CSDN博客

img gimser

在FreeBSD下用vrrp实现基于DNS轮询的冗余服务

发表于2004/6/28 0:28:00  843人阅读

分类: FREEBSD

在FreeBSD下用vrrp实现基于DNS轮询的冗余服务


在FreeBSD下实现基于DNS Robin Round的冗余服务
在传统的基于DNS Robin Round的web load balance解决方案下,有一个明显的缺点,
那就是万一其中一个服务器死了(服务宕了,或者断电、硬盘坏之类的硬故障),那轮转到该服务器上的web服务将是一个死点,
所有定向到该服务器上的web request都将返回服务不可得到的结果。

利用vrrp(Virtual Router Redundancy Protocol,虚拟路由冗余协议),可以避免这个毛病。

假设你有3台双网卡的webserver,其内/外网的ip分别是:
1) 192.168.0.1/202.1.1.1
2) 192.168.0.2/202.1.1.2
3) 192.168.0.3/202.1.1.3

在dns上做了robin round,即www.company.com指向202.1.1.1,202.1.1.2,202.1.1.3
即用域名查询工具得到如下的结果:
# host www.company.com
www.company.com has address 202.1.1.1
www.company.com has address 202.1.1.2
www.company.com has address 202.1.1.3

这时,加上vrrp功能就不会有死点存在了。
比如第二台server down了,第一台server或第三台server(具体哪台server接管服务,可由配置文件定义)
会在自己的外网卡绑一个202.1.1.2的ip别名,接管第二台机的服务,使web server不出现访问死点。


FreeVRRPd的特点:
* 守护进程兼容RFC 2338
* 实现虚拟地址
* 支持多 VRID
* 用BPF包把主服务器的健康状态告诉从服务器
* 能够主服务器down后3秒钟内改变从服务器的ip和路由。
* 能清除所有主机里的arp cache(这一点很重要,原因自己体会)。
* 可以在不同的从服务器间选择一台来接管服务。
* 主机能同时被设置为主(master)或从(slave)方式。
* 如果主服务器up,恢复正常运行后,从服务器会自动降级
* 能防止地址冲突
* 多线程的vrrp守护进程
* 支持明文密码
* 支持虚拟地址的掩码

 

在三台机分别安装freevrrpd(FreeBSD 4.6下freevrrpd的版本是0.8.4,home: http://www.bsdshell.net/),
假设你的安装环境是FreeBSD 4.6,如果是狠老的版本,请注意你的核心一定要有bpf设备的支持。

# cd /usr/ports/net/freevrrpd/
# make all install distclean

cp /usr/local/etc/freevrrpd.conf.sample /usr/local/etc/freevrrpd.conf
并对freevrrpd.conf做适当修改,运行/usr/local/etc/rc.d/freevrrpd.sh start
即可。

参考:rfc2338
http://www.bsdshell.net/


###########
# !! WARNING !! You must copy /usr/local/etc/vrrpd.conf.sample to   #
# /usr/local/etc/vrrpd.conf and configure /usr/local/etc/vrrpd.conf #
# before running vrrpd. to run vrrpd type /usr/local/sbin/vrrpd  #
##########

----
Lonely Planet----Waiting...
 
[VRID]
serverid = 1
interface = lnc0
priority = 255
addr = 192.168.1.20
[VRID]
serverid = 2
interface = lnc0
priority = 254
addr = 192.168.0.21

 


[VRID]
serverid = 1
interface = lnc0
priority = 254
addr = 192.168.1.20
[VRID]
serverid = 2
interface = lnc0
priority = 255
addr = 192.168.0.21

 

 


2) Configure FreeVRRPd
      
        Until this point, both machines have been equal.  Now, you
        need to choose which FWLB is going to be your primary.  On
        this machine, Copy /usr/local/etc/freevrrpd.conf.sample to
        /usr/local/etc/freevrrpd.conf.  Edit the file, and configure
        it along the following lines:

        # public-facing VRID
        [VRID]
        serverid = 1
        interface = fxp0
        priority = 255
        addr = 198.123.111.1/32
        password = vrid1
        vridsdep = 2

        # backend VRID
        [VRID]
        serverid = 2
        interface = fxp1
        priority = 255
        addr = 10.0.0.1/32
        password = vrid2
        vridsdep = 1

 

 


How to configure Failover scenario with FreeVRRPD
(478 total words in this text)
(viewed: 6762 times)    

 


setting up failover system with freevrrpd
If you have more than one server for one service, you'll want to use it, right? You'll need to use it!

One possible way is with freevrrpd software. It uses virtual IP, which can be assigned to many different NICs.

So, for example, one server has IP 192.168.0.10 and it runs heavly loaded httpd server. When it crashes, service is down.
If you were using freevrrpd daemon, second server would takeover the IP (192.168.0.10), and service would be up & running
on second server.

The basic idea is, to have two servers for one service. Every server is master (priority 255) for one virtual IP and slave
for second virtual IP (priority 250).
In our case, Server1 is master for 192.168.0.10 and in the same time slave for 192.168.0.11.
If Server1 goes down, Server2 (slave server for IP 192.168.0.10) notice that and takes over that IP. Now Server2 has two aliases
on one interface. Result: customers see's no service downtime, as takeover time is at max 3 seconds.

If server2 (master for 192.168.0.11) goes down, Server 1 see's that and takeover the IP.

In every case, service stays up and that's our goal.

 

0. Starting up
Update ports (only net section is needed), top make sure, you've got the latest version (0.8.4 in time of writing).

cd to /usr/ports/net/freevrrpd and read pkg-descr. When done, install the port with make install clean as root.

When installed, you'll find freevrrpd.conf.sample in /usr/local/etc/. Rename it to freevrrpd.conf.
This is well documented conf file, so you shouldn't have any problems. But, anyway, here's my config file:


Server1 (Master for IP: 192.168.0.10)

[VRID]
serverid = 2
interface = fxp0
priority = 255
addr = 192.168.0.10
[VRID]
serverid = 1
interface = fxp0
priority = 250
addr = 192.168.0.11
 Server2 (Master for IP: 192.168.0.11)

[VRID]
serverid = 2
interface = fxp0
priority = 250
addr = 192.168.0.10
[VRID]
serverid = 1
interface = fxp0
priority = 255
addr = 192.168.0.11
 

 

Here I ignore password tag, but you can use it, if you like.

The last thing is to setup DNS servers, to point to both virtual addresess:

牋?www IN A 192.168.0.10
牋?www IN A 192.168.0.11

1. Explanation
[VRID] defines VIrtual ID section. Every section must begin with this.
serverid = 2 says, we're dealing with second VRID.
interface = fxp0 states, we'll be using virtual IP on this interface as alias
priority = 255 means, this machine is the master for this VRID (this virtual IP, stated below)
addr = 192.168.0.10 is the virtual IP, for which this machine is master.

While this is a nice thing to have, one must be verry carefull not to set serverid's or priority's wrong. Take extra care or ARP tables will go crazy!
Another thing, If you planing using 3, 4, 5 or even more servers per service, make sure you have enough /dev/bpf devices, because every VRID takes one.
You can make them with /dev/MAKEDEV bpf10, for 10 /dev/bpf devices.


 

0 0

相关博文

我的热门文章

img
取 消
img