keepalived实现LVS高可用

前提：后端两个RS已经安装好了httpd，并且可以被正常访问到

规划：

Director1：

eth0,DIP:202.207.178.6

eth0:0,VIP:202.207.178.4

Director2：

eth0,DIP:202.207.178.7

eth0:0,VIP:202.207.178.4

RS1:

eth0,RIP:202.207.178.8

lo:0,VIP:202.207.178.4

RS2:

eth0,RIP:202.207.178.9

lo:0,VIP:202.207.178.4

一、配置DR模型（注意：RS1和RS2上的网卡别名地址必须在配置好arp_ignore和arp_announce之后才可配置，为避免影响，应关闭防火墙和SELinux）

1、按上述IP地址规划在相应的网卡上配置相应的IP地址

2、配置RS1和RS2对arp的请求响应，以及其对应VIP

RS1：

# sysctl -w net.ipv4.conf.eth0.arp_announce=2

# sysctl -w net.ipv4.conf.all.arp_announce=2

# echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore

# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore

#ifconfig lo:0 202.207.178.4 broadcast 202.207.178.4 netmask

255.255.255.255

RS2：

# echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce

# echo 2 > /proc/sys/net/ipv4/conf/eth0/arp_announce

# echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore

# echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore

# ifconfig lo:0 202.207.178.4 broadcast 202.207.178.4 netmask

255.255.255.255

3、为了使响应报文的源地址为VIP，添加一条路由

RS1:

# route add -host 202.207.178.4 dev lo:0

RS2:

# route add -host 202.207.178.4 dev lo:0

4、在前端两个Director上分别定义规则

# ipvsadm -A -t 202.207.178.4:80 -s rr

# ipvsadm -a -t 202.207.178.4:80 -r 202.207.178.8 -g

# ipvsadm -a -t 202.207.178.4:80 -r 202.207.178.9 -g

二、安装配置keepalived，并对此系统进行测试！

Director1:

1、安装keepalived

# tar xf keepalived-1.2.1.tar.gz

# cd keepalived-1.2.1

# ./configure --with-kernel-dir=/usr/src/kernels/2.6.32-642.11.1.el6.i686/

# make && make install

注意：

可能需要安装此包：

# yum install popt-devel

发现/usr/src/kernels/为空，需要安装内核源码

# yum install kernel-devel

2、配置keepalived

1）设置一个变量

# DIR=/usr/local/

2）执行如下语句，将keepalived的配置文件放置在/etc下相关目录中

# cp $DIR/etc/rc.d/init.d/keepalived  /etc/rc.d/init.d/

# cp $DIR/etc/sysconfig/keepalived /etc/sysconfig/ && mkdir -p

/etc/keepalived

# cp $DIR/sbin/keepalived /usr/sbin/

3）为keepalived提供配置文件

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

#定义出现故障向何处发邮件

notification_email {

[email protected]

}

#定义邮件是由谁发的

notification_email_from [email protected]

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

#定义检测脚本（为了完成主从节点的切换）

vrrp_script chk_schedown {

script "[ -e /etc/keepalived/down ] && exit 1 || exit 0"

interval 1

weight -5

fail 2

rise 1

}

# VIP1

#用来定义虚拟路由（vrrp实例）

vrrp_instance VI_1 {

state MASTER

#定义通告信息基于那个接口发送和虚拟路由是工作在那个接口上的

interface eth0

# lvs_sync_daemon_inteface eth0

virtual_router_id 51

#定义优先级

priority 101

#定义每隔多长时间发一次通告

advert_int 5

#定义认证

authentication {

#定义认证类型为简单字符认证

auth_type PASS

auth_pass keepalivedpass

}

#定义虚拟地址

virtual_ipaddress {

202.207.178.4/16 dev eth0 label eth0:0

}

#定义自己写的脚本何时执行

track_script {

chk_schedown

}

}

virtual_server 202.207.178.4 80 {

delay_loop 6

lb_algo rr

lb_kind DR

nat_mask 255.255.255.0

protocal TCP

sorry_server 127.0.0.1 80

real_server 202.207.178.8 80 {

weight 1

HTTP_GET {

url {

path /

status_code 200

}

connect_timeout 2

nb_get_retry 3

delay_before_retry 1

}

}

real_server 202.207.178.9 80 {

weight 1

HTTP_GET {

url {

path /

status_code 200

}

connect_timeout 2

nb_get_retry 3

delay_before_retry 1

}

}

}

4）启动服务

# /etc/init.d/keepalived restart

# ps -ef | grep keepalived

此时发现服务已经启动！

# tail -fn 100 /var/log/messages

此时发下一直滚屏，是缺少一个模块，下面加载此模块

# modprobe ip_vs

# /etc/init.d/keepalived restart

# tail -fn 100 /var/log/messages

此时一切正常

Director2：

配置同主节点，只是在配置文件中修改以下几项即可：

priority 100

real_server 202.207.178.9 80

测试：此时访问http://202.207.178.4/，可以发现以轮询方式访问到后端RS；在/etc/keepalived下touch一个名为down的文件，即可实现主从节点的切换！

三、自写脚本，实现DR宕机，向管理员发邮件（在主从节点上同时执行）

# cd /etc/keepalived/

# vim notify.sh

添加如下内容：

#!/bin/bash

#

contact=‘[email protected]‘

Usage(){

echo "Usage: `basename $0` {master|backup|fault} VIP"

}

Notify(){

subject="`hostname`‘s state changed to $1"

mailbody="`data "+%F %T "`: `hostname`‘s state change to $1, $VIP floating."

echo $mailbody | mail -s "$subject" $contact

}

[ $# -lt 2 ] && Usage &&  exit

VIP=$2

case $1 in

master)

Notify master

;;

backup)

Notify backup

;;

fault)

Notify fault

;;

*)

Usage

exit 1

;;

esac

# chmod +x notify.sh

# vim keepalived.conf

在vrrp段添加如下内容：

notify_master "/etc/keepalived/notify.sh master 202.207.178.4"

notify_backup "/etc/keepalived/notify.sh backup 202.207.178.4"

notify_fault "/etc/keepalived/notify.sh fault 202.207.178.4"

此时在两个节点重启keepalived服务，实现主从节点切换，即可收到邮件！

欢迎批评指正！