配置两台Apache环境的服务器,提供相同的web页面服务,在这两台Apache服务器上运行keepalive,虚拟出来一个VIP,用户通过VIP访问web服务,这样当一台Apache服务器故障的时候,VIP会飘到另外一台Apache服务器。
二. keepalive部署前准备
1. 安装开发环境
[root@study01 ~]# yum -y install gcc-* glibc-* *c++* -y [root@study01 ~]# yum -y install openssl-devel
[root@study02 ~]# yum -y install gcc-* glibc-* *c++* -y
[root@study02 ~]# yum -y install openssl-devel
[root@study01 ~]# uname -a
Linux study01.linux.com 2.6.32-754.el6.x86_64 #1 SMP Tue Jun 19 21:26:04 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
[root@study01 ~]# cat /etc/redhat-release
CentOS release 6.10 (Final)
提示:以上是我的server缺少的环境,如果你在以上环境安装完成后,再安装keepalive时还有报错,请根据报错进行环境补充安装;
2. 部署Apache基本环境
[root@study01 ~]#/etc/init.d/httpd restart [root@study01 ~]#chkconfig --level 35 httpd on [root@study01 ~]#echo "this is linux01" > /var/www/html/index.html
[root@study02 ~]#/etc/init.d/httpd restart [root@study02 ~]#chkconfig --level 35 httpd on [root@study02 ~]#echo "this is linux02" > /var/www/html/index.html
三. keepalive环境部署
1. 获取keepalive的安装链接
从官网https://www.keepalived.org/download.html页面获取。
2. 使用源码部署keepalive
[root@study01 ~]# cd /usr/local/src/ [root@study01 src]#wget https://www.keepalived.org/software/keepalived-2.0.20.tar.gz [root@study01 src]#tar -zxvf keepalived-2.0.20.tar.gz [root@study01 src]#cd keepalived-2.0.20 [root@study01 src]#./configure --prefix=/usr/local/keepalived [root@study01 src]#make && make install [root@study01 src]#cp /usr/local/src/keepalived-2.0.20/keepalived/etc/init.d/keepalived /etc/init.d/ [root@study01 src]#chmod 755 /etc/init.d/keepalived [root@study01 src]#cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ [root@study01 src]#chmod 755 /usr/sbin/keepalived [root@study01 src]#cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@study01 src]#mkdir /etc/keepalived [root@study01 src]#cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
提示:第二台linux服务器的keepalive环境部署方法请重复第一台的部署方法。
3. 配置keepalive
[root@study01 ~]# vim /etc/keepalived/keepalived.conf #以下为第一台环境的keepalive配置内容 ! Configuration File for keepalived global_defs { notification_email { wang_zengyi@126.com #接收告警的邮箱 } #注意需要单独配置smtp_send邮箱 notification_email_from 647956023@qq.com #发送告警的邮箱 smtp_server 182.254.38.18 #发送邮件的服务器地址 smtp_connect_timeout 30 router_id study01 } vrrp_script check_httpd { script "/usr/bin/killall -0 httpd" #检测http服务是否正常 interval 2 } vrrp_instance VI_1 { state MASTER #状态为主,默认抢占 interface eth0 #监听的服务接口 virtual_router_id 51 #主备必须一致,VRRPID priority 100 #优先级,越大越优先 advert_int 1 #心跳报文通告间隔 authentication { auth_type PASS #keepalive认证类型 auth_pass 1111 #keepalive认证密码 } notify_master "/etc/keepalived/master.sh" #主状态通告脚本 notify_backup "/etc/keepalived/backup.sh" #备状态通告脚本 notify_fault "/etc/keepalived/fault.sh" #故障状态通过脚本 track_script { check_httpd #track http的检测脚本 } virtual_ipaddress {
192.168.31.9 #虚拟IP的写法一,不推荐这种写法。只能用ip add看 192.168.31.10/24 dev eth0 label eth0:0 #虚拟IP的写法一,推荐这种写法。 } }
#以下脚本内容为测试看状态的简单编写方法,实际环境请根据需要编写;
[root@study01 ~]# cat /etc/keepalived/master.sh #!/bin/bash LOGFILE=/var/log/keepalived-state.log echo "[Master]" >> $LOGFILE date >> $LOGFILE [root@study01 ~]# cat /etc/keepalived/backup.sh #!/bin/bash LOGFILE=/var/log/keepalived-state.log echo "[Backup]" >> $LOGFILE date >> $LOGFILE [root@study01 ~]# cat /etc/keepalived/fault.sh #!/bin/bash LOGFILE=/var/log/keepalived-state.log echo "[Fault]" >> $LOGFILE date >> $LOGFILE [root@study01 ~]#
提示:第二台keepalive配置方法同第一台一样,注意角色定义为BACKUP,优先级要低于角色Master的优先级;
vi /etc/keepalived/keepalived.conf # 参照下面配置修改配置文件 ! Configuration File for keepalived global_defs { notification_email { wangbiao@youxuanbao.cn # 设置报警邮件地址,可以设置多个,每行一个 } # 需开启本机的sendmail服务 notification_email_from Alexandre.Cassen@firewall.loc # 设置邮件的发送地址 smtp_server 127.0.0.1 # 设置smtp server地址 smtp_connect_timeout 30 # 设置连接smtp server的超时时间 router_id LVS_DEVEL # 表示运行keepalived服务器的一个标识。发邮件时显示在邮件主题的信息 vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { # 定义的VRRP热备实例 state MASTER # 标示状态为MASTER 备份机为BACKUP interface eth0 # 承载VIP地址的物理接口 virtual_router_id 51 # 虚拟路由器的id号,每个热备组保持一致 priority 100 # MASTER权重要高于BACKUP 比如BACKUP为99 advert_int 1 # 通告间隔秒数,(心跳频率) 注意通告的组播地址224.0.0.18 # mcast_src_ip 172.16.1.99 # Master服务器IP,如果是备份机请填写备份机的IP authentication { auth_type PASS # 主从服务器认证类型 auth_pass 1111 # 认证字串 } virtual_ipaddress { 172.16.1.100 # 可以多个虚拟IP,换行即可 } # 虚拟服务器 80端口的配置 virtual_server 172.16.1.100 80 { delay_loop 6 # 每隔6秒查询realserver状态 lb_algo rr # lvs 算法 lb_kind DR # Direct Route nat_mask 255.255.255.0 persistence_timeout 50 # 同一IP的连接50秒内被分配到同一台realserver protocol TCP # 用TCP协议检查realserver状态 # 实际服务器的IP和端口 real_server 172.16.1.101 80 { weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 172.16.1.102 80 { weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } }