keepalive 全局配置
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
root@localhost
1111111111qq.com
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id R1
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
#gratuitous ARP messages
vrrp_gna_interval 0
#unsolicited NA messages
vrrp_mcast_group4 224.0.0.18
vrrp_iptables
}
LVS + Keepalive高可用群集搭建
主keepalived:192.168.91.100
备keepalived:192.168.91.101
web1:192.168.91.102
web2:192.168.91.103
vip:192.168.91.188
systemctl stop firewalld.service
setenforce 0
yum install ipvsadm keepalived -y
modprobe ip_vs
cat /proc/net/ip_vs
ipvsadm-save > /etc/sysconfig/ipvsadm
systemctl start ipvsadm.service
cd /etc/keepalived/
cp keepalived.conf keepalived.conf.bak
vim keepalived.conf
需要修改项:
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1 修改邮箱指向自己
smtp_connect_timeout 30
router_id LVS_01 指定服务器名称主备需要不一样
vrrp_skip_check_adv_addr
#vrrp_strict 14行需要注释否则服务启动有问题
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER 指定服务器类型MASTER为主 BACKUP为备
interface ens33 修改网卡名称为ens33(21)
virtual_router_id 10 指定虚拟路由器的ID号主备需要一致
#nopreempt 非抢占模式两个节点都需要配置去掉注释
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 123456 修改验证密码,主备需要一样
}
virtual_ipaddress {
192.168.91.188 指定群集vip地址
}
}
virtual_server 192.168.91.188 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 0
protocol TCP
real_server 192.168.91.103 80 {
weight 1
TCP_CHECK{
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.91.105 80 {
第二个
weight 1
TCP_CHECK{
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
vim /etc/sysctl.conf
写入
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.conf.ens33.send_redirects = 0
用tcpdump抓包检查
