keepalive (2)
DR模型的vrrp
主机有4台,lvs: .200 .131
RIP: .130 .120
注意:所有服务器都要时间同步。
.120:
配置http的网页文件
echo [[email protected] ~]# echo "<h1>node120 (node120.zye.com)<h1>" > /var/www/html/index.html
[[email protected] ~]# cat /var/www/html/index.html
<h1>node120 (node120.zye.com)</h1>
.130:
配置http的网页文件
[[email protected] ~]# echo "<h1>node130 (node130.zye.com)</h1>" > /var/www/html/index.html
[[email protected] ~]# cat /var/www/html/index.html
<h1>node130 (node130.zye.com)</h1>
----------------------------------------------------------------------------------
创建脚本并查看
[[email protected] ~]# vim rs.sh
#!/bin/bash
#
vip="192.168.0.10"
start () {
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip dev lo:0
}
stop () {
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig lo:0 down
}
case $1 in
start)
start
;;
stop)
stop
;;
*)
echo "Usage:`basename $0` {start|stop}"
exit 1
esac
[[email protected] ~]# bash -n rs.sh
[[email protected] ~]# bash rs.sh
Usage:rs.sh {start|stop}
[[email protected] ~]# bash rs.sh
Usage:rs.sh {start|stop}
[[email protected] ~]# bash rs.sh start
You have new mail in /var/spool/mail/root
[[email protected] ~]# ifconfig lo:0
lo:0 Link encap:Local Loopback
inet addr:192.168.0.10 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:65536 Metric:1
[[email protected] ~]# cat /proc/sys/net/ipv4/conf/all/arp_ignore
1
[[email protected] ~]# cat /proc/sys/net/ipv4/conf/all/arp_announce
2
You have new mail in /var/spool/mail/root
复制脚本到.130
[[email protected] ~]# scp rs.sh 192.168.0.130:/root
The authenticity of host '192.168.0.130 (192.168.0.130)' can't be established.
RSA key fingerprint is 0e:95:8d:de:b9:2f:c4:75:8d:70:af:e2:84:65:7f:86.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.130' (RSA) to the list of known hosts.
[email protected]'s password:
Permission denied, please try again.
[email protected]'s password:
rs.sh 100% 735 0.7KB/s 00:00
运行复制文本rs.sh
[[email protected] ~]# bash -n rs.sh
[[email protected] ~]# bash rs.sh start
[[email protected] ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:55:35:62
inet addr:192.168.0.130 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe55:3562/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:3350 errors:0 dropped:0 overruns:0 frame:0
TX packets:618 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:344423 (336.3 KiB) TX bytes:53113 (51.8 KiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:4 errors:0 dropped:0 overruns:0 frame:0
TX packets:4 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:240 (240.0 b) TX bytes:240 (240.0 b)
lo:0 Link encap:Local Loopback
inet addr:192.168.0.10 Mask:255.255.255.255
UP LOOPBACK RUNNING MTU:65536 Metric:1
[[email protected] ~]# cat /proc/sys/net/ipv4/conf/all/{arp_ignore,arp_announce}
1
2
[[email protected] ~]# cat /proc/sys/net/ipv4/conf/lo/{arp_ignore,arp_announce}
1
2
---------------------------------------------------------------------------------------
0.200(direct)
测试安装
[[email protected] ~]# yum install ipvsadm -y
设置接口地址
[[email protected] ~]# ifconfig eth0:0 192.168.0.52 broadcast 192.168.0.52 netmask 255.255.255.255 up
[[email protected] ~]# route add -host 192.168.0.52 dev eth0:0
[[email protected] ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.168.0.52 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.168.254.52 0.0.0.0 255.255.255.255 UH 0 0 0 eth0
172.168.254.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
0.0.0.0 172.168.254.254 0.0.0.0 UG 0 0 0 eth0
----------------------------------------------------------------------------------------
创建ipvsadm
[[email protected] ~]# ipvsadm -A -t 192.168.0.52:80 -s rr
[[email protected] ~]# ipvsadm -a -t 192.168.0.52:80 -r 192.168.0.120 -w 1
[[email protected] ~]# ipvsadm -a -t 192.168.0.52:80 -r 192.168.0.130 -w 1 -g
[[email protected] ~]# ipvsadm -L -n
