Keepalived简介
Keepalived起初是为LVS设计的,专门用来监控集群系统中各个服务节点的状态,它根据TCP/IP参考模型的第三、第四层、第五层交换机制检测每个服务节点的状态,如果某个服务器节点出现异常,或者工作出现故障,Keepalived将检测到,并将出现的故障的服务器节点从集群系统中剔除,这些工作全部是自动完成的,不需要人工干涉,需要人工完成的只是修复出现故障的服务节点。
本次实验的拓扑结构:
实验步骤:
同步集群中机器的时间,关闭防火墙和selinux
ntpdate cn.pool.ntp.org
systemctl stop firewalld.service
setenforce 0
对lvs1/2的操作
-
下载必要工具
yum install gcc gcc-c++ openssl-devel.x86_64 -y -
下载keepalived和LVS工具
网址:https://keepalived.orgwget https://keepalived.org/software/keepalived-2.0.10.tar.gz yum install ipvsadm.x86_64 -y -
安装编译keepalived
tar -xzf keepalived-2.0.10.tar.gz -C /usr/local/src/ cd /usr/local/src/keepalived-2.0.10/ mkdir /data yum install libnl-devel.x86_64 -y ./configure --prefix=/data/kepalived
[root@master1 keepalived-2.0.10]# make && make install -
.配置启动项
cp /data/kepalived/etc/init.d/keepalived /etc/init.d/ cp /data/kepalived/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalived cp /data/kepalived/etc/keepalived/keepalived.conf /etc/keepalived/ -
修改配置文件
vim /etc/keepalived/keepalived.conf#主节点的配置文件 ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_1 } vrrp_instance VI_1 { state MASTER interface eth0 lvs_sync_daemon_interface eth0 virtual_router_id 51 priority 150 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.192.123 } } virtual_server 192.168.192.123 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.255.255 persistence_timeout 300 protocol TCP real_server 192.168.192.139 80 { weight 1 TCP_CHECK { connect_timeout 8 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.192.140 80 { weight 1 TCP_CHECK { connect_timeout 8 nb_get_retry 3 delay_before_retry 3 conect_port 80 } } } #从节点的配置文件 ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_1 } vrrp_instance VI_1 { state BACKUP interface eth0 lvs_sync_daemon_interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.192.123 } } virtual_server 192.168.192.123 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.255.255 persistence_timeout 300 protocol TCP real_server 192.168.192.140 80 { weight 1 TCP_CHECK { connect_timeout 8 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.192.139 80 { weight 1 TCP_CHECK { connect_timeout 8 nb_get_retry 3 delay_before_retry 3 conect_port 80 } } } -
开启服务并查看LVS
systemctl start keepalived
对 RS1/2节点操作
-
禁止响应对VIP的ARP请求
由于是基于LVS的DR模型,我们需要设置本机VIP不能响应外部主机的arp请求echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce -
设置vip
ifconfig lo:0 192.168.192.123 netmask 255.255.255.255 -
配置httpd的页面
yum install httpd.x86_64 -y #192.168.192.139 echo web 139 > /var/www/html/index.html #192.168.192.140 echo web 140 > /var/www/html/index.html
测试
查看LVS的配置情况
ipvsadm -Ln
在clien进行测试
keepalived的配置文件文件默认在 /etc/keepalived/keepalived.conf ,不是随意存放的
扫一扫
494
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
