LVS+Keepalived

關閉dada1 2 heartbeat

ot@dada1 ~]# /etc/init.d/heartbeat stop

[root@dada1 ~]# chkconfig heartbeat off

[root@dada1 ~]# tar zxf keepalived-1.2.24.tar.gz

[root@dada1 ~]# cd keepalived-1.2.24

[root@dada1 keepalived-1.2.24]# ./configure --prefix=/usr/local/keepalived

[root@dada1 keepalived-1.2.24]# yum install -y openssl-devel kernel-devel

[root@dada1 keepalived-1.2.24]# ./configure --prefix=/usr/local/keepalived

make make install

cd /usr/local/keepalived/etc

[root@dada1 etc]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

[root@dada1 etc]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/

[root@dada1 etc]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

[root@dada1 etc]# cd rc.d/init.d/

[root@dada1 init.d]# chmod +x keepalived 給/etc/init.d/keepalived腳本加執行權限

cd /usr/local/keepalived

[root@dada1 etc]# ll /etc/sysconfig/keepalived

lrwxrwxrwx 1 root root 46 6月   3 12:06 /etc/sysconfig/keepalived -> /usr/local/keepalived/etc/sysconfig/keepalived

[root@dada1 etc]# ll /etc/keepalived/keepalived.conf

-rw-r--r-- 1 root root 3598 6月   3 12:02 /etc/keepalived/keepalived.conf

[root@dada1 etc]# ll /etc/init.d/keepalived

lrwxrwxrwx 1 root root 48 6月   3 12:08 /etc/init.d/keepalived -> /usr/local/keepalived/etc/rc.d/init.d/keepalived

vim /etc/keepalived/keepalived.conf

 

 

[root@dada1 etc]# cd /usr/local/keepalived/

[root@dada1 keepalived]# cd ..

[root@dada1 local]# scp -r keepalived/ 172.25.27.2:/usr/local/

[root@dada1 local]# cd /etc/keepalived/

[root@dada1 keepalived]# scp keepalived.conf 172.25.27.2:/etc/keepalived/

[root@dada1 keepalived]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/

[root@dada1 keepalived]# /etc/init.d/keepalived start

 

 

 

 

[root@dada2 ~]# cd /usr/local/

[root@dada2 local]# ls

bin  etc  games  include  keepalived  lib  lib64  libexec  sbin  share  src

[root@dada2 local]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

[root@dada2 local]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

[root@dada2 local]# chmod +x /etc/init.d/keepalived

[root@dada2 local]# mkdir /etc/keepalived

[root@dada2 local]# vim /etc/keepalived/keepalived.conf

把主改成從 在改一下優先級

[root@dada2 local]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/

 

 

dada3 4上做法相同

[root@dada3 ~]# vim /etc/rc.local

 ip addr add 172.25.27.100/32 dev eth0

[root@dada3 ~]# /etc/rc.local

ip addr show

 eth0  inet 172.25.27.3/24 brd 172.25.27.255 scope global eth0

       inet 172.25.27.100/32 scope global eth0

arptables管理arp包過濾的軟件 過濾arp包 基本思路和iptables一樣 不過 arptables處理arp協議有關的包 這些包在iptables中並不會處理  arptables可用於靈活的arp管理

[root@dada3 ~]# arptables -A IN -d 172.25.27.100 -j DROP

[root@dada3 ~]# arptables -A OUT -s 172.25.27.100 -j mangle --mangle --mangle-ip-s 172.25.27.3   讓vip看不到 看到的是realserver自己真正的ip172.25.27.3

[root@dada3 ~]# /etc/init.d/arptables_jf save

Saving current rules to /etc/sysconfig/arptables:          [  OK  ]

[root@dada3 ~]# /etc/init.d/httpd start

 

 dada1 的keepalived start 測試

[root@dada1 keepalived]# ipvsadm -l

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  172.25.27.100:http rr persistent 50

  -> server3.example.com:http     Route   1      0          0         

  -> server4.example.com:http     Route   1      0          0         

如果dada1 2的keepalived同時開 vip realservel都在1上 因爲1是主 優先級高是100 而2是backup從優先級低是50  如果1關了 2打開 vip realservel纔會跑到2上

 

 

! Configuration File for keepalived

 

global_defs {

   notification_email {

     root@localhost     接收警報的email地址 可以添加多個（[email protected]）

   }

   notification_email_from [email protected]設置郵件的發送地址

   smtp_server 127.0.0.1  設置smtp server地址

   smtp_connect_timeout 30設置連接smtp服務器超時時間

   router_id LVS_DEVEL    load balance的標識ID 用於email警報

   vrrp_skip_check_adv_addr

   vrrp_strict

   vrrp_garp_interval 0

   vrrp_gna_interval 0

}

 

vrrp_instance VI_1 {     備機改爲BACKUP，此狀態是由priority的值決定的

    state MASTER      當前priority的值小於備機的值，那麼將會失去master狀態

    interface eth0       HA檢測網絡接口

    virtual_router_id 89 主，備機的virtual_router_id必須相同，取值0-255

    priority 100   主機的優先級，備份機爲50，主機優先機一定要大於備機

    advert_int 1   主備之間的通告間隔秒數

    authentication {  主備切換時的驗證

        auth_type PASS 設置驗證類型 主要有PASS和AH兩種

        auth_pass 1111 設置驗證密碼 在一個vrrp_instance下，master與backup

    }                  必須使用相同的密碼才能通信

    virtual_ipaddress {  設置虛擬IP地址 可以設置多個虛擬IP地址 每行一個

        172.25.27.100

    }

}

virtual_server 172.25.27.100 80 { 定義虛擬服務器

    delay_loop 6     每隔6秒查詢realserver狀態

lb_algo rr       LVS調度算法 這裏使用輪叫

lb_kind DR      LVS是用DR模式

persistence_timeout 50

    protocol TCP

    real_server 172.25.27.3 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 3

            nb_get_retry 3

            delay_before_retry 3

        }

    }

   real_server 172.25.27.4 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 3

            nb_get_retry 3

            delay_before_retry 3

        }

    }

}