一、 環境說明:
1、服務器列表:
proxy01:
eth0: 192.168.56.11 eth2: 192.168.156.11
proxy02:
eth0: 192.168.56.12 eth2: 192.168.156.12
proxy03:
eth0: 192.168.56.13 eth2: 192.168.156.13
2、拓撲圖:
二、 實驗步驟
1、 在所有節點上操作
# yum install –y keepalived haproxy
2、 proxy01節點配置
[root@proxy01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_sync_group VG1 {
group {
VI_1
VI_11
}
}
vrrp_sync_group VG2 {
group {
VI_2
VI_12
}
}
vrrp_sync_group VG3 {
group {
VI_3
VI_13
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
##nopreempt 啟用搶占模式
priority 10
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac #啟用vmac模式,會創建虛擬機接口,vip綁定到虛擬接口上
vmac_xmit_base #發送和接收VRRP包的虛擬MAC地址
unicast_src_ip 192.168.56.11
unicast_peer {
192.168.56.12
192.168.56.13
}
virtual_ipaddress {
192.168.56.101
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
priority 20
##nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.56.11
unicast_peer {
192.168.56.12
192.168.56.13
}
virtual_ipaddress {
192.168.56.102
}
}
vrrp_instance VI_3 {
state BACKUP
interface eth0
virtual_router_id 53
priority 30
advert_int 1
##nopreempt
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.56.11
unicast_peer {
192.168.56.12
192.168.56.13
}
virtual_ipaddress {
192.168.56.103
}
}
vrrp_instance VI_11 {
state BACKUP
interface eth2
virtual_router_id 51
##nopreempt
priority 10
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.11
unicast_peer {
192.168.156.12
192.168.156.13
}
virtual_ipaddress {
192.168.156.101
}
}
vrrp_instance VI_12 {
state BACKUP
interface eth2
virtual_router_id 52
priority 20
#nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.11
unicast_peer {
192.168.156.12
192.168.156.13
}
virtual_ipaddress {
192.168.156.102
}
}
vrrp_instance VI_13 {
state BACKUP
interface eth2
virtual_router_id 53
priority 30
advert_int 1
#nopreempt
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.11
unicast_peer {
192.168.156.12
192.168.156.13
}
virtual_ipaddress {
192.168.156.103
}
}
3、 proxy02節點配置
[root@proxy02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_sync_group VG1 {
group {
VI_1
VI_11
}
}
vrrp_sync_group VG2 {
group {
VI_2
VI_12
}
}
vrrp_sync_group VG3 {
group {
VI_3
VI_13
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
#nopreempt
priority 20
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.56.12
unicast_peer {
192.168.56.11
192.168.56.13
}
virtual_ipaddress {
192.168.56.101
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
#nopreempt
priority 30
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.56.12
unicast_peer {
192.168.56.11
192.168.56.13
}
virtual_ipaddress {
192.168.56.102
}
}
vrrp_instance VI_3 {
state BACKUP
interface eth0
virtual_router_id 53
#nopreempt
priority 10
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.56.12
unicast_peer {
192.168.56.11
192.168.56.13
}
virtual_ipaddress {
192.168.56.103
}
}
vrrp_instance VI_11 {
state BACKUP
interface eth2
virtual_router_id 51
#nopreempt
priority 20
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.12
unicast_peer {
192.168.156.11
192.168.156.13
}
virtual_ipaddress {
192.168.156.101
}
}
vrrp_instance VI_12 {
state BACKUP
interface eth2
virtual_router_id 52
#nopreempt
priority 30
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.12
unicast_peer {
192.168.156.11
192.168.156.13
}
virtual_ipaddress {
192.168.156.102
}
}
vrrp_instance VI_13 {
state BACKUP
interface eth2
virtual_router_id 53
#nopreempt
priority 10
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.12
unicast_peer {
192.168.156.11
192.168.156.13
}
virtual_ipaddress {
192.168.156.103
}
}
4、 proxy03節點配置
[root@proxy03 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_sync_group VG1 {
group {
VI_1
VI_11
}
}
vrrp_sync_group VG2 {
group {
VI_2
VI_12
}
}
vrrp_sync_group VG3 {
group {
VI_3
VI_13
}
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
#nopreempt
priority 30
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.56.13
unicast_peer {
192.168.56.11
192.168.56.12
}
virtual_ipaddress {
192.168.56.101
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
#nopreempt
priority 10
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.56.13
unicast_peer {
192.168.56.11
192.168.56.12
}
virtual_ipaddress {
192.168.56.102
}
}
vrrp_instance VI_3 {
state BACKUP
interface eth0
virtual_router_id 53
#nopreempt
priority 20
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.56.13
unicast_peer {
192.168.56.11
192.168.56.12
}
virtual_ipaddress {
192.168.56.103
}
}
vrrp_instance VI_11 {
state BACKUP
interface eth2
virtual_router_id 51
#nopreempt
priority 30
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.13
unicast_peer {
192.168.156.11
192.168.156.12
}
virtual_ipaddress {
192.168.156.101
}
}
vrrp_instance VI_12 {
state BACKUP
interface eth2
virtual_router_id 52
#nopreempt
priority 10
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.13
unicast_peer {
192.168.156.11
192.168.156.12
}
virtual_ipaddress {
192.168.156.102
}
}
vrrp_instance VI_13 {
state BACKUP
interface eth2
virtual_router_id 53
#nopreempt
priority 20
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
use_vmac
vmac_xmit_base
unicast_src_ip 192.168.156.13
unicast_peer {
192.168.156.11
192.168.156.12
}
virtual_ipaddress {
192.168.156.103
}
}
5、 啟動服務
在所有節點操作
# systemctl enable keepalived.service && systemctl start keepalived.service
6、 結果驗證
[root@proxy01 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:4b:3e:34 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.11/24 brd 192.168.56.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe4b:3e34/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:17:a2:bc brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic eth1
valid_lft 85732sec preferred_lft 85732sec
inet6 fe80::a00:27ff:fe17:a2bc/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:ff:0e:a8 brd ff:ff:ff:ff:ff:ff
inet 192.168.156.11/24 brd 192.168.156.255 scope global eth2
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:feff:ea8/64 scope link
valid_lft forever preferred_lft forever
5: vrrp.51@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
6: vrrp.52@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
7: vrrp.53@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.103/32 scope global vrrp.53
valid_lft forever preferred_lft forever
8: vrrp1.51@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
9: vrrp1.52@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
10: vrrp1.53@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff
inet 192.168.156.103/32 scope global vrrp1.53
valid_lft forever preferred_lft forever
[root@proxy02 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:ee:7d:7e brd ff:ff:ff:ff:ff:ff
inet 192.168.56.12/24 brd 192.168.56.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:feee:7d7e/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:a4:ce:2f brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic eth1
valid_lft 85717sec preferred_lft 85717sec
inet6 fe80::a00:27ff:fea4:ce2f/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:6c:16:4d brd ff:ff:ff:ff:ff:ff
inet 192.168.156.12/24 brd 192.168.156.255 scope global eth2
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe6c:164d/64 scope link
valid_lft forever preferred_lft forever
5: vrrp.51@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
6: vrrp.52@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.102/32 scope global vrrp.52
valid_lft forever preferred_lft forever
7: vrrp.53@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff
8: vrrp1.51@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
9: vrrp1.52@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
inet 192.168.156.102/32 scope global vrrp1.52
valid_lft forever preferred_lft forever
10: vrrp1.53@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff
[root@proxy03 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:87:1a:f0 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.13/24 brd 192.168.56.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe87:1af0/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:6e:be:14 brd ff:ff:ff:ff:ff:ff
inet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic eth1
valid_lft 85696sec preferred_lft 85696sec
inet6 fe80::a00:27ff:fe6e:be14/64 scope link
valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:b0:64:83 brd ff:ff:ff:ff:ff:ff
inet 192.168.156.13/24 brd 192.168.156.255 scope global eth2
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:feb0:6483/64 scope link
valid_lft forever preferred_lft forever
5: vrrp.51@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.101/32 scope global vrrp.51
valid_lft forever preferred_lft forever
6: vrrp.52@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
7: vrrp.53@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff
8: vrrp1.51@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
inet 192.168.156.101/32 scope global vrrp1.51
valid_lft forever preferred_lft forever
9: vrrp1.52@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
10: vrrp1.53@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000
link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff
7、 總結
之前我們用keepalived做集群時一般使用它構建服務器主從,也就是只有一個vip,並且這個vip只是在主節點上,當主節點宕機時,vip漂移到從節點上,從而實現高可用。但隨着業務的發展,單個節點隨之成為業務的性能瓶頸,及時我們使用的負載均衡再強大,服務器配置再高,也不可能單節點抗住所有流量。而通過這種方案,在keepalived的主從基礎上擴展一下,通過配置多個vip,每個keepalived節點互為主從,正常情況下保證所有服務器都能擁有一個vip,然后通過dns負載均衡技術,將業務流量轉發到每個vip。從而在一定程度上避免了單服務器的性能瓶頸。