LVS+Keepalived高可用集群与KVM
一、实现LVS+Keepalived高可用集群
1、架构图
2、编译安装keepalived
选项--disable-fwmark 可用于禁用iptables规则,可防止VIP无法访问,无此选项默认会启用ipatbles规则
yum install -y gcc curl openssl-devel libnl3-devel net-snmp-devel
./configure --prefix=/usr/local/keepalived --disable-fwmark
make && make install
cd /usr/local/keepalived
[root@lvs1 keepalived]# sbin/keepalived -v
Keepalived v2.2.2 (03/05,2021)
Copyright(C) 2001-2021 Alexandre Cassen, <acassen@gmail.com>
Built with kernel headers for Linux 3.10.0
Running on Linux 3.10.0-1062.el7.x86_64 #1 SMP Wed Aug 7 18:08:02 UTC 2019
Distro: CentOS Linux 7 (Core)
...
3、准备邮件通知脚本(当有keepalived节点故障时发送邮件到指定邮箱)
通知脚本说明:
当前节点成为主节点时触发的脚本notify_master <STRING>|<QUOTED-STRING>
当前节点转为备节点时触发的脚本notify_backup <STRING>|<QUOTED-STRING>
当前节点转为“失败”状态时触发的脚本notify_fault <STRING>|<QUOTED-STRING>
通用格式的通知触发机制,一个脚本可完成以上三种状态的转换时的通知notify <STRING>|<QUOTED-STRING>
/etc/keepalived/notify.sh
#!/bin/bash
#
contacts='kk399012523@163.com'
notify() {
mailsubject="$(hostname) to be $1, vip floating"
mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contacts
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
chmod a+x /etc/keepalived/notify.sh
4、配置邮箱(两个keepalived节点安装mailx)
yum -y install mailx
vim /etc/mail.rc
set from=xxx@163.com
set smtp=smtp.163.com
set smtp-auth-user=xxx@163.com
set smtp-auth-password=xxx
set smtp-auth=login
# 发送邮件测试
echo "Test Mail"| mail -s Warning xxx@163.com
5、创建主配置文件
lvs1节点主配置文件
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
kk399012523@163.com
}
notification_email_from kk399012523@163.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lvs1.demo
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.100.10
}
include /etc/keepalived/conf.d/*.conf
lvs2节点主配置文件
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
kk399012523@163.com
}
notification_email_from kk399012523@163.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lvs2.demo
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.100.10
}
include /etc/keepalived/conf.d/*.conf
6、创建子配置文件 (/etc/keepalived/conf.d)
lvs1的子配置文件
mkdir /etc/keepalived/conf.d
vim /etc/keepalived/conf.d/web1.conf
vrrp_instance web_1 {
state MASTER
interface eth0
virtual_router_id 57
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
10.0.0.100/24 dev eth0 label eth0:1
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
lvs2的子配置文件
mkdir /etc/keepalived/conf.d
vim /etc/keepalived/conf.d/web1.conf
vrrp_instance web_1 {
state BACKUP
interface eth0
virtual_router_id 57
priority 80 #修改优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
10.0.0.100/24 dev eth0 label eth0:1
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
经测试,此时VIP 10.0.0.100漂在 lvs1上,当lvs1挂了后,VIP会漂到 lvs2 上,并发送邮件通知 lvs2 成为主节点。
7、利用 keepalived 生成 LVS 的虚拟服务器配置 (两个节点一样)
vim /etc/keepalived/conf.d/lvs_web1.conf
virtual_server 10.0.0.100 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 10.0.0.11 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 10.0.0.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
8、重启keepalived,安装ipvsadm工具查看生成的 lvs 规则
yum -y install ipvsadm
[root@lvs1 keepalived]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.0.100:80 rr
-> 10.0.0.71:80 Route 1 0 0
