Vip 10.1.122
Keepalived-master 10.1.1.132
Keepalied-backup 10.1.1.133
Realserver_1 10.1.1.136
Realserver_2 10.1.1.137
四台机器上安装nginx,编译安装的话需要另外安装pcre包支持,安装在/usr/local/nginx
Keepalived-master 和backup 安装keepalived 和ipvsadm(lvs安装包)
! Configuration File for keepalived
global_defs {
# notification_email {
# len@firewall.loc
# len@firewall.loc
# len@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL_1
}
vrrp_sync_group LVS {
group {
VI_1
}
}
vrrp_instance VI_1 {
state MASTER
interface eth1
lvs_sync_daemon_interface eth1
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.1.1.222
}
}
virtual_server 10.1.1.222 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 10.1.1.136 80 {
weight 1
TCP_CHECK {
connect_timeout 4
nb_get retry 4
delay_before_retry 4
connect_port 80
}
}
real_server 10.1.1.137 80 {
weight 1
TCP_CHECK {
connect_timeout 4
nb_get_retry 4
delay_before_retry 4
connect_prot 80
}
}
}
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
Keepalived-backup: 配置文件
! Configuration File for keepalived
global_defs {
# notification_email {
# len@firewall.loc
# len@firewall.loc
# len@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout 30
router_id LVS_DEVEL_2
}
vrrp_instance VI_1 {
state BACKUP
interface eth2
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.1.1.222
}
}
virtual_server 10.1.1.222 80 {
delay_loop 6
lb_algo rr
##lb_kind NAT
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 10.1.1.136 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_prot 80
}
}
real_server 10.1.1.137 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_prot 80
}
}
}
安装完成后master和backup /etc/init.d/keepalived start
Ip addr 查看vip地址:
此时master上的ip 10.1.1.222已经生成,backup上此时需等master keepalived停掉后会自动生成vip 10.1.1.222
在停止master keepalived后vip,backup生成10.1.1.222:
通过 ipvsadm来查看HA服务和realserver:
Bakcup上
在realserver的nginx配置文件上配置需要访问的内容,运行如下脚本开启转发功能:
#!/bin/bash
VIP=10.1.1.222
source /etc/rc.d/init.d/functions
case "$1" in
start)
echo "start LVS of real server"
ifconfig lo:0 $SYN_VIP netmask 255.255.255.255 broadcast $VIP
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
echo "stop LVS of real server"
ifconfig lo:0 down
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "USAGE: $0 {start|stop}"
exit 1
esac
查看realserver的ip,生成lo:0的虚拟网口来转发数据
以上配置完成后,进行测试:
在关闭一台nginx 服务后:
关闭一台keepalived服务后,丢一个包就会自动连接