一.高可用集群
1.1集群类型
LB:Load Balance 负载均衡
LVS/HAProxy/nginx(http/upstream, stream/upstream)
HA:High Availability 高可用集群
数据库 Redis
SPoF: Single Point of Failure,解决单点故障
HPC:High Performance Computing 高性能集群
1.2VRRP:Virtual Router Redundancy Protocol
虚拟路由冗余协议,解决静态网关单点风险
物理层:路由器、三层交换机
软件层:keepalived
1.2.1VRRP 相关术语
虚拟路由器:Virtual Router
虚拟路由器标识:VRID(0-255),唯一标识虚拟路由器
VIP:Virtual IP
VMAC:Virutal MAC (00-00-5e-00-01-VRID)
物理路由器:
master:主设备
backup:备用设备
priority:优先级
1.2.2VRRP 相关技术
通告:心跳,优先级等;周期性
工作方式:抢占式,非抢占式
安全认证:
无认证
简单字符认证:预共享密钥
MD5
工作模式:
主/备:单虚拟路由器
主/主:主/备(虚拟路由器1),备/主(虚拟路由器2)
二.keepalived
2.1keepalived 简介
vrrp 协议的软件实现,原生设计目的为了高可用 ipvs服务
功能: 基于vrrp协议完成地址流动
为vip地址所在的节点生成ipvs规则(在配置文件中预先定义)
为ipvs集群的各RS做健康状态检测
基于脚本调用接口完成脚本中定义的功能,进而影响集群事务,以此支持nginx、haproxy等服务
2.2Keepalived 环境准备
各节点时间必须同步:ntp, chrony
关闭防火墙及SELinux
systemctl disable --now firewalld
setenforce 02.3Keepalived 安装
# rhel7为例
yum install keepalived -y
systemctl start keepalived 2.4KeepAlived 配置说明
配置文件:/etc/keepalived/keepalived.conf
GLOBAL CONFIGURATION
Global definitions: 定义邮件配置,route_id,vrrp配置,多播地址等
VRRP CONFIGURATION
VRRP instance(s): 定义每个vrrp虚拟路由器
LVS CONFIGURATION
Virtual server group(s)
Virtual server(s): LVS集群的VS和RS
2.4.1全局配置
vim /etc/keepalived/leepalived.conf
global_defs {
notification_email {
1730307004@qq.com #keepalived 发生故障切换时邮件发送的目标邮箱,可以按行区
分写多个
timiniglee-zln@163.com
}
notification_email_from keepalived@KA1.timinglee.org #发邮件的地址
smtp_server 127.0.0.1 #邮件服务器地址
smtp_connect_timeout 30 #邮件服务器连接timeout
router_id KA1.timinglee.org #每个keepalived主机唯一标识
#建议使用当前主机名,但多节点
重名不影响
vrrp_skip_check_adv_addr #对所有通告报文都检查,会比较消耗性能
#启用此配置后,如果收到的通告报文和上一
个报文是同一 #个路由器,则跳过检查,默认
值为全检查
vrrp_strict #严格遵循vrrp协议
#启用此项后以下状况将无法启动服务:
#1.无VIP地址
#2.配置了单播邻居
#3.在VRRP版本2中有IPv6地址
#建议不加此项配置
vrrp_garp_interval 0 #报文发送延迟,0表示不延迟
vrrp_gna_interval 0 #消息发送延迟
vrrp_mcast_group4 224.0.0.18 #指定组播IP地址范围:
}2.4.2配置虚拟路由器
vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER
interface eth0 #绑定为当前虚拟路由器使用的物理接口,如:eth0,可以和VIP不在一
个网卡
virtual_router_id 51 #每个虚拟路由器惟一标识,范围:0-255,每个虚拟路由器此值必须唯一
#否则服务无法启动
#同属一个虚拟路由器的多个keepalived节点必须相同
#务必要确认在同一网络中此值必须唯一
priority 100 #当前物理节点在此虚拟路由器的优先级,范围:1-254
#值越大优先级越高,每个keepalived主机节点此值不同
advert_int 1 #vrrp通告的时间间隔,默认1s
authentication { #认证机制
auth_type AH|PASS #AH为IPSEC认证(不推荐),PASS为简单密码(建议使用)
uth_pass 1111 #预共享密钥,仅前8位有效
#同一个虚拟路由器的多个keepalived节点必须一样
}
virtual_ipaddress { #虚拟IP,生产环境可能指定上百个IP地址
<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL>
172.25.254.100 #指定VIP,不指定网卡,默认为eth0,注意:不指定/prefix,默认32
172.25.254.101/24 dev eth1
172.25.254.102/24 dev eth2 label eth2:1
}
}
示例:
MASTER配置
BACKUP配置
KA1:
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
1730307004@qq.com
}
notification_email_from keepalived@timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.timinglee.org
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
vrrp_iptables
}
vrrp_instance VI_1 {
state MASTER
interface ens32
virtual_router_id 100
priority 100 #高优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev ens32 label ens32:1
}
}
KA2:
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
1730307004@qq.com
}
notification_email_from keepalived@timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.timinglee.org
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
}
vrrp_instance VI_1 {
state BACKUP
interface ens32
virtual_router_id 100 #相同id管理一个虚拟路由
priority 80 #低优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev ens32 label ens32:1
}
}
测试:
在ka2上用ssh连接ka1,停止ka1的keepalived服务
ssh 172.25.254.110
systemctl stop keepalived
2.4.3启用keepalived日志功能
vim /etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -S 6"
