一、实现master/slave的keepalived单主架构
1.master配置
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1.xiao.org
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
vrrp_instance VI_1{
state MASTER
interface eth0
virtual_router_id 20
priority 100
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
}
2.backup配置
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka2.xiao.org
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
vrrp_mcast_group4 224.0.0.18
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 20
priority 80
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
}
3.抢占模式和非抢占模式
非抢占模式 nopreempt
默认为抢占模式,即当高优先级的主机恢复在线后,会抢占低优先级的主机的master角色,这样会使vip在ka主机中来回漂移造成网络抖动,一般会设置为nopreempt,即高优先级主机恢复后并不会抢占低优先级的master角色。非抢占模式下,如果原主机down机,vip迁移到新主机,后续也发生down时,仍会将vip迁移回原主机
要关闭vip抢占,必将各keepalived服务器state配置为backup
ka1主机配置
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 20
priority 100
nopreempt
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
ka2主机配置
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 20
priority 80
nopreempt
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
4.抢占延迟模式preempt_delay
抢占延迟模式,即优先级高的主机恢复后不会立即抢占vip,而是延迟一段时间(默认是300a)再抢回vip
preempt_delay 指定抢占延迟时间
各keepalived服务器state的状态为backup,并且不启动vrrp_strict
ka1主机的配置
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 20
priority 100
preempt_delay 10s
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
ka2主机的配置
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 20
priority 80
preemp_delay 10s
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
5.vip单播配置
默认keepalived主机之间利用多播相互通告消息会造成网络拥塞,可以将其替换为单播来减少网络流量
启用vrrp_strict时,不能启用单播
设置方式:在vrrp_instance的语句块中设置对方主机的ip地址,一般设置为专用于对应心跳线网络的地址而非使用业务网络
unicast_src_ip xxx 指定发送单播的源ip
unicast_peer {
ipaddr 指定接收单播的对方目标主机ip
}
6.keepalived通知脚本配置
当keepalived的状态变化时可以自动触发脚本的执行,比如发邮件通知用户,其默认以keepalived_script身份执行脚本。
global_defs {
script_user <USER>
}
通知脚本类型:当前节点成为主节点时触发的脚本
notify_master <String>
当前节点转为备节点时触发的脚本
notify_backup <String>
当前节点转为失败状态时触发的脚本
notify_fault <String>
通用格式的通知触发机制
notify <String>
当停止vrrp时触发的脚本
notify_stop <string>
脚本的调用方法:
在vrrp_instance VI_1语句块的末尾加上:
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
二、实现master/master的keepalived双主架构
1.master/slave的单主架构,同一时间只有一个keepalived对外提供服务,此主机繁忙,另一台主机却空闲,利用率低下
2.master/master的双主架构:
将两个或以上vip分别运行在不同的keeoalived服务器上,以实现服务器并行提供web访问的目的提高资源的利用率
ka1的配置信息
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 20
priority 80
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
vrrp_instance VI_2{
state BACKUP
interface eth0
virtual_router_id 30
priority 80
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.101/24 dev eth0 label eth0:1
}
}
ka2的配置信息
vrrp_instance VI_1{
state BACKUP
interface eth0
virtual_router_id 20
priority 100
nopreempt
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.100/24 dev eth0 label eth0:0
}
}
vrrp_instance VI_2{
state MASTER
interface eth0
virtual_router_id 30
priority 100
advert_int 1
authentication {
auth_type pass
auth_pass 1111
}
virtual_ipaddress {
172.25.254.101/24 dev eth0 label eth0:1
}
}