环境
192.168.1.219为keepalived和lvs的VIP地址
192.168.1.222为keepalived的主并安装ipvsadm
192.168.1.221为keepalived的从并安装ipvsadm
192.168.1.218为nginx web服务器
192.168.1.220为nginx web服务器
在192.168.1.222下载keepalived和ipvsadm
mkdir /root/repo
cd /root/repo
wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz
wget http://www.keepalived.org/software/keepalived-1.2.8.tar.gz
tar zxf ipvsadm-1.24.tar.gz
cd ipvsadm-1.24
ln -s /usr/src/kernels/2.6.32-431.20.3.el6.x86_64 /usr/src/linux
make && make install
tar zxf keepalived-1.2.8.tar.gz
cd keepalived-1.2.8
./configure --prefix=/usr/local/keepalived
make[1]: *** [libipvs.o] Error 1
make[1]: Leaving directory `/usr/src/ipvsadm-1.26/libipvs'
make: *** [libs] Error 2
解决办法:yum -y install libnl libnl-devel popt popt-devel popt-static
make && make install
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
vim /etc/sysctl net.ipv4.ip_forword = 1
vim /etc/keepalived/keepalived.conf #没有这个文件,请自己创建
! Configuration File for keepalived
global_defs {
notification_email {
[email protected] #设置报警邮箱,一般不再这做,而是用其他方式报警。
}
notification_email_from root@localhost #设定发送邮件地址
smtp_server 127.0.0.1 #设定发送邮件服务器
smtp_connect_timeout 30 #设定SMTP连接超时时间
router_id LVS_DEVEL #两个节点的此项设置可相同,也可不相同。
}
vrrp_instance VI_1 { #定义虚拟路由实例,不同实例ID不同。
state MASTER #定义服务器在keepalived中的角色主服务器
interface eth0 #定义进行检测的端口eth0
virtual_router_id 51 #定义虚拟路由ID,同一个实例的主从一样。
priority 100 #定义在虚拟路由器组的权限,越大越高
advert_int 1 #定义检测时间间隔
authentication { #定义认证方式密码,主从必须一样
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { #指定虚拟IP地址
192.168.1.219
}
}
virtual_server 192.168.1.219 80 { #定义虚拟服务,需指定IP地址和端口
delay_loop 6 #定义RS运行情况监测时间间隔
lb_algo rr #定义负载调度算法
lb_kind DR #定义LVS的工作模式
nat_mask 255.255.255.0 #定义虚拟服务的mask
persistence_timeout 50 #定义会话保持时间,S为单位
protocol TCP #指定转发协议
real_server 192.168.1.218 80 { #定义真实服务器IP地址和端口
weight 1 #定义RS的权重
TCP_CHECK{ #RS server健康检查部分
connect_timeout 10 #定义超出10s连接超时
nb_get_retry 3 #定义重试次数
delay_before_retry 3 #定义重试时间间隔
connect_port 80 #定义健康检查端口
}
real_server 192.168.1.220 80 {
weight 1
TCP_CHECK{
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
#保存退出
chkconfig keepalived on
service keepalived start
在192.168.1.221下载keepalived和ipvsadm
mkdir /root/repo
wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz
wget http://www.keepalived.org/software/keepalived-1.2.8.tar.gz
tar zxf ipvsadm-1.24.tar.gz
cd ipvsadm-1.24
ln -s /usr/src/kernels/2.6.32-431.20.3.el6.x86_64 /usr/src/linux
make && make install
tar zxf keepalived-1.2.8.tar.gz
cd keepalived-1.2.8
./configure --prefix=/usr/local/keepalived
make[1]: *** [libipvs.o] Error 1
make[1]: Leaving directory `/usr/src/ipvsadm-1.26/libipvs'
make: *** [libs] Error 2
解决办法:yum -y install libnl libnl-devel popt popt-devel popt-static
make && make install
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
vim /etc/sysctl net.ipv4.ip_forword = 1
vim /etc/keepalived/keepalived.conf #没有这个文件,请自己创建
! Configuration File for keepalived
global_defs {
notification_email {
@qq.com #设置报警邮箱,一般不再这做,而是用其他方式报警。
}
notification_email_from keepalived@localhost #设定发送邮件地址
smtp_server 127.0.0.1 #设定发送邮件服务器
smtp_connect_timeout 30 #设定SMTP连接超时时间
router_id LVS_DEVEL #负载均衡器标示,在局域网内是唯一的
}
vrrp_instance VI_1 { #定义虚拟路由实例,不同实例ID不同。
state BACKUP #定义服务器在keepalived中的角色
interface eth0 #定义进行检测的端口eth0
virtual_router_id 51 #定义虚拟路由ID,同一个实例的主从一样。
priority 50 #定义在虚拟路由器组的权限,越大越高
advert_int 1 #定义检测时间间隔
