Shulou(Shulou.com)06/02 Report--

Keepalived Overview the role of Keepalived is to detect the status of the server. If a web server goes down or fails, Keepalived will detect and remove the faulty server from the system, and use other servers to replace the server's work. When the server is working properly, Keepalived will automatically add the server to the server farm. All these tasks are done automatically without human intervention. All that needs to be done manually is to repair the failed server. Keepalived working principle 1. Keepalived is based on VRRP protocol. VRRP is called Virtual Router Redundancy Protocol, that is, virtual routing redundancy protocol. 2. Virtual routing redundancy protocol can be considered as a protocol to achieve high availability of routers, that is, N routers with the same function form a router group, in which there is a master and multiple backup,master with a vip providing external services (the default route of other machines in the local area network of the router is the vip). Master sends multicast, and when the backup does not receive the vrrp packet, it is considered that the master is down. At this point, you need to choose a backup as master according to the priority of VRRP. In this way, the high availability of the router can be ensured. 3. Keepalived has three main modules, which are core, check and vrrp. Core module is the core of keepalived, which is responsible for the startup and maintenance of the main process as well as the loading and parsing of global configuration files. Check is responsible for health check-ups, including common check-ups. The vrrp module is used to implement the VRRP protocol. Experimental environment scheduling server DR1 (master): 192.168.100.66 centos7-1 scheduling server DR2 (standby): 192.168.100.77 centos7-2 node server web1: 192.168.100.88 centos7-3 node server web2: 192.168.100.99 centos7-4 drift address vip: 192.168.100.100 client client: 192.168.100.200 windows7 first step to configure centos7-1--DR1 scheduling server

1. Install ipvsadm and keepalived software packages

[root@dr1 ~] # yum install ipvsadm keepalived-y

2. Modify the network card mode to host only and fix IP:192.168.100.66

[root@dr1 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33BOOTPROTO=staticIPADDR=192.168.100.66NETMASK=255.255.255.0GATEWAY=192.168.100.1 [root@dr1 ~] # service network restartRestarting network (via systemctl): [OK] [root@dr1 ~] # vim / etc/sysctl.conf# add route forwarding function net.ipv4.ip_forward=1#proc response turns off redirection function net.ipv4.conf.all Send _ redirects=0net.ipv4.conf.default.send_redirects=0net.ipv4.conf.ens33.send_redirects=0# effective route forwarding function [root@dr1 ~] # sysctl-p

3. Build a virtual network card

[root@dr1 ~] # cd / etc/sysconfig/network-scripts/ [root@dr1 network-scripts] # cp ifcfg-ens33 ifcfg-ens33:0 [root@dr1 network-scripts] # vim ifcfg-ens33:0# Delete original content DEVICE=ens33:0ONBOOT=yesIPADDR=192.168.100.100NETWASK=255.255.255.0 # enable virtual network card [root@dr1 network-scripts] # ifup ens33:0

4. Add a service startup script

Add-host $VIP dev ens33:0 / sbin/ipvsadm-A-t $VIP:80-s rr / sbin/ipvsadm-a-t $VIP:80-r $RIP1:80-g / sbin/ipvsadm-a-t $VIP:80-r $RIP2:80-g echo "ipvsadm starting- [ok]" ; stop) / sbin/ipvsadm-C systemctl stop ipvsadm ifconfig ens33:0 down route del $VIP echo "ipvsamd stoped- [ok]";; status) if [!-e ar/lock/subsys/ipvsadm] Then echo "ipvsadm stoped-" exit 1 else echo "ipvsamd Runing- [ok]" fi *) echo "Usage: $0 {start | stop | status}" exit 1 esac exit "Grant script execution permission [root@dr1 init.d] # chmod + x dr.sh# startup script [root@dr1 init.d] # service dr.sh start# View ipvsadm status [root@dr1 init.d] # systemctl status ipvsadm # View Service enabled status # disable Firewall The second step of configuring centos7-2--DR2 scheduling server with security feature [root@dr1 init.d] # systemctl stop firewalld.service [root@dr1 init.d] # setenforce 0

1. Install ipvsdam and keepalived software packages

[root@dr2 ~] # yum install ipvsdam keepalived-y

two。 Modify the network card mode to host only and fix IP:192.168.100.77

[root@dr2 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33BOOTPROTO=staticIPADDR=192.168.100.77NETMASK=255.255.255.0GATEWAY=192.168.100.1 [root@dr2 ~] # service network restartRestarting network (via systemctl): [OK] [root@dr2 ~] # vim / etc/sysctl.conf# add route forwarding function net.ipv4.ip_forward=1#proc response turns off redirection function net.ipv4.conf.all Send _ redirects=0net.ipv4.conf.default.send_redirects=0net.ipv4.conf.ens33.send_redirects=0# effective route forwarding function [root@dr1 ~] # sysctl-p

3. Build a virtual network card

[root@dr1 ~] # cd / etc/sysconfig/network-scripts/ [root@dr1 network-scripts] # cp ifcfg-ens33 ifcfg-ens33:0 [root@dr1 network-scripts] # vim ifcfg-ens33:0# Delete original content DEVICE=ens33:0ONBOOT=yesIPADDR=192.168.100.100NETWASK=255.255.255.0# enable virtual network card [root@dr2 ~] # ifup ens33:0

