拓撲結構:
| Client | LVS1 | LVS2 | RS1 | RS2 |
|---|---|---|---|---|
| 192.168.2.1 | DIP 192.168.2.128 VIP 192.168.2.198 | DIP 192.168.2.129 VIP 192.168.2.199 | 192.168.2.130 | 192.168.2.131 |
實現雙主模型我們需要配置兩個虛擬路由器組,也就是每臺主機需要配置兩段 vrrp_instance,每個虛擬接口配置虛擬IP,LVS1與LVS2的同一組virtual_router_id內互爲主備,這裏如果不明白可以查看VRRP的實現原理或者稍後看配置信息,RS1與RS2在雙主模式下需要配置兩組路由,當收到來自VIP1的請求交給lo:0的網卡處理,收到來自VIP2的請求交給lo:1的網卡處理
上配置:
########################### LVS1配置 #########################
yum install nginx -y
echo "對不起,服務器正在維護..' > /usr/share/nginx/html/index.html
systemctl start nginx
! Configuration File for keepalived
global_defs { ##對於郵件報警,先簡單配置爲本地的郵箱,而且這裏的郵件報警也比較雞肋,後面我們藉助keepalive調用腳本的能力再開發報警或者藉助zabbix這種專業級程序
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1 ##設置爲主機名,唯一
vrrp_mcast_group4 224.0.0.112 ##組播地址
}
### 配置虛擬IP配置區域
vrrp_instance VI_1 {
state MASTER #狀態分爲MASTER | BACKUP
interface eno16777736 ##浮動ip綁定在哪一個物理接口
virtual_router_id 31 ##虛擬路由器id,和另一臺設置爲一致
priority 100 ##優先級
advert_int 1 ##心跳檢測頻率,默認1s
# nopreempt ##非搶佔模式
authentication {
auth_type PASS
auth_pass f1GDsVH6 ##VRRP組播,和同一組虛擬vip保持一致
}
virtual_ipaddress {
192.168.2.198/24 dev eno16777736 label eno16777736:1 ##設置vip地址
}
notify_master "/etc/keepalived/scripts/notify.sh master" ##狀態變更爲master時執行腳本
notify_backup "/etc/keepalived/scripts/notify.sh backup" ##狀態變更爲backup時執行腳本
notify_fault "/etc/keepalived/scripts/notify.sh fault" ##狀態發生故障時執行腳本
}
vrrp_instance VI_2 {
state BACKUP
interface eno16777736
virtual_router_id 32
priority 98
advert_int 1
# nopreempt
authentication {
auth_type PASS
auth_pass f1GDsV78
}
virtual_ipaddress {
192.168.2.199/24 dev eno16777736 label eno16777736:2
}
notify_master "/etc/keepalived/scripts/notify.sh master" ##狀態變更爲master時執行腳本
notify_backup "/etc/keepalived/scripts/notify.sh backup" ##狀態變更爲backup時執行腳本
notify_fault "/etc/keepalived/scripts/notify.sh fault" ##狀態發生故障時執行腳本
}
### LVS規則配置區域
##由於是雙主模型,我們需要配置兩組VIP的集羣,當LVS2宕機時,LVS2虛擬IP漂移到本機,我們需要LVS1上有192.168.2.199的集羣配置,反之LVS2也要配置192.168.2.198的集羣配置
virtual_server 192.168.2.198 80 {
delay_loop 1
lb_algo wlc
lb_kind DR
# persistence_timeout 300
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.2.130 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 1
nb_get_retry 2
delay_before_retry 1
}
}
real_server 192.168.2.131 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 1
nb_get_retry 2
delay_before_retry 1
}
}
}
virtual_server 192.168.2.199 80 {
delay_loop 1
lb_algo wlc
lb_kind DR
# persistence_timeout 300
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.2.130 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 1
nb_get_retry 2
delay_before_retry 1
}
}
real_server 192.168.2.131 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 1
nb_get_retry 2
delay_before_retry 1
}
}
}
########################### LVS2配置 #########################
yum install nginx -y
echo "對不起,服務器正在維護..' > /usr/share/nginx/html/index.html
systemctl start nginx
! Configuration File for keepalived
global_defs { ##對於郵件報警,先簡單配置爲本地的郵箱,而且這裏的郵件報警也比較雞肋,後面我們藉助keepalive調用腳本的能力再開發報警或者藉助zabbix這種專業級程序
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node2 ##設置爲主機名,唯一
vrrp_mcast_group4 224.0.0.112 ##組播地址
}