vim /etc/rsyslog.conf
local6.* /var/log/keepalived.log
systemctl restart rsyslog.service
systemctl restart keepalived.wervice测试:
2.4.4实现独立子配置文件
当生产环境复杂时, /etc/keepalived/keepalived.conf 文件中内容过多,不易管理
将不同集群的配置,比如:不同集群的VIP配置放在独立的子配置文件中利用include 指令可以实现包含 子配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
1730307004@qq.com
}
notification_email_from keepalived@timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.timinglee.org
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
}
#vrrp_instance VI_1 {
# state BACKUP
# interface ens32
# virtual_router_id 100
# priority 100
# advert_int 1
# authentication {
# auth_type PASS
# auth_pass 1111
# }
# virtual_ipaddress {
# 172.25.254.100/24 dev ens32 label ens32:1
# }
#}
include "/etc/keepalived/conf.d/*.conf"
mkdir /etc/keepalived/conf.d
vim /etc/keepalived/conf.d/172.25.254.100.conf
vrrp_instance VI_1 {
state MASTER
interface ens32
virtual_router_id 100
priority 100
adver_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev ens32 label ens32:1
}
}
# 重启服务
systemctl restart keepalived.service检测:
三.Keepalived 企业应用示例
3.1抢占模式和非抢占模式
3.1.1非抢占模式 nopreempt
默认为抢占模式preempt,即当高优先级的主机恢复在线后,会抢占低先级的主机的master角色, 这样会使vip在KA主机中来回漂移,造成网络抖动, 建议设置为非抢占模式 nopreempt ,即高优先级主机恢复后,并不会抢占低优先级主机的master角色 非抢占模块下,如果原主机down机, VIP迁移至的新主机, 后续也发生down时,仍会将VIP迁移回原主机
ka1:
vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 100 #优先级高
nopreempt #非抢占模式
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
ka2:
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 80 #优先级低
advert_int 1
nopreempt #非抢占模式
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
测试:
在ka1上开启keepalived
由于是非抢占模式,所以即使ka1的优先级高也不会强占VIP
3.1.2抢占延迟模式 preempt_delay
抢占延迟模式,即优先级高的主机恢复后,不会立即抢回VIP,而是延迟一段时间(默认300s)再抢回 VIP
ka1:
vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 100 #优先级高
preempt_delay 5s #抢占延迟5s
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
ka2:
vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 80 #优先级低
advert_int 1
preempt_delay 5s #抢占延迟5S
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
测试:
先将高优先级的keepalived关闭
ka1:
systemctl stop keepalived
开启ka1的keepalived后等待5s
3.2VIP单播配置
默认keepalived主机之间利用多播相互通告消息,会造成网络拥塞,可以替换成单播,减少网络流量
ka1:
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
1730307004@qq.com
}
notification_email_from keepalived@KA1.timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA1.timinglee.org
vrrp_skip_check_adv_addr
#vrrp_strict #注释此参数,与vip单播模式冲突
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_ipsets keepalived
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
unicast_src_ip 172.25.254.110 #本机IP
unicast_peer {
172.25.254.120 #指向对方主机IP
#如果有多个keepalived,再加其它节点的IP
}
}
ka2:
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
1730307004@qq.com
}
notification_email_from keepalived@KA1.timinglee.org
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id KA1.timinglee.org
vrrp_skip_check_adv_addr
#vrrp_strict #注释此参数,与vip单播模式冲突
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_ipsets keepalived
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
unicast_src_ip 172.25.254.120 #本机IP
unicast_peer {
172.25.254.110 #指向对方主机IP
#如果有多个keepalived,再加其它节点的IP
}
}
测试:
3.3Keepalived 通知脚本配置
当keepalived的状态变化时,可以自动触发脚本的执行,比如:发邮件通知用户
默认以用户keepalived_script身份执行脚本
3.3.1脚本的调用方法
在 vrrp_instance VI_1 语句块的末尾
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
创建通知脚本
vim /etc/keepalived/mail.sh
#!/bin/bash
mail_dest='1730307004@qq.com'
mail_send()
{
mail_subj="$HOSTNAME to be $1 vip 转移"
mail_mess="`date +%F\ %T`: vrrp 转移,$HOSTNAME 变为 $1"
echo "$mail_mess" | mail -s "$mail_subj" $mail_dest
}
