keepalived vip做网关
背景:
两台vm,只有一个公网地址。实现公网地址vip。
实现:
两台vm上都开启公网和内网两个网卡
具体配置如下:
1、master和backup网卡配置情况
master
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | [root@w106 keepalived]# more /etc/sysconfig/network-scripts/ifcfg-eth0DEVICE=eth0HWADDR=a6:ba:02:79:7c:e3TYPE=EthernetUUID=602ffeba-811a-432e-9744-3503cb451d7fONBOOT=yesNM_CONTROLLED=yes[root@w106 keepalived]# more /etc/sysconfig/network-scripts/ifcfg-eth1DEVICE=eth1HWADDR=ca:db:6b:f6:f4:b3TYPE=EthernetUUID=cb26518e-4093-4f27-addf-b651c5fce7faONBOOT=yesNM_CONTROLLED=yesBOOTPROTO=staticIPADDR=192.168.1.106NETMASK=255.255.255.0 |
backup
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 | [root@w107 ~]# more /etc/sysconfig/network-scripts/ifcfg-eth0DEVICE=eth0HWADDR=32:ea:97:67:36:e9TYPE=EthernetUUID=602ffeba-811a-432e-9744-3503cb451d7fONBOOT=yesNM_CONTROLLED=yesBOOTPROTO=none[root@w107 ~]# more /etc/sysconfig/network-scripts/ifcfg-eth1DEVICE=eth1HWADDR=fe:41:f2:d1:2e:77TYPE=EthernetUUID=cb26518e-4093-4f27-addf-b651c5fce7faONBOOT=yesNM_CONTROLLED=yesBOOTPROTO=staticIPADDR=192.168.1.107NETMASK=255.255.255.0 |
2、keepalived的配置文件
master
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 | [root@w106 keepalived]# more keepalived.conf! Configuration File for Keepalived! ---------------------------------------------------------------------------! GLOBAL! ---------------------------------------------------------------------------global_defs { ! this is who emails will go to on alerts notification_email { test@126.com ! add a few more email addresses here if you would like } notification_email_from test@126.com ! mail relay server smtp_server 127.0.0.1 smtp_connect_timeout 30 ! each load balancer should have a different ID ! this will be used in SMTP alerts, so you should make ! each router easily identifiable router_id LVS_4 vrrp_mcast_group4 224.0.0.18 lvs_sync_daemon eth1 VI1_LVS_NGX script_user root}vrrp_instance VI1_LVS_NGX { state MASTER interface eth1 track_interface { eth0 } ! interface to run LVS sync daemon on ! lvs_sync_daemon_interface eth1 !mcast_src_ip 192.168.1.106 ! each virtual router id must be unique per instance name! virtual_router_id 4 ! MASTER and BACKUP state are determined by the priority ! even if you specify MASTER as the state, the state will ! be voted on by priority (so if your state is MASTER but your ! priority is lower than the router with BACKUP, you will lose ! the MASTER state) ! I make it a habit to set priorities at least 50 points apart ! note that a lower number is lesser priority - lower gets less vote priority 100 ! how often should we vote, in seconds? advert_int 1 ! send an alert when this instance changes state from MASTER to BACKUP smtp_alert ! this authentication is for syncing between failover servers ! keepalived supports PASS, which is simple password ! authentication or AH, which is the IPSec authentication header. ! Don't use AH yet as many people have reported problems with it authentication { auth_type PASS auth_pass P@sROOT } ! these are the IP addresses that keepalived will setup on this ! machine. Later in the config we will specify which real ! servers are behind these IPs without this block, keepalived ! will not setup and takedown any IP addresses virtual_ipaddress { 10.10.10.8/27 dev eth0 } notify_master "/etc/keepalived/keepalived_gw_route to_inter_gw" notify_backup "/etc/keepalived/keepalived_gw_route to_intra_gw"} |
backup
