Keepalived双机热备(LVS+Keepalived高可用性群集)

1、Keepalived双机热备（LVS+Keepalived高可用性群集），根据实验要求规划网络拓扑。注：根据实验要求搭建网络拓扑，具体规划如图。 ，配置Keepalived双机热备主（备）服务器。root©keepalivedl /# yum install -y kerneldevel openssl-devel popt-deve.tl1 ipvsadmrootkeepalivedl /# rpin -ivh /mt/Packages/ipvsadin-L 25-9* el6. i68&* rpmrootkcepalivedl /# ./configure prefix-

2、/withkerne 1 -dir-/usr/src/ kernels/2, 6. 32-131. 0,15. eI6.1686rootOkeepalivedl /# make M make installrootkeepalivedl /. rootkeeisial ivedl /# lid注：安装相关支持软件包，编译安装Keepal ind。ia,-Iwim /亡+a/ln=LFL口丹1 i WFifl./'kF：i=TiFn i丨主配置文件在/etc/keepalived/keepalived.c onf Configuration File for keep al ivedgl

3、obal_defs (jiu 11 f i c at i cn_e ntai 1 acassenfirewal 1, loc failover® f1r ewal1loc sys admi n® fi r e wal 1.1 ocnatification_email_fram Alejandre. Cassenfifirevrall, loc sirrtp.sexver 192,168. 200,1smt p_c onne ct_t i meout 30vrrp_instan匚匚丨¥1 1 | rout d LV§_JEVEL：L |interface

4、申hO virtual_rQuter_id|51| priori tyPlDC : 浊dvETt_int 1 autheritLcation autkc+ype PASS authjpass 1111virtual_ipa-ddress | 195. 168.1.100注：配置主Keepalived服务器。Notification_email是邮件相关信息，以邮件 的方式向管理员发送程序相关的信息，这里可以不做修改。Router_id本服务器的名称。Vrrp_instanee定义一个实例。State热备状态 MASTER为主， SLAVE为备份。In terface承载VIP地址的物理接口。V

5、irtual_router_id虚拟 服务器的ID号，一个实例中的所有服务器的Virtual_router_id要保持一致。Priority优先级，最高为100。Advertnt通告时间间隔（秒）。Authentication 认证方式，同一个实例的个服务器要保持一致。 Virtual_ipaddress漂移地址（VIP）。J5 r4vt4kv«p«li*Hd2； /«Li/vru/k*»pHliF«d 1.2.2ErootkeEpalivedS keepalived-1, 2, 21 vint /EtcAeepalivedAeepalived

6、 .conf net i f i cat i on-einai 1（acBssenSfirecall. Inc failover®firewall, loc sysadminSfirewalL Incnoti fication_eioail_from Alexandre G已日呂匚n电firu叩dll. loc smtp_server 192, 163. 200, 1 smtp_connect_tiireout 30I router id LVS DEVEL2 I '='-int xr oot ® k e ep al i ve d2 ke郎 aliymd-L

7、 2= 2#adQ 日 hew dgy mth5|*2: eth5: <BROADCASTJ MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo.fast state UNKNO WN qlen 1000link/ether 00:0c：29:34：45:69 brd -f:ff:ff:ff inet 192. 16B. 1. 3/24 brd 192. 16S. 1. 255 scope global eth5 inet& fe80r:20c:29ff:fe34:4569/64 scope link valid_lft foreve

8、r preferred_lfT forever注：备份（热备）服务器上面查看不到VIP。,搭建WEB服务器。Trp_i ns t ance VI 1 state I SLA性 J interfaceIeth5 vi ttual router_i d 51 priority |9? advert_int authentication auth_t>pe PASS authjpass 1111注：备份（热备）服务器的配置，需要修改的地方有本服务器名称，热备状 态和优先级。（这里使用的是eth5网卡）virtual ipaddress 00root®keepal

9、ivedl /岸 ip add show dev ethO2: ethO: BROADCAST,MULTICAST,UP,LOWEK_tIP> nrtu 1500 qdisc pfifofast stat e UP qlen 1000link/ethcr 00:0c：29r95:41:69 brd ff:ff:ff:ff:ff:ff in述丄1 阴” 2/24 krd 192.168. L 255 scope global ethOI inetglobal ethOinet6 fe80:20c:29ff:fe5:4169/64 scope link vali（Llft forever p

