keepalived +lvs 双机高可用-CFANZ编程社区

安装lvs

yum install -y ipvsadm

安装keeplived

去官网下载 https://www.keepalived.org/download.html
上传到服务器上
解压tar包

# 安装编译依赖包,不安装依赖包编译不成功
yum install curl gcc openssl-devel libnl3-devel net-snmp-devel libnfnetlink-devel -y

cd /opt/keepalived-1.4.5
./configure
make && make install

创建文件夹
mkdir -p /etc/keepalived

修改keepalived配置文件

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id LVS_DEVEL1 # keepalived 的组  名字可以不一样
   script_user root
   enable_script_security
}

vrrp_instance VI_1 {
    state MASTER   					 #配置主备，备用机此配置项为BACKUP
    interface ens33  		 		 #指定网卡接口
    mcast_src_ip 192.168.238.131     #当前网卡ip
    virtual_router_id 51   	   	     #指定路由ID，主备必须一样
    priority 100					 #设置优先级，主略高于备份
    advert_int 1					 #设置检查时间
    authentication {			
        auth_type PASS 				 #设置验证加密方式
        auth_pass 1111				 #设置验证密码
    }
    virtual_ipaddress {
        192.168.238.132/24 dev ens33
    }
}

virtual_server 192.168.238.132 8028 {
    delay_loop 6 						#健康检查时间
    lb_algo rr							#LVS调度算法
    lb_kind DR							#LVS工作模式
    persistence_timeout 900			
    protocol TCP						#服务采用TCP协议
    real_server 192.168.238.131 8028 {
        weight 1						 #权重
        TCP_CHECK { 					 #TCP检查
                connect_port 8028   #检查端口8028
            	connect_timeout 3    #超时时间3秒
           		retry 3           #重试次数3次
            	delay_before_retry 4    #重试间隔4秒

        }    
    } 
     real_server 192.168.238.130 8028 {
        weight 1
        TCP_CHECK {
               connect_port 8028   #检查端口8028
            	connect_timeout 3    #超时时间3秒
           		retry 3           #重试次数3次
            	delay_before_retry 4    #重试间隔4秒
        }
    }
}

防火墙开启vrrp

keepalived 是基于vrrp做到虚拟ip漂移的,这里不开启的话,主备均会认为对方挂掉了,会造成主备都能获取到虚拟ip(vip)

firewall-cmd --add-rich-rule='rule protocol value="vrrp" accept' --permanent 

firewall-cmd --reload

配置服务自启

systemctl enable keepalived.service

重启服务器

init 6  或者  reboot

配置业务服务器虚拟ip

复制ip配置

cp  /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0

修改配置文件

vim /etc/sysconfig/network-scripts/ifcfg-lo:0


DEVICE=lo:0
IPADDR=192.168.238.132
NETMASK=255.255.255.255
ONBOOT=yes

配置永久路由自启

vim /etc/rc.local

在最后添加

/sbin/route add host 192.168.238.132 dev lo:0

禁用arp协议

vim /etc/sysctl.conf

编辑文件

net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.default.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2

查看日志

tail -100f /var/log/messages

修改keepalived日志存储地址

mkdir /var/log/keepalived/

vim  /opt/keepalived-1.4.5/keepalived/etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -d -S 0"  # 修改

vim /usr/local/etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -d -S 0"  # 修改

vim /etc/rsyslog.conf 
local0.* /var/log/keepalived/keepalived.log

systemctl restart rsyslog



vim /opt/keepalived-1.4.5/keepalived/keepalived.service
EnvironmentFile=/opt/keepalived-1.4.5/keepalived/etc/sysconfig/keepalived   # 修改

systemctl daemon-reload

systemctl stop keepalived
systemctl start keepalived