keepalived official website: http://www.keepalived.org/
Topology:
Two keepalived servers set up selinx and firewall
set enforce 0 service firewalld stop service iptables stop
Two keepalived servers enable ip forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
Install keepalived on two keepalived servers
yum install keepalived -y
Edit the configuration file /etc/keepalived/keepalived.conf after installation
Note: Backup the configuration file before modifying the configuration file
cp keepalived.conf keepalived.conf.bak
Open the configuration file for modification
vim /etc/keepalived/keepalived.conf
Configuration file content:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL01
}
vrrp_script chk_schedown {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 2
weight -2
}
vrrp_instance VI_1 {
interface ens33
state MASTER
priority 101
virtual_router_id 51
garp_master_delay 1
authentication {
auth_type PASS
auth_pass 1111
}
track_interface {
ens33
}
virtual_ipaddress {
192.168.137.100/24 dev ens33 label ens33:0 broadcast 192.168.137.255
}
track_script {
chk_schedown
}
}
virtual_server 192.168.137.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
# sorry_server 192.168.200.200 1358
real_server 192.168.137.130 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.137.20 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
Copy the configuration file to the alternate keepalived server:
scp /etc/keepalived/keepalived.conf [email protected]:/etc/keepalived/keepalived.conf
Modification: state BACKUP
priority 100
router_id LVS_DEVEL02
Start the keepalived service on both keepalived servers
service keepalived start
View the status through service keepalived status and tail -20/var/log/messages information
Use ipvsadm -L -n on the master node to view the generated ipvs rules
[root@node30 keepalived]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.137.100:80 rr persistent 50 -> 192.168.137.132:80 Route 1 0 2 -> 192.168.137.135:80 Route 1 0 0
The illustration has generated ipvs rules
Operation of realserver:
Two realservers create a new script file lvs_realserver.sh, and write the following content in the script file lvs_realserver.sh
#! /bin/bash vip=192.168.137.100 ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p > /dev/null 2>&1
Give execute permission:
chmod +x lvs_realserver.sh
Turn off selinux and firewall
setenforce 0 service iptables stop service firewalld stop
turn on ip forwarding
Install httpd service:
echo 1 > /proc/sys/net/ipv4/ip_forward
On the four hosts, you can use ip addr show to view the VIP status. The following picture shows the information of the keepalived MASTER server. The keepalived BACKUP server does not take effect, and other machines take effect VIP. When the keepalived MASTER and BACKUP switch, the VIP will be transferred. , which always takes effect on the MASTER server.
Install httpd service:
yum install httpd -y
Edit default page
vim /var/www/html/index.html
Write something that identifies the host, such as
<h1>IP address</h1>
start httpd service
service httpd start
First check whether the httpd of these two servers can be accessed
curl IP
Such as:
curl 192.168.137.132 curl 192.168.137.135You can check the VIP situation on the four machines. There is no VIP on the BACKUP server of keepalived, but other hosts have it.
ip addr show
Access VIP on other hosts
Then view the statistics through ipvsadm -L -n --stats
Status monitoring of keepalived
instance status notification
notify_master : Executed when the node becomes the master
notify_backup : Executed when the node becomes backup
notify_fault : Executed when a node becomes faulty
Virtual Server Detection Notification
notify_up : Executed when the virtual server is up
notify_down : Executed when the virtual server is down
Configure keepalived as an example of a configuration file for nginx high availability:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL01
}
vrrp_script chk_nginx {
script "killall -0 nginx"
interval 1
weight 2
}
vrrp_script chk_mantaince_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -2
}
vrrp_instance VI_1 {
interface ens33
state MASTER # BACKUP for slave routers
priority 101 # 100 for BACKUP
virtual_router_id 51
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
ens33
}
virtual_ipaddress {
192.168.137.100/24 dev ens33 label ens33:0
}
track_script {
chk_nginx
chk_mantaince_down
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
Here is a simple example of a notify.sh script:
#!/bin/bash
#
vip=192.168.137.100
contact='root@localhost'
notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo $mailbody | mail -s "$mailsubject" $contact
}
case "$1" in
master)
notify master
/etc/rc.d/init.d/nginx start
exit 0
;;
backup)
notify backup
/etc/rc.d/init.d/nginx stop
exit 0
;;
fault)
notify fault
/etc/rc.d/init.d/nginx stop
exit 0
;;
*)
echo 'Usage: `basename $0` {master|backup|fault}'
exit 1
;;
esac
Notice:
1. The above state is the starting state of the current node. Usually in the master/slave dual-node model, one of them defaults to MASTER, and the other defaults to BACKUP.
2. priority is the priority of the node in the current virtual router, the priority of the master should be greater than that of the slave;
Configure keepalived as an example of a dual-master model configuration file for nginx high availability:
Description: The basic realization idea is to create two virtual routers, with two nodes as master and slave.! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from root@localhost
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL01
}
vrrp_script chk_nginx {
script "killall -0 nginx"
interval 1
weight 2
}
vrrp_script chk_mantaince_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight 2
}
vrrp_instance VI_1 {
interface ens33
state MASTER # BACKUP for slave routers
priority 101 # 100 for BACKUP
virtual_router_id 51
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
ens33
}
virtual_ipaddress {
192.168.137.100/124 dev ens33 label ens33:0
}
track_script {
chk_nginx
chk_mantaince_down
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
interface ens33
state BACKUP # BACKUP for slave routers
priority 100 # 100 for BACKUP
virtual_router_id 52
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
ens33
}
virtual_ipaddress {
192.168.137.100/24 dev ens33 label ens33:1
}
track_script {
chk_nginx
chk_mantaince_down
}
}
illustrate:
For VI_1 and VI_2, the two nodes must have a master-slave relationship with each other;
Advanced example of keepalived notification script:
-s, --service SERVICE,...: Specify the name of the service script, which can be automatically started, restarted or closed when the state is switched;
-a, --address VIP: Specify the VIP address of the relevant virtual router;
-m, --mode {mm|mb}: Specify the model of the virtual route, mm means master-main, mb means master-slave; they represent the working type of VIP relative to the same service;
-n, --notify {master|backup|fault}: Specify the type of notification, that is, the target role of vrrp role switching;
-h, --help: get help for using the script;
#!/bin/bash
# Author: MageEdu <[email protected]>
# description: An example of notify script
# Usage: notify.sh -m|--mode {mm|mb} -s|--service SERVICE1,...
-a|--address VIP -n|--notify {master|backup|falut} -h|--help
#contact='root@localhost'
helpflag=0
service flag=0
modeflag=0
addressflag=0
notifyflag=0
contact='root@localhost'
Usage() {
echo "Usage: notify.sh [-m|--mode {mm|mb}] [-s|--service SERVICE1,...]
<-a|--address VIP> <-n|--notify {master|backup|falut}>"
echo "Usage: notify.sh -h|--help"
}
ParseOptions() {
local I=1;
if [ $# -gt 0 ]; then
while [ $I -le $# ]; do
case $1 in
-s|--service)
[ $# -lt 2 ] && return 3
service flag=1
services=(`echo $2|awk -F"," '{for(i=1;i<=NF;i++) print $i}'`)
shift 2 ;;
-h|--help)
helpflag=1
return 0
shift
;;
-a|--address)
[ $# -lt 2 ] && return 3
addressflag=1
vip=$2
shift 2
;;
-m|--mode)
[ $# -lt 2 ] && return 3
mode=$2
shift 2
;;
-n|--notify)
[ $# -lt 2 ] && return 3
notifyflag=1
notify=$2
shift 2
;;
*)
echo "Wrong options..."
Usage
return 7
;;
esac
done
return 0
be
}
#workspace=$(dirname $0)
RestartService() {
if [ ${#@} -gt 0 ]; then
for I in $@; do
if [ -x /etc/rc.d/init.d/$I ]; then
/etc/rc.d/init.d/$I restart
else
echo "$I is not a valid service..."
be
done
be
}
StopService() {
if [ ${#@} -gt 0 ]; then
for I in $@; do
if [ -x /etc/rc.d/init.d/$I ]; then
/etc/rc.d/init.d/$I stop
else
echo "$I is not a valid service..."
be
done
be
}
Notify() {
mailsubject="`hostname` to be $1: $vip floating"
mailbody="`date '+%F %H:%M:%S'`, vrrp transition, `hostname` changed to be $1."
echo $mailbody | mail -s "$mailsubject" $contact
}
# Main Function
ParseOptions $@
[ $? -ne 0 ] && Usage && exit 5
[ $helpflag -eq 1 ] && Usage && exit 0
if [ $addressflag -ne 1 -o $notifyflag -ne 1 ]; then
Usage
exit 2
be
mode=${mode:-mb}
case $notify in
'master')
if [ $serviceflag -eq 1 ]; then
RestartService ${services[*]}
be
Notify master
;;
'backup')
if [ $serviceflag -eq 1 ]; then
if [ "$mode" == 'mb' ]; then
StopService ${services[*]}
else
RestartService ${services[*]}
be
be
Notify backup
;;
'fault')
Notify fault
;;
*)
Usage
exit 4
;;
esac
In the keepalived.conf configuration file, its calling method is as follows:
notify_master "/etc/keepalived/notify.sh -n master -a 192.168.137.100" notify_backup "/etc/keepalived/notify.sh -n backup -a 192.168.137.100" notify_fault"/etc/keepalived/notify.sh -n fault –a 192.168.137.100"
Reference blog post: http://blog.51cto.com/lizhenliang/1653523