LVS+Keepalived

关闭dada1 2 heartbeat

ot@dada1 ~]# /etc/init.d/heartbeat stop

[root@dada1 ~]# chkconfig heartbeat off

[root@dada1 ~]# tar zxf keepalived-1.2.24.tar.gz

[root@dada1 ~]# cd keepalived-1.2.24

[root@dada1 keepalived-1.2.24]# ./configure --prefix=/usr/local/keepalived

[root@dada1 keepalived-1.2.24]# yum install -y openssl-devel kernel-devel

[root@dada1 keepalived-1.2.24]# ./configure --prefix=/usr/local/keepalived

make make install

cd /usr/local/keepalived/etc

[root@dada1 etc]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

[root@dada1 etc]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/

[root@dada1 etc]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

[root@dada1 etc]# cd rc.d/init.d/

[root@dada1 init.d]# chmod +x keepalived 给/etc/init.d/keepalived脚本加执行权限

cd /usr/local/keepalived

[root@dada1 etc]# ll /etc/sysconfig/keepalived

lrwxrwxrwx 1 root root 46 6月   3 12:06 /etc/sysconfig/keepalived -> /usr/local/keepalived/etc/sysconfig/keepalived

[root@dada1 etc]# ll /etc/keepalived/keepalived.conf

-rw-r--r-- 1 root root 3598 6月   3 12:02 /etc/keepalived/keepalived.conf

[root@dada1 etc]# ll /etc/init.d/keepalived

lrwxrwxrwx 1 root root 48 6月   3 12:08 /etc/init.d/keepalived -> /usr/local/keepalived/etc/rc.d/init.d/keepalived

vim /etc/keepalived/keepalived.conf

 

 

[root@dada1 etc]# cd /usr/local/keepalived/

[root@dada1 keepalived]# cd ..

[root@dada1 local]# scp -r keepalived/ 172.25.27.2:/usr/local/

[root@dada1 local]# cd /etc/keepalived/

[root@dada1 keepalived]# scp keepalived.conf 172.25.27.2:/etc/keepalived/

[root@dada1 keepalived]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/

[root@dada1 keepalived]# /etc/init.d/keepalived start

 

 

 

 

[root@dada2 ~]# cd /usr/local/

[root@dada2 local]# ls

bin  etc  games  include  keepalived  lib  lib64  libexec  sbin  share  src

[root@dada2 local]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

[root@dada2 local]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

[root@dada2 local]# chmod +x /etc/init.d/keepalived

[root@dada2 local]# mkdir /etc/keepalived

[root@dada2 local]# vim /etc/keepalived/keepalived.conf

把主改成从 在改一下优先级

[root@dada2 local]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/

 

 

dada3 4上做法相同

[root@dada3 ~]# vim /etc/rc.local

 ip addr add 172.25.27.100/32 dev eth0

[root@dada3 ~]# /etc/rc.local

ip addr show

 eth0  inet 172.25.27.3/24 brd 172.25.27.255 scope global eth0

       inet 172.25.27.100/32 scope global eth0

arptables管理arp包过滤的软件 过滤arp包 基本思路和iptables一样 不过 arptables处理arp协议有关的包 这些包在iptables中并不会处理  arptables可用于灵活的arp管理

[root@dada3 ~]# arptables -A IN -d 172.25.27.100 -j DROP

[root@dada3 ~]# arptables -A OUT -s 172.25.27.100 -j mangle --mangle --mangle-ip-s 172.25.27.3   让vip看不到 看到的是realserver自己真正的ip172.25.27.3

[root@dada3 ~]# /etc/init.d/arptables_jf save

Saving current rules to /etc/sysconfig/arptables:          [  OK  ]

[root@dada3 ~]# /etc/init.d/httpd start

 

 dada1 的keepalived start 测试

[root@dada1 keepalived]# ipvsadm -l

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  172.25.27.100:http rr persistent 50

  -> server3.example.com:http     Route   1      0          0         

  -> server4.example.com:http     Route   1      0          0         

如果dada1 2的keepalived同时开 vip realservel都在1上 因为1是主 优先级高是100 而2是backup从优先级低是50  如果1关了 2打开 vip realservel才会跑到2上

 

 

! Configuration File for keepalived

 

global_defs {

   notification_email {

     root@localhost     接收警报的email地址 可以添加多个（[email protected]）

   }

   notification_email_from [email protected]设置邮件的发送地址

   smtp_server 127.0.0.1  设置smtp server地址

   smtp_connect_timeout 30设置连接smtp服务器超时时间

   router_id LVS_DEVEL    load balance的标识ID 用于email警报

   vrrp_skip_check_adv_addr

   vrrp_strict

   vrrp_garp_interval 0

   vrrp_gna_interval 0

}

 

vrrp_instance VI_1 {     备机改为BACKUP，此状态是由priority的值决定的

    state MASTER      当前priority的值小于备机的值，那么将会失去master状态

    interface eth0       HA检测网络接口

    virtual_router_id 89 主，备机的virtual_router_id必须相同，取值0-255

    priority 100   主机的优先级，备份机为50，主机优先机一定要大于备机

    advert_int 1   主备之间的通告间隔秒数

    authentication {  主备切换时的验证

        auth_type PASS 设置验证类型 主要有PASS和AH两种

        auth_pass 1111 设置验证密码 在一个vrrp_instance下，master与backup

    }                  必须使用相同的密码才能通信

    virtual_ipaddress {  设置虚拟IP地址 可以设置多个虚拟IP地址 每行一个

        172.25.27.100

    }

}

virtual_server 172.25.27.100 80 { 定义虚拟服务器

    delay_loop 6     每隔6秒查询realserver状态

lb_algo rr       LVS调度算法 这里使用轮叫

lb_kind DR      LVS是用DR模式

persistence_timeout 50

    protocol TCP

    real_server 172.25.27.3 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 3

            nb_get_retry 3

            delay_before_retry 3

        }

    }

   real_server 172.25.27.4 80 {

        weight 1

        TCP_CHECK {

            connect_timeout 3

            nb_get_retry 3

            delay_before_retry 3

        }

    }

}