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 | [root@w107 ~]# more /etc/keepalived/keepalived.conf! Configuration File for Keepalived! ---------------------------------------------------------------------------! GLOBAL! ---------------------------------------------------------------------------global_defs { ! this is who emails will go to on alerts notification_email { test@126.com ! add a few more email addresses here if you would like } notification_email_from test@126.com ! mail relay server smtp_server 127.0.0.1 smtp_connect_timeout 30 ! each load balancer should have a different ID ! this will be used in SMTP alerts, so you should make ! each router easily identifiable router_id LVS_4 vrrp_mcast_group4 224.0.0.18 lvs_sync_daemon eth1 VI1_LVS_NGX script_user root}vrrp_instance VI1_LVS_NGX { state BACKUP interface eth1 track_interface { eth0 } ! interface to run LVS sync daemon on ! lvs_sync_daemon_interface eth1 !mcast_src_ip 192.168.1.107 ! each virtual router id must be unique per instance name! virtual_router_id 4 ! MASTER and BACKUP state are determined by the priority ! even if you specify MASTER as the state, the state will ! be voted on by priority (so if your state is MASTER but your ! priority is lower than the router with BACKUP, you will lose ! the MASTER state) ! I make it a habit to set priorities at least 50 points apart ! note that a lower number is lesser priority - lower gets less vote priority 90 ! how often should we vote, in seconds? advert_int 1 ! send an alert when this instance changes state from MASTER to BACKUP smtp_alert ! this authentication is for syncing between failover servers ! keepalived supports PASS, which is simple password ! authentication or AH, which is the IPSec authentication header. ! Don't use AH yet as many people have reported problems with it authentication { auth_type PASS auth_pass P@ssRoot } ! these are the IP addresses that keepalived will setup on this ! machine. Later in the config we will specify which real ! servers are behind these IPs without this block, keepalived ! will not setup and takedown any IP addresses virtual_ipaddress { 10.10.10.8/27 dev eth0 } notify_master "/etc/keepalived/keepalived_gw_route to_inter_gw" notify_backup "/etc/keepalived/keepalived_gw_route to_intra_gw"} |
3、/etc/keepalived/keepalived_gw_route 脚本内容
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 | [root@w107 ~]# more /etc/keepalived/keepalived_gw_route#! /bin/bash## keepalived_gw_route Bring add/del gw/route for keepalived## chkconfig: 2345 15 85# description: Add/Delete iptables rule for keepalived to start at boot time.#### BEGIN INIT INFO# Provides: $keepalived_gw_route### END INIT INFO# Source function library.. /etc/init.d/functionsINTER_GW=10.10.10.7INTRA_GW=192.168.1.1INTER_DEV=eth0INTRA_DEV=eth1# ---------# functions# ---------message() { echo -e "$@"; } # message - output message on stdouterror() { echo -e "$@" >&2; } # error - output message on stderrdie() { error "$@"; exit 1; } # die - output message on stderr and exitTO_INTER_GW(){ ip route del default ip route add default via ${INTER_GW} dev ${INTER_DEV}}TO_INTRA_GW(){ ip route del default ip route add default via ${INTRA_GW} dev ${INTRA_DEV}}status() { ip route show}case "$1" in to_inter_gw) TO_INTER_GW ;; to_intra_gw) TO_INTRA_GW ;; status) status ;; *) echo $"Usage: $0 {to_inter_gw|to_intra_gw|status}" exit 1esacexit 0 |
4、master和backup启动backup 就可以实现要求了。保证了公网地址的高可用,涉及后面的应用,需要自行再在master和backup配置。
比如配置nginx代理这些。
分类:
keepalived相关
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· AI与.NET技术实操系列:基于图像分类模型对图像进行分类
· go语言实现终端里的倒计时
· 如何编写易于单元测试的代码
· 10年+ .NET Coder 心语,封装的思维:从隐藏、稳定开始理解其本质意义
· .NET Core 中如何实现缓存的预热?
· 25岁的心里话
· 闲置电脑爆改个人服务器(超详细) #公网映射 #Vmware虚拟网络编辑器
· 零经验选手,Compose 一天开发一款小游戏!
· 因为Apifox不支持离线,我果断选择了Apipost!
· 通过 API 将Deepseek响应流式内容输出到前端
2018-05-24 xvfb-run: error: xauth command not found 解决方式
2018-05-24 Linux将ActiveMQ修改为自启动