KEEPALIVED

已于 2024-08-19 14:18:24 修改
阅读量732 收藏 9
点赞数 11
文章标签: 服务器 linux 运维
于 2024-08-19 14:15:41 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/NewYui/article/details/141322597
版权

一.高可用集群

1.1集群类型

1. 负载均衡(Load Balance, LB)

负载均衡是指将负载(工作任务)进行平衡、分摊到多个操作单元上进行运行,如FTP服务器、Web服务器、企业核心应用服务器等,从而协同完成工作任务。Keepalived支持的负载均衡技术包括:

  • LVS(Linux Virtual Server):四层负载均衡,工作在OSI模型的传输层,通过IP地址和端口号进行请求的转发。
  • HAProxy:支持七层和四层负载均衡,能够处理大量并发连接,并且具有灵活的负载均衡策略。
  • Nginx:主要用于七层负载均衡,通过http/upstream和stream/upstream模块实现。

2. 高可用(High Availability, HA)

高可用集群旨在减少服务中断时间,通过保护用户的业务程序对外不间断提供的服务,把因软件、硬件或人为造成的故障对业务的影响降低到最小程度。当集群中的某个节点失效时,其备援节点会在短时间内接管其职责,确保服务的连续性。Keepalived通过VRRP(Virtual Router Redundancy Protocol)协议实现高可用集群的搭建。

3. 解决单点故障(Single Point of Failure, SPoF)

单点故障是指系统中一旦出现故障就会导致整个系统或服务不可用的单一组件。Keepalived通过构建高可用集群,可以有效地解决单点故障问题,确保系统的稳定性和可靠性。

4. 高性能集群(High Performance Computing, HPC)

虽然Keepalived本身主要关注高可用性和负载均衡,但高性能集群(HPC)是另一种重要的集群类型,它专注于通过并行处理来提高计算性能。虽然Keepalived不直接提供高性能计算功能,但它可以在构建高性能集群时用于确保关键服务的高可用性和负载均衡。

5. 集群实现高可用性的方式

  • active/passive(主/备):在这种模式下,只有主设备对外提供服务,备设备处于待机状态。当主设备发生故障时,备设备接管服务。
  • active/active(双主):两台或多台设备都同时对外提供服务,并且相互备份。这种模式提高了系统的整体性能和可用性。
  • active --> HEARTBEAT --> passive:通过心跳机制监测主设备的状态,一旦主设备故障,备设备接管服务。
  • active <--> HEARTBEAT <--> active:在双主模式下,两台设备通过心跳机制相互监测,确保服务的连续性和可靠性。

二、VRRP概述

VRRP是一种选择协议,它可以把一个虚拟路由器的责任动态地“分配”给局部路由器中的一台。控制VRRP的路由器被称作MASTER路由器(主路由器),它负责转发数据包到这些虚拟IP地址。一旦MASTER路由器不可用,这种选择过程就提供了动态的故障转移机制,这就允许虚拟路由器的IP地址可以作为终端主机的默认第一跳路由器。

三、VRRP工作原理

VRRP协议的工作原理依赖于其三种状态机:Initialize(初始化状态)、Master(活动状态)和Backup(备份状态)。Master设备定期发送VRRP通告报文,告知其它设备其工作正常。如果Master设备出现故障,Backup设备会根据优先级选举出新的Master设备,继续提供网络连接。这种选举机制确保了网络在设备故障时能够迅速恢复服务,而不会导致长时间的中断。

四、VRRP在Keepalived中的应用

Keepalived是一个开源的、可靠的高可用和故障切换解决方案,主要用于Linux系统。它通过VRRP协议,实现主服务器和备份服务器之间的无缝切换,确保服务的高可用性。具体实现方式包括:

  1. 虚拟IP地址:Keepalived可以为每个服务创建多个虚拟IP地址(VIP)。当主服务器宕机时,备份服务器可以接管这些虚拟IP地址,继续提供服务。
  2. 健康检查:Keepalived通过心跳(heartbeat)机制,定期检查主服务器和备份服务器的健康状况。如果发现主服务器宕机,备份服务器可以立即接管。
  3. 故障切换:当主服务器宕机时,Keepalived可以自动将流量重定向到备份服务器,实现故障切换。
  4. 负载均衡:虽然Keepalived的主要功能是高可用性和故障切换,但它也可以配置为负载均衡模式,将流量均匀分配给主服务器和备份服务器,提高系统的处理能力。

