Linux操作文档——实现keepalived双机热备

文章目录

• • 使用Keepalived实现双机热备
  • • 1、Keepalived的安装
    • 2、keepalived+lvs-DR主服务器的配置
    • 3、keepalived+lvs-DR备份服务器的配置
    • 4、web1和web2服务器配置
    • 5、配置NFS

---

使用Keepalived实现双机热备

1、Keepalived的安装

[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# systemctl enable keepalived

2、keepalived+lvs-DR主服务器的配置

[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# vim /etc/sysctl.conf               //关闭ICMP重定向
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]# sysctl -p
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vim keepalived.conf
global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   #服务器的名称
   router_id LVS_DEVEL1
}
	#定义VRRP热备实例
vrrp_instance VI_1 {
	#热备状态，MASTER表示主服务器
    state MASTER 
    #承载VIP地址的物理接口
    interface ens33 
    #虚拟路由器的ID号，每个热备组保持一致
    virtual_router_id 51
    #优先级，数值越大优先级越高
    priority 100
    #通告间隔秒数
    advert_int 1
    #认证信息，每个热备组保持一致
    authentication { 
    	#认证类型
        auth_type PASS 
        #密码字串
        auth_pass 1111
    }
    #指定漂移地址(VIP),可以有多个
    virtual_ipaddress {
        192.168.1.254               
    }
}

#虚拟服务器地址(VIP)、端口
virtual_server 192.168.1.254 80 {
	#健康检查的间隔时间（秒）
    delay_loop 15
    #轮询(rr)调度算法
    lb_algo rr
    #直接路由(DR)群集工作模式
    lb_kind DR
    #连接保待时间（秒）
    persistence_timeout 50
    #应用服务采用的是TCP协议
    protocol TCP

	#第一个Web节点的地址、端口
    real_server 192.168.1.30 80 {
    	#节点的权重
        weight 1
        #健康检查方式
        TCP_CHECK {
        		#检查的目标端口
                connect_port 80
            #连接超时（秒）
            connect_timeout 3
            #重试次数
            nb_get_retry 3
            #重试间隔（秒）
            delay_before_retry 3
        }
    }

	real_server 192.168.1.40 80 {
        weight 1
        TCP_CHECK {
                connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@localhost ~]# systemctl restart keepalived

3、keepalived+lvs-DR备份服务器的配置

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# vim /etc/sysctl.conf               //关闭ICMP重定向
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]# sysctl -p
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vim keepalived.conf
global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL2
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.254
    }
}

virtual_server 192.168.1.254 80 {
    delay_loop 15
    lb_algo rr
    lb_kind DR
    persistence_timeout 50
    protocol TCP

    real_server 192.168.1.30 80 {
        weight 1
        TCP_CHECK {
                connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
real_server 192.168.1.40 80 {
        weight 1
        TCP_CHECK {
                connect_port 80
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
[root@localhost ~]# systemctl restart keepalived

4、web1和web2服务器配置

[root@localhost ~]# cd /etc/sysconfig/network-scripts/
[root@localhost network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@localhost network-scripts]# vim ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.1.254               //配置群集ip地址192.168.1.254
NETMASK=255.255.255.255               //子网掩码为255.255.255.255
ONBOOT=yes
[root@localhost ~]# ifup lo:0
[root@localhost ~]# vim /etc/sysctl.conf               //关闭ARP应答
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost ~]# sysctl -p
[root@localhost ~]# ifconfig lo:0
lo:0: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 192.168.1.254  netmask 255.255.255.255               //自动设置的VIP地址
        loop  txqueuelen 1  (Local Loopback)
[root@localhost ~]# route add -host 192.168.1.254 dev lo:0               //添加一条vip本地访问路由

5、配置NFS

在nfs主机上配置共享存储服务器，提供给两台web服务器的后台网页存储

[root@localhost ~]# yum -y install nfs-utils rpcbind
[root@localhost ~]# systemctl enable nfs
[root@localhost ~]# systemctl enable rpcbind
[root@localhost ~]# systemctl restart nfs
[root@localhost ~]# systemctl restart rpcbind
[root@localhost ~]# mkdir -p /opt/wwwroot               //设置共享目录
[root@localhost ~]# vim /etc/exports
/opt/wwwroot   192.168.1.0/24(rw,sync,no_root_squash)
[root@localhost ~]# systemctl restart nfs
[root@localhost ~]# systemctl restart rpcbind
[root@localhost ~]# showmount -e               //重新启动服务并查看本机发布的NFS共享目录
Export list for localhost.localdomain:
/opt/wwwroot 192.168.1.0/24

在web客户机中启动服务

[root@localhost ~]# systemctl enable nfs
Created symlink from /etc/systemd/system/multi-user.target.wants/nfs-server.service to /usr/lib/systemd/system/nfs-server.service.
[root@localhost ~]# systemctl enable rpcbind
[root@localhost ~]# mount 192.168.1.40:/opt/wwwroot /var/www/html/
[root@localhost ~]# vim /etc/fstab
192.168.1.40:/opt/wwwroot /var/www/html     nfs   defaults,_netdev 0 0