前两个配置做完实验没截图,后面的实验有图片。
keepalived的的单独设置
1.确保时间同步 ntpdate 10.1.0.1
2.保证/etc/hosts文件可以解析到
3.本机配置ssh-keygen -t rsa -P '' ,然后ssh-copy-id -i .ssh/id_rsa.pub root@10.1.44.4
4.此时 登入10.1.44.4就不需要密码了
5.yum -y install keepalived,分别进行配置两台主机的地址分别是10.1.44.4(backup) 和10.1.44.3(master)
备机的配置
global_defs {
notification_email {
root@localhost
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node61
vrrp_mcast_group4 224.0.100.29
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 16
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 01c5c1c8
}
virtual_ipaddress {
10.1.44.99/16 dev eth0
}
}
主机的配置
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node61
vrrp_mcast_group4 224.0.100.29
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 16
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 01c5c1c8
}
virtual_ipaddress {
10.1.44.99/16 dev eth0
}
}
配置邮件通知机制
邮件脚本:/etc/keepalived/notify.sh
#!/bin/bash
#
contact="root@localhost"
notify() {
mailsubject="$(hostname) to be $1 ,vip floating"
mailbody="$(date +'%F %T'):vrrp transition,$(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
在keepalived.conf中的配置
virtual_ipaddress {
10.1.44.99/16 dev eth0
}
notify_master "/etc/keepalived/notify.sh mater"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
keepalived与HTTP结合的配置
第一步:在主机和备机进行测试
先开启service keepalived start
ipvsadm -A -t 10.1.44.99:80 -s rr
ipvsadm -a -t 10.1.44.99:80 -r 10.1.44.2 -g -w 1
ipvsadm -a -t 10.1.44.99:80 -r 10.1.44.6 -g -w 1
在另一台设备上使用curl 10.1.44.99
第二步:keepalived配置文件中添加配置
如下为备机配置,主机类似
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp mcast_group4 224.0.100.19
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 15
priority 97
advert_int 1
authentication {
auth_type PASS
auth_pass RrpIoZU8
}
virtual_ipaddress {
10.1.44.99
}
}
virtual_server 10.1.44.99 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 10.1.44.2 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
real_server 10.1.44.6 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 1
nb_get_retry 3
delay_before_retry 1
}
}
}
第三步:测试
配置好文件后,生成了如下的规则
(1)正常情况下会轮替
(2)关闭一台真机
(3)keepalived的主机宕机
此时的ipvsadm的规则已经转移到备机上,用户的访问页面亦然正常
sorry服务器
sorry_server应该配置在keepalived服务器上,以便于在主备真机全部宕机后,能够提供错误页显示服务。
(1)配置文件:
(2)测试
将真机的http服务全部关闭,将调度机的备机启动,
启动调度机的主机启动
keepalived状态检测
keepalived调用外部的辅助脚本进行资源监控,并根据监控的结果状态能实现优先动态调整。可以使用该方法去检测nginx服务是否正常;
分两步:(1)先定义一个脚本;(2)调用此脚本;
实例:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp mcast_group4 224.0.100.19
}
vrrp_script chk_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 15
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass RrpIoZU8
}
virtual_ipaddress {
10.1.44.99
}
track_script {
chk_down
}
}
当创建了down文件后主节点自动调低优先级。
原创文章,作者:178babyhanggege,如若转载,请注明出处:http://www.178linux.com/57259