配置文件组成部分
配置文件:/etc/keepalived/keepalived.conf

配置文件的组成:

GLOBAL CONFIGURATION

Global definitions:定义邮件配置,route_id,vrrp配置,多播地址等

VRRP CONFIGURATION

VRRP instance(s):定义每个vrrp虚拟路由器

LVS CONFIGURATION

Virtual server group(s)

Virtual server(s):LVS集群的VS和RS

环境配置

ka1

[root@ka1 ~]# yum install keepalived -y
[root@ka1 ~]# systemctl stop firewalld.service
[root@ka1 ~]# setenforce 0

ka2

[root@ka2 ~]# yum install keepalived -y
[root@ka2 ~]# systemctl stop firewalld.service
[root@ka2 ~]# setenforce 0

realserver1

[root@realserver1 ~]# yum install httpd -y
[root@realserver1 ~]# echo hehehe > /var/www/html/index.html
[root@realserver1 ~]# systemctl enable --now httpd
[root@realserver1 ~]# systemctl stop firewalld.service
[root@realserver1 ~]# setenforce 0

realserver2

[root@realserver2 ~]# yum install httpd -y
[root@realserver2 ~]# echo hehehe > /var/www/html/index.html
[root@realserver2 ~]# systemctl enable --now httpd
[root@realserver2 ~]# systemctl stop firewalld.service
[root@realserver2 ~]# setenforce 0

实验

[root@ka1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
        2593466@qq.com
   }
   notification_email_from keepalived.lanjinli.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1.whuan.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 100
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.100/24 dev eth0 label eth0:1
    }
}

......


[root@ka2 ~]# vim /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
   notification_email {
        2593466@qq.com
   }
   notification_email_from keepalived@whuan.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka2.whuan.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 100
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.25.254.100/24 dev eth0 label eth0:1
    }
}

......
#重启服务
[root@ka2 ~]# systemctl restart keepalived.service

[root@realserver1 ~]# tcpdump -i [root@ka2 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.20  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::435f:2ba:94d2:582  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::4da5:5424:6c11:6bc  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:68:ef:05  txqueuelen 1000  (Ethernet)
        RX packets 30159  bytes 4025655 (3.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 43306  bytes 3358755 (3.2 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:68:ef:05  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1450  bytes 111001 (108.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1450  bytes 111001 (108.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:6b:1d:b7  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@ka1 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.10  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::435f:2ba:94d2:582  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:92:51:bd  txqueuelen 1000  (Ethernet)
        RX packets 38254  bytes 5109536 (4.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 41709  bytes 3230481 (3.0 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:92:51:bd  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1535  bytes 117492 (114.7 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1535  bytes 117492 (114.7 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:6b:1d:b7  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

非抢占模式

[root@realserver1 ~]# tcpdump -i eth0 -nn host 224.0.0.18
[root@ka1 ~]# cat /etc/keepalived/keepalived.conf
...
global_defs {
   notification_email {
        2593466@qq.com
   }
   notification_email_from keepalived.whuan.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1.whuan.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
    #state MASTER
    state BACKUP
    interface eth0
    virtual_router_id 100
    priority 80				
    advert_int 1	
    nopreempt				
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.100/24 dev eth0 label eth0:1
    }
}
...


[root@ka2 ~]# cat /etc/keepalived/keepalived.conf
...
global_defs {
   notification_email {
        2593466@qq.com
   }
   notification_email_from keepalived@whuan.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka2.lanjinli.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 100
    priority 70				
    advert_int 1
    nopreemprt				
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.25.254.100/24 dev eth0 label eth0:1
    }
}
...

[root@ka2 ~]# systemctl restart keepalived.service 
[root@ka2 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.20  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::435f:2ba:94d2:582  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::4da5:5424:6c11:6bc  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:68:ef:05  txqueuelen 1000  (Ethernet)
        RX packets 6284  bytes 562318 (549.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7751  bytes 615356 (600.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:68:ef:05  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 319  bytes 24414 (23.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 319  bytes 24414 (23.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:6b:1d:b7  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@ka1 ~]# systemctl restart keepalived.service 
[root@ka2 ~]# systemctl stop keepalived.service
[root@ka1 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.10  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::435f:2ba:94d2:582  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:92:51:bd  txqueuelen 1000  (Ethernet)
        RX packets 7801  bytes 656054 (640.6 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 7540  bytes 642736 (627.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:92:51:bd  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 525  bytes 40131 (39.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 525  bytes 40131 (39.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:6b:1d:b7  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

