Keepalived双机热备
教员
实验一:使用keepalived实现双机热备
一、 实验名称:
- Keepalived双机热备
二、 实验目的:
- 学会构建双机热备系统
- 学会构建LVS+HA高可用群集
三、 实验环境:
| 设备名称 | 系统版本 | IP地址 | 所需软件 |
| 主服务器 | Linux-6.5 | eth0=172.16.16.173 漂移ip=172.16.16.172 | keepalived-1.2.13.tar.gz |
| 备用服务器 |
| eth0=172.16.16.174 漂移ip=172.16.16.172 | keepalived-1.2.13.tar.gz |
| 客户端 | Linux-6.5 | eth0=172.16.16.100 |
|
注:将所需软件拷贝至/usr/src中
四:实验思路:
- 配置双机热备环境
实验过程
一:环境的准备
1:设置各个设备的ip地址
注意:用作漂移的网卡的NM_CONTROLLED一定要设置为no
2:挂载光盘并设置yum源
[root@localhost 桌面]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# rm -rf CentOS-Base.repo
[root@localhost yum.repos.d]# vi CentOS-Media.repo \\可以将该目录中的其他配置文件删掉,以免干扰
[c6-media]
name=CentOS-$releasever - Media
baseurl=file:///media/cdrom/
gpgcheck=1
enabled=1
gpgkey=file:///media/cdrom/RPM-GPG-KEY-CentOS-6
[root@localhost yum.repos.d]# mkdir /media/cdrom
[root@localhost yum.repos.d]# mount /dev/cdrom /media/cdrom
[root@localhost yum.repos.d]# cd
3:将所需软件拷贝到/usr/src中
二:热备服务的配置
1:keepalived的安装(在两个服务器上都安装)
[root@localhost ~]# yum -y install kernel-devel openssl-devel popt-devel
[root@localhost ~]# yum -y install ipvsadm
[root@localhost ~]# cd /usr/src
[root@localhost src]# tar zxf keepalived-1.2.13.tar.gz
[root@localhost src]# cd keepalived-1.2.13
[root@localhost keepalived-1.2.13]# yum -y install gcc* gcc-*
[root@localhost keepalived-1.2.13]# ./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-431.e16.x86_64
[root@localhost keepalived-1.2.13]# make && make install
[root@localhost ~]# ls -l /etc/init.d/keepalived
[root@localhost ~]# chkconfig --add keepalived
[root@localhost ~]# chkconfig keepalived on
[root@localhost ~]#
2:主服务器的配置
[root@localhost ~]# service iptables stop
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_01 \\起的名字,不要和其他的冲突 12行
}
vrrp_instance VI_1 {
state MASTER \\另一个为backup 16行
interface eth0
virtual_router_id 1 \\同一个vrrp组的要保持一致 18行
priority 100
advert_int 1
authentication {
auth_type PASS \\保持一致 22行
auth_pass 1111 \\保持一致 23行
}
virtual_ipaddress {
172.16.16.172 \\保持一致 26行
}
}
[root@localhost keepalived]# service keepalived start
[root@localhost keepalived]# ip addr show dev eth0
3:备份服务器的配置
[root@localhost ~]# service iptables stop
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 1
priority 99 \\优先级要低于master的优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.16.172
}
}
[root@localhost keepalived]# service keepalived start
[root@localhost keepalived]# ip addr show dev eth0
4:测试双击热备功能
用客户机:ping 172.16.16.172 -t
依次down掉两个服务器的网卡,观察ping的信息
实验二:使用LVS+keepalived实现高可用群集
一、实验名称:
- Keepalived双机热备
二、实验目的:
- 学会构建双机热备系统
- 学会构建LVS+HA高可用群集
三、实验环境:
重要说明:调度器和web的eth0使用172网段,并桥接vm1,连接到internet,调度器和web的eth0的eth1使用192网段,桥接到vm2连接局域网,nfs使用192网段并桥接到vm2,客户端使用172网段并桥接到vm1
| 设备名称 | 系统版本 | IP地址 | 桥接的设置 | 所需软件 |
| 主调度器 | centos | eth0=172.16.16.173/24 eth1=192.168.7.173/24 vip=172.16.16.172/24 | eth0----vm1 eth1----vm2 | keepalived-1.2.13.tar.gz |
| 从调度器 | Centos
| eth0=172.16.16.174/24 eth1=192.168.7.174/24 vip=172.16.16.172/24 | eth0----vm1 eth1----vm2 | keepalived-1.2.13.tar.gz |
| web1 | Centos/redhat | eth0=172.16.16.177/24 eth1=192.168.7.177/24 lo:0=172.16.16.172/32 | eth0----vm1 eth1----vm2 |
|
| Web2 | Centos/redhat | eth0=172.16.16.178/24 eth1=192.168.7.178/24 lo:0=172.16.16.172/32 | eth0----vm1 eth1----vm2 |
|
| NFS | Centos/redhat | eth0=192.168.7.250/24 | eth0----vm2 |
|
| 客户端 | Centos/redhat | eth0=172.16.16.100 | eth0----vm1 |
|
注:将所需软件拷贝至/usr/src中,客户机可以使用windows主机
四、实验思路:
- 配置LVS
- 配置Keepalived
实验过程
一:实验环境的设置
1:添加网卡
按照图表设置各个网卡的桥接
2:设置ip地址
注意:
用作漂移的网卡的NM_CONTROLLED一定要设置为no
Web服务器中lo:0网卡的子网掩码要为255.255.255.255
3:设置主从调度器的yum环境
[root@localhost ~]# mkdir /media/cdrom
[root@localhost ~]# mount /dev/cdrom /media/cdrom
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# rm -rf CentOS-Base.repo
[root@localhost yum.repos.d]# vi CentOS-Media.repo
[c6-media]
name=CentOS-$releasever - Media
baseurl=file:///media/cdrom/
gpgcheck=1
enabled=1
gpgkey=file:///media/cdrom/RPM-GPG-KEY-CentOS-6
二:nfs共享设置
[root@localhost 桌面]# mkdir /opt/wwwroot
[root@localhost 桌面]# vi /etc/exports
