运用 keepalived 实现 lvs-dr 的完整示例(包含状态检测)
运用 keepalived 实现 lvs-dr 的完整示例(包含状态检测)
- 1、绘制拓扑
- 2、前期准备工作
- 2.1 VS-1 确保能正常访问 RS-1 、RS-2 和 本地 httpd 服务
- 2.2 VS-2 确保能正常访问 RS-1 、RS-2 和 本地 httpd 服务
- 3、RS -1 的配置(关于 dr 配置)
- 4、RS -2 的配置(关于 dr 配置)
- 5、VS-1 配置
- 6、VS-2 配置
- 7、启动服务启动被进行测试
- 7.1 VS-1 和 VS-2 启动 keepalived 程序,并通过 ipvsadm 程序进行查看
- 7.1.1 VS-1
- 7.1.2 VS-2
- 7.2 用户A 和 用户B 进行网页访问
- 7.2.1 用户A
- 7.2.2 用户B
- 7.3 RS-1 故障
- 7.3.1 VS 进行状态查看
- 7.3.2 用户进行访问
- 7.3 RS-1 和 VS-1 故障
- 7.3.1 VS-1 停止 keepalived 服务
- 7.3.2 VS-2 keepalived 服务状态
- 7.3.3 用户进行访问
- 7.4 RS-1 、RS-2 和 VS-1 故障
- 7.4.1 VS-1 停止 keepalived 服务
- 7.4.2 VS-2 keepalived 服务状态
- 7.4.3 用户进行访问
- 7.5 VS-1 和 VS-2 故障
- 7.5.1 VS-1 和 VS-2 停止 keepalived 服务
- 7.5.2 用户进行访问(访问失败)
- 7.6 全部正常无故障,访问恢复正常
- 7.7 使用 TCP_CHECK 进行状态检测
- 7.7.1 VS-1 和 VS-2 的 keepalived 的配置文件
- 7.7.2 正常状态下,使用 ipvsadm 查看 lvs 状态
- 7.7.3 RS-2 故障,看状态能否检测成功(检测成功)
- 7.7.4 RS-2 正常,查看 lvs 状态(恢复正常)
- 7.8 邮件通知
1、绘制拓扑
2、前期准备工作
2.1 VS-1 确保能正常访问 RS-1 、RS-2 和 本地 httpd 服务
[root@Neo_Neo keepalived]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255
[root@Neo_Neo keepalived]# curl http://127.0.0.1
<h1>Both web servers are broken and being repaired. Please wait...</h1>
[root@Neo_Neo keepalived]# curl http://192.168.1.12
<h1>HTTP web-server-1 192.168.10.12</h1>
[root@Neo_Neo keepalived]# curl http://192.168.1.13
<h1>HTTP web-server-2 192.168.10.13</h1>
2.2 VS-2 确保能正常访问 RS-1 、RS-2 和 本地 httpd 服务
[root@Tang_Tang keepalived]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.15 netmask 255.255.255.0 broadcast 192.168.1.255
[root@Tang_Tang keepalived]# curl http://127.0.0.1
<h1>Both web servers are broken and being repaired. Please wait...</h1>
[root@Tang_Tang keepalived]# curl http://192.168.1.12
<h1>HTTP web-server-1 192.168.10.12</h1>
[root@Tang_Tang keepalived]# curl http://192.168.1.13
<h1>HTTP web-server-2 192.168.10.13</h1>
3、RS -1 的配置(关于 dr 配置)
具体的配置流程可参照如下博客:
https://blog.csdn.net/weixin_44983653/article/details/101429108
具体配置:
# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
# ifconfig lo:0 192.168.1.99/32 broadcast 192.168.1.99 up
# route add -host 192.168.1.99 dev lo:0
4、RS -2 的配置(关于 dr 配置)
具体的配置流程可参照如下博客:
https://blog.csdn.net/weixin_44983653/article/details/101429108
具体配置:
# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
# echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
# echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
# ifconfig lo:0 192.168.1.99/32 broadcast 192.168.1.99 up
# route add -host 192.168.1.99 dev lo:0
5、VS-1 配置
[root@Neo_Neo ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255
[root@Neo_Neo ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Neo_Tang
vrrp_mcast_group4 224.0.0.58
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 33
priority 96
advert_int 1
authentication {
auth_type PASS
auth_pass JIAOTANG
}
virtual_ipaddress {
192.168.1.99/24 dev ens33 label ens33:0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 192.168.1.99 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.1.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.1.13 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
[root@Neo_Neo ~]# cat /etc/keepalived/notify.sh
#!/bin/bash
#
contact='root@localhost'
notify() {
local mailsubject="$(hostname) to be $1, vip floating"
local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
6、VS-2 配置
[root@Tang_Tang ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.15 netmask 255.255.255.0 broadcast 192.168.1.255
[root@Tang_Tang ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id neo-neo
vrrp_mcast_group4 224.0.0.58
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 33