抢占延时模式

[root@realserver1 ~]# tcpdump -i eth0 -nn host 224.0.0.18
[root@ka1 ~]# cat /etc/keepalived/keepalived.conf
...
global_defs {
   notification_email {
        2593466@qq.com
   }
   notification_email_from keepalived.whuan.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1.whuan.org
   vrrp_skip_check_adv_addr
   #vrrp_strict					
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
    #state MASTER
    state BACKUP
    interface eth0
    virtual_router_id 100
    priority 80
    advert_int 1
    #nopreempt
    preempt_delay 5s			
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.100/24 dev eth0 label eth0:1
    }
}
...
[root@ka2 ~]# cat /etc/keepalived/keepalived.conf
...
global_defs {
   notification_email {
        2593466@qq.com
   }
   notification_email_from keepalived@whuan.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka2.whuan.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 100
    priority 70
    advert_int 1
    #nopreemprt
    preempt_delay 10s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.25.254.100/24 dev eth0 label eth0:1
    }
}
...
[root@ka1 ~]# systemctl stop keepalived.service
[root@ka2 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.20  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::435f:2ba:94d2:582  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::4da5:5424:6c11:6bc  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:68:ef:05  txqueuelen 1000  (Ethernet)
        RX packets 9507  bytes 804739 (785.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 10743  bytes 875796 (855.2 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:68:ef:05  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 739  bytes 56521 (55.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 739  bytes 56521 (55.1 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:6b:1d:b7  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@ka2 ~]# 
[root@ka1 ~]# systemctl restart keepalived.service
[root@ka1 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.10  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::435f:2ba:94d2:582  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:92:51:bd  txqueuelen 1000  (Ethernet)
        RX packets 9964  bytes 831383 (811.8 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 11441  bytes 941439 (919.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:92:51:bd  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1050  bytes 80278 (78.3 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1050  bytes 80278 (78.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:6b:1d:b7  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@ka1 ~]#
Keepalived 通知脚本配置
global_defs {
	...
	script_user <USER>
	...
}

通知脚本类型:

notify_master <STRING>|<QUOTED-STRING>      #当前节点成为主节点时触发脚本
notify_backup <STRING>|<QUOTED-STRING>      #当前节点转为备节点时触发脚本
notfy_fault <STRING>|<QUOTED-STRING>        #当前节点转为失败状态时触发的脚本
notfy <STRING>|<QUOTED-STRING>              #通用格式的通知触发机制,一个脚本可以完成以上三种状态的转换的通知
notify_stop <STRING>|<QUOTED-STRING>        #当停止VRRP时触发的脚本

脚本的调用方法:

在vrrp_instance VI_1语句块的末尾加下面行
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"


[root@ka1 ~]# yum install mailx -y

[root@ka2 ~]# yum install mailx -y

生成授权码

[root@ka1 ~]# cat /etc/mail.rc
#在文件最后加入
...
set from=2593466@qq.com				
set smtp=smtp.qq.com 					
set smtp-auth-user=2593466@qq.com		
set smtp-auth-password=ajdiwefndwnes	
set smtp-auth=login
set ssl-verify=ignore					
#测试
[root@ka1 ~]# echo hello world | mail -s test 2593466@qq.com


实现 master/master 的 Keepalived 双主架构

[root@ka1 ~]# cat /etc/keepalived/keepalived.conf
...

vrrp_instance VI_1 {
    state MASTER
    #state BACKUP
    interface eth0
    virtual_router_id 100
    priority 80
    advert_int 1
    #nopreempt
    #preempt_delay 5s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.100/24 dev eth0 label eth0:1
    }
    unicast_src_ip 172.25.254.10
    unicast_peer {
        172.25.254.20
    }
}

