Keepalived工具介绍
- 专为LVS和HA设计的一款健康检查工具
- 支持故障自动切换(Failover)
- 支持节点健康状态检查(Health Checking)
Keepalived实现原理刨析
- Keepalived采用VRRP热备份协议实现Linux服务器的多机热备功能
[root@localhost ~]
[root@localhost ~]
[root@localhost ~][root@localhost ~]
[root@localhost ~]
[root@localhost ~]
[root@localhost keepalived][root@localhost keepalived]
global_defs { :wnotification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_01
}vrrp_instance VI_1 { state MASTERinterface ens33virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 }virtual_ipaddress {192.168.10.172}
}virtual_server 192.168.10.172 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.255.0
! persistence_timeout 50protocol TCP real_server 192.168.10.103 80 { weight 1 TCP_CHECK { connect_port 80connect_timeout 3 nb_get_retry 3 delay_before_retry 3 }}
real_server 192.168.10.104 80 {weight 1TCP_CHECK {connect_port 80connect_timeout 3nb_get_retry 3delay_before_retry 3}}}
[root@localhost ~]
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]
[root@localhost keepalived]
[root@localhost keepalived]
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:ae:7f:64 brd ff:ff:ff:ff:ff:ffinet 192.168.10.101/24 brd 172.16.16.255 scope global ens33valid_lft forever preferred_lft foreverinet 192.168.10.172/32 scope global ens33valid_lft forever preferred_lft forever
[root@localhost ~]
[root@localhost ~]
[root@localhost ~][root@localhost ~]
[root@localhost ~]
[root@localhost ~]
[root@localhost keepalived][root@localhost keepalived]
global_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_02
}vrrp_instance VI_1 {state BACKUP interface ens33virtual_router_id 51priority 99advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.10.172}
}virtual_server 192.168.10.172 80 {delay_loop 6lb_algo rrlb_kind DRnat_mask 255.255.255.0
! persistence_timeout 50protocol TCPreal_server 192.168.10.101 80 {weight 1TCP_CHECK {connect_port 80connect_timeout 3nb_get_retry 3delay_before_retry 3}}real_server 192.168.10.102 80 {weight 1TCP_CHECK {connect_port 80connect_timeout 3nb_get_retry 3delay_before_retry 3}}}
[root@localhost ~]
在末尾添加:
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
[root@localhost ~]
[root@localhost keepalived]
[root@localhost ~]
[root@localhost ~]
[root@localhost network-scripts]
[root@localhost network-scripts]
DEVICE=lo:0
IPADDR=192.168.10.172
NETMASK=255.255.255.255
ONBOOT=yes
[root@localhost network-scripts]
[root@localhost network-scripts]
/sbin/route add -host 192.168.10.172 dev lo:0
[root@localhost network-scripts]
[root@localhost ~]
[root@localhost ~]
test web01
[root@localhost ~]
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
[root@localhost ~]