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass JIAOTANG
}
virtual_ipaddress {
192.168.1.99/24 dev ens33 label ens33:0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 192.168.1.99 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.1.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.1.13 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
[root@Tang_Tang ~]# cat /etc/keepalived/notify.sh
#!/bin/bash
#
contact='root@localhost'
notify() {
local mailsubject="$(hostname) to be $1, vip floating"
local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
7、启动服务启动被进行测试
7.1 VS-1 和 VS-2 启动 keepalived 程序,并通过 ipvsadm 程序进行查看
7.1.1 VS-1
[root@Neo_Neo ~]# systemctl start keepalived.service
[root@Neo_Neo ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.11 netmask 255.255.255.0 broadcast 192.168.1.255
[root@Neo_Neo ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.12:80 Route 1 0 0
-> 192.168.1.13:80 Route 1 0 0
7.1.2 VS-2
[root@Tang_Tang ~]# systemctl start keepalived.service
[root@Tang_Tang ~]# ifconfig
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.15 netmask 255.255.255.0 broadcast 192.168.1.255
ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.1.99 netmask 255.255.255.0 broadcast 0.0.0.0
[root@Tang_Tang ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.12:80 Route 1 0 0
-> 192.168.1.13:80 Route 1 0 0
7.2 用户A 和 用户B 进行网页访问
7.2.1 用户A
[root@Tang-Neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
7.2.2 用户B
[root@neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
7.3 RS-1 故障
7.3.1 VS 进行状态查看
[root@Neo_Neo ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.13:80 Route 1 0 0
[root@Tang_Tang ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.13:80 Route 1 0 5
7.3.2 用户进行访问
[root@Tang-Neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
[root@neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
7.3 RS-1 和 VS-1 故障
7.3.1 VS-1 停止 keepalived 服务
[root@Neo_Neo ~]# systemctl stop keepalived.service
[root@Neo_Neo ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Check on service [192.168.1.12]:80 failed after 3 retry.
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Removing service [192.168.1.12]:80 from VS [192.168.1.99]:80
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Remote SMTP server [127.0.0.1]:25 connected.
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: SMTP alert successfully sent.
Oct 05 14:16:24 Neo_Neo Keepalived[7278]: Stopping
Oct 05 14:16:24 Neo_Neo systemd[1]: Stopping LVS and VRRP High Availability Monitor...
Oct 05 14:16:24 Neo_Neo Keepalived_healthcheckers[7279]: Stopped
Oct 05 14:16:25 Neo_Neo Keepalived_vrrp[7280]: Stopped
Oct 05 14:16:25 Neo_Neo Keepalived[7278]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Oct 05 14:16:25 Neo_Neo systemd[1]: Stopped LVS and VRRP High Availability Monitor.
7.3.2 VS-2 keepalived 服务状态
[root@Tang_Tang ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2019-10-05 13:37:43 EDT; 39min ago
Process: 7270 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 7271 (keepalived)
CGroup: /system.slice/keepalived.service
├─7271 /usr/sbin/keepalived -D
├─7272 /usr/sbin/keepalived -D
└─7273 /usr/sbin/keepalived -D
Oct 05 13:39:51 Tang_Tang Keepalived_healthcheckers[7272]: Remote SMTP server [127.0.0.1]:25 connected.
Oct 05 13:39:51 Tang_Tang Keepalived_healthcheckers[7272]: SMTP alert successfully sent.
Oct 05 14:11:18 Tang_Tang Keepalived_healthcheckers[7272]: Error connecting server [192.168.1.12]:80.
Oct 05 14:11:19 Tang_Tang Keepalived_healthcheckers[7272]: Error connecting server [192.168.1.12]:80.
Oct 05 14:11:20 Tang_Tang Keepalived_healthcheckers[7272]: Error connecting server [192.168.1.12]:80.