vrrp_instance VI_2 {
    #state MASTER
    state BACKUP
    interface eth0
    virtual_router_id 200
    priority 50
    advert_int 1
    #nopreempt
    #preempt_delay 5s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.200/24 dev eth0 label eth0:2
    }
    unicast_src_ip 172.25.254.10
    unicast_peer {
        172.25.254.20
    }
}
#重启服务
[root@ka1 ~]# systemctl restart keepalived.service
[root@ka2 ~]# cat /etc/keepalived/keepalived.conf
...
vrrp_instance VI_1 {
    state BACKUP
    #state MASTER
    interface eth0
    virtual_router_id 100
    priority 70
    advert_int 1
    #nopreemprt
    #preempt_delay 10s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.25.254.100/24 dev eth0 label eth0:1
    }
    unicast_src_ip 172.25.254.20
    unicast_peer {
        172.25.254.10
    }
}

vrrp_instance VI_2 {
    #state BACKUP
    state MASTER
    interface eth0
    virtual_router_id 200
    priority 100
    advert_int 1
    #nopreemprt
    #preempt_delay 10s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.25.254.200/24 dev eth0 label eth0:2
    }
    unicast_src_ip 172.25.254.20
    unicast_peer {
        172.25.254.10
    }
}
...
#重启服务
[root@ka2 ~]# systemctl restart keepalived.service 

[root@ka1 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.10  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::435f:2ba:94d2:582  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:92:51:bd  txqueuelen 1000  (Ethernet)
        RX packets 19514  bytes 1558959 (1.4 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 28926  bytes 2270962 (2.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.100  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:92:51:bd  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1869  bytes 142905 (139.5 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1869  bytes 142905 (139.5 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:6b:1d:b7  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@ka1 ~]# 
#ka2
[root@ka2 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.20  netmask 255.255.255.0  broadcast 172.25.254.255
        inet6 fe80::435f:2ba:94d2:582  prefixlen 64  scopeid 0x20<link>
        inet6 fe80::4da5:5424:6c11:6bc  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:68:ef:05  txqueuelen 1000  (Ethernet)
        RX packets 25352  bytes 1940929 (1.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 24099  bytes 1946973 (1.8 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eth0:2: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.25.254.200  netmask 255.255.255.0  broadcast 0.0.0.0
        ether 00:0c:29:68:ef:05  txqueuelen 1000  (Ethernet)

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1000  (Local Loopback)
        RX packets 1689  bytes 129040 (126.0 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 1689  bytes 129040 (126.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 52:54:00:6b:1d:b7  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@ka2 ~]#
实现单主机的LVS-DR模式
[root@realserver1 ~]# ip a a 172.25.254.100/32 dev lo
[root@realserver1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-lo
DEVICE=lo
IPADDR0=127.0.0.1
NETMASK0=255.0.0.0
IPADDR1=172.25.254.100
NETMASK1=255.255.255.255
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback
[root@realserver1 ~]# 
[root@realserver1 ~]# systemctl restart network
Job for network.service failed because the control process exited with error code. See "systemctl status network.service" and "journalctl -xe" for details.
[root@realserver1 ~]# rm -rf /etc/sysconfig/network-scripts/ifcfg-
ifcfg-ens33  ifcfg-lo     
[root@realserver1 ~]# rm -rf /etc/sysconfig/network-scripts/ifcfg-ens33 
[root@realserver1 ~]# systemctl restart network 
[root@realserver1 ~]# cat /etc/sysctl.d/arp.conf 
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
[root@realserver1 ~]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
fs.aio-max-nr = 1048576
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/arp.conf ...
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
* Applying /etc/sysctl.conf ...
[root@realserver1 ~]# 
[root@realserver1 ~]# systemctl stop firewalld.service 
[root@realserver1 ~]# setenforce 0
[root@realserver1 ~]# systemctl restart httpd.service

[root@realserver2 ~]# ip a a 172.25.254.100/32 dev lo
[root@realserver2 ~]# cat /etc/sysctl.d/arp.conf 
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
[root@realserver2 ~]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
fs.aio-max-nr = 1048576
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/arp.conf ...
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
* Applying /etc/sysctl.conf ...
[root@realserver2 ~]#
[root@realserver2 ~]# systemctl stop firewalld.service 
[root@realserver2 ~]# setenforce 0
[root@realserver2 ~]# systemctl restart httpd.service

[root@ka1 ~]# yum install ipvsadm -y
[root@ka1 ~]# cat /etc/keepalived/keepalived.conf
...
vrrp_instance VI_1 {
    state MASTER
    #state BACKUP
    interface eth0
    virtual_router_id 100
    priority 80
    advert_int 1
    #nopreempt
    #preempt_delay 5s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.100/24 dev eth0 label eth0:1
    }
    unicast_src_ip 172.25.254.10
    unicast_peer {
        172.25.254.20
    }
}

