Node02上
! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state BACKUP interface ens33 virtual_router_id 51 priority 50 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.98.100/24 dev ens33 label ens33:3 } } virtual_server 192.168.98.100 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 0 protocol TCP real_server 192.168.98.138 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.98.139 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 3 retry 3 delay_before_retry 3 } } }指定keepalived配置文件,在Node01和Node02上分别执行:
cd /usr/local/keepalived-2.2.2/etc/sysconfig修改keepalived文件
# Options for keepalived. See `keepalived --help' output and keepalived(8) and # keepalived.conf(5) man pages for a list of all options. Here are the most # common ones : # # --vrrp -P Only run with VRRP subsystem. # --check -C Only run with Health-checker subsystem. # --dont-release-vrrp -V Dont remove VRRP VIPs & VROUTEs on daemon stop. # --dont-release-ipvs -I Dont remove IPVS topology on daemon stop. # --dump-conf -d Dump the configuration data. # --log-detail -D Detailed log messages. # --log-facility -S 0-7 Set local syslog facility (default=LOG_DAEMON) # KEEPALIVED_OPTIONS="-D -f /usr/local/keepalived-2.2.2/etc/keepalived/keepalived.conf"在KEEPALIVED_OPTIONS中增加了-f选项,指定了keepalived.conf的位置
然后打开Node01和Node02的80端口访问权限,分别在Node01和Node02上执行如下命令
firewall-cmd --permanent --add-port=80/tcp firewall-cmd --reload 启动keepalived在Node01上执行
systemctl start keepalived验证:通过浏览器访问:
并且时不时刷新以下页面,可以显示如下结果:
在Node01上执行
ipvsadm -lnc可以看到
在Node02上执行
systemctl start keepalived然后在Node02上执行
ipvsadm -lnc内容是空的,说明Node02是备用节点
此时,我们停掉Node01,在Node01上,执行
systemctl stop keepalived继续访问浏览器,服务依旧可以访问
验证了主节点(Node01)挂了,备用节点(Node02)顶上这个情况
此时,在Node02上执行
ipvsadm -lnc可以看到连接情况
说明备机正常提供了服务。
此时,再把主节点(Node01)启动起来,在Node01上执行:
systemctl restart keepalived服务正常
在主节点(Node01)上执行
ipvsadm -lnc显示出了连接
说明主节点已经恢复正常。