实验环境:
ipvsadm-1.26-4.el6.x86_64
system:centos-6.6.x86_64
kernel:2.6.32-504.el6.x86_64
keepalived-1.2.13-4.el6.x86_64
配置DR:
[root@centos-server ~]# sysctl -w net.ipv4.conf.all.send_redirects=0
net.ipv4.conf.all.send_redirects = 0
[root@centos-server ~]# sysctl -w net.ipv4.conf.default.send_redirects=0
net.ipv4.conf.default.send_redirects = 0
[root@centos-server ~]# sysctl -w net.ipv4.conf.eth2.send_redirects=0
net.ipv4.conf.eth2.send_redirects = 0
[root@centos-server ~]# service ipvsadm stop
[root@centos-server ~]# ipvsadm -A -t 192.168.150.200:80 -s rr
[root@centos-server ~]# ipvsadm -a -t 192.168.150.200:80 -r 192.168.150.129 -g -w 1
[root@centos-server ~]# ipvsadm -a -t 192.168.150.200:80 -r 192.168.150.142 -g -w 1
[root@centos-server ~]# iptable s -I INPUT -p tcp --dport 80 -j ACCEPT
[root@centos-server ~]# service ipvsadm save
配置real server:
[root@centos-server ~]# vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore=1
net.ipv4.conf.all.arp_announce=2
net.ipv4.conf.default.arp_ignore=1
net.ipv4.conf.default.arp_announce=2
net.ipv4.conf.lo.arp_ignore=1
net.ipv4.conf.lo.arp_announce=2
[root@centos-server ~]# sysctl -p
[root@centos-server ~]# ifconfig lo:0 192.168.150.200/32
[root@centos-server ~]# route add -host 192.168.150.200 dev lo:0
[root@centos-server ~]# setenforce 0
[root@centos-server ~]# yum install httpd
[root@centos-server ~]# service httpd start
配置keepalived:
global_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 220.181.12.11smtp_connect_timeout 30router_id haproxy_DEVEL
}
vrrp_instance VI_1 {state MASTER #另一端为SLAVEinterface eth3 #根据自己网卡情况而定virtual_router_id 51priority 100 #另一端为80advert_int 1authentication {auth_type PASSauth_pass 1234}virtual_ipaddress {192.168.150.200/24 dev eth3}
}
virtual_server 192.168.150.200/24 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.150.129 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 }
}real_server 192.168.150.142 80 { weight 3 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } }
}
[root@centos-server ~]# service keepalived start
检测结果:
查看是否正常调度:
查看MASTER,获得vip:192.168.150.200,及检查后端
查看SLAVE,及检查后端服务:
故障转移:
停掉MASTER的keepalived,查看SLAVE是否自动切换为MASTER
[root@centos-server ~]# service keepalived stop
检测后端检查:
停掉其中一台后端httpd
[root@centos-server ~]# service hdttp stop