#include "/etc/keepalived/conf.d/*.conf"


virtual_server 172.25.254.100 80  {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP

    real_server 172.25.254.110 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 172.25.254.120 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
...
[root@ka1 ~]# systemctl restart keepalived.service 
[root@ka1 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  172.25.254.100:80 wrr
  -> 172.25.254.110:80            Route   1      0          0         
  -> 172.25.254.120:80            Route   1      0          0         
[root@ka1 ~]# 

[root@ka2 ~]# yum install ipvsadm -y
[root@ka2 ~]# cat /etc/keepalived/keepalived.conf
...

vrrp_instance VI_1 {
    state BACKUP
    #state MASTER
    interface eth0
    virtual_router_id 100
    priority 70
    advert_int 1
    #nopreemprt
    #preempt_delay 10s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.25.254.100/24 dev eth0 label eth0:1
    }
    unicast_src_ip 172.25.254.20
    unicast_peer {
        172.25.254.10
    }
}

virtual_server 172.25.254.100 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP

    real_server 172.25.254.110 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 172.25.254.120 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
...
[root@ka2 ~]# systemctl restart keepalived.service 
[root@ka2 ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.200.100:80 wrr
  -> 172.25.254.110:80            Route   1      0          0         
  -> 172.25.254.120:80            Route   1      0          0         
[root@ka2 ~]#
VRRP Script配置
定义脚本
vrrp_script <SCRIPT_NAME> {
	script <STRING>|<QUOTED-STRING>			
	OPTIONS
}

调用脚本

track_script {
	SCRIPT_NAME_1
	SCRIPT_NAME_2
}

定义VRRP script

vrrp_script <SCRIPT_NAME> { 				
	script <STRING>|<QUOTED-STRING> 		
	interval <INTEGER> 						
	timeout <INTEGER> 						
	weight <INTEGER:-254..254> 				
	fall <INTEGER> 							
	rise <INTEGER>							
	user USERNAME [GROUPNAME] 				
	init_fail 								
}

调用VRRP script

vrrp_instance test {
	... ...
	track_script {
		check_down
	}
}
keepalived结合HAProxy高可用
[root@ka1 ~]# yum install haproxy -y

[root@ka2 ~]# yum install haproxy -y
[root@realserver1 ~]# cat /etc/sysconfig/network-scripts/ifcfg-lo
DEVICE=lo
IPADDR0=127.0.0.1
NETMASK0=255.0.0.0
#IPADDR1=172.25.254.100
#NETMASK1=255.255.255.255
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback
[root@realserver1 ~]# systemctl restart network
[root@realserver1 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:54:22:6a brd ff:ff:ff:ff:ff:ff
    inet 172.25.254.110/24 brd 172.25.254.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::4da5:5424:6c11:6bc/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::435f:2ba:94d2:582/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d318:4046:600c:390c/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:6b:1d:b7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:6b:1d:b7 brd ff:ff:ff:ff:ff:ff
[root@realserver1 ~]# cat /etc/sysctl.d/arp.conf 
net.ipv4.conf.all.arp_ignore=0
net.ipv4.conf.all.arp_announce=0
net.ipv4.conf.lo.arp_ignore=0
net.ipv4.conf.lo.arp_announce=0
[root@realserver1 ~]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
fs.aio-max-nr = 1048576
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/arp.conf ...
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
* Applying /etc/sysctl.conf ...
[root@realserver1 ~]# 