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.52:80 rr
-> 192.168.0.120:80 Route 1 0 0
-> 192.168.0.130:80 Route 1 0 0
测试(arping -I eth0 -c 10 -s 192.168.0.52 192.168.0.1)
清空规则,关闭开机启动项,关闭接口
[[email protected] ~]# ipvsadm -C
[[email protected] ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[[email protected] ~]# chkconfig ipvsadm off
[[email protected] ~]# chkconfig --list ipvsadm
ipvsadm 0:关闭1:关闭2:关闭3:关闭4:关闭5:关闭6:关闭
[[email protected] ~]# ifconfig eth0:0 down && ifconfig && route -n
eth0 Link encap:Ethernet HWaddr 00:0C:29:9F:1F:E5
inet addr:172.168.254.150 Bcast:172.168.254.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe9f:1fe5/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:437150 errors:0 dropped:0 overruns:0 frame:0
TX packets:117182 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:547591624 (522.2 MiB) TX bytes:20896753 (19.9 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:244 errors:0 dropped:0 overruns:0 frame:0
TX packets:244 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:35608 (34.7 KiB) TX bytes:35608 (34.7 KiB)
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
0.0.0.0 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
------------------------------------------------------------------------
0.130
[[email protected] ~]# yum install -y ipvsadm
添加接口
[[email protected] ~]# ifconfig eth0:0 192.168.0.52 broadcast 192.168.0.52 netmask 255.255.255.255 up
[[email protected] ~]# route add -host 192.168.0.52 dev eth0:0
[[email protected] ~]# ipvsadm -A -t 192.168.0.52:80 -s rr
[[email protected] ~]# ipvsadm -a -t 192.168.0.52:80 -r 192.168.0.130:80 -w 1
[[email protected] ~]# ipvsadm -a -t 192.168.0.52:80 -r 192.168.0.120:80 -w 1
[[email protected] ~]# arping -I eth0 -c 10 -s 192.168.0.52 192.168.0.1
[[email protected] ~]# ipvsadm -ln --stats
[[email protected] ~]# ipvsadm -ln --stats
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Conns InPkts OutPkts InBytes OutBytes
-> RemoteAddress:Port
TCP 192.168.0.52:80 17 17 0 884 0
-> 192.168.0.120:80 9 9 0 468 0
-> 192.168.0.130:80 8 8 0 416 0
关闭所有接口
[[email protected] ~]# chkconfig --list ipvsadm
ipvsadm 0:关闭1:关闭2:启用3:启用4:启用5:启用6:关闭
[[email protected] ~]# chkconfig ipvsadm off
[[email protected] ~]# chkconfig --list ipvsadm
ipvsadm 0:关闭1:关闭2:关闭3:关闭4:关闭5:关闭6:关闭
[[email protected] ~]# ipvsadm -C
[[email protected] ~]# ifconfig eth0:0 down
[[email protected] ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:55:35:62
inet addr:192.168.0.131 Bcast:192.168.0.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe55:3562/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:37942 errors:0 dropped:0 overruns:0 frame:0
TX packets:38519 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:2816451 (2.6 MiB) TX bytes:2629871 (2.5 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:193 errors:0 dropped:0 overruns:0 frame:0
TX packets:193 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:73360 (71.6 KiB) TX bytes:73360 (71.6 KiB)
-----------------------------------------------------------------------------------
0.200
关闭keepalive
[[email protected] ~]# service keepalived stop
停止 keepalived: [确定]
[[email protected] ~]# cd /etc/keepalived/
[[email protected] keepalived]# mv keepalived.conf keepalived.conf.dualmaster
[[email protected] keepalived]# cp keepalived.conf.bak keepalived.conf
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.52/32 brd 192.168.100.52 dev eth0 label eth0:0
}
track_script {
chk_mt_down
}
}
virtual_server 192.168.0.52 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.0.120 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.0.130 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
}
复制一份到另外节点
[[email protected] keepalived]# scp keepalived.conf 192.168.0.131:/etc/keepalived/
The authenticity of host '192.168.0.131 (192.168.0.131)' can't be established.
