环境：利用keeplived实现web服务器的双机热备(高可用)

注意：
(1) 利用keeplived+web做双击热备（高可用），最少需要两台服务器，可以实现多域名对应一个VIP,并且访问不同域名，显示不同主页，可行，已测
(2) vip（虚拟ip）不能和物理ip冲突
(3) vip（虚拟ip）最好设置成和内网ip同一网段，最后做地址映射到公网ip
(4) 两台web服务的网站内容必须相同

1、安装keepalived（与负载均衡服务器在一台服务器上）

• keepalived使用 VRRP（虚拟路由冗余协议），实现单点故障切换，俗称心跳线监听

yum -y install keepalived
[root@oldboy ~]# cd /etc/keepalived/
[root@oldboy keepalived]#  cp keepalived.conf keepalived.conf.ori
[root@oldboy keepalived]# sed  -n '1,31p' keepalived.conf.ori >keepalived.conf 

2、配置web服务器

(1) 配置real-server-10.0.0.7（nginx-web）
[root@Oldboy extra]# cat www.conf 
server {listen        80;server_name  www.etiantian.org;location / {root   html/www;index  index.html index.htm;}
}[root@Oldboy extra]# cat bbs.conf 
server {listen        80;server_name  bbs.etiantian.org; location / {root   html/bbs;index  index.php  index.html index.htm;}
}[root@Oldboy extra]# cat blog.conf 
server {listen        80;server_name  blog.etiantian.org;location / {root     html/blog;index    index.html index.php;
}location ~ .*\.(php|php5)?$ {root html/blog;fastcgi_pass  127.0.0.1:9000;fastcgi_index index.php;include fastcgi.conf;}
}==========================================
(2) 配置real-server-10.0.0.8 (apache-web)
[root@Oldboy extra]# egrep -v "#|^$" httpd-vhosts.conf NameVirtualHost *:80
<VirtualHost *:80>ServerAdmin oldboy@oldboyedu.comDocumentRoot "/application/apache2.2.31/htdocs/www"ServerName   www.etiantian.orgServerAlias etiantian.orgErrorLog "/app/logs/www-error_log"CustomLog "/app/logs/www-access_log" common
</VirtualHost><VirtualHost *:80>ServerAdmin oldboy@oldboyedu.comDocumentRoot "/application/apache2.2.31/htdocs/bbs"ServerName   bbs.etiantian.orgErrorLog "/app/logs/bbs-error_log"CustomLog "/app/logs/bbs-access_log" common
</VirtualHost><VirtualHost *:80>ServerAdmin oldboy@oldboyedu.comDocumentRoot "/application/apache2.2.31/htdocs/blog"ServerName   blog.etiantian.orgErrorLog "/app/logs/blog-error_log"CustomLog "/app/logs/blog-access_log" common
</VirtualHost>

3、配置keepalived（keepalived和负载均衡服务器在一台服务器上）

(1) 配置keepalived-MASTER（10.0.0.5）
[root@Oldboy keepalived]# cat keepalived.conf
! Configuration File for keepalivedglobal_defs {router_id LVS_DEVEL_01         \\keepalived服务器标识符，最好和备keepalived不一样
}vrrp_instance VI_1 {                    \\VRRP实例，多实例不能相同，但是主备必须相同state MASTER                          \\指定keepalived的角色，MASTER为主服务器，BACKUP为备用服务器interface eth0                          \\监听的接口virtual_router_id 51                  \\虚拟路由标识，这个标识是一个数字(1-255)，在一个VRRP实例中主备服务器ID必须一样priority 150                               \\优先级，数字越大优先级越高，在一个实例中主服务器优先级要高于备服务器advert_int 1                                \\设置主备之间同步检查的时间间隔，单位秒 authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.16.1.254/24 dev eth0 label eth0:3    \\定义虚拟ip地址}
}=============================================
(2) 配置keepalived-BACKUP（10.0.0.6）
[root@Oldboy keepalived]# cat keepalived.conf
! Configuration File for keepalivedglobal_defs {}router_id LVS_DEVEL_02                                                                     \\keepalived服务器标识符，最好和主keepalived不一样
}vrrp_instance VI_1 {                                                                                \\VRRP实例，和主一样state BACKUP                                                                                     \\指定keepalived的角色，这里是备用服务器interface eth0virtual_router_id 51                                                                            priority 100                                                                                          \\优先级低于主服务器，最好相差50advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.16.1.254/24 dev eth0 label eth0:3}
}

4、启动keepalived

/etc/init.d/keepalived start
chkconfig keepalived on
echo "/application/nginx/sbin/nginx" >> /etc/rc.d/rc.local查看vip漂移：
[root@Oldboy keepalived]# ifconfig eth0:3
eth0:3    Link encap:Ethernet  HWaddr 00:0C:29:6D:23:83  inet addr:172.16.1.254  Bcast:0.0.0.0  Mask:255.255.255.0UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

5、将vip映射到公网ip（由于我这里没有硬件防火墙，只能使用同一局域网的其它服务器代替，这台服务器需要能联网）

(1) 开启路由转发
[root@Oldboy ~]# sed -i 's#net.ipv4.ip_forward = 0#net.ipv4.ip_forward = 1#g' /etc/sysctl.conf
[root@Oldboy ~]# sysctl -p
net.ipv4.ip_forward = 1(2) 配置地址映射
iptables -F -t nat
iptables -t nat -I PREROUTING -p tcp  -d 10.0.0.51 --dport 80 -j DNAT --to-destination 172.16.1.254:80
iptables -t nat -A POSTROUTING  -j MASQUERADE
/etc/init.d/iptables save
/etc/init.d/iptables restart

6、测试并验证

客户端绑定hosts: 10.0.0.51  www.etiantian.org  bbs.etiantian.org  blog.etiantian.org   （一个vip对应多个域名）1、keepalived只负责vip漂移，能够让用户顺利将请求通过vip交给web服务器，当停止主服务器，备用服务器会接管vip继续提供web服务器2、当访问www.etiantian.org  bbs.etiantian.org 或 blog.etiantian.org，则解析到 10.0.0.51（公网VIP）并NAT映射到172.16.1.254（vip与web服务器在一起），为用户提供服务