#realserver2
[root@realserver2 ~]# cat /etc/sysconfig/network-scripts/ifcfg-lo 
DEVICE=lo
IPADDR0=127.0.0.1
NETMASK0=255.0.0.0
#IPADDR1=172.25.254.100
#NETMASK1=255.255.255.255
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback
[root@realserver2 ~]# systemctl restart network
[root@realserver2 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:69:b5:ed brd ff:ff:ff:ff:ff:ff
    inet 172.25.254.120/24 brd 172.25.254.255 scope global noprefixroute eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::4da5:5424:6c11:6bc/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::435f:2ba:94d2:582/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::d318:4046:600c:390c/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
    link/ether 52:54:00:6b:1d:b7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
       valid_lft forever preferred_lft forever
4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN group default qlen 1000
    link/ether 52:54:00:6b:1d:b7 brd ff:ff:ff:ff:ff:ff
[root@realserver2 ~]# cat /etc/sysctl.d/arp.conf 
net.ipv4.conf.all.arp_ignore=0
net.ipv4.conf.all.arp_announce=0
net.ipv4.conf.lo.arp_ignore=0
net.ipv4.conf.lo.arp_announce=0
[root@realserver2 ~]# sysctl --system
* Applying /usr/lib/sysctl.d/00-system.conf ...
* Applying /usr/lib/sysctl.d/10-default-yama-scope.conf ...
kernel.yama.ptrace_scope = 0
* Applying /usr/lib/sysctl.d/50-default.conf ...
kernel.sysrq = 16
kernel.core_uses_pid = 1
kernel.kptr_restrict = 1
net.ipv4.conf.default.rp_filter = 1
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.default.accept_source_route = 0
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
fs.protected_hardlinks = 1
fs.protected_symlinks = 1
* Applying /usr/lib/sysctl.d/60-libvirtd.conf ...
fs.aio-max-nr = 1048576
* Applying /etc/sysctl.d/99-sysctl.conf ...
* Applying /etc/sysctl.d/arp.conf ...
net.ipv4.conf.all.arp_ignore = 0
net.ipv4.conf.all.arp_announce = 0
net.ipv4.conf.lo.arp_ignore = 0
net.ipv4.conf.lo.arp_announce = 0
* Applying /etc/sysctl.conf ...
[root@realserver2 ~]# 


[root@ka1 ~]# cat /etc/sysctl.conf
...
net.ipv4.ip_nonlocal_bind = 1
[root@ka1 ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
[root@ka1 ~]#
[root@ka1 ~]# cat /etc/haproxy/haproxy.cfg
...
listen webserver
        bind 172.25.254.100:80
        mode http
        balance roundrobin
        server web1 172.25.254.110:80 check inter 3 fall 2 rise 5
        server web2 172.25.254.120:80 check inter 3 fall 2 rise 5
[root@ka1 ~]# systemctl enable --now haproxy.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.
[root@ka1 ~]# netstat -antlupe | grep haproxy
tcp        0      0 0.0.0.0:5000            0.0.0.0:*               LISTEN      0          1269940    18519/haproxy       
tcp        0      0 172.25.254.100:80       0.0.0.0:*               LISTEN      0          1269942    18519/haproxy       
udp        0      0 0.0.0.0:40148           0.0.0.0:*                           0          1269941    18517/haproxy       
[root@ka1 ~]#   


#ka2
[root@ka2 ~]# cat /etc/sysctl.conf
...
net.ipv4.ip_nonlocal_bind = 1
[root@ka2 ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
[root@ka2 ~]# 
[root@ka2 ~]# cat /etc/haproxy/haproxy.cfg
...
        listen webserver
        bind 172.25.254.100:80
        mode http
        balance roundrobin
        server web1 172.25.254.110:80 check inter 3 fall 2 rise 5
        server web2 172.25.254.120:80 check inter 3 fall 2 rise 5
[root@ka2 ~]# systemctl enable --now haproxy.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/haproxy.service to /usr/lib/systemd/system/haproxy.service.
[root@ka2 ~]# netstat -antlupe | grep haproxy
tcp        0      0 0.0.0.0:5000            0.0.0.0:*               LISTEN      0          748750     8584/haproxy        
tcp        0      0 172.25.254.100:80       0.0.0.0:*               LISTEN      0          748752     8584/haproxy        
udp        0      0 0.0.0.0:57756           0.0.0.0:*                           0          748751     8581/haproxy        
[root@ka2 ~]#   

[root@ka1 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
	2593466@qq.com
   }
   notification_email_from keepalived.whuan.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka1.whuan.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.0.18
}

vrrp_script check_whuan {
   script "/mnt/check_whuan.sh"
   interval 1
   weight -30
   fall 2
   rise 2
   timeout 2
}

vrrp_instance VI_1 {
    state MASTER
    #state BACKUP
    interface eth0
    virtual_router_id 100
    priority 80
    advert_int 1
    #nopreempt
    #preempt_delay 5s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.100/24 dev eth0 label eth0:1 
    }
    unicast_src_ip 172.25.254.10
    unicast_peer {
	172.25.254.20
    }
    track_script {
	check_lanjinli
    }
}

vrrp_instance VI_2 {
    #state MASTER
    state BACKUP
    interface eth0
    virtual_router_id 200
    priority 50
    advert_int 1
    #nopreempt
    #preempt_delay 5s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.25.254.200/24 dev eth0 label eth0:2
    }
    unicast_src_ip 172.25.254.10
    unicast_peer {
        172.25.254.20
    }
}

