LVS + Keepalived
2015/06/10
|
This is the Redundant configuration for LVS + Keepalived Server itself.
This example is based on the environment below. | +----------------+-----------------+ | | 192.168.0.30|eth0 --- VIP:192.168.0.29 --- eth0|192.168.0.31 +-------+--------+ +--------+-------+ | LVS+Keepalived | | LVS+Keepalived | +-------+--------+ +--------+-------+ 10.0.0.30|eth1 ----- VIP:10.0.0.29 ---- eth1|10.0.0.31 | | +----------------+-----------------+ | +------------+ | +------------+ | Backend01 |10.0.0.51 | 10.0.0.52| Backend02 | | Web Server +------------+-------------+ Web Server | | |eth0 eth0| | +------------+ +------------+ |
HTTP packets to the eth0 on LVS Server are forwarded to Backend01 and Backend02 Servers with NAT.
Change the default gateway to internal IP address of LVS on both Backend Web Servers first. (it's 10.0.0.29 on the example)
| |
[1] | Install ipvsadm and keepalived. |
[root@dlp ~]#
yum -y install ipvsadm keepalived
# enable IP forward
[root@dlp ~]#
echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf
[root@dlp ~]#
sysctl -p
touch /etc/sysconfig/ipvsadm
[root@dlp ~]#
systemctl start ipvsadm
[root@dlp ~]#
systemctl enable ipvsadm
|
[2] | Configure Keepalived. It's OK to configure the same settings except one setting on both backend servers. (but only for the "priority" section, Change it on both backend server.) |
[root@dlp ~]#
mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.org
[root@dlp ~]#
vi /etc/keepalived/keepalived.conf
# create new
global_defs { notification_email { root@dlp.server.world } notification_email_from root@dlp.server.world smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_Server } vrrp_instance VI_1 { state BACKUP # monitored interface interface eth0 # virtual router's ID virtual_router_id 51 # set priority (change this value on each server) # (large number means priority is high) priority 100 nopreempt # VRRP sending interval advert_int 1 # authentication info between Keepalived servers authentication { auth_type PASS auth_pass password } virtual_ipaddress { # virtual IP address 192.168.0.29 dev eth0 10.0.0.29/24 dev eth1 } } virtual_server 192.168.0.29 80 { # monitored interval delay_loop 3 # distribution method lvs_sched rr # routing method lvs_method NAT protocol TCP # backend server#1 real_server 10.0.0.51 80 { weight 1 HTTP_GET { url { # monitored path path / # status code for normally state status_code 200 } # timeout(sec) connect_timeout 3 } } # backend server#2 real_server 10.0.0.52 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 3 } } }
systemctl start keepalived
[root@dlp ~]#
systemctl enable keepalived
|
[3] |
It's OK, Access to the Service IP address and make sure it works normally.
|
Nenhum comentário:
Postar um comentário