keepalived vip做网关

背景：

       两台vm，只有一个公网地址。实现公网地址vip。

实现：

     两台vm上都开启公网和内网两个网卡

 具体配置如下:

1、master和backup网卡配置情况

master

[root@w106 keepalived]# more /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=a6:ba:02:79:7c:e3
TYPE=Ethernet
UUID=602ffeba-811a-432e-9744-3503cb451d7f
ONBOOT=yes
NM_CONTROLLED=yes
[root@w106 keepalived]# more /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=ca:db:6b:f6:f4:b3
TYPE=Ethernet
UUID=cb26518e-4093-4f27-addf-b651c5fce7fa
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.1.106
NETMASK=255.255.255.0

backup

[root@w107 ~]# more /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
HWADDR=32:ea:97:67:36:e9
TYPE=Ethernet
UUID=602ffeba-811a-432e-9744-3503cb451d7f
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=none
[root@w107 ~]# more /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
HWADDR=fe:41:f2:d1:2e:77
TYPE=Ethernet
UUID=cb26518e-4093-4f27-addf-b651c5fce7fa
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.1.107
NETMASK=255.255.255.0

2、keepalived的配置文件

master

[root@w106 keepalived]# more keepalived.conf
! Configuration File for Keepalived
! ---------------------------------------------------------------------------
! GLOBAL
! ---------------------------------------------------------------------------
global_defs {
        ! this is who emails will go to on alerts
        notification_email {
                test@126.com
                ! add a few more email addresses here if you would like
        }
        notification_email_from test@126.com

        ! mail relay server
        smtp_server 127.0.0.1
        smtp_connect_timeout 30

        ! each load balancer should have a different ID
        ! this will be used in SMTP alerts, so you should make
        ! each router easily identifiable
        router_id LVS_4
        vrrp_mcast_group4 224.0.0.18
        lvs_sync_daemon eth1 VI1_LVS_NGX
        script_user root
}
vrrp_instance VI1_LVS_NGX {
        state MASTER
        interface eth1
        track_interface {
                eth0
        }
        ! interface to run LVS sync daemon on
        ! lvs_sync_daemon_interface eth1
        !mcast_src_ip 192.168.1.106
        ! each virtual router id must be unique per instance name!
        virtual_router_id 4
        ! MASTER and BACKUP state are determined by the priority
        ! even if you specify MASTER as the state, the state will
        ! be voted on by priority (so if your state is MASTER but your
        ! priority is lower than the router with BACKUP, you will lose
        ! the MASTER state)
        ! I make it a habit to set priorities at least 50 points apart
        ! note that a lower number is lesser priority - lower gets less vote
        priority 100
        ! how often should we vote, in seconds?
        advert_int 1
        ! send an alert when this instance changes state from MASTER to BACKUP
        smtp_alert
        ! this authentication is for syncing between failover servers
        ! keepalived supports PASS, which is simple password
        ! authentication or AH, which is the IPSec authentication header.
        ! Don't use AH yet as many people have reported problems with it
        authentication {
                auth_type PASS
                auth_pass P@sROOT
        }
        ! these are the IP addresses that keepalived will setup on this
        ! machine. Later in the config we will specify which real
        ! servers  are behind these IPs without this block, keepalived
        ! will not setup and takedown any IP addresses
        virtual_ipaddress {
                10.10.10.8/27 dev eth0
        }
        notify_master "/etc/keepalived/keepalived_gw_route to_inter_gw"
        notify_backup "/etc/keepalived/keepalived_gw_route to_intra_gw"
}

backup

[root@w107 ~]# more /etc/keepalived/keepalived.conf
! Configuration File for Keepalived
! ---------------------------------------------------------------------------
! GLOBAL
! ---------------------------------------------------------------------------
global_defs {
        ! this is who emails will go to on alerts
        notification_email {
                test@126.com
                ! add a few more email addresses here if you would like
        }
        notification_email_from test@126.com
        ! mail relay server
        smtp_server 127.0.0.1
        smtp_connect_timeout 30
        ! each load balancer should have a different ID
        ! this will be used in SMTP alerts, so you should make
        ! each router easily identifiable
        router_id LVS_4
        vrrp_mcast_group4 224.0.0.18
        lvs_sync_daemon eth1 VI1_LVS_NGX
        script_user root
}
vrrp_instance VI1_LVS_NGX {
        state BACKUP
        interface eth1
        track_interface {
                eth0
        }
        ! interface to run LVS sync daemon on
        ! lvs_sync_daemon_interface eth1
        !mcast_src_ip 192.168.1.107
        ! each virtual router id must be unique per instance name!
        virtual_router_id 4
        ! MASTER and BACKUP state are determined by the priority
        ! even if you specify MASTER as the state, the state will
        ! be voted on by priority (so if your state is MASTER but your
        ! priority is lower than the router with BACKUP, you will lose
        ! the MASTER state)
        ! I make it a habit to set priorities at least 50 points apart
        ! note that a lower number is lesser priority - lower gets less vote
        priority 90
        ! how often should we vote, in seconds?
        advert_int 1
        ! send an alert when this instance changes state from MASTER to BACKUP
        smtp_alert
        ! this authentication is for syncing between failover servers
        ! keepalived supports PASS, which is simple password
        ! authentication or AH, which is the IPSec authentication header.
        ! Don't use AH yet as many people have reported problems with it
        authentication {
                auth_type PASS
                auth_pass P@ssRoot
        }
        ! these are the IP addresses that keepalived will setup on this
        ! machine. Later in the config we will specify which real
        ! servers  are behind these IPs without this block, keepalived
        ! will not setup and takedown any IP addresses
        virtual_ipaddress {
                10.10.10.8/27 dev eth0
        }
        notify_master "/etc/keepalived/keepalived_gw_route to_inter_gw"
        notify_backup "/etc/keepalived/keepalived_gw_route to_intra_gw"
}

3、/etc/keepalived/keepalived_gw_route 脚本内容

[root@w107 ~]# more /etc/keepalived/keepalived_gw_route
#! /bin/bash
#
# keepalived_gw_route       Bring add/del gw/route for keepalived
#
# chkconfig: 2345 15 85
# description: Add/Delete iptables rule for keepalived to start at boot time.
#
### BEGIN INIT INFO
# Provides: $keepalived_gw_route
### END INIT INFO
# Source function library.
. /etc/init.d/functions
INTER_GW=10.10.10.7
INTRA_GW=192.168.1.1
INTER_DEV=eth0
INTRA_DEV=eth1
# ---------
# functions
# ---------
message() { echo -e "$@"; }        # message - output message on stdout
error() { echo -e "$@" >&2; }      # error - output message on stderr
die() { error "$@"; exit 1; }   # die - output message on stderr and exit
TO_INTER_GW()
{
        ip route del default
        ip route add default via ${INTER_GW} dev ${INTER_DEV}
}
TO_INTRA_GW()
{
        ip route del default
        ip route add default via ${INTRA_GW} dev ${INTRA_DEV}
}
status() {
        ip route show
}
case "$1" in
        to_inter_gw)
                TO_INTER_GW
        ;;
        to_intra_gw)
                TO_INTRA_GW
        ;;
        status)
                status
        ;;
        *)
                echo $"Usage: $0 {to_inter_gw|to_intra_gw|status}"
                exit 1
esac
exit 0

4、master和backup启动backup 就可以实现要求了。保证了公网地址的高可用，涉及后面的应用，需要自行再在master和backup配置。

比如配置nginx代理这些。