Oct 05 14:11:21 Tang_Tang Keepalived_healthcheckers[7272]: Error connecting server [192.168.1.12]:80.
Oct 05 14:11:21 Tang_Tang Keepalived_healthcheckers[7272]: Check on service [192.168.1.12]:80 failed after 3 retry.
Oct 05 14:11:21 Tang_Tang Keepalived_healthcheckers[7272]: Removing service [192.168.1.12]:80 from VS [192.168.1.99]:80
Oct 05 14:11:21 Tang_Tang Keepalived_healthcheckers[7272]: Remote SMTP server [127.0.0.1]:25 connected.
Oct 05 14:11:21 Tang_Tang Keepalived_healthcheckers[7272]: SMTP alert successfully sent.
7.3.3 用户进行访问
[root@Tang-Neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
[root@neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
7.4 RS-1 、RS-2 和 VS-1 故障
7.4.1 VS-1 停止 keepalived 服务
[root@Neo_Neo ~]# systemctl stop keepalived.service
[root@Neo_Neo ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Check on service [192.168.1.12]:80 failed after 3 retry.
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Removing service [192.168.1.12]:80 from VS [192.168.1.99]:80
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Remote SMTP server [127.0.0.1]:25 connected.
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: SMTP alert successfully sent.
Oct 05 14:16:24 Neo_Neo Keepalived[7278]: Stopping
Oct 05 14:16:24 Neo_Neo systemd[1]: Stopping LVS and VRRP High Availability Monitor...
Oct 05 14:16:24 Neo_Neo Keepalived_healthcheckers[7279]: Stopped
Oct 05 14:16:25 Neo_Neo Keepalived_vrrp[7280]: Stopped
Oct 05 14:16:25 Neo_Neo Keepalived[7278]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Oct 05 14:16:25 Neo_Neo systemd[1]: Stopped LVS and VRRP High Availability Monitor.
7.4.2 VS-2 keepalived 服务状态
[root@Tang_Tang ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: active (running) since Sat 2019-10-05 13:37:43 EDT; 42min ago
Process: 7270 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 7271 (keepalived)
CGroup: /system.slice/keepalived.service
├─7271 /usr/sbin/keepalived -D
├─7272 /usr/sbin/keepalived -D
└─7273 /usr/sbin/keepalived -D
Oct 05 14:20:12 Tang_Tang Keepalived_healthcheckers[7272]: Error connecting server [192.168.1.13]:80.
Oct 05 14:20:14 Tang_Tang Keepalived_healthcheckers[7272]: Error connecting server [192.168.1.13]:80.
Oct 05 14:20:15 Tang_Tang Keepalived_healthcheckers[7272]: Error connecting server [192.168.1.13]:80.
Oct 05 14:20:15 Tang_Tang Keepalived_healthcheckers[7272]: Check on service [192.168.1.13]:80 failed after 3 retry.
Oct 05 14:20:15 Tang_Tang Keepalived_healthcheckers[7272]: Removing service [192.168.1.13]:80 from VS [192.168.1.99]:80
Oct 05 14:20:15 Tang_Tang Keepalived_healthcheckers[7272]: Lost quorum 1-0=1 > 0 for VS [192.168.1.99]:80
Oct 05 14:20:15 Tang_Tang Keepalived_healthcheckers[7272]: Adding sorry server [127.0.0.1]:80 to VS [192.168.1.99]:80
Oct 05 14:20:15 Tang_Tang Keepalived_healthcheckers[7272]: Removing alive servers from the pool for VS [192.168.1.99]:80
Oct 05 14:20:15 Tang_Tang Keepalived_healthcheckers[7272]: Remote SMTP server [127.0.0.1]:25 connected.
Oct 05 14:20:15 Tang_Tang Keepalived_healthcheckers[7272]: SMTP alert successfully sent.
You have new mail in /var/spool/mail/root
7.4.3 用户进行访问
[root@Tang-Neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
[root@neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
<h1>Both web servers are broken and being repaired. Please wait...</h1>
7.5 VS-1 和 VS-2 故障
7.5.1 VS-1 和 VS-2 停止 keepalived 服务
[root@Neo_Neo ~]# systemctl stop keepalived.service
[root@Neo_Neo ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Check on service [192.168.1.12]:80 failed after 3 retry.
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Removing service [192.168.1.12]:80 from VS [192.168.1.99]:80
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: Remote SMTP server [127.0.0.1]:25 connected.