/opt/wwwroot 192.168.7.0/24(rw,sync,no_root_squash)
[root@localhost 桌面]# service iptables stop
[root@localhost 桌面]# chkconfig rpcbind on
[root@localhost 桌面]# service rpcbind start
[root@localhost 桌面]# chkconfig nfs on
[root@localhost 桌面]# service nfs start
[root@localhost 桌面]# showmount -e
三:web1站点设置
[root@localhost ~]# service iptables stop
[root@localhost ~]# chkconfig rpcbind on
[root@localhost ~]# service rpcbind start
[root@localhost ~]# showmount -e 192.168.7.250
[root@localhost ~]# mount 192.168.7.250:/opt/wwwroot /var/www/html
[root@localhost ~]# tail -l /etc/mtab
[root@localhost html]# vi /var/www/html/index.html
<h1>LVS+KEEPALIVES测试</h1>
[root@localhost html]# vi /etc/fstab
添加:
192.168.7.250:/opt/wwwroot /var/www/html nfs defaults,_netdev 0 0
[root@localhost ~]# setinforce 0
[root@localhost ~]# service httpd start
[root@localhost ~]# vi /etc/rc.local
添加
/sbin/route add -host 172.16.16.172 dev lo:0
[root@localhost ~]# route add -host 172.16.16.172 dev lo:0
[root@localhost ~]# vi /etc/sysctl.conf
添加:
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost ~]# sysctl -p
五:web2站点设置(该站点不需要再创建测试网站,在web1上已经创建过了,)
[root@localhost ~]# service iptables stop
[root@localhost ~]# chkconfig rpcbind on
[root@localhost ~]# service rpcbind start
[root@localhost ~]# showmount -e 192.168.7.250
[root@localhost ~]# mount 192.168.7.250:/opt/wwwroot /var/www/html
[root@localhost ~]# tail -l /etc/mtab
[root@localhost html]# vi /etc/fstab
添加:
192.168.7.250:/opt/wwwroot /var/www/html nfs defaults,_netdev 0 0
[root@localhost ~]# setenforce 0
[root@localhost ~]# service httpd start
[root@localhost ~]#cd
[root@localhost ~]# vi /etc/rc.local
添加
/sbin/route add -host 172.16.16.172 dev lo:0
[root@localhost ~]# route add -host 172.16.16.172 dev lo:0
[root@localhost ~]# vi /etc/sysctl.conf
添加:
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost ~]# sysctl -p
六:主从调度器和keepalived设置(主从调度器的设置是一样的,只有配置文件中红色的参数不同,)
1:主调度器
[root@localhost yum.repos.d]# yum -y install ipvsadm
[root@localhost yum.repos.d]# cd
[root@localhost ~]# service ipvsadm stop
[root@localhost ~]# ipvsadm -A -t 172.16.16.172:80 -s rr
[root@localhost ~]# ipvsadm -a -t 172.16.16.172:80 -r 172.16.16.177 -g -w 1
[root@localhost ~]# ipvsadm -a -t 172.16.16.172:80 -r 172.16.16.178 -g -w 1
[root@localhost ~]# service ipvsadm save
[root@localhost ~]# chkconfig ipvsadm on
[root@localhost ~]# service ipvsadm restart
[root@localhost network-scripts]# vi /etc/sysctl.conf
添加:
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.eth0.send_redirects = 0
[root@localhost network-scripts]# sysctl -p
2:keepalived的设置
[root@localhost yum.repos.d]# cd
[root@localhost ~]# yum -y install kernel-devel openssl-devel popt-devel
[root@localhost ~]# cd /usr/src
[root@localhost src]# tar zxf keepalived-1.2.13.tar.gz
[root@localhost src]# cd keepalived-1.2.13
[root@localhost keepalived-1.2.13]# yum -y install gcc*
[root@localhost keepalived-1.2.13]# ./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-431.e16.x86_64
[root@localhost keepalived-1.2.13]# make && make install
[root@localhost keepalived-1.2.13]#cd
[root@localhost ~]# ls -l /etc/init.d/keepalived
[root@localhost ~]# chkconfig --add keepalived
[root@localhost ~]# chkconfig keepalived on
[root@localhost ~]# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_01 \\12 从:router_if LVS_02
}
vrrp_instance VI_1 {
state MASTER \\从:BACKUP
interface eth0 \\注意是哪个网卡承载的VIP
virtual_router_id 51 \\虚拟路由器的ID号,两个设备必须一致
priority 100 \\从:99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.16.172 \\26
}
}
virtual_server 172.16.16.172 80 { \\30
delay_loop 15
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 172.16.16.177 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
real_server 172.16.16.178 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 4
}
}
}
[root@localhost ~]#service iptables stop
[root@localhost ~]# service keepalived restart
用同样的方法设置从调度
最后测试
[root@localhost ~]# ipvsadm –ln
[root@localhost ~]# ip addr show dev eth0
需要给VIP配置网关如果不配置无法与外网进行映射访问
805
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