case $1 in
master)
mail_send master
;;
backup)
mail_send backup
;;
fault)
mail_send fault
;;
*)
exit 1
;;
esac3.3.2邮件配置
yum install mailx -y
vim /etc/mail.rc
#######mail set##########
set from=1730307004@qq.com
set smtp=smtp.qq.com
set smtp-auth-user=1730307004@qq.com
set smtp-auth-password=zxd1147258
set smtp-auth=login
set ssl-verify=ignore
发送邮件
echo test message |mail -s test 1730307004@qq.com测试:
实现 Keepalived 状态切换的通知脚本
ka1与ka2
vim /etc/keepalived/mail.sh
#!/bin/bash
mail_dest='1730307004@qq.com'
mail_send()
{
mail_subj="$HOSTNAME to be $1 vip 转移"
mail_mess="`date +%F\ %T`: vrrp 转移,$HOSTNAME 变为 $1"
echo "$mail_mess" | mail -s "$mail_subj" $mail_dest
}
case $1 in
master)
mail_send master
;;
backup)
mail_send backup
;;
fault)
mail_send fault
;;
*)
exit 1
;;
esac
chmod +x /etc/keepalived/mail.sh
vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
unicast_src_ip 172.25.254.110
unicast_peer {
172.25.254.120
}
notify_master "/etc/keepalived/mail.sh master"
notify_backup "/etc/keepalived/mail.sh backup"
notify_fault "/etc/keepalived/mail.sh fault"
}
停止keepalived进程
kill keepalived测试:
3.4实现 master/master 的 Keepalived 双主架构
master/slave的单主架构,同一时间只有一个Keepalived对外提供服务,此主机繁忙,而另一台主机却 很空闲,利用率低下,可以使用master/master的双主架构,解决此问题。
将两个或以上VIP分别运行在不同的keepalived服务器,以实现服务器并行提供web访问的目的,提高 服务器资源利用率
ka1
vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER
interface ens32
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100 dev ens33 label ens32:0
}
}
vrrp_instance VI_60 {
state BACKUP
interface ens32
virtual_router_id 60
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.200 dev ens33 label ens32:1
}
}ka2
vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP
interface ens32
virtual_router_id 100
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100 dev ens33 label ens32:0
}
}
vrrp_instance VI_60 {
state MASTER
interface ens33
virtual_router_id 60
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.200 dev eth0 label ens32:1
}
}
3.5实现IPVS的高可用性
eg:实现单主的 LVS-DR 模式
准备web服务器并使用脚本绑定VIP至web服务器lo网卡
server 1
yum install httpd -y
echo server1 - 172.25.254.10 > /var/www/html/index.html
ip a a 172.25.254.30/32 dev lo
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
server 2
yum install httpd -y
echo server2 - 172.25.254.20 > /var/www/html/index.html
ip a a 172.25.254.30/32 dev lo
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ka设置
ka1
vim /etc/keepalived/keepalived.conf
virtual_server 172.25.254.30 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
protocol TCP
sorry_server 172.25.254.10
real_server 172.25.254.10 80 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 172.25.254.20 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
ka2
vim /etc/keepalived/keepalived.conf
virtual_server 172.25.254.30 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
protocol TCP
sorry_server 172.25.254.30
real_server 172.25.254.10 80 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 172.25.254.20 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
测试:
3.5.1双主分别实现httpd和mysql服务的调度
在server1和server2中准备httpd和mysql环境
server 1
ip addr add 172.25.254.200/32 dev lo
yum install mariadb-server -y
vim /etc/my.cnf
server-id=1
systemctl enable --now mariadb
mysql -e "grant ALL on *.* to lee@'%' identified by 'lee'"
mysql -ulee -plee -h172.25.254.101 -e 'select @@server_id'
server2
ip addr add 172.25.254.200/32 dev lo
yum install mariadb-server -y
vim /etc/my.cnf
server-id=2
systemctl enable --now mariadb
mysql -e "grant ALL on *.* to lee@'%' identified by 'lee'"
mysql -ulee -plee -h172.25.254.102 -e 'select @@server_id'
配置双主模式
ka1
