keepalived 单主、非抢占、单播 示例
server | hostname | ip |
---|---|---|
keepalived | z6 | 192.168.1.106 |
keepalived | z7 | 192.168.1.107 |
一、单主设置
一共2台服务器:192.168.1.106 为 master 设置如下
root@z7:~# apt install keepalived
root@z7:~# cp /usr/share/doc/keepalived/samples/keepalived.conf.sample /etc/keepalived/keepalived.conf
root@z7:~# systemctl restart keepalived
root@z7:~# scp /etc/keepalived/keepalived.conf 192.168.1.106:/etc/keepalived/
conf
vrrp_instance VI_1{
state MASTER
interface eth0
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111qwer
}
virtual_ipaddress {
192.168.7.248/24 dev eth0 label eth0:1
}
}
192.168.1.105 为backup , 设置如下
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111qwer
}
virtual_ipaddress {
192.168.7.248/24 dev eth0 label eth0:1
}
}
默认是抢占式,组播的 方式 。当master down 时,backup 会接管vip 地址。
抢占式的缺点:会因为网络抖动,vip频繁飘移, 造成不必要的切换。推荐使用非抢占式
组播的缺点: keepalived在组播模式下所有的信息都会向224.0.0.18的组播地址发送,产生众多的无用信息,并且会产生干扰和冲突,所以需要将其组播的模式改为单拨。这是一种安全的方法,避免局域网内有大量的keepalived造成虚拟路由id的冲突。单播模式需要关闭vrrp_strict,严格遵守vrrp协议这个选项
二、非抢占模式
nopreempt:定义工作模式为非抢占模式
state 为 backup
z6:
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 50
priority 100
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass 1111qwer
}
virtual_ipaddress {
192.168.7.248/24 dev eth0 label eth0:1
}
z7:
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 80
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass 1111qwer
}
当停止z6的时候,ip 会飘移到z7的机器,当z6 重新启动的时候,不会漂回来,仍然在z7 的机器上
三、单播模式
格式
unicast_src_ip 本机源IP
unicast_peer{
目标主机IP
}
z6:
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 50
priority 100
advert_int 1
nopreempt
unicast_src_ip 192.168.1.106
unicast_peer {
192.168.1.107
}
authentication {
auth_type PASS
auth_pass 1111qwer
}
virtual_ipaddress {
192.168.7.248/24 dev eth0 label eth0:1
}
}
z7:
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 80
advert_int 1
nopreempt
unicast_src_ip 192.168.1.107
unicast_peer {
192.168.1.106
}
authentication {
auth_type PASS
auth_pass 1111qwer
}
virtual_ipaddress {
192.168.7.248/24 dev eth0 label eth0:1
}
抓包验证