RSA key fingerprint is 0e:95:8d:de:b9:2f:c4:75:8d:70:af:e2:84:65:7f:86.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.0.131' (RSA) to the list of known hosts.
[email protected]'s password:
keepalived.conf
-----------------------------------------------------------------------------------
.131
关闭keepalive
[[email protected] ~]# service keepalived stop
停止 keepalived: [确定]
[[email protected] ~]# cd /etc/keepalived/
[[email protected] keepalived]# mv keepalived.conf keepalived.conf.dualmaster
[[email protected] keepalived]# cp keepalived.conf.bak keepalived.conf
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.52/32 brd 192.168.100.52 dev eth0 label eth0:0
}
track_script {
chk_mt_down
}
}
virtual_server 192.168.0.52 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.0.120 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.0.130 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
}
------------------------------------------------------------------------
启动各自服务
[[email protected] keepalived]# service keepalived restart
停止 keepalived: [失败]
正在启动 keepalived: [确定]
[[email protected] keepalived]# service keepalived restart
停止 keepalived: [确定]
正在启动 keepalived: [确定]
查看
[[email protected]node200 keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.200/24 brd 192.168.0.255 scope global eth0
inet 192.168.100.52/32 brd 192.168.100.52 scope global eth0:0
inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link
valid_lft forever preferred_lft forever
3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether fe:12:9c:9d:00:66 brd ff:ff:ff:ff:ff:ff
建立主节点建立down文件
[[email protected]node200 keepalived]# touch down
[[email protected]node131 keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0
inet 192.168.0.52/32 brd 192.168.0.52 scope global eth0:0
inet6 fe80::20c:29ff:fe10:b905/64 scope link
valid_lft forever preferred_lft forever
3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff
-------------------------------------------------------------------
后端服务器健康状态检查
关闭.120
[[email protected] ~]# service httpd stop
停止 httpd: [确定]
[[email protected] ~]# service httpd start
正在启动 httpd:httpd: apr_sockaddr_info_get() failed for node120.zye.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[确定]
后台服务器健康状态检测 另一种尝试tcpcheck
.200
[[email protected] keepalived]# cp keepalived.conf keepalived.conf.httpget
[[email protected] keepalived]# ls
keepalived.conf keepalived.conf.bak keepalived.conf.dualmaster keepalived.conf.httpget
[[email protected] keepalived]# !vim
vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.52/32 brd 192.168.0.52 dev eth0 label eth0:0
}
track_script {
chk_mt_down
}
}
virtual_server 192.168.0.52 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.0.120 80 {
weight 1
TCP_CHECK {
connect_ip 192.168.0.120
connect_port 80
connect_timeout 2
}
}
real_server 192.168.0.130 80 {
weight 1
TCP_CHECK {
connect_ip 192.168.0.130
connect_port 80
connect_timeout 2
}
}
}
-------------------------------------------------------------------------------
验证
[[email protected] keepalived]# !ser
service keepalived restart
重新载入 keepalived: [确定]
[[email protected] keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.200/24 brd 192.168.0.255 scope global eth0
inet 192.168.0.52/32 brd 192.168.0.52 scope global eth0:0
inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link
valid_lft forever preferred_lft forever
3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether fe:12:9c:9d:00:66 brd ff:ff:ff:ff:ff:ff
[[email protected]130 ~]# service httpd stop
停止 httpd: [确定]
[[email protected]200 keepalived]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.52:80 rr
-> 192.168.0.120:80 Route 1 0 0
[[email protected]130 ~]# service httpd start
正在启动 httpd:httpd: apr_sockaddr_info_get() failed for node130.zye.com
httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName
[确定]
[[email protected]200 keepalived]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.0.52:80 rr
-> 192.168.0.120:80 Route 1 0 0
-> 192.168.0.130:80 Route 1 0 0
------------------------------------------------------------------------------------------
在实例中使用脚本,实现自动
通知脚本
vim notify.sh
#!/bin/bash
# Author: MageEdu <[email protected]>
# description: An example of notify script
#
vip=192.168.0.52
contact='[email protected]'
gateway=192.168.0.1
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
/sbin/arping -I eth0 -c 5 -s $VIP $GATEWAY &>/dev/null
}
case "$1" in
master)
notify master
exit 0
;;
backup)
notify backup
exit 0
;;
fault)
notify fault
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esac
[[email protected] keepalived]# scp notify.sh 192.168.0.131:/etc/keepalived/
[email protected]'s password:
notify.sh 100% 639 0.6KB/s 00:00
添加执行权限
[[email protected]200 keepalived]# chmod +x notify.sh
You have mail in /var/spool/mail/root
[[email protected]131 keepalived]# chmod +x notify.sh
You have mail in /var/spool/mail/root
----------------------------------------------------------------------------------------
修改文件
[[email protected] keepalived]# !vim
vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.52/32 brd 192.168.0.52 dev eth0 label eth0:0
}
track_script {
chk_mt_down
}
notify_master "/etc/keepalived/notify.sh master" ##当转换之后实现的脚本
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 192.168.0.52 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.0.120 80 {
weight 1
TCP_CHECK {
connect_ip 192.168.0.120
connect_port 80
connect_timeout 2
}
}
real_server 192.168.0.130 80 {
weight 1
TCP_CHECK {
connect_ip 192.168.0.130
connect_port 80
connect_timeout 2
}
}
}
复制一份到0.131
[[email protected] keepalived]# !vim
vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.52/32 brd 192.168.0.52 dev eth0 label eth0:0
}
track_script {
chk_mt_down
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 192.168.0.52 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.0.120 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
real_server 192.168.0.130 80 {
weight 1
HTTP_GET {
url {
path /index.html
status_code 200
}
connect_timeout 2
nb_get_retry 3
delay_before_retry 1
}
}
}
-----------------------------------------------------------------------------------
两台主机重启
[[email protected] keepalived]# !vim
vim keepalived.conf
[[email protected] keepalived]# !vim
vim keepalived.conf
[[email protected] keepalived]# !rm
rm -rf down
You have mail in /var/spool/mail/root
[[email protected] ~]$ mail
Heirloom Mail version 12.4 7/29/08. Type ? for help.
"/var/spool/mail/kaadmin": 1 message 1 new
>N 1 root Tue Mar 15 16:07 18/698 "node200.zye.com to be master: 192.168.0.52 floating"
-----------------------------------------------------------------------------------------
haproxy高可用
准备
[[email protected] keepalived]# cp keepalived.conf keepalived.conf.ipvs
[[email protected] keepalived]# cp keepalived.conf keepalived.conf.ipvs
[[email protected] keepalived]# service keepalived stop
停止 keepalived: [确定]
[[email protected] keepalived]# service keepalived stop
停止 keepalived: [确定]
安装haproxy
[[email protected] keepalived]# yum -y install haproxy
[[email protected] keepalived]# yum -y install haproxy
配置haproxy
[[email protected] keepalived]# cd /etc/haproxy/
[[email protected] haproxy]# vim haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode http
log global
option httplog
option dontlognull
option http-server-close
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:80
# acl url_static path_beg -i /static /p_w_picpaths /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
# use_backend static if url_static
default_backend websrvs
#---------------------------------------------------------------------
# static backend for serving up p_w_picpaths, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend websrvs
balance roundrobin
server web1 192.168.0.120:80 check maxconn 5000
server web2 192.168.0.130:80 check maxconn 3000
listen stats *:9103
stats enable
复制到从节点
[[email protected] haproxy]# scp haproxy.cfg 192.168.0.131:/etc/haproxy
[email protected]'s password:
haproxy.cfg 100% 3145 3.1KB/s 00:00
启动服务
[[email protected] haproxy]# service haproxy start
正在启动 haproxy: [确定]
[[email protected] haproxy]# service haproxy stop
停止 haproxy: [确定]
尝试从节点
[[email protected]131 keepalived]# service haproxy start
正在启动 haproxy: [确定]
实现高可用
[[email protected] haproxy]# cd /etc/keepalived/
[[email protected] keepalived]# vim notify.sh
#!/bin/bash
# Author: MageEdu <[email protected]>
# description: An example of notify script
#
vip=192.168.0.52
contact='[email protected]'
gateway=192.168.0.1
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
/sbin/arping -I eth0 -c 5 -s $vip $gateway &>/dev/null
}
case "$1" in
master)
notify master
/etc/rc.d/init.d/haproxy start
exit 0
;;
backup)
notify backup
/etc/rc.d/init.d/haproxy stop
exit 0
exit 0
;;
fault)
notify fault
/etc/rc.d/init.d/haproxy stop
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esac
复制文件
[[email protected] keepalived]# scp notify.sh 192.168.0.131:/etc/keepalived/
[email protected]'s password:
notify.sh 100% 828 0.8KB/s 00:00
------------------------------------------------------------------------------------
修改配置文件
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_haproxy { ##追踪haproxy成功与否
script "killall -0 haproxy &> /dev/null"
interval 1
weight -5
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.52/32 brd 192.168.0.52 dev eth0 label eth0:0
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_script chk_haproxy {
script "killall -0 harpoxy &> /dev/null"
interval 1
weight -5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.52/32 brd 192.168.0.52 dev eth0 label eth0:0
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
[[email protected] keepalived]# service keepalived start
正在启动 keepalived: [确定]
[[email protected] keepalived]# service keepalived start
正在启动 keepalived: [确定]
[[email protected] keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.200/24 brd 192.168.0.255 scope global eth0
inet 192.168.0.52/32 brd 192.168.0.52 scope global eth0:0
inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link
valid_lft forever preferred_lft forever
3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether fe:12:9c:9d:00:66 brd ff:ff:ff:ff:ff:ff
[[email protected] keepalived]# ss -tnlp
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:9103 *:* users:(("haproxy",118356,7))
LISTEN 0 128 *:9103 *:* users:(("haproxy",118278,7))
LISTEN 0 128 *:80 *:* users:(("haproxy",118356,5))
LISTEN 0 128 *:80 *:* users:(("haproxy",118278,5))
LISTEN 0 128 :::22 :::* users:(("sshd",3546,4))
LISTEN 0 128 *:22 *:* users:(("sshd",3546,3))
LISTEN 0 128 127.0.0.1:631 *:* users:(("cupsd",1492,7))
LISTEN 0 128 ::1:631 :::* users:(("cupsd",1492,6))
LISTEN 0 100 ::1:25 :::* users:(("master",1769,13))
LISTEN 0 100 127.0.0.1:25 *:* users:(("master",1769,12))
LISTEN 0 128 127.0.0.1:6011 *:* users:(("sshd",101318,8))
LISTEN 0 128 ::1:6011 :::* users:(("sshd",101318,7))
修改脚本
[[email protected] keepalived]# vim notify.sh
#!/bin/bash
# Author: MageEdu <[email protected]>
# description: An example of notify script
#
vip=192.168.0.52
contact='[email protected]'
gateway=192.168.0.1
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
/sbin/arping -I eth0 -c 5 -s $vip $gateway &>/dev/null
}
case "$1" in
master)
notify master
/etc/rc.d/init.d/haproxy start
exit 0
;;
backup)
notify backup
/etc/rc.d/init.d/haproxy restart ##开启之后,只要ip漂移就可以
exit 0
;;
fault)
notify fault
/etc/rc.d/init.d/haproxy stop
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esac
从节点
[[email protected] keepalived]# vim notify.sh
#!/bin/bash
# Author: MageEdu <[email protected]>
# description: An example of notify script
#
vip=192.168.0.52
contact='[email protected]'
gateway=192.168.0.1
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
/sbin/arping -I eth0 -c 5 -s $vip $gateway &>/dev/null
}
case "$1" in
master)
notify master
/etc/rc.d/init.d/haproxy start
exit 0
;;
backup)
notify backup
/etc/rc.d/init.d/haproxy restart ##开启之后,只要ip漂移就可以
exit 0
;;
fault)
notify fault
/etc/rc.d/init.d/haproxy stop
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esac
验证
[[email protected] keepalived]# service keepalived stop
停止 keepalived: [确定]
[[email protected] keepalived]# service keepalived start
正在启动 keepalived: [确定]
添加down到从节点
[[email protected]200 keepalived]# touch down
[[email protected]131 keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0
