五、Keepalived服务的配置
5.1 高可用Web拓扑图
• 使用Keepalived为主从设备提供VIP地址漂移
client
|
————————————
| |
Keepalived: Web Server:
VIP:192.168.4.13 192.168.4.11-12/24
5.2 Keepalived安装
• RHEL7的光盘中已经包含Keepalived软件包,只要配置好yum,指向光盘源即可安装
5.2.1 在两台web服务器(192.168.4.11-12)上安装keepalived
web1(192.168.4.11):
[root@web1 ~]# yum -y install keepalived
[root@web1 ~]# rpm -q keepalived
keepalived-1.2.13-7.el7.x86_64
web2(192.168.4.12):
[root@web2 ~]# yum -y install keepalived
[root@web2 ~]# rpm -q keepalived
keepalived-1.2.13-7.el7.x86_64
5.2.2 配置文件的修改
web1(192.168.4.11):
[root@web1 ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak #备份配置文件
[root@web1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email { #管理员email地址(报警收件人邮箱)
root@localhost
}
notification_email_from admin@tedu.com #设置发件人
smtp_server 127.0.0.1 #//定义邮件服务器
smtp_connect_timeout 30
router_id LVS_DEVEL #设置路由ID号
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER //主服务器为MASTER,辅助为SLAVE
interface eth0 //定义网络接口
virtual_router_id 51 //主辅VRID号必须一致
priority 100 //服务器优先级
advert_int 1
authentication { //认证,用密码做认证的,是共享密码,要求一样
auth_type PASS
auth_pass 1111 //主辅服务器密码必须一致
}
virtual_ipaddress { //虚拟地址,两个节点必须一样
192.168.4.200
}
}
[root@web1 ~]# systemctl start keepalived.service
[root@web1 ~]# systemctl status keepalived.service
[root@web1 ~]# ip a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 74:52:08:05:01:01 brd ff:ff:ff:ff:ff:ff
inet 192.168.4.12/24 brd 192.168.4.255 scope global eth0
valid_lft forever preferred_lft forever
inet 192.168.4.200/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::7652:8ff:fe05:101/64 scope link
valid_lft forever preferred_lft forever
[root@web1 ~]# scp /etc/keepalived/keepalived.conf root@192.168.4.13:/etc/keepalived/
web2(192.168.4.12):
[root@web1 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from admin@tedu.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state SLAVE //辅助为SLAVE
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.4.200
}
}
5.3 清空防火墙规则
[root@web1 ~]# iptables -F
[root@web2 ~]# iptables -F
5.4 测试
[root@client ~]# ping 192.168.4.200
[root@client ~]# firefox 192.168.4.200/bbs
在web1上关闭keepalived,再查看eth0的ip,再用客户端访问
[root@web1 ~]# systemctl stop keepalived
[root@web2 ~]# ip a s eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 74:52:08:05:02:01 brd ff:ff:ff:ff:ff:ff
inet 192.168.4.13/24 brd 192.168.4.255 scope global eth0
valid_lft forever preferred_lft forever
inet 192.168.4.200/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::7652:8ff:fe05:201/64 scope link
valid_lft forever preferred_lft forever
[root@client ~]# firefox 192.168.4.200/bbs 依然可以访问
浙公网安备 33010602011771号