keepalived vip指定接口 keepalived的vip设置为公网ip

转载

mob6454cc64c0a4 2024-07-20 17:07:28

文章标签 keepalived vip指定接口 vim 服务器 TCP 文章分类 运维

问题

使用Keepalived为LVS调度器提供高可用功能，防止调度器单点故障，为用户提供Web服务：

路由器对外公网IP地址为202.114.106.20

路由器内网IP地址为192.168.0.254

路由器需要设置SNAT及DNAT功能

LVS1调度器真实IP地址为192.168.0.10

LVS2调度器真实IP地址为192.168.0.20

服务器VIP地址设置为192.168.0.253

真实Web服务器地址分别为192.168.0.1、192.168.0.2

方案

使用5台虚拟机，1台作为Linux路由器、2台作为LVS调度器、2台作为Real Server、物理机作为客户端

步骤

步骤一：配置网络环境

1）设置Web服务器网络参数

[root@web1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
 DEVICE=eth0 
 ONBOOT=yes 
 BOOTPROTO=static 
 IPADDR=192.168.0.1 
 NETMASK=255.255.255.0 
 GATEWAY=192.168.0.254 
 DNS1=202.106.0.20 
 [root@web1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-lo:0 
 DEVICE=lo:0 
 ONBOOT=yes 
 BOOTPROTO=static 
 IPADDR=192.168.0.253 
 NETMASK=255.255.255.255 
 [root@web1 ~]# vim /etc/sysctl.conf 
 .. .. 
 net.ipv4.conf.all.arp_ignore = 1 
 net.ipv4.conf.lo.arp_ignore = 1 
 net.ipv4.conf.lo.arp_announce = 2 
 net.ipv4.conf.all.arp_announce = 2 
 [root@web1 ~]# sysctl -p 
 [root@web1 ~]# systemctl restart NetworkManager[root@web2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
 DEVICE=eth0 
 ONBOOT=yes 
 BOOTPROTO=static 
 IPADDR=192.168.0.2 
 NETMASK=255.255.255.0 
 GATEWAY=192.168.0.254 
 DNS1=202.106.0.20 
 [root@web2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-lo:0 
 DEVICE=lo:0 
 ONBOOT=yes 
 BOOTPROTO=static 
 IPADDR=192.168.0.253 
 NETMASK=255.255.255.255 
 [root@web2 ~]# vim /etc/sysctl.conf 
 .. .. 
 net.ipv4.conf.all.arp_ignore = 1 
 net.ipv4.conf.lo.arp_ignore = 1 
 net.ipv4.conf.lo.arp_announce = 2 
 net.ipv4.conf.all.arp_announce = 2 
 [root@web2 ~]# sysctl -p 
 [root@web2 ~]# systemctl restart NetworkManage2）自定义Web页面
[root@web1 ~]# echo “192.168.0.1” > /var/www/html/index.html 
 [root@web2 ~]# echo “192.168.0.2” > /var/www/html/index.html3）启动Web服务器软件
[root@web1 ~]# systemctl start httpd;systemctl enable httpd 
 [root@web2 ~]# systemctl start httpd;systemctl enable httpd4)设置LVS调度器网络参数
[root@lvs1 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
 DEVICE=eth0 
 ONBOOT=yes 
 BOOTPROTO=static 
 IPADDR=192.168.0.10 
 NETMASK=255.255.255.0 
 GATEWAY=192.168.0.254 
 DNS1=202.106.0.20 
 [root@lvs1 ~]# systemctl restart NetworkManager[root@lvs2 ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
 DEVICE=eth0 
 ONBOOT=yes 
 BOOTPROTO=static 
 IPADDR=192.168.0.20 
 NETMASK=255.255.255.0 
 GATEWAY=192.168.0.254 
 DNS1=202.106.0.20 
 [root@lvs2 ~]# systemctl restart NetworkManager5）设置Linux路由器网络参数
[root@router ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0 
 DEVICE=eth0 
 ONBOOT=yes 
 BOOTPROTO=static 
 IPADDR=202.114.106.20 
 DNS1=202.106.0.20 
 [root@router ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth1 
