yum install -y keepalived
配置文件(/etc/keepalived/)
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id keepalived2
}
vrrp_script check_nginx {
script "/etc/keepalived/script/nginx_check.sh"
interval 1
weight -2
}
vrrp_instance VI_1 {
state BACKUP #主的为MASTER
interface eth1
virtual_router_id 51
priority 99 #权重,MASTER的权重要比backup的高。
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.16.2.203/24 dev eth1 label eth1:1
#10.16.2.203/24 dev eth2
}
track_script {
check_nginx #调用nginx检查脚本
}
}
#virtual_server 192.168.200.100 443 {
# delay_loop 6
# lb_algo rr
# lb_kind NAT
# nat_mask 255.255.255.0
# persistence_timeout 50
# protocol TCP
#
# real_server 192.168.201.100 443 {
# weight 1
# SSL_GET {
# url {
# path /
# digest ff20ad2481f97b1754ef3e12ecd3a9cc
# }
# url {
# path /mrtg/
# digest 9b3a0c85a887a256d6939da88aabd8cd
# }
# connect_timeout 3
# nb_get_retry 3
# delay_before_retry 3
# }
# }
#}
#
#virtual_server 10.10.10.2 1358 {
# delay_loop 6
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
#
# sorry_server 192.168.200.200 1358
#
# real_server 192.168.200.2 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# nb_get_retry 3
# delay_before_retry 3
# }
# }
#
# real_server 192.168.200.3 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334c
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334c
# }
# connect_timeout 3
# nb_get_retry 3
# delay_before_retry 3
# }
# }
#}
#
#virtual_server 10.10.10.3 1358 {
# delay_loop 3
# lb_algo rr
# lb_kind NAT
# nat_mask 255.255.255.0
# persistence_timeout 50
# protocol TCP
#
# real_server 192.168.200.4 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# nb_get_retry 3
# delay_before_retry 3
# }
# }
#
# real_server 192.168.200.5 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# nb_get_retry 3
# delay_before_retry 3
# }
# }
#}
chkconfig keepalived on
####################################
检查脚本:
####################################
[root@keepalived1 script]# cat nginx_check.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ]
then
echo 'nginx server is died'
killall keepalived #nginx服务异常,同时把keepalived服务停止。
fi
防火墙设置:
iptables -I INPUT
-s 10.16.2.0/24
-p vrrp -j ACCEPT
service iptables save
service iptables restart
启动服务
service keepalived start
日志输出
cat /var/log/message
查看VIP挂载,可以看到VIP已经挂载成功。
ip addr
现在查看另一台服务器(backup)的IP,可以看到VIP是没有挂载在这台服务器上的。
ip addr
模拟测试:
1、停掉master的keepalived
[root@keepalived1 script]# service keepalived stop
Stopping keepalived: [ OK ]
master 日志:
tail -f /var/log/message
backup日志:
tail -f /var/log/message
从日志上可以看到backup已经接管了VIP,那么我们看一下backup是否真的接管了VIP。
再看一下master的IP信息
实际上是切换成功了。
现在把原来master的keepalived服务起来,再观察一下状态。
[root@keepalived1 script]# service keepalived start
Starting keepalived: [ OK ]
原master日志输出:
原backup日志输出:
从日志上可以看出,VIP被原master接管回去了。
那么我们查看一下是不是真的接管回去了。
好的,确实是接管回去了,测试成功,达到了预期的效果。
2.停掉master的nginx
把master的nginx服务停掉,查看一下keepalived的状态。
[root@keepalived1 script]# nginx -s stop
查看master的日志输出:
查看backup的日志输出:
可以看到由于脚本校测到nginx停止了,进而把master上的keepalived进程kill掉了。VIP被backup接管过去了。
查看master的IP:
查看backup的IP:
VIP被backup接管过去了。
现在再把原master的nginx和keepalived服务器起来。(顺序必须是先起nginx,再起keepalived,不然keepalived刚起来就会被kill掉)
[root@keepalived1 script]# nginx -c /usr/local/nginx/nginx.conf
[root@keepalived1 script]# service keepalived start
Starting keepalived: [ OK ]
原master日志:
原backup日志:
服务起来后,VIP被原master接管回去了。
查看原master的IP信息:
查看原backup的IP信息:
VIP确实是被接管回去了。
keepalived测试成功。