keepalived-单主机模式
keepalived-单主机模式:
说明:仅演示VIP地址流动
工作模式:主备模式-单虚拟路由
拓扑:
环境说明:
1、ka1和ka2分别是2台keepalived服务器
2、配置一个单主虚拟路由器,实现一个vrrp实例
示例:单主机模式实现VIP地址流动
1、ka1 keepalived配置:
[root@lvs-ka1 keepalived]# yum install -y keepalived #centos6.4 + base源 [root@lvs-ka1 keepalived]# cat /etc/keepalived/keepalived.conf [root@lvs-ka1 keepalived]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { root@lvs.localdomain #可以配置收件人邮箱,需要额外邮箱配置 } notification_email_from keepaliced@lvs.localdomain #发件人 smtp_server 127.0.0.1 #依赖本机的postfix提供的邮箱服务 smtp_connect_timeout 30 #服务器连接超时时间 router_id ka1 #本地主机名标识 vrrp_mcast_group4 224.100.100.100 #ipv4组播地址,宣告优先级 vrrp_instance VI_1 { #虚拟路由器实例 state MASTER #主 interface ens33 #绑定为当前虚拟路由使用的物理接口 virtual_router_id 66 #当前虚拟路由器唯一标识:0-255 priority 100 #作为master的优先级 advert_int 1 #vrrp通告的时间间隔,1s authentication { #同一个虚拟路由器成员间的认证 auth_type PASS auth_pass 123456 } virtual_ipaddress { #VIP设置 172.16.0.100/24 dev ens33 label ens33:1 #VIP绑定接口 } } [root@lvs-ka1 ~]# cat /etc/hosts 10.0.0.125 ka1 10.0.0.126 ka2 [root@lvs-ka1 ~]# ssh-keygen [root@lvs-ka1 ~]# ssh-copy-id 10.0.0.126
2、ka2 keepalived配置:
[root@lvs-ka1 keepalived]# yum install -y keepalived #centos6.4 + base源 [root@lvs-ka1 keepalived]# cat /etc/keepalived/keepalived.conf [root@lvs-ka1 keepalived]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { root@lvs.localdomain #可以配置收件人邮箱,需要额外邮箱配置 } notification_email_from keepaliced@lvs.localdomain #发件人 smtp_server 127.0.0.1 #依赖本机的postfix提供的邮箱服务 smtp_connect_timeout 30 #服务器连接超时时间 router_id ka1 #本地主机名标识 vrrp_mcast_group4 224.100.100.100 #ipv4组播地址,宣告优先级 vrrp_instance VI_1 { #虚拟路由器实例 state BACKUP #从
interface ens33 #绑定为当前虚拟路由使用的物理接口 virtual_router_id 66 #当前虚拟路由器唯一标识:0-255 priority 80 #作为backup优先级 advert_int 1 #vrrp通告的时间间隔,1s authentication { #同一个虚拟路由器成员间的认证 auth_type PASS auth_pass 123456 } virtual_ipaddress { #VIP设置 172.16.0.100/24 dev ens33 label ens33:1 #VIP绑定接口 } } [root@lvs-ka1 ~]# cat /etc/hosts 10.0.0.125 ka1 10.0.0.126 ka2 [root@lvs-ka1 ~]# ssh-keygen [root@lvs-ka1 ~]# ssh-copy-id 10.0.0.125
3、验证:观察VIP的漂移
先启动ka2 keepalived服务:
ka2是BACKUP角色,此时VIP绑定在ka2的ens33端口
[root@lvs-ka2 keepalived]# systemctl start keepalived [root@lvs-ka2 keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:50:56:34:07:10 brd ff:ff:ff:ff:ff:ff inet 10.0.0.126/24 brd 10.0.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 172.16.0.100/24 scope global ens33:1 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fe34:710/64 scope link valid_lft forever preferred_lft forever [root@lvs-ka2 keepalived]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.0.122 0.0.0.0 UG 100 0 0 ens33 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33 [root@rs2 ~]# tcpdump -i ens33 -nn host 224.100.100.100 #vrrp宣告 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes 21:24:04.205830 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20 21:24:05.210191 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20 21:24:06.211423 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20 21:24:07.215022 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
再启动ka1 keepalived服务:
ka1是MASTER角色,默认抢占式,优先级比BACKUP角色高,VIP飘逸到ka1的ens33端口
[root@lvs-ka1 keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:50:56:31:8a:01 brd ff:ff:ff:ff:ff:ff inet 10.0.0.125/24 brd 10.0.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 172.16.0.100/24 scope global ens33:1 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fe31:8a01/64 scope link valid_lft forever preferred_lft forever [root@lvs-ka1 keepalived]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 10.0.0.122 0.0.0.0 UG 100 0 0 ens33 10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33 [root@rs2 ~]# tcpdump -i ens33 -nn host 224.100.100.100 #vrrp宣告 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes 21:27:51.604517 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20 21:27:52.607219 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20 21:27:53.608804 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20 21:27:54.609974 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20 21:27:54.610469 IP 10.0.0.125 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20 21:27:55.620706 IP 10.0.0.125 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20 21:27:56.632074 IP 10.0.0.125 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20 [root@lvs-ka2 keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:50:56:34:07:10 brd ff:ff:ff:ff:ff:ff inet 10.0.0.126/24 brd 10.0.0.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fe34:710/64 scope link valid_lft forever preferred_lft forever
浙公网安备 33010602011771号