10、referrecLlft forever 注：在主（热备）服务器上可以查看到VIP。注：搭建两台 WEB服务器，IP分别为和192.168.15四，部署LVS+Keepalive高可用性群集。-lai xirORotBkieepaLl ivedl:/:root0keepalivedl /# vim /etc/sysct 1 conf.rootkeepalivedl /# sysctl t口祇一订"4-二0pet- ipv4. conf. all. sendredirects = 0 pet. Ipv4. conf, default, sender edirect

11、s = 0 tiet. ipv4. conf. ethO. send_redirect s = 0 net. ipv4.conf. default, rp.fi 1 ter 二 1 net. ipy4, ccmf. default, accept_sciurc：u.：rciiitu = 0 kernel sysrq.二 0 kerne1core_uses_pid = 1 net tcp_sync口口kiw呂 二 1error： z'net. bridge巴日"is an unknown key655366553S4294967295 268435456J1 /I JJ

12、7;-error: net. bridge, bridge-nf-call-iptables" is an unknown key error: "net. bridge, bridge-nf-cal 1-arptables is an unknomi key kernel, msgmnb kernel, msgmaz kerneL shmmax kerne1 shmall注：修改内核参数，群集相关请参考“ LVS负载均衡群集”1 b_al go 同 lb_kind EE persistnce_tiweout 50 protocol TCPreal server T32.

13、168. 1. 4 SO L 帧 ei ght 1TCP_CHECK connect_port 80 cannect_t line out 3 nb_get_retry 3 delay_before_retry 3TEalggryer 1.92* 168. 1. 5weight 1TCP-CHECK carinect_port 80 connect_tiirieout 3 nb_get_retry 3 djelay_before_retry 3注：修改Keepalived服务器配置，添加虚拟 web服务器（主备服务器的配 置一样即可）。Virtual_server虚拟服务器IP（即VIP）lb

14、_algo负载调度算法。 Lb_kind群集类型。Real_server指定真实WEB服务器IP及服务（端口号）注：配置LVS节点。谀iredl:/rootlKkeepal ivedl /# |2: DthO: <BROADCASTJ MULTICAST, UP, LOWER_UP> mtu 1500 qdisc pfifo_fast stat e UP Qlen 1000link/ether 00;0c:29;95:41:&9 brd ff:ff:ff;ff;ff:ff iriEt 192*168.1.2/24192. 168, 1.255 scope glnbal et

15、hO192.162丄 100/32 耳ope global ethOinet6 fe80:2Qc：29ff:fe95:4169/64 scope linkvalid_lft forever preferred_lft foreverLrootkeepalivedl /# ipvsadm LIP Virtual Server version 1 2.1 (size=4096)Prot->TCP->耳 fip add show <1吕¥ ethOLocalAddress:Part Scheduler Flags Remot eAddress:PortForward192

16、,163, L 100:http rr persistent 50 192,16S, 1. 4: http 192,168.1. 5:http"I ： r.HWeightActiveConnInA<tComRoute Route注：查看主（热备）服务器的 Keepalived及LVS犬态jroQli'keepftliredZ： /asr/src/keepal i ved-1 2P 2l.raotkeepalived2 keepalived-lr 2. 2# |ip 詔d mhew dev 已2: eth5: <BR.OADCACT, MULTICAST,UP, L

17、OWER_UP> intu 1500 qdisc pfifo_fast state UNKHO fflf qlen 1000link/ether 00:0c；29:34:45:69 brd ff:ff:ff:ff:ff:ffinet 12. 163.1. 3/24 brd 192. 168.1. 255 scope global ethB inetG fe80:20c;29ff:fe34:4569/4 scape linkvalidolft forever preferred_lft forever rooikeepalivedS keepalived-1.2. 2# ipvsadm -

18、L IP Virtual Server version 1.2.1 (size=4096)Pror LocalAddress：Port Scheduler Flags-> RemoteAddress:PortForward WeightTCP 192, 168. 1. 100:http rr persistent 50-> 192-16S, 1.4:httpRoute1i> 192.168. 1. 5:httpRoute1ActiveCcnn InActCann0000注：备份（热备）服务器的 五，验证。Keepalived及LVS犬态，正常。注：客户端IP参数/OforHT

