VIP和RIP不同网段的LVS和keepalived高可用

VIP和RIP不同网段的LVS和keepalived高可用

#描述

CentOS6.564位keepalive-1.2.13IPVSADMv1.26NAT模式

http://zh.linuxvirtualserver.org/

http://keepalived.org/

http://www.linuxvirtualserver.org/Documents.html

http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/index.html

Lvs服务器有2块网卡，realserver有一块网卡，ip如下:

主DR192.168.22.219

0eth0外联网192.168.22.219192.168.22.249(VIP)

Eth1内部网192.168.1.1192.168.1.5(网关)

备份灾难恢复192.168.22.203

0eth0外联网192.168.22.203192.168.22.249(VIP)

Eth1内部网192.168.1.2192.168.1.5(网关)

realserver1192.168.1.3192.168.1.5(网关)

realserver2192.168.1.4192.168.1.5(网关)

#安装lvs并保持活动状态

yum install popt popt-devel popt-static libnl libnl-devel yum install ipvsadm tar -xzf keepalived-1.2.13.tar.gz cd keepalived-1.2.13 ./configure make make install cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ chmod +x /etc/rc.d/init.d/keepalived cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/keepalived cp /usr/local/sbin/keepalived /usr/sbin/keepalived cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

打开IP转发

net.ipv4.ip_forward=1

#灾难恢复主节点和备用节点配置

Keepalived.conf配置

# vim /etc/keepalived/keepalived.conf global_defs {         notification_email {         your_email@163.com         }   notification_email_from root@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id lvs_dr1 } vrrp_sync_group lvs_1 {         group {                 VI_1                 VI_GATEWAY                 }         notify_master "/usr/local/sbin/lvsdr.sh start"         notify_backup "/usr/local/sbin/lvsdr.sh stop" } vrrp_instance VI_1 {   state MASTER                 #backup为BACKUP   interface eth0   virtual_router_id 51   priority 101                 #backup为100   advert_int 1   authentication {         auth_type PASS         auth_pass bbotte         }   virtual_ipaddress {         192.168.22.249 255.255.255.0         } vrrp_instance VI_GATEWAY {     state MASTER              #backup为BACKUP     interface eth1     virtual_router_id 52     priority 101              #backup为100     advert_int 1     authentication {         auth_type PASS         auth_pass bbotte      }      virtual_ipaddress {           192.168.1.5      }   } } virtual_server 192.168.1.5 80 {   delay_loop 2   lb_algo rr   lb_kind DR   nat_mask 255.255.255.0   persistence_timeout 60   protocol TCP   real_server 192.168.1.3 80   {         weight 1         TCP_CHECK         {         connect_timeout 5         nb_get_retry 3         delay_before_retry 3         connect_port 80         }   }   real_server 192.168.1.4 80   {         weight 1         TCP_CHECK         {         connect_timeout 5         nb_get_retry 3         delay_before_retry 3         connect_port 80         }   } } vim /usr/local/sbin/lvsdr.sh #!/bin/bash ## LVS script for VS/DR . /etc/rc.d/init.d/functions # VIP=192.168.22.249 RIP1=192.168.1.3 RIP2=192.168.1.4 # case "$1" in start)   /sbin/ifconfig eth0:1 $VIP netmask 255.255.255.0 up # Since this is the Director we must be able to forward packets   echo 1 > /proc/sys/net/ipv4/ip_forward # Clear all iptables rules.   /sbin/iptables -F # Reset iptables counters.   /sbin/iptables -Z # Clear all ipvsadm rules/services.   /sbin/ipvsadm -C # Add an IP virtual service for VIP 192.168.0.200 port 80 # In this recipe, we will use the round-robin scheduling method. # In production, however, you should use a weighted, dynamic scheduling method.   /sbin/ipvsadm -A -t $VIP:80 -s rr # Now direct packets for this VIP to # the real server IP (RIP) inside the cluster   /sbin/ipvsadm -a -t $VIP:80 -r $RIP1 -m   /sbin/ipvsadm -a -t $VIP:80 -r $RIP2 -m     /bin/touch /var/lock/subsys/ipvsadm.lock ;; stop) # Stop forwarding packets   echo 0 > /proc/sys/net/ipv4/ip_forward # Reset ipvsadm   /sbin/ipvsadm -C # Bring down the VIP interface   ifconfig eth0:1 down     rm -rf /var/lock/subsys/ipvsadm.lock ;; status)   [ -e /var/lock/subsys/ipvsadm.lock ] && echo "ipvs is running..." || echo "ipvsadm is stopped..." ;; *)   echo "Usage: $0 {start|stop}" ;; esac

#真实服务器配置

配置了以下两个真实服务器

两台机器都为centos6.5yum安装httpd服务并启动，iptables开放端口80。

真实服务器1:

cat/var/www/html/index.html

web1111111111111

真实服务器2:

cat/var/www/html/index.html

测试2222222222

打开IP转发

net.ipv4.ip_forward=1

配置网关

#vim/etc/sysconfig/network-scripts/ifCFG-eth0Add

GATEWAY="192.168.1.5"

Realserver.sh，并启动这个脚本。

vim realserver.sh #!/bin/bash # # Script to start LVS DR real server. # description: LVS DR real server # . /etc/rc.d/init.d/functions VIP=192.168.22.249 host=`/bin/hostname` case "$1" in start)        # Start LVS-DR real server on this machine.         /sbin/ifconfig lo down         /sbin/ifconfig lo up         echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore         echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce         echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore         echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce         /sbin/ifconfig lo:0 $VIP broadcast $VIP netmask 255.255.255.255 up         /sbin/route add -host $VIP dev lo:0 ;; stop)         # Stop LVS-DR real server loopback device(s).         /sbin/ifconfig lo:0 down         echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore         echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce         echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore         echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce ;; status)         # Status of LVS-DR real server.         islothere=`/sbin/ifconfig lo:0 | grep $VIP`         isrothere=`netstat -rn | grep "lo:0" | grep $VIP`         if [ ! "$islothere" -o ! "isrothere" ];then             # Either the route or the lo:0 device             # not found.             echo "LVS-DR real server Stopped."         else             echo "LVS-DR real server Running."         fi ;; *)             # Invalid entry.             echo "$0: Usage: $0 {start|status|stop}"             exit 1 ;; esac

查看信息

马斯特博士:

灾难恢复备份:

ip没有变化，是你原来的ip

[root@localhost ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags   -> RemoteAddress:Port

真实服务器1:

测试

1、测试挂机是否对真实服务器有影响

关闭RealServer1的httpd服务，打开VIP页面，不断刷新。

2.测试keepalived的master挂机后，BACKUP能否正常接管MASTER的工作。

重新启动主机。重启期间，VIP主页始终打开查看。主服务器重新启动后，keepalived将打开，并继续由主服务器提供服务。