1.准备
准备四台虚拟机,两台作为主机,两台作为web端
ka1 172.25.254.10
ka2 172.25.254.20
server1 172.25.254.110
server2 172.25.254.120
在两台服务器上下载keepalive
yum install keepalived -y
在两台web端安装httpd
yum install httpd -y
配置虚拟路由
ka1
notification_email {
884508137@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.ysy.org
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
}
ka2
notification_email {
884508137@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka2.ysy.org
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
}
启动keepalived日志功能
KEEPALIVED_OPTIONS="-D -S 6"
2.实验
抢占模式和非抢占模式
ka1
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
}
ka2
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 80
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
}
抢占延迟模式 preempt_delay
ka1
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 100
preempt_delay 10s
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
}
ka2
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 80
preempt_delay 10s
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
}
VIP单播配置
ka1
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
#nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
unicast_src_ip 172.25.254.10
unicast_peer {
172.25.254.20
}
}
ka2
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 80
#nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
unicast_src_ip 172.25.254.20
unicast_peer {
172.25.254.10
}
}
Keepalived 通知脚本配置
安装邮件发送工具
yum install mailx -y
qq邮箱配置
set from=884508137@qq.com
set smtp=smtp.qq.com
set smtp-auth-user=884508137@qq.com
set smtp-auth-password=mzevmzrokdiidbbd
set smtp-auth=login
set ssl-verify=ignore
脚本内容
#!/bin/bash
mail_dest='884508137@qq.com'
mail_send()
{
mail_subj="$HOSTNAME to be $1 vip move"
mail_mess="`date +%F\ %T`: vrrp move $HOSTNAME chage $1"
echo "$mail_mess" | mail -s "$mail_subj" $mail_dest
}
case $1 in
master)
mail_send master
;;
backup)
mail_send backup
;;
fault)
mail_send fault
;;
*)
exit 1
;;
esac
实现 master/master 的 Keepalived 双主架构
ka1
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 100
priority 100
preempt_delay 10s
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 200
priority 80
preempt_delay 10s
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.200/24 dev eth0 label eth0:2
}
}
ka2
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 100
priority 80
preempt_delay 10s
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:1
}
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 200
priority 100
preempt_delay 10s
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.200/24 dev eth0 label eth0:2
}
}
实现IPVS的高可用性
配置web
echo rs1 172.25.254.110 > /var/www/html/index.html
ip a a 172.25.254.100/32 dev lo
echo rs 172.25.254.120 > /var/www/html/index.html
ip a a 172.25.254.100/32 dev lo
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ka配置
real_server 172.25.254.110 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 2
delay_before_retry 2
}
}
real_server 172.25.254.120 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 2
delay_before_retry 2
}
}
}
ka2
real_server 172.25.254.110 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 2
delay_before_retry 2
connect_port 80
}
}
real_server 172.25.254.120 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 2
nb_get_retry 2
delay_before_retry 2
}
}
}
实现HAProxy高可用
配置ka
listen webserver
bind 172.25.254.100:80
server web1 172.25.254.101:80 check
server web2 172.25.254.102:80 check
net.ipv4.ip_nonlocal_bind = 1
vrrp_script check_haproxy {
script "/etc/keepalived/scripts/haproxy.sh"
interval 1
weight -30
fall 2
rise 2
timeout 2
}
vrrp_instance web {
state MASTER
interface ens33
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100 dev ens33 label ens33:0
}
track_script {
check_haproxy
}
}