vrrp_instance VI_1 {
state BACKUP #狀態分爲MASTER | BACKUP
interface eno16777736 ##浮動ip綁定在哪一個物理接口
virtual_router_id 31 ##虛擬路由器id,和另一臺設置爲一致
priority 98 ##優先級
advert_int 1 ##心跳檢測頻率,默認1s
# nopreempt ##非搶佔模式
authentication {
auth_type PASS
auth_pass f1GDsVH6 ##VRRP組播,和同一組虛擬vip保持一致
}
virtual_ipaddress {
192.168.2.198/24 dev eno16777736 label eno16777736:1 ##設置vip地址
}
notify_master "/etc/keepalived/scripts/notify.sh master" ##狀態變更爲master時執行腳本
notify_backup "/etc/keepalived/scripts/notify.sh backup" ##狀態變更爲backup時執行腳本
notify_fault "/etc/keepalived/scripts/notify.sh fault" ##狀態發生故障時執行腳本
}
vrrp_instance VI_2 {
state MASTER
interface eno16777736
virtual_router_id 32
priority 100
advert_int 1
# nopreempt
authentication {
auth_type PASS
auth_pass f1GDsV78
}
virtual_ipaddress {
192.168.2.199/24 dev eno16777736 label eno16777736:2
}
notify_master "/etc/keepalived/scripts/notify.sh master" ##狀態變更爲master時執行腳本
notify_backup "/etc/keepalived/scripts/notify.sh backup" ##狀態變更爲backup時執行腳本
notify_fault "/etc/keepalived/scripts/notify.sh fault" ##狀態發生故障時執行腳本
}
virtual_server 192.168.2.198 80 {
delay_loop 1
lb_algo wlc
lb_kind DR
# persistence_timeout 300
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.2.130 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 1
nb_get_retry 2
delay_before_retry 1
}
}
real_server 192.168.2.131 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 1
nb_get_retry 2
delay_before_retry 1
}
}
}
virtual_server 192.168.2.199 80 {
delay_loop 1
lb_algo wlc
lb_kind DR
# persistence_timeout 300
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.2.130 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 1
nb_get_retry 2
delay_before_retry 1
}
}
real_server 192.168.2.131 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 1
nb_get_retry 2
delay_before_retry 1
}
}
}
######################## RS1配置 ########################
yum install nginx -y
echo "192.168.2.130' > /usr/share/nginx/html/index.html
systemctl start nginx
## 執行腳本 set_lvs_rs.sh
bash set_lvs_rs.sh start
######################## RS2配置 ########################
yum install nginx -y
echo "192.168.2.131' > /usr/share/nginx/html/index.html
systemctl start nginx
## 執行腳本 set_lvs_rs.sh
bash set_lvs_rs.sh start
到此LVS+keepalived的雙主模型已經完成,通過測試我們可以得到:
1、DNS輪巡,當LVS1與LVS2無異常時同時正常工作。
2、當LVS1或任意其中一臺宕機時,浮動IP飄逸至另一臺主機,兩個VIP都仍然正常工作
3、當NGINX任意一臺TCP 80端口4層檢測不正常,keepalived自動將其從規則刪除,反之自動添加
4、當NGINX同時全部宕機,keepalived臨時提供sorry server
5、當vip發生變更keepalived將自動發送郵件通知管理員
set_lvs_rs.sh 腳本內容:
#!/bin/bash
#
vip1='192.168.2.198'
vip2='192.168.2.199'
mask='255.255.255.255'
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ifconfig lo:0 $vip1 netmask $mask broadcast $vip1 up
ifconfig lo:1 $vip2 netmask $mask broadcast $vip2 up
route add -host $vip1 dev lo:0
route add -host $vip2 dev lo:1
;;
stop)
ifconfig lo:0 down
ifconfig lo:1 down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
;;
*)
echo "Usage $(basename $0) start|stop"
exit 1
;;
esacnotify.sh腳本內容:
[root@node2 scripts]# cat notify.sh
#!/bin/bash
#
contact='root@localhost'
notify() {
local mailsubject="$(hostname) to be $1, vip floating"
local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac