keepalived official website: http://www.keepalived.org/
Topology:
Two keepalived servers set up selinx and firewall
set enforce 0 service firewalld stop service iptables stop
Two keepalived servers enable ip forwarding
echo 1 > /proc/sys/net/ipv4/ip_forward
Install keepalived on two keepalived servers
yum install keepalived -y
Edit the configuration file /etc/keepalived/keepalived.conf after installation
Note: Backup the configuration file before modifying the configuration file
cp keepalived.conf keepalived.conf.bak
Open the configuration file for modification
vim /etc/keepalived/keepalived.conf
Configuration file content:
! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from root@localhost smtp_connect_timeout 3 smtp_server 127.0.0.1 router_id LVS_DEVEL01 } vrrp_script chk_schedown { script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0" interval 2 weight -2 } vrrp_instance VI_1 { interface ens33 state MASTER priority 101 virtual_router_id 51 garp_master_delay 1 authentication { auth_type PASS auth_pass 1111 } track_interface { ens33 } virtual_ipaddress { 192.168.137.100/24 dev ens33 label ens33:0 broadcast 192.168.137.255 } track_script { chk_schedown } } virtual_server 192.168.137.100 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP # sorry_server 192.168.200.200 1358 real_server 192.168.137.130 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.137.20 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
Copy the configuration file to the alternate keepalived server:
scp /etc/keepalived/keepalived.conf [email protected]:/etc/keepalived/keepalived.conf
Modification: state BACKUP
priority 100
router_id LVS_DEVEL02
Start the keepalived service on both keepalived servers
service keepalived start
View the status through service keepalived status and tail -20/var/log/messages information
Use ipvsadm -L -n on the master node to view the generated ipvs rules
[root@node30 keepalived]# ipvsadm -L -n IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.137.100:80 rr persistent 50 -> 192.168.137.132:80 Route 1 0 2 -> 192.168.137.135:80 Route 1 0 0
The illustration has generated ipvs rules
Operation of realserver:
Two realservers create a new script file lvs_realserver.sh, and write the following content in the script file lvs_realserver.sh
#! /bin/bash vip=192.168.137.100 ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce sysctl -p > /dev/null 2>&1
Give execute permission:
chmod +x lvs_realserver.sh
Turn off selinux and firewall
setenforce 0 service iptables stop service firewalld stop
turn on ip forwarding
Install httpd service:
echo 1 > /proc/sys/net/ipv4/ip_forward
On the four hosts, you can use ip addr show to view the VIP status. The following picture shows the information of the keepalived MASTER server. The keepalived BACKUP server does not take effect, and other machines take effect VIP. When the keepalived MASTER and BACKUP switch, the VIP will be transferred. , which always takes effect on the MASTER server.
Install httpd service:
yum install httpd -y
Edit default page
vim /var/www/html/index.html
Write something that identifies the host, such as
<h1>IP address</h1>
start httpd service
service httpd start
First check whether the httpd of these two servers can be accessed
curl IP
Such as:
curl 192.168.137.132 curl 192.168.137.135You can check the VIP situation on the four machines. There is no VIP on the BACKUP server of keepalived, but other hosts have it.
ip addr show
Access VIP on other hosts
Then view the statistics through ipvsadm -L -n --stats
Status monitoring of keepalived
instance status notification notify_master : Executed when the node becomes the master notify_backup : Executed when the node becomes backup notify_fault : Executed when a node becomes faulty Virtual Server Detection Notification notify_up : Executed when the virtual server is up notify_down : Executed when the virtual server is down
Configure keepalived as an example of a configuration file for nginx high availability:
! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from root@localhost smtp_connect_timeout 3 smtp_server 127.0.0.1 router_id LVS_DEVEL01 } vrrp_script chk_nginx { script "killall -0 nginx" interval 1 weight 2 } vrrp_script chk_mantaince_down { script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0" interval 1 weight -2 } vrrp_instance VI_1 { interface ens33 state MASTER # BACKUP for slave routers priority 101 # 100 for BACKUP virtual_router_id 51 garp_master_delay 1 authentication { auth_type PASS auth_pass password } track_interface { ens33 } virtual_ipaddress { 192.168.137.100/24 dev ens33 label ens33:0 } track_script { chk_nginx chk_mantaince_down } notify_master "/etc/keepalived/notify.sh master" notify_backup "/etc/keepalived/notify.sh backup" notify_fault "/etc/keepalived/notify.sh fault" }
Here is a simple example of a notify.sh script:
#!/bin/bash # vip=192.168.137.100 contact='root@localhost' notify() { mailsubject="`hostname` to be $1: $vip floating" mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1" echo $mailbody | mail -s "$mailsubject" $contact } case "$1" in master) notify master /etc/rc.d/init.d/nginx start exit 0 ;; backup) notify backup /etc/rc.d/init.d/nginx stop exit 0 ;; fault) notify fault /etc/rc.d/init.d/nginx stop exit 0 ;; *) echo 'Usage: `basename $0` {master|backup|fault}' exit 1 ;; esac
Notice:
1. The above state is the starting state of the current node. Usually in the master/slave dual-node model, one of them defaults to MASTER, and the other defaults to BACKUP.
