1. Environment description (the keepalived installation package is at the end of the page, just download it)
Operating system kernel version: CentOS 6.5 Keepalived software version: keepalived-1.2.13.tar.gz
2. Environment configuration
Primary Keepalived server IP address 192.168.10.10 Standby Keepalived server IP address 192.168.10.30 Keepalived virtual IP address 192.168.10.20
3. Installation and configuration
First of all, you can build basic services according to my first article {Load Balancing - Reverse Proxy} Install the support package on both the master and slave servers [root@localhost ~]# yum -y install kernel-devel openssl-devel popt-devel ipvsadm Upload keepalived to the /root/ directory on both the master and slave servers [root@localhost ~]#tar zxf keepalived-1.2.13.tar.gz [root@localhost ~]# cd keepalived-1.2.13 [root@localhost keepalived-1.2.13]# ./configure --prefix=/ --with-kernel-dir=/usr/src/kernels/2.6.32-431.el6.x86_64 [root@localhost keepalived-1.2.13]# make [root@localhost keepalived-1.2.13]# make install [root@localhost keepalived-1.2.13]# chkconfig --add keepalived [root@localhost keepalived-1.2.13]# chkconfig keepalived on
Fourth, the main server configuration
[root@localhost ~]#cd /etc/keepalived/ [root@localhost keepalived]#cp keepalived.conf keepalived.conf.backup #Backup a copy to prevent errors [root@localhost keepalived]#vim keepalived.conf The configuration content is as follows: ! Configuration File for keepalived global_defs { router_id LVS_DEVEL_R1 #This server name } vrrp_instance VI_1 { #Define VRRP hot standby instance state MASTER #Hot standby state, MASTER indicates the master server interface eth0 #Physical interface carrying the VIP address virtual_router_id 1 #Virtual router ID number, consistent for each hot standby group priority 100 #Priority, the larger the value, the higher the priority advert_int 1 #advertisement interval in seconds authentication { #Authentication information, consistent for each hot standby group auth_type PASS #Authentication type auth_pass 123456 #Password string } virtual_ipaddress { #Specify the VIP drift address, you can write multiple 192.168.10.20 } } #Other code takes time to delete all first! ! ! [root@localhost keepalived]#service keepalived restart [root@localhost keepalived]#ip addr show dev eth0 Check our VIP address and there will definitely be an IP address of 192.168.10.20
Five, from the server configuration
[root@localhost ~]#cd /etc/keepalived/ [root@localhost keepalived]#cp keepalived.conf keepalived.conf.backup #Also backup one to prevent errors [root@localhost keepalived]#vim keepalived.conf # The configuration content is as follows: ! Configuration File for keepalived global_defs { router_id LVS_DEVEL_R2 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 1 priority 10 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.10.20 } } All other content is also deleted! ! ! [root@localhost keepalived]#service keepalived restart [root@localhost keepalived]#ip addr show dev eth0 Now when you view from the service, you will only have your own interface IP. Because the main server is still there, the VIP address must still be on the main server. When the main server fails, the backup server will work and immediately take over the VIP address and continue to work. .6. Test
After this setting is completed, we can do a simple test first. We directly turn off the keepalived service on the master server, and then check whether there is a VIP address on the slave server, and it is successful. Let's start the keepalived service on the main server again to see if the VIP address has drifted to the main server again (test by ourselves)Seven, the main server configuration WEB pool
[root@localhost keepalived]#vim keepalived.conf Continue to add the following content under the original command configuration: virtual_server 192.168.10.20 80 { #Virtual server VIP address and port delay_loop 6 #Interval time of health check (seconds) lb_algo rr #round-robin scheduling algorithm lb_kind DR #Direct routing cluster working mode persistence_timeout 50 #The connection retention time (seconds) can be added in front of it if it is not started (!) protocol TCP #Use the TCP protocol real_server 192.168.10.10 80 { #First WEB node address and port weight 1 #node weight TCP_CHECK { #Health check method connect_port 80 #Check directory port connect_timeout 3 #Connection timeout (seconds) nb_get_retry 3 #Number of retries delay_before_retry 3 #Retry interval (seconds) } } real_server 192.168.10.10 8080 { #Address, port and partial information of the second web node weight 1 TCP_CHECK { connect_port 8080 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@localhost keepalived]#service keepalived restartEight, configure the WEB pool from the server
[root@localhost keepalived]#vim keepalived.conf #Continue to add the following content under the original command virtual_server 192.168.10.20 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.10.30 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.10.30 8080 { weight 1 TCP_CHECK { connect_port 8080 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@localhost keepalived]#service keepalived restart9. Write scripts on the main service to achieve fully automated master-slave failover
[root@localhost ~]#vim /opt/keepalived.sh #!/bin/bash if [ `ps -C nginx --no-header |wc -l` -eq 0 ]; then /etc/init.d/keepalived stop be #Script means to detect Nginx service, if it is equal to 0, then stop keepalived directly [root@localhost ~]#chmod +x /opt/keepalived.sh10. Apply the script to the keepalived configuration file of the main server
[root@localhost keepalived]#vim keepalived.conf ............. global_defs { router_id LVS_DEVEL_R1 } vrrp_script chk_port { #Application script script "/opt/keepalived.sh" interval 2 weight 2 } ............. authentication { auth_type PASS auth_pass 123456 } track_script { #tracking script chk_port } ............. .............11. Final Verification
We write different web page content in the master-slave web page. We can directly use the VIP address to access the web. Of course, the web page accessed first must be the master server, and the priority is high to determine who to visit first. Now, in order to do the test, we can stop the Nginx service by hand, and then check the results, refresh the web page on the client machine, and we can see the web page content provided from the server. When the Nginx service of the main server is started, we need to start the keepalived service again, and the VIP address will return to the main server.