-> 10.0.0.72:80 Route 1 0 0
9、准备两台web服务器绑定VIP至web服务器的 lo 网卡,分别修改内核参数限制响应级别和通告级别
[root@nginx1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@nginx1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@nginx1 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@nginx1 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@nginx1 ~]# ifconfig lo:1 10.0.0.100/32
[root@nginx1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 10.0.0.100/0 scope global lo:1
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
[root@nginx2 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@nginx2 ~]# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
[root@nginx2 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@nginx2 ~]# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
[root@nginx2 ~]# ifconfig lo:1 10.0.0.100/32
[root@nginx2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 10.0.0.100/0 scope global lo:1
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
测试,访问 VIP 10.0.0.100 已经可以轮询调度
故障模拟:挂掉 lvs1,可以看到 lvs 规则已经转移到 lvs2上,并收到邮件通知。
[root@lvs2 conf.d]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 10.0.0.100:80 rr
-> 10.0.0.71:80 Route 1 0 0
-> 10.0.0.72:80 Route 1 0 0
二、KVM的安装配置
1、宿主机环境准备
KVM需要宿主机CPU必须支持虚拟化功能,在vmware workstation上使用虚拟机做宿主机,那么必须要在虚拟机配置界面的处理器选项中开启虚拟机化功能。
2、查看宿主机是否开启虚拟化(Intel CPU 对应 vmx ;AMD CPU 对应 svm)
grep -Em 1 "vmx|svm" /proc/cpuinfo
3、KVM 相关工具包介绍
- qemu-kvm:为kvm提供底层仿真支持
- libvirt-daemon:libvirtd守护进程,管理虚拟机
- libvirt-client:用户端软件,提供客户端管理命令
- libvirt-daemon-driver-qemu:libvirtd连接qemu的驱动
- libvirt:使用最多的KVM虚拟化管理工具和应用程序接口,即通过libvirt调用KVM创建虚拟机,libvirt是KVM通用的访问API,其不但能管理KVM,还能管理VMware、Xen、Hyper-V、virtualBox等虚拟化方案。
- virt-manager:图形界面管理工具,其底层也是调用libvirt API来完成对虚拟机的操作,包括虚拟机的创建、删除、启动、停止以及一些简单的监控功能等。
- virt-install: 虚拟机命令行安装工具
- virsh:命令行工具是基于 libvirt API 创建的命令行工具,它可以作为图形化的 virt-manager 应用的备选工具。virsh 命令可以被用来创建虚拟化任务管理脚本,如安装、启动和停止虚拟机
- virt-viewer:通过 VNC 和 SPICE 协议显示虚拟机器图形控制台的最小工具。该工具在其同名软件包中(virtviewer)
- cockpit:CentOS8 专门提供的基于Web的虚拟机管理界面
4、libvirt 结构图
5、CentOS7 安装KVM
yum -y install qemu-kvm libvirt virt-manager virt-install
systemctl start libvirtd
systemctl enable libvirtd
6、使用 virt-manager 图形化虚拟机管理工具创建虚拟机
export DISPLAY=10.0.0.1:0.0
virt-manager
图形化界面新建虚拟机,跟VMware操作类似。
7、使用 virt-install 命令创建虚拟机
虽然使用virt-manager 可以方便的管理虚拟机,但如果需要批量进行虚拟机的创建管理,命令行工具virtinstall
更加适合
7.1、利用 qemu-img命令创建虚拟磁盘
注意:qemu-img create 一定要确认对应路径下没有此文件,如果存在将覆盖原文件
[root@kvm images]# qemu-img create -f qcow2 /var/lib/libvirt/images/centos7.qcow2 10G
Formatting '/var/lib/libvirt/images/centos7.qcow2', fmt=qcow2 size=10737418240 encryption=off cluster_size=65536 lazy_refcounts=off
[root@kvm images]# cd /var/lib/libvirt/images
[root@kvm images]# ll -h
total 196K
-rw-r--r-- 1 root root 193K Mar 20 02:14 centos7.qcow2
查看虚拟磁盘大小,是根据使用多少动态增长。
7.2、利用 osinfo-query命令查看支持的OS版本
7.3、创建虚拟机光盘启动并手动安装
创建默认NAT模式的虚拟机,并不自动打开virt-viewer连接console,需要手动打开virt-manager 连接,并手动安装系统。
virt-install --virt-type kvm \
--name centos7 \
--ram 1024 \
--vcpus 1 \
--cdrom=/data/kvm/CentOS-7-x86_64-Minimal-2009.iso \
--disk=/var/lib/libvirt/images/centos7.qcow2 \
--network network=default \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--os-variant=centos7.0
Starting install...