inet 192.168.0.52/32 brd 192.168.0.52 scope global eth0:0
inet6 fe80::20c:29ff:fe10:b905/64 scope link
valid_lft forever preferred_lft forever
3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff
-------------------------------------------------------------------------
haproxy双主
[[email protected] keepalived]# service haproxy stop
停止 haproxy: [确定]
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy &> /dev/null"
interval 1
weight -5
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.52/32 brd 192.168.0.52 dev eth0 label eth0:0
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.53/32 brd 192.168.0.53 dev eth0 label eth0:1
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy &> /dev/null"
interval 1
weight -5
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.52/32 brd 192.168.0.52 dev eth0 label eth0:0
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.0.53/32 brd 192.168.0.53 dev eth0 label eth0:1
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
启动
[[email protected] keepalived]# service haproxy restart
停止 haproxy: [确定]
正在启动 haproxy: [确定]
[[email protected] keepalived]# service keepalived restart
停止 keepalived: [确定]
正在启动 keepalived: [确定]
[[email protected] keepalived]# service haproxy restart
停止 haproxy: [确定]
正在启动 haproxy: [确定]
[[email protected] keepalived]# service keepalived restart
停止 keepalived: [确定]
正在启动 keepalived: [确定]
---------------------------------------------------------------------------------
两台安装haproxy(测试好后,stop,chkconfig haproxy off)
yum install haproxy -y
vim /etc/haproxy/haproxy.cfg
[[email protected] keepalived]# vim /etc/haproxy/haproxy.cfg
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:80
# acl url_static path_beg -i /static /p_w_picpaths /javascript /stylesheets
# acl url_static path_end -i .jpg .gif .png .css .js
# use_backend static if url_static
default_backend websrvs
#---------------------------------------------------------------------
# static backend for serving up p_w_picpaths, stylesheets and such
#---------------------------------------------------------------------
#backend static
# balance roundrobin
# server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend websrvs
balance roundrobin
server web1 192.168.0.130:80 check maxconn 5000
server web2 192.168.0.120:80 check maxconn 5000
listen stats *:9103
stats enable
主节点keepalive
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_script chk_proxy {
script "killall -0 haproxy &> /dev/null"
interval 1
weight -5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass lsad
}
virtual_ipaddress {
192.168.0.50/32 brd 192.168.0.50 dev eth0 label eth0:0
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 56
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass lsad
}
virtual_ipaddress {
192.168.0.51/32 brd 192.168.0.51 dev eth0 label eth0:1
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
备节点
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_mt_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_script chk_haproxy {
script "killall -0 haproxy &> /dev/null"
interval 1
weight -5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 55
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass lsad
}
virtual_ipaddress {
192.168.0.50/32 brd 192.168.0.50 dev eth0 label eth0:0
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 56
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass lsad
}
virtual_ipaddress {
192.168.0.51/32 brd 192.168.0.50 dev eth0 label eth0:1
}
track_script {
chk_mt_down
chk_haproxy
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
两台
vim notify.sh
#!/bin/bash
# Author: MageEdu <[email protected]>
# description: An example of notify script
#
vip=192.168.0.50
contact='[email protected]'
gateway=192.168.0.1
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
master)
notify master
/etc/rc.d/init.d/haproxy start
exit 0
;;
backup)
notify backup
/etc/rc.d/init.d/haproxy restart
exit 0
;;
fault)
notify fault
/etc/rc.d/init.d/haproxy stop
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esac
转载于:https://blog.51cto.com/youenstudy/1741449