环境准备:
步骤:
1.keepalived主从上都安装keepalived和ipvsadm,并且保证主从都能启动keepalived服务。编辑keepalived配置文件,配置主从vrrp_instance,添加virtual_server和real_server
192.168.131.107主MASTER:
[root@manager ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL1
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 200
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.131.18
}
}
virtual_server 192.168.131.18 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.131.109 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.131.207 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
192.168.131.108从BACKUP:
[root@backup ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL2
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.131.18
}
}
virtual_server 192.168.131.18 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.131.109 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.131.207 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
2.RS1和RS2环回绑定vip设置ARP抑制,并且安装httpd部署web服务器
192.168.131.109和192.168.131.207
在RS1和RS2上用编写脚本的方式实现环回绑定vip设置ARP抑制
[root@RS1 ~]# vim /etc/init.d/lvs_rs
#!/bin/sh
#
# Startup script handle the initialisation of LVS
# chkconfig: - 28 72
# description: Initialise the Linux Virtual Server for DR
#
### BEGIN INIT INFO
# Provides: ipvsadm
# Required-Start: $local_fs $network $named
# Required-Stop: $local_fs $remote_fs $network
# Short-Description: Initialise the Linux Virtual Server
# Description: The Linux Virtual Server is a highly scalable and highly
# available server built on a cluster of real servers, with the load
# balancer running on Linux.
# description: start LVS of DR-RIP
LOCK=/var/lock/ipvsadm.lock
VIP=192.168.131.18
. /etc/rc.d/init.d/functions
start() {
PID=`ifconfig | grep lo:10 | wc -l`
if [ $PID -ne 0 ];
then
echo "The LVS-DR-RIP Server is already running !"
else
/sbin/ifconfig lo:10 $VIP netmask 255.255.255.255 broadcast $VIP up
/sbin/route add -host $VIP dev lo:10
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/ens33/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/ens33/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce /bin/touch $LOCK
echo "starting LVS-DR-RIP server is ok !"
fi
}
stop() {
/sbin/route del -host $VIP dev lo:10
/sbin/ifconfig lo:10 down >/dev/null
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/ens33/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/ens33/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce rm -rf $LOCK
echo "stopping LVS-DR-RIP server is ok !"
}
status() {
if [ -e $LOCK ];
then
echo "The LVS-DR-RIP Server is already running !"
else
echo "The LVS-DR-RIP Server is not running !"
fi
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
stop
start
;;
status)
status
;;
*)
echo "Usage: $1 {start|stop|restart|status}"
exit 1
esac
exit 0
[root@RS1 ~]# chmod +x /etc/init.d/lvs_rs
[root@RS1 ~]# chkconfig --add lvs_rs
[root@RS1 ~]# chkconfig on lvs_rs
[root@RS1 ~]# systemctl retsart lvs_rs
[root@RS1 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet 192.168.131.18/32 brd 192.168.131.18 scope global lo:205
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
[root@RS1 ~]# yum install httpd -y
[root@RS1 ~]# echo "`hostname -I` web" > /var/www/html/index.html
RS2重复上述操作。
3.RS1和RS2启动httpd,keepalived主从启动keepalived
[root@RS1 ~]# systemctl restart httpd
[root@RS2 ~]# systemctl restart httpd
[root@manager ~]# systemctl restart keepalived
[root@backup ~]# systemctl restart keepalived
4.测试:在一台客户机192.168.131.106上访问vip192.168.131.18
[root@pyy ~]# curl 192.168.131.18
192.168.131.109 web
1)测试当keepalived中有一个挂了之后,观察主的资源vip是否转移到备
192.168.131.107主MASTER:
[root@manager ~]# systemctl stop keepalived
[root@manager ~]# ip addr
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:d0:85:02 brd ff:ff:ff:ff:ff:ff
inet 192.168.131.107/24 brd 192.168.131.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
192.168.131.108从BACKUP:
[root@backup ~]# ip addr
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:6b:42:87 brd ff:ff:ff:ff:ff:ff
inet 192.168.131.108/24 brd 192.168.131.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.131.18/32 scope global ens33
valid_lft forever preferred_lft forever
web服务器正常访问:
[root@pyy ~]# curl 192.168.131.18
192.168.131.109 web
2)测试当RS中有一个挂了之后,观察资源是否跳转到另一个web服务器
RS1 192.168.131.109:
[root@RS1 ~]# systemctl stop httpd
客户机192.168.131.106再次访问vip 192.168.131.108
[root@pyy ~]# curl 192.168.131.18
192.168.131.207 web