19、TP Serwer qp Bed Kat £at«rpri se Linu 一 Tiad«ie InterBct| Li.v± S«drch刁 w192. IBS. I. 1Q0丈件（£希鉅（£1査若妁 收擁灭®工貝 胡助辿收閒夷 U迢滴宝购甑 圄百度一下.辺宝戟 智數码.虽攫觑 4显新电紙 目擢狗.囹购物辱疏 IJJ斗地主.T»it F削4 fflr tht Apncht HTTP S«rv#r «n RRed Hat Enterprise Linux Test PageThis p

20、age i弓 used to test trie proper operation of itie Apache HTTP server after rt has been instiled If you can read Ihis page, it means that Itie Apache HTTP server installed al this site is worlting properlyIf you are the website administrator:You may now add contcnl to the dinedory /var/www/html/. Not

21、e that until you do so. people visiting your websile will see Ihis page, and not your corrterit Tq prevent this page from ever being used, fotlow th« insrructiQris in ttiefile / etc /httpd/ conf.we leone . conf.Yau are free to use the imatje below on webIf you are a member of the general public

22、:Tfie fad that you are seeing this page Ind it ales mat me website you just vis lied is either eKpenencing problems or is undergoing routine maintenance00 服务器If you would like to let the adminteiralors oTIhls websffe Know that youVe seen (his page inslead of the oaae vou exDedert vou shot

23、ild注：客户端可以正常访问注：在主（热备）服务器上面可以看到访问状态信息,群集可节点正常工作J1 f « a tk« ep&l i Ttd.1./-IClicIraolkeepalivedl /# ipvsadm -LncdIPVS connecticn entriesproExpirestateSQUTCBvirtualdestinationTCP01:09FIN WAIT:47671&2.16S.1.10080192.1 弦 1”5：TCP01 51FIN WAIT192.168.1. 1;4798192.16S. 1.100SO

24、:TCP01:15FIN WAIT192.160.1. 1:4771192. 168. 1.10080:TCP00:42NONE192+163.1.1:0192. 16S. klOO3015Z1&E.1.4:TCP00； 05NONE19S. 168.1.1:0192. 168.1. 10065535 他k$8.1.5TCP01:52FIN WAIT:47990080:TCP01:51PIN WAIT192.163.1. 1:4797192.168. 1.100BO192.16

25、8.1.4:TCP01:52FIN WAIT192.168.1. 1 ;13O4192. tCLl.fOO80:TCP01:15FIK WAIT192.168.1. 1:4771192. 168. 1.100甜192,1&8.1.5:TCP01; 15FIH WAIT:4772L008019Z168.1.5:TCP01:15FIN WAIT192.168. L 1:4773192.16S. 1.10080192.168.1. 5:TCP01:52FIN WAIT19S.16S.1. l:4B0612. l6S,k 1008

26、0血163.1-4：TCP01:52FIN WAIT192.16S. 1. l：4S03192. 168.1.10080192,168.1.4;TCP01:52FIN WAIT192.168.1. 1:4800192.168. 1.100BO19Z1&8.1.4:TCP01:52FIN WAIT:450500801921&8.L4:TCP0k 157IN WAIT192.168.1.U47H192. 16B. L 100BO192.15S.1.5:TCPDI： 52FIN WAIT192.168.1. 1:4802192. 168.

27、1.100B0192.1&8.1,4:TCP01:09FIN WAIT192,168.1. 1:47660080192.168. 1. 5;TCP01:15FIN WAIT:4775192.16E.X.100:8C1921&S.1.5：rootkeepal1vedl: T 卓面n x文件B 編辑童看皿攬鳶 銘端帮助同rootkeepalivedl 桌面# |j.pvs目血 *l_nc IPVS connection entriespro expire stateEourtreyitualdestinationrootkeepal_iv

28、edl 卓面#|ip add show eths2: ethO: <N0-CARRIERFBROADCAST.MULTICAST,UP> mtu 1509 qdisc pfifo fast state DOW hl qlen 1GS0link/ether Be：Sc：29：95:41：G9 brd ff：ff：ff:ff:ff:ffinet 192.16B.1.2/24 brd 192.16S.1.255 scope global ethBinetfi feae : E20c: 29ff: fe95:4169/64 scope linkvalid Ift forever preferred Ift foreverIrootkeepalived 1 桌面# ipvsadm -LncIPW呂 confection 巳nti亡合pro expire statesourcevirtualdes