#include "/etc/keepalived/conf.d/*.conf"

virtual_server 172.25.254.200 80  {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP

    real_server 172.25.254.110 80 {
        weight 1
        HTTP_GET {
            url {
	      path /
	      status_code 200		
	    }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 172.25.254.120 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.2 1358 {
    delay_loop 6
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server 192.168.200.200 1358

    real_server 192.168.200.2 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.3 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.3 1358 {
    delay_loop 3
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.200.4 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.5 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@ka1 ~]# 





#ka2
[root@ka2 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
   	2593466@qq.com
   }
   notification_email_from keepalived@lanjinli.org
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id ka2.whuan.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
   vrrp_mcast_group4 224.0.0.18
}

vrrp_instance VI_1 {
    state BACKUP
    #state MASTER
    interface eth0
    virtual_router_id 100
    priority 70
    advert_int 1
    #nopreemprt
    #preempt_delay 10s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.25.254.100/24 dev eth0 label eth0:1 
    }
    unicast_src_ip 172.25.254.20
    unicast_peer {
	172.25.254.10
    }
}

vrrp_instance VI_2 {
    #state BACKUP
    state MASTER
    interface eth0
    virtual_router_id 200
    priority 100
    advert_int 1
    #nopreemprt
    #preempt_delay 10s
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.25.254.200/24 dev eth0 label eth0:2
    }
    unicast_src_ip 172.25.254.20
    unicast_peer {
        172.25.254.10
    }
}

virtual_server 172.25.254.200 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    #persistence_timeout 50
    protocol TCP

    real_server 172.25.254.110 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
	    }
	    connect_timeout 3
	    nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 172.25.254.120 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.2 1358 {
    delay_loop 6
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server 192.168.200.200 1358

    real_server 192.168.200.2 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.3 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.3 1358 {
    delay_loop 3
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.200.4 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.5 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@ka2 ~]#

测试

xdxxx
[root@client ~]# curl 172.25.254.100
egeee
[root@client ~]# curl 172.25.254.100
xdxxx
[root@client ~]# curl 172.25.254.100
egeee
[root@client ~]# curl 172.25.254.100
xdxxx
[root@client ~]# curl 172.25.254.100
egeee
[root@client ~]# curl 172.25.254.100
xdxxx
[root@client ~]# curl 172.25.254.100
egeee
[root@client ~]# curl 172.25.254.100
xdxxx
[root@client ~]# curl 172.25.254.100
egeee
[root@client ~]# 
[root@client ~]# curl 172.25.254.100
xdxxx
[root@client ~]# curl 172.25.254.100
egeee
[root@client ~]# curl 172.25.254.100
xdxxx
[root@client ~]# curl 172.25.254.100
egeee
[root@client ~]# curl 172.25.254.100
xdxxx
[root@client ~]#

