
TX packets:8 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:560 (560.0 b)TX bytes:560 (560.0 b)
lo:0 Link encap:Local Loopback
inet addr:192.168.10.137Mask:255.255.255.255
UP LOOPBACK RUNNINGMTU:16436Metric:1
临时创建路由:
# route add -host 192.168.10.137 dev lo:0
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.10.1370.0.0.0 255.255.255.255 UH 0 0 0 lo
192.168.10.1280.0.0.0 255.255.255.240 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0
realserver2同理:
测试:
由lamp搭建的连接mysql 数据库的php页面!
主director
web窗口如果关闭ActiveConn为0
由于是轮询方式,所以:
后台服务器:一个mysql服务启动 (realserver1) 一个关闭(realserver2)
# pwd
/usr/lib/heartbeat
# ./hb_standby
2012/09/08_14:52:33 Going standby .
另一台director立即启动ipvsadm,测试正常!
ipvsadm动态列表(让前方的director主动去探测后台的服务器,如果后台服务器停止了服务,自己向外部提供服务)
heartbeat-ldirectord-2.1.4-9.el5.i386 该包能够实现heartbeat与lvs完美结合,用来探测后台服务器!
在director上安装此包!
# service heartbeat stop
Stopping High-Availability services:
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
先上传该安装包:
# rpm -ivh heartbeat-ldirectord-2.1.4-9.el5.i386.rpm
warning: heartbeat-ldirectord-2.1.4-9.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 217521f6
Preparing... ###########################################
1:heartbeat-ldirectord ###########################################
# rpm -ql heartbeat-ldirectord-2.1.4-9.el5.i386.rpm
package heartbeat-ldirectord-2.1.4-9.el5.i386.rpm is not installed
# rpm -ql heartbeat-ldirectord
/etc/ha.d/resource.d/ldirectord
/etc/init.d/ldirectord 控制脚本
/etc/logrotate.d/ldirectord
/usr/sbin/ldirectord
/usr/share/doc/heartbeat-ldirectord-2.1.4
/usr/share/doc/heartbeat-ldirectord-2.1.4/COPYING
/usr/share/doc/heartbeat-ldirectord-2.1.4/README
/usr/share/doc/heartbeat-ldirectord-2.1.4/ldirectord.cf
/usr/share/man/man8/ldirectord.8.gz
# cp /usr/share/doc/heartbeat-ldirectord-2.1.4/ldirectord.cf /etc/ha.d/
# cp /etc/init.d/ldirectord/etc/ha.d/resource.d/
cp: overwrite `/etc/ha.d/resource.d/ldirectord'? n
安装时,自动拷贝过去了!
# vim /etc/ha.d/ldirectord.cf
11 # Global Directives
12 checktimeout=3 检测超时时间3秒
13 checkinterval=1 检测间隔
14 #fallback=127.0.0.1:80 后方服务器都探测不到,自己提供服务
15 autoreload=yes 无需启动,自动加载
16 #logfile="/var/log/ldirectord.log"日志文件
17 #logfile="local0"
18 #emailalert="admin@x.y.z"
19 #emailalertfreq=3600
20 #emailalertstatus=all
21 quiescent=yes 静默模式:如果后台服务器失效,ipvsadm表现不删除,只把失效服务器的权重值调小
# pwd
/etc/ha.d
# vim haresources
45 zz.bj.com 192.168.10.137 ldirectord::ldirectord.cf
现在可以把ipvsadm删除掉或者如下备份:
# mv /etc/sysconfig/ipvsadm/etc/sysconfig/ipvsadm.old
在另一台机器上安装heartbeat-ldirectord-2.1.4-9.el5.i386 包
# scp ./heartbeat-ldirectord-2.1.4-9.el5.i386.rpmxc.bj.com:/root
root@xc.bj.com's password:
heartbeat-ldirectord-2.1.4-9.el5.i386.rpm 100%109KB 109.1KB/s 00:00
# rpm -ivh heartbeat-ldirectord-2.1.4-9.el5.i386.rpm
warning: heartbeat-ldirectord-2.1.4-9.el5.i386.rpm: Header V3 DSA signature: NOKEY, key ID 217521f6
Preparing... ###########################################
1:heartbeat-ldirectord ###########################################
把刚修改的文件拷贝到另一台director上!
# scp ldirectord.cf xc.bj.com:/etc/ha.d/
root@xc.bj.com's password:
ldirectord.cf 100% 7690 7.5KB/s 00:00
# mv /etc/sysconfig/ipvsadm/etc/sysconfig/ipvsadm.old
两台director服务都启动:
# service heartbeat start
Starting High-Availability services:
2012/10/16_20:04:42 INFO:Resource is stopped
# tail -f /var/log/messages
Oct 16 20:04:43 xc heartbeat: : info: Link xc.bj.com:eth1 up.
