KeepAlived在该项目中的功能:
1. 管理IPVS的路由表(包括对RealServer做健康检查)
2. 实现调度器的HA(高可用)
http://www.keepalived.org
Keepalived所执行的外部脚本命令建议使用绝对路径
###1. 准备工作
准备四台虚拟机
全部配置安装nginx
关闭防火墙以及selinux
- 选择两台nginx服务器作为代理服务器
192.168.181.144
192.168.181.128
vip:192.168.181.199 - 另外两台nginx服务器配置文件可以不一致方便查看
192.168.181.129
192.168.181.130
###2. 主/备调度器安装配置Keepalived
[root@master ~]# yum -y install ipvsadm keepalived
[root@slave ~]# yum -y install ipvsadm keepalived
[root@master ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs-keepalived-master #辅助改为lvs-backup
}
vrrp_instance VI_1 {
state MASTER
interface ens33 #VIP绑定接口
virtual_router_id 80 #VRID 同一组集群,主备一致
priority 100 #本节点优先级,辅助改为50
advert_int 1 #检查间隔,默认为1s
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.181.199/24 #设置VIP
}
}
virtual_server 192.168.181.199 80 { #LVS配置
delay_loop 3 #启动3个进程
lb_algo rr #LVS调度算法
lb_kind DR #LVS集群模式(路由模式)
nat_mask 255.255.255.0
protocol TCP #健康检查使用的协议
real_server 192.168.181.129 80 { #真实服务器ip
weight 1
inhibit_on_failure #当该节点失败时,把权重设置为0,而不是从IPVS中删除
TCP_CHECK { #健康检查
connect_port 80 #检查的端口
connect_timeout 3 #连接超时的时间
}
}
real_server 192.168.181.130 80 { #真实服务器ip
weight 1
inhibit_on_failure
TCP_CHECK {
connect_timeout 3
connect_port 80
}
}
}
[root@slave ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs-keepalived-slave
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
nopreempt #不抢占资源
virtual_router_id 80
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.181.199/24
}
}
virtual_server 192.168.181.199 80 {
delay_loop 3
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
protocol TCP
real_server 192.168.181.129 80 {
weight 1
inhibit_on_failure
TCP_CHECK {
connect_port 80
connect_timeout 3
}
}
real_server 192.168.181.130 80 {
weight 1
inhibit_on_failure
TCP_CHECK {
connect_timeout 3
connect_port 80
}
}
}
[root@master ~]# systemctl start keepalived
[root@master ~]# systemctl enable keepalived
[root@slave ~]# systemctl start keepalived
[root@slave ~]# systemctl enable keepalived
[root@master ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.181.199:80 rr
-> 192.168.181.129:80 Route 1 0 0
-> 192.168.181.130:80 Route 1 0 0
###3. 所有RS配置
[root@realserver1 ~]# ip addr add dev lo 192.168.181.199/32
[root@realserver2 ~]# ip addr add dev lo 192.168.181.199/32
[root@realserver1 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@realserver1 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@realserver1 ~]# sysctl -p
[root@realserver2 ~]# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@realserver2 ~]# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
[root@realserver2 ~]# sysctl -p
###4. 访问 vip:192.168.181.199 测试
此时可以正常访问
将keepalived主节点关机测试vip是否漂移
[root@master ~]# init 0
[root@slave ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:48:1a:fe brd ff:ff:ff:ff:ff:ff
inet 192.168.181.144/24 brd 192.168.181.255 scope global dynamic ens33
valid_lft 1188sec preferred_lft 1188sec
inet 192.168.181.199/24 scope global secondary ens33
valid_lft forever preferred_lft forever
inet6 fe80::9db3:1c86:27b7:1225/64 scope link
valid_lft forever preferred_lft forever