Oct 05 14:11:21 Neo_Neo Keepalived_healthcheckers[7279]: SMTP alert successfully sent.
Oct 05 14:16:24 Neo_Neo Keepalived[7278]: Stopping
Oct 05 14:16:24 Neo_Neo systemd[1]: Stopping LVS and VRRP High Availability Monitor...
Oct 05 14:16:24 Neo_Neo Keepalived_healthcheckers[7279]: Stopped
Oct 05 14:16:25 Neo_Neo Keepalived_vrrp[7280]: Stopped
Oct 05 14:16:25 Neo_Neo Keepalived[7278]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Oct 05 14:16:25 Neo_Neo systemd[1]: Stopped LVS and VRRP High Availability Monitor.
[root@Tang_Tang ~]# systemctl stop keepalived.service
[root@Tang_Tang ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: inactive (dead)
Oct 05 14:22:46 Tang_Tang Keepalived_healthcheckers[7272]: Adding service [192.168.1.12]:80 to VS [192.168.1.99]:80
Oct 05 14:22:46 Tang_Tang Keepalived_healthcheckers[7272]: Remote SMTP server [127.0.0.1]:25 connected.
Oct 05 14:22:46 Tang_Tang Keepalived_healthcheckers[7272]: SMTP alert successfully sent.
Oct 05 14:23:05 Tang_Tang systemd[1]: Stopping LVS and VRRP High Availability Monitor...
Oct 05 14:23:05 Tang_Tang Keepalived[7271]: Stopping
Oct 05 14:23:05 Tang_Tang Keepalived_vrrp[7273]: VRRP_Instance(VI_1) sent 0 priority
Oct 05 14:23:05 Tang_Tang Keepalived_vrrp[7273]: VRRP_Instance(VI_1) removing protocol VIPs.
Oct 05 14:23:05 Tang_Tang Keepalived_healthcheckers[7272]: Stopped
Oct 05 14:23:06 Tang_Tang Keepalived_vrrp[7273]: Stopped
Oct 05 14:23:06 Tang_Tang systemd[1]: Stopped LVS and VRRP High Availability Monitor.
7.5.2 用户进行访问(访问失败)
[root@Tang-Neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
[root@neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
curl: (7) Failed connect to 192.168.1.99:80; No route to host
7.6 全部正常无故障,访问恢复正常
[root@Tang-Neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
[root@neo ~]# for i in {1..10}; do curl http://192.168.1.99:80; done
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
<h1>HTTP web-server-2 192.168.10.13</h1>
<h1>HTTP web-server-1 192.168.10.12</h1>
7.7 使用 TCP_CHECK 进行状态检测
7.7.1 VS-1 和 VS-2 的 keepalived 的配置文件
[root@Neo_Neo ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Neo_Tang
vrrp_mcast_group4 224.0.0.58
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 33
priority 96
advert_int 1
authentication {
auth_type PASS
auth_pass JIAOTANG
}
virtual_ipaddress {
192.168.1.99/24 dev ens33 label ens33:0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 192.168.1.99 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.1.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.1.13 80 {
weight 1
# HTTP_GET {
# url {
# path /
# status_code 200
# }
# connect_timeout 1
# nb_get_retry 3
# delay_before_retry 1
# }
TCP_CHECK {
nb_get_retry 3
delay_before_retry 2
connect_timeout 3
}
}
}
[root@Neo_Neo ~]# systemctl stop keepalived.service
[root@Neo_Neo ~]# systemctl start keepalived.service
[root@Tang_Tang ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id neo-neo
vrrp_mcast_group4 224.0.0.58
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 33
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass JIAOTANG
}
virtual_ipaddress {
192.168.1.99/24 dev ens33 label ens33:0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 192.168.1.99 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.1.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.1.13 80 {
weight 1
# HTTP_GET {
# url {
# path /
# status_code 200
# }
# connect_timeout 1
# nb_get_retry 3
# delay_before_retry 1
# }
TCP_CHECK {