 DEVICE=eth0 
 ONBOOT=yes 
 BOOTPROTO=static 
 IPADDR=192.168.0.254 
 NETMASK=255.255.255.0 
 DNS1=202.106.0.20 
 [root@router ~]# systemctl restart NetworkManager6）设置Linux路由器
[root@router ~]# sed -i ‘/ip_forward/s/0/1/’ sysctl.conf #开启路由转发 
 [root@router ~]# sysctl -p步骤二：调度器安装Keepalived与ipvsadm软件
注意：两台LVS调度器执行相同的操作
安装软件
[root@lvs1 ~]# yum install -y keepalived 
 [root@lvs1 ~]# systemctl enable keepalived 
 [root@lvs1 ~]# yum install -y ipvsadm 
 [root@lvs2 ~]# yum install -y keepalived 
 [root@lvs2 ~]# systemctl enable keepalived 
 [root@lvs2 ~]# yum install -y ipvsadm步骤三：部署Keepalived实现LVS-DR模式调度器的高可用
1）LVS1调度器设置Keepalived，并启动服务
[root@lvs1 ~]# vim /etc/keepalived/keepalived.conf 
 global_defs { 
 notification_email { 
 admin@tarena.com.cn //设置报警收件人邮箱 
 } 
 notification_email_from ka@localhost //设置发件人 
 smtp_server 127.0.0.1 //定义邮件服务器 
 smtp_connect_timeout 30 
 router_id lvs1 //设置路由ID号 
 } 
 vrrp_instance VI_1 { 
 state MASTER //主服务器为MASTER 
 interface eth0 //定义网络接口 
 virtual_router_id 50 //主辅VRID号必须一致 
 priority 100 //服务器优先级 
 advert_int 1 
 authentication { 
 auth_type pass 
 auth_pass forlvs //主辅服务器密码必须一致 
 } 
 virtual_ipaddress { 192.168.0.253 } 
 } 
 virtual_server 192.168.0.253 80 { //设置VIP为192.168.0.253 
 delay_loop 6 
 lb_algo wrr //设置LVS调度算法为RR 
 lb_kind DR //设置LVS的模式为DR 
 persistence_timeout 1 
 protocol TCP 
 real_server 192.168.0.1 80 { 
 weight 1 //设置权重为1 
 TCP_CHECK { 
 connect_timeout 3 
 nb_get_retry 3 
 delay_before_retry 3 
 } 
 } 
 real_server 192.168.0.2 80 { 
 weight 2 //设置权重为2 
 TCP_CHECK { 
 connect_timeout 3 
 nb_get_retry 3 
 delay_before_retry 3 
 } 
 } 
 [root@lvs1 ~]# systemctl start keepalived 
 [root@lvs1 ~]# ipvsadm -Ln2）LVS2调度器设置Keepalived
[root@lvs1 ~]# vim /etc/keepalived/keepalived.conf 
 global_defs { 
 notification_email { 
 admin@tarena.com.cn //设置报警收件人邮箱 
 } 
 notification_email_from ka@localhost //设置发件人 
 smtp_server 127.0.0.1 //定义邮件服务器 
 smtp_connect_timeout 30 
 router_id lvs2 //设置路由ID号 
 } 
 vrrp_instance VI_1 { 
 state SLAVE //从服务器为SLAVE 
 interface eth0 //定义网络接口 
 virtual_router_id 50 //主辅VRID号必须一致 
 priority 50 //服务器优先级 
 advert_int 1 
 authentication { 
 auth_type pass 
 auth_pass forlvs //主辅服务器密码必须一致 
 } 
 virtual_ipaddress { 192.168.0.253 } 
 } 
 virtual_server 192.168.0.253 80 { //设置VIP为192.168.0.253 
 delay_loop 6 
 lb_algo wrr //设置LVS调度算法为RR 
 lb_kind DR //设置LVS的模式为DR 
 persistence_timeout 1 
 protocol TCP 
 real_server 192.168.0.1 80 { 
 weight 1 //设置权重为1 
 TCP_CHECK { 
 connect_timeout 3 
 nb_get_retry 3 
 delay_before_retry 3 
 } 
 } 
 real_server 192.168.0.2 80 { 
 weight 2 //设置权重为2 
 TCP_CHECK { 
 connect_timeout 3 
 nb_get_retry 3 
 delay_before_retry 3 
 } 
 } 
 [root@lvs2 ~]# systemctl start keepalived 
 [root@lvs2 ~]# ipvsadm -Ln