系统环境: rhel6 x86_64 iptables and selinux disabled
主机: 192.168.122.119 server19.example.com
192.168.122.25 server25.example.com
192.168.122.163 server63.example.com
192.168.122.193 server93.example.com
所需的包:keepalived-1.2.7.tar.gz
Realserver1 192.168.122.163:apache
Realserver2 192.168.122.193:apache
Load Balance 192.168.122.119:keepalived
Load Balance 192.168.122.25:keepalived
Virtual IP 192.168.122.178
以下步骤在server19和server25上实施:
[root@server19 ~]# yum install kernel-devel make gcc -y
[root@server19 ~]# yum install openssl-devel popt-devel -y
[root@server19 ~]# yum install libnl-devel -y
以下步骤在server19或server25上实施:
[root@server19 kernel]# tar zxf keepalived-1.2.7.tar.gz
[root@server19 kernel]# cd keepalived-1.2.7
[root@server19 keepalived-1.2.7]# ./configure –prefix=/usr/local/keepalived
[root@server19 keepalived-1.2.7]# make && make install
[root@server19 keepalived-1.2.7]# scp -r /usr/local/keepalived/ root@192.168.122.25:/usr/local/
以下步骤在server19和server25上实施:
[root@server19 keepalived-1.2.7]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@server19 keepalived-1.2.7]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server19 keepalived-1.2.7]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@server19 keepalived-1.2.7]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
注:系统镜像的负载均衡套件中也集成了keepalived,也可以直接使用yum install keepalived -y进行安装。但需先配置yum源:
[LoadBalancer]
name=Instructor Server Repository
baseurl=ftp://192.168.122.1/pub/yum/LoadBalancer
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
enabled=1
以下步骤在server19实施:
[root@server19 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost 错误发送至此邮箱
}
notification_email_from keepalived@server19.example.com 发信人
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER 角色:(1)MASTER (2)BACKUP
interface eth0
virtual_router_id 51 (主备的配置需要一致)
priority 100 优先级(数字越大,优先级越高)
advert_int 1
authentication {
auth_type PASS 认证类型
auth_pass 1111 认证密码
}
virtual_ipaddress {
192.168.122.178 虚拟IP,可设置多个
}
}
virtual_server 192.168.122.178 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.122.163 80 {
weight 1
TCP_CHECK { (注:TCP_CHECK和大括号之间要有空格)
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.122.193 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
以下步骤在server25实施:
[root@server25 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost 错误发送至此邮箱
}
notification_email_from keepalived@server25.example.com 发信人
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP 角色:(1)MASTER (2)BACKUP
interface eth0
virtual_router_id 51 (主备的配置需要一致)
priority 50 优先级(数字越大,优先级越高)
advert_int 1
authentication {
auth_type PASS 认证类型
auth_pass 1111 认证密码
}
virtual_ipaddress {
192.168.122.178 虚拟IP,可设置多个
}
}
virtual_server 192.168.122.178 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.122.163 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.122.193 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
以下步骤在server63上实施:
[root@server63 ~]# yum install arptables_jf httpd -y
[root@server63 ~]# arptables -A IN -d 192.168.122.178 -j DROP
[root@server63 ~]# arptables -A OUT -s 192.168.122.178 -j mangle --mangle-ip-s 192.168.122.163
[root@server63 ~]# /etc/init.d/arptables_jf save
[root@server63 ~]# ifconfig eth0:0 192.168.122.178 netmask 255.255.255.255 up
或
[root@server63 ~]# ip addr add 192.168.122.178 dev eth0
注:可用ip addr show查看
[root@server63 ~]# echo `hostname` > /var/www/html/index.html
[root@server63 ~]# /etc/init.d/httpd start
以下步骤在server93上实施:
[root@server93 ~]# yum install arptables_jf httpd -y
[root@server93 ~]# arptables -A IN -d 192.168.122.178 -j DROP
[root@server93 ~]# arptables -A OUT -s 192.168.122.178 -j mangle --mangle-ip-s 192.168.122.193
[root@server93 ~]# /etc/init.d/arptables_jf save
[root@server93 ~]# ifconfig eth0:0 192.168.122.178 netmask 255.255.255.255 up
或
[root@server93 ~]# ip addr add 192.168.122.178 dev eth0
注:可用ip addr show查看
[root@server93 ~]# echo `hostname` > /var/www/html/index.html
[root@server93 ~]# /etc/init.d/httpd start
以下步骤在server19和server25上实施:
[root@server19 ~]# /etc/init.d/keepalived start
测试:
执行ip addr show可查看虚拟IP,执行ipvsadm -l查看规则是否加载,访问192.168.122.178反复刷新网页,每次出现的页面都不同说明配置成功. 当主备挂掉后可由另一台接管,当两台都正常时由Master充当调度器.
#配置多个服务(apache+ftp)
以下步骤在server19实施:
[root@server19 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@server19.example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51 (主备的配置需要一致)
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.122.178 虚拟IP,可设置多个
}
}
virtual_server 192.168.122.178 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.122.163 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.122.193 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 192.168.122.178 21 {
delay_loop 6
lb_algo rr
lb_kind DR
# nat_mask 255.255.255.0
persistence_timeout 50 持续连接时间为50s
protocol TCP
real_server 192.168.122.163 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.122.193 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
以下步骤在server25实施:
[root@server25 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@server25.example.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51 (主备的配置需要一致)
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.122.178 虚拟IP,可设置多个
}
}
virtual_server 192.168.122.178 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# nat_mask 255.255.255.0
# persistence_timeout 50
protocol TCP
real_server 192.168.122.163 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.122.193 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 192.168.122.178 21 {
delay_loop 6
lb_algo rr
lb_kind DR
# nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.122.163 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.122.193 21 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
以下步骤在server63上实施:
[root@server63 ~]# yum install arptables_jf httpd vsftpd -y
[root@server63 ~]# arptables -A IN -d 192.168.122.178 -j DROP
[root@server63 ~]# arptables -A OUT -s 192.168.122.178 -j mangle --mangle-ip-s 192.168.122.163
[root@server63 ~]# /etc/init.d/arptables_jf save
[root@server63 ~]# ifconfig eth0:0 192.168.122.178 netmask 255.255.255.255 up
或
[root@server63 ~]# ip addr add 192.168.122.178 dev eth0
注:可用ip addr show查看
[root@server63 ~]# echo `hostname` > /var/www/html/index.html
[root@server63 ~]# /etc/init.d/httpd start
[root@server63 ~]# touch /var/ftp/server63
[root@server63 ~]# /etc/init.d/vsftpd start
以下步骤在server93上实施:
[root@server93 ~]# yum install arptables_jf httpd vsftpd -y
[root@server93 ~]# arptables -A IN -d 192.168.122.178 -j DROP
[root@server93 ~]# arptables -A OUT -s 192.168.122.178 -j mangle --mangle-ip-s 192.168.122.193
[root@server93 ~]# /etc/init.d/arptables_jf save
[root@server93 ~]# ifconfig eth0:0 192.168.122.178 netmask 255.255.255.255 up
或
[root@server93 ~]# ip addr add 192.168.122.178 dev eth0
注:可用ip addr show查看
[root@server93 ~]# echo `hostname` > /var/www/html/index.html
[root@server93 ~]# /etc/init.d/httpd start
[root@server93 ~]# touch /var/ftp/server93
[root@server93 ~]# /etc/init.d/vsftpd start
以下步骤在server19和server25上实施:
[root@server19 ~]# /etc/init.d/keepalived start