NewYui
关注
基于VRRP协议的Keepalived原理详解
Celeste7777的博客
10-13 2万+
一、VRRP概述 随着Internet的发展,人们对网络的可靠性的要求越来越高。对于局域网用户来说,能够时刻与外部网络保持联系是非常重要的。通常情况下,内部网络中的所有主机都设置一条相同的缺省路由,指向出口网关,实现主机与外部网络的通信。局域网客户端判定哪个路由器应该为其到达目标主机的下一跳网关的方式有动态及静态决策两种方式,其中动态路由发现方式有如下几种: Proxy ARP —— 客户端使用A
keepalived
嗯哼的博客
09-09 1210
keepalived官网:http://www.keepalived.org Keepalived安装 方法一:yum方式 1、yum安装 安装依赖包 [root@localhost ~]# yum install -y curl gcc openssl-devel libnl3-devel net-snmp-devel [root@localhost ~]# yum install -y keepalived 2、初始化及启动 [root@localhost ~]# s...
Keepalived
y805805的博客
04-11 1668
1、背景及相关介绍 keepalived在百度上是这样解释的: 简单介绍: Keepalived的作用是检测服务器的状态,如果有一台web服务器宕机,或工作出现故障,Keepalived将检测到,并将有故障的服务器从系统中剔除,同时使用其他服务器代替该服务器的工作,当服务器工作正常后Keepalived自动将服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的服务器。 他是vrrp协议的软件实现,原生设计目的为了高可用ipvs服务,大白话就是为实现ip...
Keepalived详解
m0_74053853的博客
08-13 1900
负载均衡是一种在真实集群之间分配 IP 流量的方法 服务器,提供一个或多个高可用性虚拟服务。在设计负载均衡拓扑时,必须考虑负载均衡器本身以及后面的真实服务器的可用性。Keepalived 为负载均衡和高可用性提供了框架。负载均衡框架依赖于众所周知且广泛使用的 Linux 虚拟服务器 (IPVS) 内核模块,提供第 4 层负载均衡。Keepalived 实现了一组健康检查器,以动态和自适应的方式 根据服务器池的运行状况维护和管理负载均衡的服务器池。高可用性是通过虚拟冗余路由协议实现的 (VRRP)。
Keepalived 配置详解
热门推荐
挣扎技术
03-21 1万+
一、Keepalived概述 keepalived是一个类似于layer3,4,5交换机制的软件,也就是我们平时说的第3层、第4层和第5层交换。Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。 Layer3,4&5工作在IP/TC
Keepalived入门
青晨的歌
11-19 2452
Keepalived入门1 安装和基本操作1.1 准备1.2 安装1.3 配置1.4 启动停止2 常用配置2.1 非抢占模式2.2 密码验证2.3 监控脚本2.4 网卡监控2.5 通知脚本   Keepalived通过VRRP协议(Virtual Router Redundancy Protocol,虚拟路由器冗余协议)实现高可用功能,解决静态路由单点故障问题,保证个别节点宕机时,整个网络能不间断...
keepalived安装
tracy9171的博客
04-18 1350
keepalived安装
Keepalived 简介
weixin_43740223的博客
11-03 559
Keepalived 简介 官网: https://www.keepalived.org/index.html 什么是Keepalived Keepalived是一个用c语言编写的路由软件,这个项目的主要目标是为Linux系统和基于Linux的基础设施提供简单而健壮的负载平衡和高可用性的设施。loadbalance框架依赖于著名且广泛使用的Linux Virtual Server (IPVS)内核模块提供的第4层loadbalance。Keepalived实现了一组检查器,根据负载平衡服务器池的运行状况动态
Keepalived简介以及常见用途
小橙子的笔记屋
08-16 736
keepalived简介以及用途
keepalived离线安装包
08-21
keepalived离线安装包详解》 在IT领域,特别是在服务器高可用性与负载均衡的解决方案中,Keepalived是一款至关重要的工具。本篇将详细介绍Keepalived 2.0.19版本的离线安装包,以及如何在没有网络连接的环境下...
基于ubuntu自动化安装Keepalived以实现高可用
04-27
此外,这个脚本假设你正在安装Keepalived作为MASTER节点;如果你正在安装BACKUP节点,你需要更改state MASTER为state BACKUP,并相应地调整priority值。 此外,对于生产环境,你可能还需要考虑其他因素,如防火墙...
keepalived安装包
05-26
keepalived安装包内容: keepalived-2.2.7.tar.gz keepalived-1.4.5.tar.gz keepalived-2.0.20.tar.gz keepalived-2.1.5.tar.gz
keepalived安装部署
09-30
**Keepalived安装部署详解** Keepalived是一款开源的网络和服务监控软件,它主要用于实现Linux服务器间的负载均衡和高可用性。在系统集群中,Keepalived与Nginx、HAProxy等配合使用,可以确保当主服务器出现故障时...
10.10 QT服务器与客户端
最新发布
qq_73941453的博客
10-10 171
【代码】10.10 QT服务器与客户端。
Django连接Azure服务器里的gpt-4o并实现聊天功能
python 熊猫
10-01 454
Django连接Azure服务器里的gpt-4o并实现聊天功能
LinuxLinux命令与操作详解(一)文件管理(文件命令)、用户与用户组管理(创建、删除用户/组)
2302_79531041的博客
10-07 1178
上一篇博客介绍了centos7与Finalshell的安装,本篇命令介绍也使用Finalshell连接。快捷键:alt+enter :Finalshell的进入/退出全屏。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值