Domain installation still in progress. You can reconnect to
the console to complete the installation process.
virt-install 命令即启动安装程序,按提示完成安装即可8、创建虚拟机从光盘启动并利用kickstart自动安装系统
8.1、创建虚拟磁盘
qemu-img create -f qcow2 /var/lib/libvirt/images/centos7-kickstart.qcow2 10G
8.2、准备 yum 仓库
yum -y install httpd
systemctl enable httpd
systemctl start httpd
mkdir -pv /var/www/html/centos/{6,7,8}/os/x86_64/
vim /etc/fstab
/data/kvm/CentOS-7-x86_64-Minimal-2009.iso /var/www/html/centos/7/os/x86_64/ iso9660 defaults 0 0
mount /dev/sr0 /var/www/html/centos/7/os/x86_64/
mount -a
8.3、准备kickstart应答文件
mkdir -p /var/www/html/ks
vim /var/www/html/ks/centos7.cfg
ignoredisk --only-use=vda
zerombr
text
reboot
clearpart --all --initlabel
selinux --disabled
firewall --disabled
url --url=http://10.0.0.131/centos/8/os/x86_64/
keyboard --vckeymap=us --xlayouts='us'
lang en_US.UTF-8
bootloader --append="net.ifnames=0" --location=mbr --boot-drive=vda
network --bootproto=dhcp --device=eth0 --ipv6=auto --activate
network --hostname=centos8.magedu.org
rootpw --iscrypted
$6$j9YhzDUnQVnxaAk8$qv7rkMcPAEbV5yvwsP666DXWYadd3jYjkA9fpxAo9qYotjGGBUclCGoP1TRv
gHBpqgc5n0RypMsPTQnVDcpO01
firstboot --enable
skipx
services --disabled="chronyd"
timezone Asia/Shanghai --isUtc --nontp
user --name=ken --password=6oUfb/02CWfLb5l8f$sgEZeR7c7DpqfpmFDH6huSmDbW1XQNR4qKl2EPns.gOXqlnAIgv9pTogtFVaDtEpMOC.SWXKYqxfVtd9MCwxb1 --iscrypted --gecos="ken"
autopart --type=lvm
%packages
@^minimal-environment
kexec-tools
%end
%addon com_redhat_kdump --enable --reserve-mb='auto'
%end
%anaconda
pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
%end
%post
useradd mage
echo magedu | passwd --stdin mage &> /dev/null
%end
8.4、使用virt-install 命令创建虚拟机(方法一)
virt-install --virt-type kvm \
--name centos7-kickstart \
--ram 1024 \
--vcpus 1 \
--cdrom=/data/kvm/CentOS-7-x86_64-Minimal-2009.iso \
--disk=/var/lib/libvirt/images/centos7-kickstart.qcow2 \
--network network=default \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--os-variant=centos7.0 \
在安装引导界面中按下 Tab 键,输入ks文件路径
ks=10.0.0.131/ks/centos7.cfg
方法二:
使用
--extra-args
配合--location
选项配置kickstart应答文件进行安装
virt-install --virt-type kvm \
--name centos7-kickstart \
--ram 1024 \
--vcpus 1 \
--location=/data/kvm/CentOS-7-x86_64-Minimal-2009.iso \
--disk=/var/lib/libvirt/images/centos7-kickstart.qcow2 \
--network network=default \
--graphics vnc,listen=0.0.0.0 \
--noautoconsole \
--os-variant=centos7.0 \
--extra-args="ks=http://10.0.0.131/ks/centos7.cfg"
作者:Ken_7988
原文链接:https://www.jianshu.com/p/73d5ea0cc0d9