LVS01 与LVS02 主机 配置如下
- yum install kernel-devel ipvsadm keepalive
- ln -s /usr/src/kernels/
uname -r
/usr/src/linux - lsmod | grep ip_vs 检查 LVS 是否成功
- ipvsadm or modprobe ip_vs 启动
- ipvsadm -C 清空LVS 所在配置
配置 LVS 与 keepalive - vi /etc/keepalive/keepalived.conf
[root@lvs01 log]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
}
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_01
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.44
#192.168.200.17
#192.168.200.18
}
}
virtual_server 192.168.0.44 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 20
protocol TCP
real_server 192.168.0.42 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.0.43 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
LVS02从节点 只修改如下
a. router_id LVS_02
b. state BACKUP
c.priority 100
7. 安装 web 服务节点
yum install httpd -y
8. 在web服务节点绑定VIP
ip addr add 192.168.0.44/32 dev lo label lo:0
9. 抑制 ARP
echo “1” >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo “2” >/proc/sys/net/ipv4/conf/lo/arp_announce
echo “1” >/proc/sys/net/ipv4/conf/all/arp_ignore
echo “2” >/proc/sys/net/ipv4/conf/all/arp_announce
10. 先启动 keepalived, 再启动httpd
a.systemctl start keepalived
b.systemctl start httpd
11. 查看LVS 访问状态 ipvsadm -Ln --stats
12. 在client 端访问 192.168.0.44,
不要在LVS主节点访问 VIP, 已知问题,访问不了
扩展
配置指定文件接收keepalived 服务日志
背景:
keepalived 日志defaut path /var/log/messages。 与别的日志混合一起,查看不方便,现调整成单独文件
step:
- vi /etc/sysconfig/keepalived 改成如下
KEEPALIVED_OPTIONS="-D -d -S 0"
or
用sed -i ‘14 s#KEEPALIVED_OPTIONS="-D"#KEEPALIVED_OPTIONS="-D -d -S 0"#’ /etc/sysconfig/keepalived - vi /etc/rsyslog.conf
添加一行如下
#keepalived
local0.* /var/log/keepalived.log
在 *.info;mail.none;authpriv.none;cron.none; 后面添加local0.none - systemctl restart rsyslog keepalived
监测keepalived 脑裂的脚本
在从节点上执上脚本,若可以 ping 通主节点且从节点有VIP 就报 alert, 人员介入检查是否脑裂
#!/bin/sh
lvs01_vip=192.168.0.44
lvs01_ip=192.168.0.40
while true
do
ping -c 2 -w 3 $lvs01_ip &>/dev/null
if [ $? -eq 0 -a
‘
i
p
a
d
d
∣
g
r
e
p
"
`ip add|grep "
‘ipadd∣grep"lvs01_vip" |wc -l` -eq 1 ]
then
echo “HA is split brain.”
else
echo “HA is working fine.”
fi
sleep 5
done