| 服务器名称 | IP地址 | VIP | 网卡名称 | 备注 |
|---|---|---|---|---|
| local-100-101 | 172.20.100.101 | 172.20.100.250 | eth0 | 主 |
| docker-100-108 | 172.20.100.108 | 172.20.100.250 | eth0 | 备 |
前提:
1、关闭防火墙和selinux
2、确保安装keepalived的服务的各节点的用于集群服务的接口支持MULTICAST(多播或组播)通信
如果网卡没有开启多播功能,可通过命令# ip link set multicast on dev eth0开启
以上条件确认好以后,开始安装
1、安装keepalived(主备都需要安装)
yum -y install keepalived
2、编辑配置文件
主配置文件:/etc/keepalived/keepalived.conf
主程序文件:/usr/sbin/keepalived
#master
global_defs {
notification_email {
15321375963@139.com 收件箱
}
notification_email_from 15321375963@189.cn 发件人
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id 172.20.100.101
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER #state指定instance(Initial)的初始状态
interface eth0 #实例绑定的网卡,因为在配置虚拟IP的时候必须是在已有的网卡上添加的
lvs_sync_daemon_inteface eth0
virtual_router_id 51 #这里设置VRID,这里非常重要,相同的VRID为一个组,他将决定多播的MAC地址
nopreempt #设置不抢占,这里只能设置在state为backup的节点上,而且这个节点的优先级必须别另外的高
preempt delay 60 #延迟抢占时间
priority 100 #设置本节点的优先级,优先级高的为master
advert_int 1 #检查间隔,默认为1秒
authentication {
auth_type PASS
auth_pass rongkang
}
virtual_ipaddress {
172.20.100.250/24
}
}
#backup
global_defs {
notification_email {
15321375963@139.com
}
notification_email_from 15321375963@189.cn
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id 172.20.100.108
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
lvs_sync_daemon_inteface eth0
virtual_router_id 51
nopreempt
preempt delay 60
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass rongkang
}
virtual_ipaddress {
172.20.100.250/24
}
}
2、启动服务
systemctl start keepalived
systemctl enable keepalived
3、查看网卡
localhost-100-101
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:c6:4d:82:b3:00 brd ff:ff:ff:ff:ff:ff
inet 172.20.100.101/24 brd 172.20.100.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 172.20.100.250/24 scope global secondary eth0
valid_lft forever preferred_lft forever
inet6 fe80::c14a:4493:465b:199b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
docker-100-108
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether fa:ca:f2:59:ee:00 brd ff:ff:ff:ff:ff:ff
inet 172.20.100.108/24 brd 172.20.100.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::c14a:4493:465b:199b/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
4、抓包查看
[root@localhost-100-101 ~]# tcpdump -i eth0 vrrp -n
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:41:59.683248 IP 172.20.100.101 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
10:42:00.684497 IP 172.20.100.101 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
10:42:01.685782 IP 172.20.100.101 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
10:42:02.687101 IP 172.20.100.101 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
10:42:03.688397 IP 172.20.100.101 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
10:42:04.689709 IP 172.20.100.101 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
从抓包可以看出,主172.20.100.101作为master向外发送通告
1441
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