vim /etc/keepalived/keepalived.conf
vrrp_instance web {
state MASTER
interface ens33
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100 dev ens33 label ens33:0
}
}
vrrp_instance sql {
state BACKUP
interface ens33
virtual_router_id 200
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.200 dev ens33 label ens33:1
}
}
include "/etc/keepalived/conf.d/web.conf"
include "/etc/keepalived/conf.d/sql.conf"
vim /etc/keepalived/conf.d/web.conf
virtual_server 172.25.254.100 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
protocol TCP
sorry_server 172.25.254.30 80
real_server 172.25.254.101 80 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 172.25.254.102 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
vim /etc/keepalived/conf.d/sql.conf
virtual_server 172.25.254.200 3306 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.25.254.101 3306 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
real_server 172.25.254.102 3306 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
}
ka2
vim /etc/keepalived/keepalived.conf
vrrp_instance web {
state BACKUP
interface eth0
virtual_router_id 50
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100 dev eth0 label eth0:0
}
}
vrrp_instance sql {
state MASTER
interface eth0
virtual_router_id 60
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.200 dev eth0 label eth0:1
}
}
include "/etc/keepalived/conf.d/web.conf"
include "/etc/keepalived/conf.d/sql.conf"
vim /etc/keepalived/conf.d/web.conf
virtual_server 172.25.254.100 80 {
delay_loop 6
lb_algo wrr
lb_kind DR
protocol TCP
sorry_server 172.25.254.30 80
real_server 172.25.254.101 80 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 172.25.254.102 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
vim /etc/keepalived/conf.d/web.conf
virtual_server 172.25.254.200 3306 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.25.254.101 3306 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
real_server 172.25.254.102 3306 {
weight 1
TCP_CHECK {
connect_timeout 5
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
}
3.6实现其它应用的高可用性 VRRP Script
keepalived利用 VRRP Script 技术,可以调用外部的辅助脚本进行资源监控,并根据监控的结果实现优先 动态调整,从而实现其它应用的高可用性功能
3.6.1利用脚本实现主从角色切换
ka1
vim /mnt/check_lee.sh
#!/bin/bash
[ ! -f "/mnt/lee" ]
chmod +x /mnt/check_lee.sh
vim /etc/keepalived/keepalived.conf
vrrp_script check_lee {
script "/mnt/check_lee.sh"
interval 1
weight -30
fall 2
rise 2
timeout 2
}
vrrp_instance web {
state MASTER
interface ens33
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100 dev ens33 label ens33:0
}
track_script {
check_lee
}
}
touch /mnt/lee
tail -f /var/log/messages
3.6.2实现HAProxy高可用
ka1
vim /etc/haproxy/haproxy.cfg
listen webserver
bind 172.25.254.100:80
server web1 172.25.254.101:80 check
server web2 172.25.254.102:80 check
vim /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
sysctl -p
在ka1中编写脚本
vim /etc/keepalived/scripts/haproxy.sh
#!/bin/bash
/usr/bin/killall -0 haproxy
chmod +X /etc/keepalived/scripts/haproxy.sh
在ka1中配置keepalived
vim /etc/keepalived/keepalived.conf
vrrp_script check_haproxy {
script "/etc/keepalived/scripts/haproxy.sh"
interval 1
weight -30
fall 2
rise 2
timeout 2
}
vrrp_instance web {
state MASTER
interface ens33
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100 dev ens33 label ens33:0
}
track_script {
check_haproxy
}
}
ka2
vim /etc/haproxy/haproxy.cfg
listen webserver
bind 172.25.254.100:80
server web1 172.25.254.101:80 check
server web2 172.25.254.102:80 check
vim /etc/sysctl.conf
net.ipv4.ip_nonlocal_bind = 1
sysctl -p
631
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