authentication { #定义认证方式密码,主从必须一样
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { #指定虚拟IP地址
192.168.1.219
}
}
virtual_server 192.168.1.219 80 { #定义虚拟服务,需指定IP地址和端口,空格隔开。
delay_loop 6 #定义RS运行情况监测时间间隔
lb_algo rr #定义负载调度算法
lb_kind DR #定义LVS的工作模式
nat_mask 255.255.255.0 #定义虚拟服务的mask
persistence_timeout 50 #定义会话保持时间,S为单位
protocol TCP #指定转发协议
real_server 192.168.1.218 80 { #定义真实服务器IP地址和端口
weight 1 #定义RS的权重
TCP_CHECK{ #RS server健康检查部分
connect_timeout 10 #定义超出10s连接超时
nb_get_retry 3 #定义重试次数
delay_before_retry 3 #定义重试时间间隔
connect_port 80 #定义健康检查端口
}
real_server 192.168.1.220 80 {
weight 1
TCP_CHECK{
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
#保存退出
chkconfig keepalived on
service keepalived start
在nginx服务端写一个arp抑制并且绑定VIP到lo网卡的脚本
在192.168.1.218上
vim /root/shell/real.sh
#!/bin/bash
#
. /etc/rc.d/init.d/functions
VIP=(
192.168.1.218
)
function start(){
for ((i=0;i<`echo ${#VIP[*]}`;i++))
do
echo ${i} ${VIP[$i]}
ifconfig lo:${i} ${VIP[$i]} netmask 255.255.255.255 up
route add -host ${VIP[$i]} dev lo
done
echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/all/arp_announce
}
function stop(){
for ((i=0;i<${#VIP[*]};i++))
do
echo ${i} ${VIP[$i]}
ifconfig lo:${i} ${VIP[$i]} netmask 255.255.255.255 up
route del -host ${VIP[$i]} dev lo:${i}
done
}
case "$1" in
start)
start
exit
;;
stop)
stop
exit
;;
*)
echo "You must use $0:stop|start"
;;
esac
#保存退出
chmod +x /root/shell/real.sh
/root/shell/real.sh start
echo "/root/shell/real.sh start" >> /etc/rc.local
在nginx服务端写一个arp抑制并且绑定VIP到lo网卡的脚本
在192.168.1.220上
vim /root/shell/real.sh
#!/bin/bash
#
. /etc/rc.d/init.d/functions
VIP=(
192.168.1.220
)
function start(){
for ((i=0;i<`echo ${#VIP[*]}`;i++))
do
echo ${i} ${VIP[$i]}
ifconfig lo:${i} ${VIP[$i]} netmask 255.255.255.255 up
route add -host ${VIP[$i]} dev lo
done
echo "1">/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1">/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2">/proc/sys/net/ipv4/conf/all/arp_announce
}
function stop(){
for ((i=0;i<${#VIP[*]};i++))
do
echo ${i} ${VIP[$i]}
ifconfig lo:${i} ${VIP[$i]} netmask 255.255.255.255 up
route del -host ${VIP[$i]} dev lo:${i}
done
}
case "$1" in
start)
start
exit
;;
stop)
stop
exit
;;
*)
echo "You must use $0:stop|start"
;;
esac
#保存退出
chmod +x /root/shell/real.sh
/root/shell/real.sh start
echo "/root/shell/real.sh start" >> /etc/rc.local
查看日志
192.168.1.222
tail -100 /var/log/messages
Jul 11 16:50:17 localhost Keepalived_vrrp[8088]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.219
Jul 11 16:50:17 localhost Keepalived_healthcheckers[8086]: Netlink reflector reports IP 192.168.1.219 added
Jul 11 16:50:22 localhost Keepalived_vrrp[8088]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.219
#如显示这样 为服务正常启动,222已自动生成为keepalived的master服务器
192.168.1.221
tail -100 /var/log/messages
Jul 11 16:46:40 localhost Keepalived_vrrp[24605]: Using LinkWatch kernel netlink reflector...
Jul 11 16:46:40 localhost Keepalived_healthcheckers[24604]: Using LinkWatch kernel netlink reflector...
Jul 11 16:46:40 localhost Keepalived_vrrp[24605]: VRRP_Instance(VI_1) Entering BACKUP STATE
#221已经生成为备份服务器
在两台网站根目录下新建目录/Test/a.html
218的a.html写上218
220的a.html写上220
10分钟左右进行一次访问 http://192.168.1.219/Test/a.html
看看访问的是哪个服务器下的网站
停掉222服务器的keepalived
然后进行访问 http://192.168.1.219/Test/a.html
访问正常
开启222的keepalived,然后停掉221的keepalived
访问正常
试验结束。 本人已亲测