LVS配置keepalived高可用

LVS配置keepalived高可用

准备工作四台服务器

LVS1: 192.168.32.131
LVS1: 192.168.32.134
nginx1: 192.168.32.129
nginx2: 192.168.32.150
vip： 192.168.32.200

防火墙

setenforce 0
iptable -F
#清空防火墙规则

LVS1

首先查看自己的网卡是eth0还是ens33
本机是ens33如果为eth0自行修改

yum -y install keepalived ipvsadm
ifconfig ens33:0 192.168.32.200 netmask 255.255.255.255 up 	//在LVS服务器上添加一个地址为VIP的虚拟网卡ens33:0 并启动
route add -host 192.168.32.200 dev ens33:0
ipvsadm -A -t 192.168.32.200:80 -s wrr
# 添加虚拟服务，指定IP、端口、算法
ipvsadm -a -t 192.168.32.200:80 -r 192.168.32.129:80 -g -w 1
# 添加nginx1服务器，指定DR模式，指定权重为1
ipvsadm -a -t 192.168.32.200:80 -r 192.168.32.150:80 -g -w 1
# 添加nginx2服务器，指定DR模式，指定权重为1

下面配置keepalived高可用

vi /etc/keepalived/keepalived.conf

配置文件如下

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP #这里配置主还是从
    interface ens33 #这里配置网卡
    virtual_router_id 51
    priority 50 #这里配置优先级
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.32.200 #vip
    }
}

virtual_server 192.168.32.200 80 { #vip
    delay_loop 6
    lb_algo rr
    lb_kind DR
    protocol TCP

    real_server 192.168.32.129 80 { #nginx1
        weight 1
        TCP_CHECK {
        connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
real_server 192.168.32.150 80 { #nginx2
        weight 1
        TCP_CHECK {
        connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

}

LVS2

同lvs1
keepalived配置文件如下

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.32.200
    }
}

virtual_server 192.168.32.200 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    protocol TCP

    real_server 192.168.32.129 80 {
        weight 1
        TCP_CHECK {
        connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
real_server 192.168.32.150 80 {
        weight 1
        TCP_CHECK {
        connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

}

nginx1

nginx安装如下

echo "1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo "1" > /proc/sys/net/ipv4/conf/all/arp_ignore
# 将对应网卡设置为只回应目标IP为自身接口地址的ARP请求
echo "2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo "2" > /proc/sys/net/ipv4/conf/all/arp_announce
# 将ARP请求的源IP设置为eth0上的IP，也就是RIP
# 必须完成以上设置，才可继续
 
ifconfig lo:0 192.168.32.200 netmask 255.255.255.255 up
# 添加IP地址为VIP的虚拟网卡lo:0
route add -host 192.168.32.200 dev lo:0

nginx2

同nginx1

测试如下