Vip 10.1.122 Keepalived-master 10.1.1.132Keepalied-backup 10.1.1.133Realserver_1 10.1.1.136Realserver_2 10.1.1.137
四台机器上安装nginx,编译安装的话需要另外安装pcre包支持,安装在/usr/local/nginx
Keepalived-master 和backup 安装keepalived 和ipvsadm(lvs安装包)
! Configuration File for keepalivedglobal_defs {# notification_email {# len@firewall.loc# len@firewall.loc# len@firewall.loc# }# notification_email_from Alexandre.Cassen@firewall.loc# smtp_server 192.168.200.1#smtp_connect_timeout 30router_id LVS_DEVEL_1}vrrp_sync_group LVS {group {VI_1}}vrrp_instance VI_1 {state MASTERinterface eth1lvs_sync_daemon_interface eth1virtual_router_id 51priority 101advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.1.222}}virtual_server 10.1.1.222 {delay_loop 6lb_algo rrlb_kind DRpersistence_timeout 50protocol TCPreal_server 10.1.1.136 80 {weight 1TCP_CHECK {connect_timeout 4nb_get retry 4delay_before_retry 4connect_port 80}}real_server 10.1.1.137 80 {weight 1TCP_CHECK {connect_timeout 4nb_get_retry 4delay_before_retry 4connect_prot 80}}}##location ~ /\.ht {# deny all;#}}# another virtual host using mix of IP-, name-, and port-based configuration##server {# listen 8000;# listen somename:8080;# server_name somename alias another.alias;# location / {# root html;# index index.html index.htm;# }#}# HTTPS server##server {# listen 443 ssl;# server_name localhost;# ssl_certificate cert.pem;# ssl_certificate_key cert.key;# ssl_session_cache shared:SSL:1m;# ssl_session_timeout 5m;# ssl_ciphers HIGH:!aNULL:!MD5;# ssl_prefer_server_ciphers on;# location / {# root html;# index index.html index.htm;# }#}}Keepalived-backup: 配置文件! Configuration File for keepalivedglobal_defs {# notification_email {# len@firewall.loc# len@firewall.loc# len@firewall.loc# }# notification_email_from Alexandre.Cassen@firewall.loc# smtp_server 192.168.200.1# smtp_connect_timeout 30router_id LVS_DEVEL_2}vrrp_instance VI_1 {state BACKUPinterface eth2virtual_router_id 51priority 99advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {10.1.1.222}}virtual_server 10.1.1.222 80 {delay_loop 6lb_algo rr##lb_kind NATlb_kind DRpersistence_timeout 50protocol TCPreal_server 10.1.1.136 80 {weight 1TCP_CHECK {connect_timeout 3nb_get_retry 3delay_before_retry 3connect_prot 80}}real_server 10.1.1.137 80 {weight 1TCP_CHECK {connect_timeout 3nb_get_retry 3delay_before_retry 3connect_prot 80}}}
安装完成后master和backup /etc/init.d/keepalived start
Ip addr 查看vip地址:
此时master上的ip 10.1.1.222已经生成,backup上此时需等master keepalived停掉后会自动生成vip 10.1.1.222
在停止master keepalived后vip,backup生成10.1.1.222:
通过 ipvsadm来查看HA服务和realserver:
Bakcup上
在realserver的nginx配置文件上配置需要访问的内容,运行如下脚本开启转发功能:
查看realserver的ip,生成lo:0的虚拟网口来转发数据
#!/bin/bashVIP=10.1.1.222source /etc/rc.d/init.d/functionscase "$1" instart)echo "start LVS of real server"ifconfig lo:0 $SYN_VIP netmask 255.255.255.255 broadcast $VIPecho "1" >/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/lo/arp_announceecho "1" >/proc/sys/net/ipv4/conf/all/arp_ignoreecho "2" >/proc/sys/net/ipv4/conf/all/arp_announcesysctl -p >/dev/null 2>&1echo "RealServer Start OK";;stop)echo "stop LVS of real server"ifconfig lo:0 downecho "0" >/proc/sys/net/ipv4/conf/lo/arp_ignoreecho "0" >/proc/sys/net/ipv4/conf/lo/arp_announceecho "0" >/proc/sys/net/ipv4/conf/all/arp_ignoreecho "0" >/proc/sys/net/ipv4/conf/all/arp_announceecho "RealServer Stoped";;*)echo "USAGE: $0 {start|stop}"exit 1esac
以上配置完成后,进行测试:
在关闭一台nginx 服务后:
关闭一台keepalived服务后,丢一个包就会自动连接