nb_get_retry 3
delay_before_retry 2
connect_timeout 3
}
}
}
[root@Tang_Tang ~]# systemctl stop keepalived.service
[root@Tang_Tang systemctl start keepalived.servicee
7.7.2 正常状态下,使用 ipvsadm 查看 lvs 状态
[root@Neo_Neo ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.12:80 Route 1 0 0
-> 192.168.1.13:80 Route 1 0 0
[root@Tang_Tang ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.12:80 Route 1 0 0
-> 192.168.1.13:80 Route 1 0 0
7.7.3 RS-2 故障,看状态能否检测成功(检测成功)
[root@Neo_Neo ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.12:80 Route 1 0 0
[root@Tang_Tang ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.12:80 Route 1 0 0
7.7.4 RS-2 正常,查看 lvs 状态(恢复正常)
[root@Neo_Neo ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.12:80 Route 1 0 0
-> 192.168.1.13:80 Route 1 0 0
[root@Tang_Tang ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.1.99:80 rr
-> 192.168.1.12:80 Route 1 0 0
-> 192.168.1.13:80 Route 1 0 0
7.8 邮件通知
RS 的状态 和 keepalived 的主备状态转换和变化都会通过邮件进行通知。
[root@Neo_Neo ~]# mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
"/var/spool/mail/root": 23 messages 23 new
>N 1 root Fri Oct 4 11:24 18/695 "Neo_Neo to be master, vip floating"
N 2 root Fri Oct 4 12:27 18/695 "Neo_Neo to be backup, vip floating"
N 3 root Fri Oct 4 12:27 18/693 "Neo_Neo to be fault, vip floating"
N 4 root Fri Oct 4 12:28 18/695 "Neo_Neo to be backup, vip floating"
N 5 root Sat Oct 5 13:31 18/695 "Neo_Neo to be backup, vip floating"
N 6 keepalived@localhost Sat Oct 5 13:32 17/653 "[Neo_Tang] Realserver [192.168.1.13]:80 - DOWN"
N 7 keepalived@localhost Sat Oct 5 13:33 17/630 "[Neo_Tang] Realserver [192.168.1.13]:80 - UP"
N 8 root Sat Oct 5 13:37 18/695 "Neo_Neo to be backup, vip floating"
N 9 root Sat Oct 5 13:37 18/695 "Neo_Neo to be master, vip floating"
N 10 root Sat Oct 5 13:37 18/695 "Neo_Neo to be backup, vip floating"
N 11 root Sat Oct 5 13:37 18/695 "Neo_Neo to be master, vip floating"
N 12 root Sat Oct 5 13:37 18/695 "Neo_Neo to be backup, vip floating"
N 13 keepalived@localhost Sat Oct 5 13:38 17/653 "[Neo_Tang] Realserver [192.168.1.12]:80 - DOWN"
N 14 keepalived@localhost Sat Oct 5 13:39 17/653 "[Neo_Tang] Realserver [192.168.1.13]:80 - DOWN"
N 15 keepalived@localhost Sat Oct 5 13:39 17/630 "[Neo_Tang] Realserver [192.168.1.12]:80 - UP"
N 16 keepalived@localhost Sat Oct 5 13:39 17/630 "[Neo_Tang] Realserver [192.168.1.13]:80 - UP"
N 17 keepalived@localhost Sat Oct 5 14:11 17/653 "[Neo_Tang] Realserver [192.168.1.12]:80 - DOWN"
N 18 root Sat Oct 5 14:26 18/695 "Neo_Neo to be backup, vip floating"
N 19 root Sat Oct 5 14:33 18/695 "Neo_Neo to be backup, vip floating"
N 20 root Sat Oct 5 14:33 18/695 "Neo_Neo to be master, vip floating"
N 21 root Sat Oct 5 14:33 18/695 "Neo_Neo to be backup, vip floating"
N 22 keepalived@localhost Sat Oct 5 14:37 17/635 "[Neo_Tang] Realserver [192.168.1.13]:80 - DOWN"
N 23 keepalived@localhost Sat Oct 5 14:39 17/634 "[Neo_Tang] Realserver [192.168.1.13]:80 - UP"
& 22
Message 22:
From keepalived@localhost.localdomain Sat Oct 5 14:37:11 2019
Return-Path: <keepalived@localhost.localdomain>
X-Original-To: root@localhost
Delivered-To: root@localhost.localdomain
Date: Sat, 05 Oct 2019 14:37:11 -0400
From: keepalived@localhost.localdomain
Subject: [Neo_Tang] Realserver [192.168.1.13]:80 - DOWN
X-Mailer: Keepalived
To: root@localhost.localdomain
Status: R
=> TCP CHECK failed on service <=
& exit