Oct 16 20:04:43 xc harc: info: Running /etc/ha.d/rc.d/status status
Oct 16 20:04:43 xc heartbeat: : info: Comm_now_up(): updating status to active
Oct 16 20:04:43 xc heartbeat: : info: Local status now set to: 'active'
Oct 16 20:04:44 xc heartbeat: : info: Status update for node zz.bj.com: status active
Oct 16 20:04:44 xc harc: info: Running /etc/ha.d/rc.d/status status
Oct 16 20:04:55 xc heartbeat: : info: remote resource transition completed.
Oct 16 20:04:55 xc heartbeat: : info: remote resource transition completed.
Oct 16 20:04:55 xc heartbeat: : info: Initial resource acquisition complete (T_RESOURCES(us))
Oct 16 20:04:55 xc heartbeat: : info: No local resources to acquire.
# ifconfig |less
eth0 Link encap:EthernetHWaddr 00:0C:29:5B:98:33
inet addr:192.168.10.136Bcast:192.168.10.143Mask:255.255.255.240
inet6 addr: fe80::20c:29ff:fe5b:9833/64 Scope:Link
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
RX packets:5767 errors:0 dropped:0 overruns:0 frame:0
TX packets:4833 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:646738 (631.5 KiB)TX bytes:754427 (736.7 KiB)
Interrupt:67 Base address:0x2000
eth0:0 Link encap:EthernetHWaddr 00:0C:29:5B:98:33
inet addr:192.168.10.137Bcast:192.168.10.143Mask:255.255.255.240
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
Interrupt:67 Base address:0x2000
eth1 Link encap:EthernetHWaddr 00:0C:29:5B:98:3D
inet addr:192.168.11.2Bcast:192.168.11.255Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe5b:983d/64 Scope:Link
UP BROADCAST RUNNING MULTICASTMTU:1500Metric:1
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.134:80 Route 0 0 0
-> 192.168.10.133:80 Route 0 0 0
因为ldirector.cf里用的是默认静默模式,只把Weight减少了,列表还在,没做任何处理!
另一台director没有vip,也没用ipvsadm –ln 列表!
后台服务器进行测试:
# cd /usr/local/apache/bin/
# ./apachectl stop
httpd: apr_sockaddr_info_get() failed for gjp99.baidu.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
# netstat -tupln |grep http
# pwd
/usr/local/apache/htdocs
# ll
total 8
-rw-r--r-- 1 root root 6 Oct 16 11:38 index.html
-rw-r--r-- 1 root root 137 Oct 16 12:16 index.php
# echo "ok">test.html
# cd ../bin/
# ./apachectl start
httpd: apr_sockaddr_info_get() failed for gjp99.baidu.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.134:80 Route 0 0 0
-> 192.168.10.133:80 Route 1 0 0
发现权重值已发生改变!
另一台机器:
# pwd
/usr/local/apache
# cd htdocs/
# ll
total 8
-rw-r--r-- 1 root root 6 Oct 16 11:38 index.html
-rw-r--r-- 1 root root 137 Oct 16 12:16 index.php
# echo "ok">test.html
# cd ../bin/
# ./apachectl stop
httpd: apr_sockaddr_info_get() failed for gjp99.baidu.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
# ./apachectl start
httpd: apr_sockaddr_info_get() failed for gjp99.baidu.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.134:80 Route 1 0 0
-> 192.168.10.133:80 Route 1 0 0
由于静默模式打开了饿,所以后台服务器即使失效,列表也不消失
现在将静默模式关闭,测试:
两台director上都进行修改:
# vim ldirectord.cf
quiescent=no
模拟:停掉后台服务器192.168.10.133:
# ./apachectl stop
httpd: apr_sockaddr_info_get() failed for gjp99.baidu.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.134:80 Route 1 0 0
发现已动态呈现,列表中仅显示正在活动的服务器!
# ./apachectl start
httpd: apr_sockaddr_info_get() failed for gjp99.baidu.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
服务再重启:
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.133:80 Route 1 0 0
-> 192.168.10.134:80 Route 1 0 0
停掉后台服务器192.168.10.134:
# ./apachectl stop
httpd: apr_sockaddr_info_get() failed for gjp99.baidu.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.133:80 Route 1 0 0
# ./apachectl start
httpd: apr_sockaddr_info_get() failed for gjp99.baidu.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP192.168.10.137:80 rr
-> 192.168.10.134:80 Route 1 0 0
-> 192.168.10.133:80 Route 1 0 0
学习了,不错,讲的太有道理了 有事秘书干,没事干秘书! 丑,但是丑的特别,也就是特别的丑! 我不在江湖,但江湖中有我的传说。 男人在结婚前觉得适合自己的女人很少,结婚后觉得适合自己的女人很多。 我身在江湖,江湖里却没有我得传说。
页:
[1]