vip 10.1.122
keepalived-master 10.1.1.132
keepalied-backup 10.1.1.133
realserver_1 10.1.1.136
realserver_2 10.1.1.137
四台機器上安裝nginx,編譯安裝的話需要另外安裝pcre包支援,安裝在/usr/local/nginx
keepalived-master 和backup 安裝keepalived 和ipvsadm(lvs安裝包)
! configuration file for keepalived
global_defs {
# notification_email {
# }
# notification_email_from [email protected]
# smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id lvs_devel_1
}
vrrp_sync_group lvs {
group {
vi_1
}
vrrp_instance vi_1 {
state master
interface eth1
lvs_sync_daemon_interface eth1
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
10.1.1.222
virtual_server 10.1.1.222 {
delay_loop 6
lb_algo rr
lb_kind dr
persistence_timeout 50
protocol tcp
real_server 10.1.1.136 80 {
weight 1
tcp_check {
connect_timeout 4
nb_get retry 4
delay_before_retry 4
connect_port 80
}
}
real_server 10.1.1.137 80 {
nb_get_retry 4
delay_before_retry 4
connect_prot 80
#
#location ~ /\.ht {
# deny all;
#}
# another virtual host using mix of ip-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# https server
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:ssl:1m;
# ssl_session_timeout 5m;
# ssl_ciphers high:!anull:!md5;
# ssl_prefer_server_ciphers on;
keepalived-backup: 配置檔案
# notification_email {
# }
# notification_email_from [email protected]
# smtp_connect_timeout 30
router_id lvs_devel_2
state backup
interface eth2
priority 99
virtual_server 10.1.1.222 80 {
delay_loop 6
lb_algo rr
##lb_kind nat
lb_kind dr
persistence_timeout 50
protocol tcp
real_server 10.1.1.136 80 {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
real_server 10.1.1.137 80 {
}
安裝完成後master和backup /etc/init.d/keepalived start
ip addr 檢視vip位址:
此時master上的ip 10.1.1.222已經生成,backup上此時需等master keepalived停掉後會自動生成vip 10.1.1.222
在停止master keepalived後vip,backup生成10.1.1.222:
通過 ipvsadm來檢視ha服務和realserver:
bakcup上
在realserver的nginx配置檔案上配置需要通路的内容,運作如下腳本開啟轉發功能:
#!/bin/bash
vip=10.1.1.222
source /etc/rc.d/init.d/functions
case "$1" in
start)
echo "start lvs of real server"
ifconfig lo:0 $syn_vip netmask 255.255.255.255 broadcast $vip
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "realserver start ok"
;;
stop)
echo "stop lvs of real server"
ifconfig lo:0 down
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "realserver stoped"
;;
*)
echo "usage: $0 {start|stop}"
exit 1
esac
檢視realserver的ip,生成lo:0的虛拟網口來轉發資料
以上配置完成後,進行測試:
在關閉一台nginx 服務後:
關閉一台keepalived服務後,丢一個包就會自動連接配接