關閉dada1 2 heartbeat
ot@dada1 ~]# /etc/init.d/heartbeat stop
[root@dada1 ~]# chkconfig heartbeat off
[root@dada1 ~]# tar zxf keepalived-1.2.24.tar.gz
[root@dada1 ~]# cd keepalived-1.2.24
[root@dada1 keepalived-1.2.24]# ./configure --prefix=/usr/local/keepalived
[root@dada1 keepalived-1.2.24]# yum install -y openssl-devel kernel-devel
[root@dada1 keepalived-1.2.24]# ./configure --prefix=/usr/local/keepalived
make make install
cd /usr/local/keepalived/etc
[root@dada1 etc]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@dada1 etc]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@dada1 etc]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@dada1 etc]# cd rc.d/init.d/
[root@dada1 init.d]# chmod +x keepalived 給/etc/init.d/keepalived腳本加執行權限
cd /usr/local/keepalived
[root@dada1 etc]# ll /etc/sysconfig/keepalived
lrwxrwxrwx 1 root root 46 6月 3 12:06 /etc/sysconfig/keepalived -> /usr/local/keepalived/etc/sysconfig/keepalived
[root@dada1 etc]# ll /etc/keepalived/keepalived.conf
-rw-r--r-- 1 root root 3598 6月 3 12:02 /etc/keepalived/keepalived.conf
[root@dada1 etc]# ll /etc/init.d/keepalived
lrwxrwxrwx 1 root root 48 6月 3 12:08 /etc/init.d/keepalived -> /usr/local/keepalived/etc/rc.d/init.d/keepalived
vim /etc/keepalived/keepalived.conf
[root@dada1 etc]# cd /usr/local/keepalived/
[root@dada1 keepalived]# cd ..
[root@dada1 local]# scp -r keepalived/ 172.25.27.2:/usr/local/
[root@dada1 local]# cd /etc/keepalived/
[root@dada1 keepalived]# scp keepalived.conf 172.25.27.2:/etc/keepalived/
[root@dada1 keepalived]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
[root@dada1 keepalived]# /etc/init.d/keepalived start
[root@dada2 ~]# cd /usr/local/
[root@dada2 local]# ls
bin etc games include keepalived lib lib64 libexec sbin share src
[root@dada2 local]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@dada2 local]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@dada2 local]# chmod +x /etc/init.d/keepalived
[root@dada2 local]# mkdir /etc/keepalived
[root@dada2 local]# vim /etc/keepalived/keepalived.conf
把主改成從 在改一下優先級
[root@dada2 local]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
dada3 4上做法相同
[root@dada3 ~]# vim /etc/rc.local
ip addr add 172.25.27.100/32 dev eth0
[root@dada3 ~]# /etc/rc.local
ip addr show
eth0 inet 172.25.27.3/24 brd 172.25.27.255 scope global eth0
inet 172.25.27.100/32 scope global eth0
arptables管理arp包過濾的軟件 過濾arp包 基本思路和iptables一樣 不過 arptables處理arp協議有關的包 這些包在iptables中並不會處理 arptables可用於靈活的arp管理
[root@dada3 ~]# arptables -A IN -d 172.25.27.100 -j DROP
[root@dada3 ~]# arptables -A OUT -s 172.25.27.100 -j mangle --mangle --mangle-ip-s 172.25.27.3 讓vip看不到 看到的是realserver自己真正的ip172.25.27.3
[root@dada3 ~]# /etc/init.d/arptables_jf save
Saving current rules to /etc/sysconfig/arptables: [ OK ]
[root@dada3 ~]# /etc/init.d/httpd start
dada1 的keepalived start 測試
[root@dada1 keepalived]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.27.100:http rr persistent 50
-> server3.example.com:http Route 1 0 0
-> server4.example.com:http Route 1 0 0
如果dada1 2的keepalived同時開 vip realservel都在1上 因爲1是主 優先級高是100 而2是backup從優先級低是50 如果1關了 2打開 vip realservel纔會跑到2上
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost 接收警報的email地址 可以添加多個([email protected])
}
notification_email_from [email protected]設置郵件的發送地址
smtp_server 127.0.0.1 設置smtp server地址
smtp_connect_timeout 30設置連接smtp服務器超時時間
router_id LVS_DEVEL load balance的標識ID 用於email警報
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 { 備機改爲BACKUP,此狀態是由priority的值決定的
state MASTER 當前priority的值小於備機的值,那麼將會失去master狀態
interface eth0 HA檢測網絡接口
virtual_router_id 89 主,備機的virtual_router_id必須相同,取值0-255
priority 100 主機的優先級,備份機爲50,主機優先機一定要大於備機
advert_int 1 主備之間的通告間隔秒數
authentication { 主備切換時的驗證
auth_type PASS 設置驗證類型 主要有PASS和AH兩種
auth_pass 1111 設置驗證密碼 在一個vrrp_instance下,master與backup
} 必須使用相同的密碼才能通信
virtual_ipaddress { 設置虛擬IP地址 可以設置多個虛擬IP地址 每行一個
172.25.27.100
}
}
virtual_server 172.25.27.100 80 { 定義虛擬服務器
delay_loop 6 每隔6秒查詢realserver狀態
lb_algo rr LVS調度算法 這裏使用輪叫
lb_kind DR LVS是用DR模式
persistence_timeout 50
protocol TCP
real_server 172.25.27.3 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.27.4 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}