vip 10.1.122
keepalived-master 10.1.1.132
keepalied-backup 10.1.1.133
realserver_1 10.1.1.136
realserver_2 10.1.1.137
四台机器上安装nginx,编译安装的话需要另外安装pcre包支持,安装在/usr/local/nginx
keepalived-master 和backup 安装keepalived 和ipvsadm(lvs安装包)
! configuration file for keepalived
global_defs {
# notification_email {
# }
# notification_email_from [email protected]
# smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id lvs_devel_1
}
vrrp_sync_group lvs {
group {
vi_1
}
vrrp_instance vi_1 {
state master
interface eth1
lvs_sync_daemon_interface eth1
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
10.1.1.222
virtual_server 10.1.1.222 {
delay_loop 6
lb_algo rr
lb_kind dr
persistence_timeout 50
protocol tcp
real_server 10.1.1.136 80 {
weight 1
tcp_check {
connect_timeout 4
nb_get retry 4
delay_before_retry 4
connect_port 80
}
}
real_server 10.1.1.137 80 {
nb_get_retry 4
delay_before_retry 4
connect_prot 80
#
#location ~ /\.ht {
# deny all;
#}
# another virtual host using mix of ip-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# https server
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:ssl:1m;
# ssl_session_timeout 5m;
# ssl_ciphers high:!anull:!md5;
# ssl_prefer_server_ciphers on;
keepalived-backup: 配置文件
# notification_email {
# }
# notification_email_from [email protected]
# smtp_connect_timeout 30
router_id lvs_devel_2
state backup
interface eth2
priority 99
virtual_server 10.1.1.222 80 {
delay_loop 6
lb_algo rr
##lb_kind nat
lb_kind dr
persistence_timeout 50
protocol tcp
real_server 10.1.1.136 80 {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
real_server 10.1.1.137 80 {
}
安装完成后master和backup /etc/init.d/keepalived start
ip addr 查看vip地址:
此时master上的ip 10.1.1.222已经生成,backup上此时需等master keepalived停掉后会自动生成vip 10.1.1.222
在停止master keepalived后vip,backup生成10.1.1.222:
通过 ipvsadm来查看ha服务和realserver:
bakcup上
在realserver的nginx配置文件上配置需要访问的内容,运行如下脚本开启转发功能:
#!/bin/bash
vip=10.1.1.222
source /etc/rc.d/init.d/functions
case "$1" in
start)
echo "start lvs of real server"
ifconfig lo:0 $syn_vip netmask 255.255.255.255 broadcast $vip
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "realserver start ok"
;;
stop)
echo "stop lvs of real server"
ifconfig lo:0 down
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "realserver stoped"
;;
*)
echo "usage: $0 {start|stop}"
exit 1
esac
查看realserver的ip,生成lo:0的虚拟网口来转发数据
以上配置完成后,进行测试:
在关闭一台nginx 服务后:
关闭一台keepalived服务后,丢一个包就会自动连接