keepalived(高可用+負載均衡)
1.關閉心跳
chkconfig heartbeat off
2.使虛擬機純淨,刪除其他包(在/root)
rm -fr *
3.get keepalived-1.3.5.tar.gz from 老吳
tar zxf keepalived-1.3.5.tar.gz
cd keepalived-1.3.5
如果出現版本錯誤或者需要重新安裝的情況,那麼 rm -fr keepalived/、make clean(cd keepalived-1.3.5)
4.編譯三步曲(在/root/keepalived-1.3.5/)
./configure --prefix=/usr/local/keepalived --with-init=SYSV
make && make install
5.軟鏈接的製作(兩臺服務都要進行操作)
<<<從主節點發送過去scp -r /usr/local/keepalived/ [email protected]:/usr/local/>>>
[root@server1 sbin]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
[root@server1 sbin]# echo $PATH(查看軟連接是否成功)
[root@server1 etc]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@server1 sysconfig]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server1 init.d]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@server1 init.d]# ll /etc/init.d/keepalived
lrwxrwxrwx 1 root root 48 Jul 25 17:04 /etc/init.d/keepalived -> /usr/local/keepalived/etc/rc.d/init.d/keepalived
[root@server1 init.d]# ll /usr/local/keepalived/etc/rc.d/init.d/keepalived
-rw-r--r-- 1 root root 1308 Jul 25 16:57 /usr/local/keepalived/etc/rc.d/init.d/keepalived(此文件一定要有x權限)
[root@server1 init.d]# chmod +x keepalived
[root@server1 init.d]# pwd
/usr/local/keepalived/etc/rc.d/init.d
6.keepalived配置文件的修改
cd /etc/keepalived/
vim keepalived.conf
[root@server1 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost---郵件發送到本地
}
notification_email_from keeplived@server1---主節點server1
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 39-----同一LAN下,不能相同
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.39.100----------Vip
}
}
virtual_server 172.25.39.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# persistence_timeout 50
protocol TCP
real_server 172.25.39.2 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.39.3 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
7.將相同的文件複製到另一個集羣節點上
scp -r keepalived/ server4:/usr/local/
[root@server4 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhoat
}
notification_email_from keeplived@server4
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 39
priority 50----兩個節點要有差距,主節點大
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.39.100
}
}
virtual_server 172.25.39.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# persistence_timeout 50(一定要記得註釋,要不就要等50s)
protocol TCP
real_server 172.25.39.2 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.25.39.3 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
8.開啓服務
/etc/init.d/keepalived start 打開兩臺服務的keepalived
出現的問題:
[root@server2 keepalived]# /etc/init.d/keepalived start
補不齊,沒有這個服務
解決方法:
從主節點發送過去scp -r /usr/local/keepalived/ root@172.25.78.2:/usr/local/
[root@server2 keepalived]# chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
[root@server2 keepalived]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server2 keepalived]# pwd
/usr/local/keepalived
9.測試
ip addr
ipvsadm -L
curl 172.25.39.100
注意::iptables -L
iptables -F(刷掉策略)
[root@server4 keepalived]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.39.100:http rr
-> server2:http Route 1 0 0
-> server3:http Route 1 0 0
[root@server4 keepalived]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@server4 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:54:92:7a brd ff:ff:ff:ff:ff:ff
inet 172.25.39.4/24 brd 172.25.39.255 scope global eth0
inet 172.25.39.100/32 scope global eth0
inet6 fe80::5054:ff:fe54:927a/64 scope link
valid_lft forever preferred_lft forever
[root@server4 keepalived]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
DROP all -- anywhere 172.25.39.100
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@server4 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:54:92:7a brd ff:ff:ff:ff:ff:ff
inet 172.25.39.4/24 brd 172.25.39.255 scope global eth0
inet 172.25.39.100/32 scope global eth0
inet6 fe80::5054:ff:fe54:927a/64 scope link
valid_lft forever preferred_lft forever
[root@server4 keepalived]# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
[root@server4 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:54:92:7a brd ff:ff:ff:ff:ff:ff
inet 172.25.39.4/24 brd 172.25.39.255 scope global eth0
inet6 fe80::5054:ff:fe54:927a/64 scope link
valid_lft forever preferred_lft forever