keepalived實現LVS高可用

前提：後端兩個RS已經安裝好了httpd，並且可以被正常訪問到

規劃：

Director1：

eth0,DIP:202.207.178.6

eth0:0,VIP:202.207.178.4

Director2：

eth0,DIP:202.207.178.7

eth0:0,VIP:202.207.178.4

RS1:

eth0,RIP:202.207.178.8

lo:0,VIP:202.207.178.4

RS2:

eth0,RIP:202.207.178.9

lo:0,VIP:202.207.178.4

一、配置DR模型（注意：RS1和RS2上的網卡別名地址必須在配置好arp_ignore和arp_announce之後纔可配置，爲避免影響，應關閉防火牆和SELinux）

1、按上述IP地址規劃在相應的網卡上配置相應的IP地址

2、配置RS1和RS2對arp的請求響應，以及其對應VIP

RS1：

# sysctl -w net.ipv4.conf.eth0.arp_announce=2

# sysctl -w net.ipv4.conf.all.arp_announce=2

# echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore

# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore

#ifconfig lo:0 202.207.178.4 broadcast 202.207.178.4 netmask 

         255.255.255.255

RS2：

# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce 

# echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce 

# echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore 

# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore 

# ifconfig lo:0 202.207.178.4 broadcast 202.207.178.4 netmask 

         255.255.255.255

3、爲了使響應報文的源地址爲VIP，添加一條路由

RS1:

# route add -host 202.207.178.4 dev lo:0

RS2:

# route add -host 202.207.178.4 dev lo:0

4、在前端兩個Director上分別定義規則

# ipvsadm -A -t 202.207.178.4:80 -s rr

# ipvsadm -a -t 202.207.178.4:80 -r 202.207.178.8 -g

# ipvsadm -a -t 202.207.178.4:80 -r 202.207.178.9 -g

二、安裝配置keepalived，並對此係統進行測試！

Director1:

1、安裝keepalived

# tar xf keepalived-1.2.1.tar.gz

# cd keepalived-1.2.1

# ./configure --with-kernel-dir=/usr/src/kernels/2.6.32-642.11.1.el6.i686/

# make && make install

注意：

可能需要安裝此包：

# yum install popt-devel

發現/usr/src/kernels/爲空，需要安裝內核源碼

# yum install kernel-devel

2、配置keepalived

1）設置一個變量

# DIR=/usr/local/

2）執行如下語句，將keepalived的配置文件放置在/etc下相關目錄中

# cp $DIR/etc/rc.d/init.d/keepalived  /etc/rc.d/init.d/

# cp $DIR/etc/sysconfig/keepalived /etc/sysconfig/ && mkdir -p 

             /etc/keepalived

# cp $DIR/sbin/keepalived /usr/sbin/

3）爲keepalived提供配置文件

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

#定義出現故障向何處發郵件

  notification_email {

 [email protected]

  }

#定義郵件是由誰發的

  notification_email_from root@localhost

  smtp_server 127.0.0.1

  smtp_connect_timeout 30

  router_id LVS_DEVEL

}

#定義檢測腳本（爲了完成主從節點的切換）

vrrp_script chk_schedown {

script "[ -e /etc/keepalived/down ] && exit 1 || exit 0"

interval 1

weight -5

fail 2

rise 1

}

# VIP1  

#用來定義虛擬路由（vrrp實例）

vrrp_instance VI_1 {

state MASTER

#定義通告信息基於那個接口發送和虛擬路由是工作在那個接口上的    

interface eth0

  # lvs_sync_daemon_inteface eth0  

virtual_router_id 51

#定義優先級  

priority 101

#定義每隔多長時間發一次通告

advert_int 5

#定義認證

authentication {

#定義認證類型爲簡單字符認證 

auth_type PASS

auth_pass keepalivedpass

}

#定義虛擬地址  

virtual_ipaddress {

202.207.178.4/16 dev eth0 label eth0:0

}

#定義自己寫的腳本何時執行  

track_script {

chk_schedown

}

}

virtual_server 202.207.178.4 80 {

delay_loop 6

lb_algo rr

lb_kind DR

nat_mask 255.255.255.0

protocal TCP

sorry_server 127.0.0.1 80

real_server 202.207.178.8 80 {

weight 1

HTTP_GET {

url {

 path /

 status_code 200

}

connect_timeout 2

nb_get_retry 3

delay_before_retry 1

}

}

real_server 202.207.178.9 80 {

weight 1

HTTP_GET {

url {

 path /

 status_code 200

}

connect_timeout 2

nb_get_retry 3

delay_before_retry 1

}

}

}

4）啓動服務

# /etc/init.d/keepalived restart

# ps -ef | grep keepalived

此時發現服務已經啓動！

# tail -fn 100 /var/log/messages

此時發下一直滾屏，是缺少一個模塊，下面加載此模塊

# modprobe ip_vs

# /etc/init.d/keepalived restart

# tail -fn 100 /var/log/messages

此時一切正常

Director2：

配置同主節點，只是在配置文件中修改以下幾項即可：

priority 100

real_server 202.207.178.9 80

測試：此時訪問http://202.207.178.4/，可以發現以輪詢方式訪問到後端RS；在/etc/keepalived下touch一個名爲down的文件，即可實現主從節點的切換！

三、自寫腳本，實現DR宕機，向管理員發郵件（在主從節點上同時執行）

# cd /etc/keepalived/

# vim notify.sh

添加如下內容：

#!/bin/bash

#

contact='root@localhost'

Usage(){

 echo "Usage: `basename $0` {master|backup|fault} VIP"

}

Notify(){

 subject="`hostname`'s state changed to $1"

 mailbody="`data "+%F %T "`: `hostname`'s state change to $1, $VIP floating."

 echo $mailbody | mail -s "$subject" $contact

}

[ $# -lt 2 ] && Usage &&  exit

VIP=$2

case $1 in

master)

  Notify master

  ;;

backup)

  Notify backup

  ;;

fault)

  Notify fault

  ;;

*)

  Usage

  exit 1

  ;;

esac

# chmod +x notify.sh

# vim keepalived.conf

在vrrp段添加如下內容：

notify_master "/etc/keepalived/notify.sh master 202.207.178.4"

notify_backup "/etc/keepalived/notify.sh backup 202.207.178.4"

notify_fault "/etc/keepalived/notify.sh fault 202.207.178.4"

此時在兩個節點重啓keepalived服務，實現主從節點切換，即可收到郵件！

                               歡迎批評指正！