2. priority is the priority of the node in the current virtual router, the priority of the master should be greater than that of the slave;
Configure keepalived as an example of a dual-master model configuration file for nginx high availability:
Description: The basic realization idea is to create two virtual routers, with two nodes as master and slave.! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from root@localhost smtp_connect_timeout 3 smtp_server 127.0.0.1 router_id LVS_DEVEL01 } vrrp_script chk_nginx { script "killall -0 nginx" interval 1 weight 2 } vrrp_script chk_mantaince_down { script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0" interval 1 weight 2 } vrrp_instance VI_1 { interface ens33 state MASTER # BACKUP for slave routers priority 101 # 100 for BACKUP virtual_router_id 51 garp_master_delay 1 authentication { auth_type PASS auth_pass password } track_interface { ens33 } virtual_ipaddress { 192.168.137.100/124 dev ens33 label ens33:0 } track_script { chk_nginx chk_mantaince_down } notify_master "/etc/keepalived/notify.sh master" notify_backup "/etc/keepalived/notify.sh backup" notify_fault "/etc/keepalived/notify.sh fault" } vrrp_instance VI_2 { interface ens33 state BACKUP # BACKUP for slave routers priority 100 # 100 for BACKUP virtual_router_id 52 garp_master_delay 1 authentication { auth_type PASS auth_pass password } track_interface { ens33 } virtual_ipaddress { 192.168.137.100/24 dev ens33 label ens33:1 } track_script { chk_nginx chk_mantaince_down } }
illustrate:
For VI_1 and VI_2, the two nodes must have a master-slave relationship with each other;
Advanced example of keepalived notification script:
-s, --service SERVICE,...: Specify the name of the service script, which can be automatically started, restarted or closed when the state is switched; -a, --address VIP: Specify the VIP address of the relevant virtual router; -m, --mode {mm|mb}: Specify the model of the virtual route, mm means master-main, mb means master-slave; they represent the working type of VIP relative to the same service; -n, --notify {master|backup|fault}: Specify the type of notification, that is, the target role of vrrp role switching; -h, --help: get help for using the script; #!/bin/bash # Author: MageEdu <[email protected]> # description: An example of notify script # Usage: notify.sh -m|--mode {mm|mb} -s|--service SERVICE1,... -a|--address VIP -n|--notify {master|backup|falut} -h|--help #contact='root@localhost' helpflag=0 service flag=0 modeflag=0 addressflag=0 notifyflag=0 contact='root@localhost' Usage() { echo "Usage: notify.sh [-m|--mode {mm|mb}] [-s|--service SERVICE1,...] <-a|--address VIP> <-n|--notify {master|backup|falut}>" echo "Usage: notify.sh -h|--help" } ParseOptions() { local I=1; if [ $# -gt 0 ]; then while [ $I -le $# ]; do case $1 in -s|--service) [ $# -lt 2 ] && return 3 service flag=1 services=(`echo $2|awk -F"," '{for(i=1;i<=NF;i++) print $i}'`) shift 2 ;; -h|--help) helpflag=1 return 0 shift ;; -a|--address) [ $# -lt 2 ] && return 3 addressflag=1 vip=$2 shift 2 ;; -m|--mode) [ $# -lt 2 ] && return 3 mode=$2 shift 2 ;; -n|--notify) [ $# -lt 2 ] && return 3 notifyflag=1 notify=$2 shift 2 ;; *) echo "Wrong options..." Usage return 7 ;; esac done return 0 be } #workspace=$(dirname $0) RestartService() { if [ ${#@} -gt 0 ]; then for I in $@; do if [ -x /etc/rc.d/init.d/$I ]; then /etc/rc.d/init.d/$I restart else echo "$I is not a valid service..." be done be } StopService() { if [ ${#@} -gt 0 ]; then for I in $@; do if [ -x /etc/rc.d/init.d/$I ]; then /etc/rc.d/init.d/$I stop else echo "$I is not a valid service..." be done be } Notify() { mailsubject="`hostname` to be $1: $vip floating" mailbody="`date '+%F %H:%M:%S'`, vrrp transition, `hostname` changed to be $1." echo $mailbody | mail -s "$mailsubject" $contact } # Main Function ParseOptions $@ [ $? -ne 0 ] && Usage && exit 5 [ $helpflag -eq 1 ] && Usage && exit 0 if [ $addressflag -ne 1 -o $notifyflag -ne 1 ]; then Usage exit 2 be mode=${mode:-mb} case $notify in 'master') if [ $serviceflag -eq 1 ]; then RestartService ${services[*]} be Notify master ;; 'backup') if [ $serviceflag -eq 1 ]; then if [ "$mode" == 'mb' ]; then StopService ${services[*]} else RestartService ${services[*]} be be Notify backup ;; 'fault') Notify fault ;; *) Usage exit 4 ;; esac
In the keepalived.conf configuration file, its calling method is as follows:
notify_master "/etc/keepalived/notify.sh -n master -a 192.168.137.100" notify_backup "/etc/keepalived/notify.sh -n backup -a 192.168.137.100" notify_fault"/etc/keepalived/notify.sh -n fault –a 192.168.137.100"
Reference blog post: http://blog.51cto.com/lizhenliang/1653523