4. Add a service startup script

[root@dr2 ~] # cd / etc/init.d/ [root@dr2 ~] # vim dr.shatters binbinhGWANG192.168.100.1VIPband 192.168.100.100RIP1192.168.100.88RIP2192.168.100.99case "$1" instart) / sbin/ipvsadm-- save > / etc/sysconfig/ipvsadm systemctl start ipvsadm / sbin/ifconfig ens33:0$ VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up / sbin/route add- Host $VIP dev ens33:0 / sbin/ipvsadm-A-t $VIP:80-s rr / sbin/ipvsadm-a-t $VIP:80-r $RIP1:80-g / sbin/ipvsadm-a-t $VIP:80-r $RIP2:80-g echo "ipvsadm starting- [ok]" ; stop) / sbin/ipvsadm-C systemctl stop ipvsadm ifconfig ens33:0 down route del $VIP echo "ipvsamd stoped- [ok]" Stop) / sbin/ipvsadm-C systemctl stop ipvsadm ifconfig ens33:0 down route del $VIP echo "ipvsamd stoped- [ok]";; status) if [!-e ar/lock/subsys/ipvsadm] Then echo "ipvsadm stoped-" exit 1 else echo "ipvsamd Runing- [ok]" fi *) echo "Usage: $0 {start | stop | status}" exit 1 esac exit 0 [root@dr2 ~] # chmod + x dr.sh [root@dr2 ~] # service dr.sh start [root@dr2 ~] # systemctl status ipvsadm # View the service enabled status [root@dr2 ~] # systemctl stop firewalld.service [root@dr2 ~] # setenforce 0 step 3 configure centos7-3--web1 node server

1. Install the httpd package

[root@web-1 ~] # yum install httpd-y

two。 Modify the network card mode: host only and fix IP:192.168.100.88

[root@web-1 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33BOOTPROTO=staticIPADDR=192.168.100.88NETMASK=255.255.255.0GATEWAY=192.168.100.1 [root@web-1 ~] # service network restart # restart the network card [root@web-1 ~] # systemctl stop firewalld.service # turn off the firewall [root@web-1 ~] # setenforce 0 [root@web-1 ~] # systemctl start httpd.service # start the website service

3. Create the home page of the website

[root@web-1 ~] # cd / var/www/html/ [root @ web-1 ~] # echo "this is accp web" > index.html

4. Create a virtual network card

[root@web-1 ~] # cd / etc/sysconfig/network-scripts/ [root@web-1 ~] # cp ifcfg-lo ifcfg-lo:0 [root@web-1 ~] # vim ifcfg-lo:0# delete all the original information and add the following: DEVICE=Lo:0IPADDR=192.168.100.100NETMASK=255.255.255.0ONBOOT=yes

5. Write a service startup script

[root@web-1 ~] # cd / etc/init.d/ [root @ web-1 ~] # vim web.sh # Control Service startup script #! / bin/bashVIP=192.168.100.100 case "$1" in start) ifconfig lo:0$ VIP netmask 255.255.255.255 broadcast $VIP / sbin/route add-host $VIP dev lo:0 echo "1 "> / proc/sys/net/ipv4/conf/lo/arp_ignore echo" 2 "> / proc/sys/net/ipv4/conf/lo/arp_announce echo" 1 "> / proc/sys/net/ipv4/conf/lo/arp_ignore echo" 2 "> / proc/sys/net/ipv4/conf/lo/arp_announce sysctl-p > / dev/null 2 > & 1 echo" RealServer Start OK " Stop) ifconfig lo:0 down route del $VIP / dev/null 2 > & 1 echo "0" > / proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" > / proc/sys/net/ipv4/conf/lo/arp_announce echo "0" > / proc/sys/net/ipv4/conf/all/arp_ignore Echo "0" > / proc/sys/net/ipv4/conf/all/arp_announce echo "RealServer Stoped" *) echo "Usage: $0 {start | stop}" exit 1 esac exit 0 [root@web-1 ~] # chmod + x web.sh [root @ web-1 ~] # service web.sh start [root @ web-1 ~] # ifup lo:0 view IP on the web2 node server You can see the virtual IP, which means no problem: ifconfigfirefox "http://127.0.0.1/" & # directly visit the website [root@web-1 ~] # service web.sh stop[ root @ web-1 ~] # service web.sh start # suggest restarting the service. Step 4: configure the centos7-4--web2 node server.

1. Install the httpd package

[root@web-2 ~] # yum install httpd-y

two。 Adjust the network card mode to host only and fix IP:192.168.100.99

[root@web-2 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33BOOTPROTO=staticIPADDR=192.168.100.99NETMASK=255.255.255.0GATEWAY=192.168.100.1 [root@web-2 ~] # service network restart # restart the network card [root@web-2 ~] # systemctl stop firewalld.service # turn off the firewall [root@web-2 ~] # setenforce 0 [root@web-2 ~] # systemctl start httpd.service [root@web -2 ~] # systemctl status httpd.service [root @ web-2 ~] # cd / var/www/html/ [root @ web-2 ~] # echo "this is benet web" > index.html [root @ web-2 ~] # cd / etc/sysconfig/network-scripts/ [root@web-2 ~] # cp ifcfg-lo ifcfg-lo:0 [root@web-2 ~] # vim ifcfg-lo:0DEVICE=Lo:0IPADDR=192.168.100.100NETMASK=255.255.255.0ONBOOT=yes [root @ root@web-2 ~ ] # cd / etc/init.d/ [root @ web-2 ~] # vim web.sh # Control Service startup script #! / bin/bashVIP=192.168.100.100 case "$1" in start) ifconfig lo:0$ VIP netmask 255.255.255.255 broadcast $VIP / sbin/route add-host $VIP dev lo:0 echo "1" > / proc/sys/ Net/ipv4/conf/lo/arp_ignore echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce echo "1" > / proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce sysctl-p > / dev/null 2 > & 1 echo "RealServer Start OK" Stop) ifconfig lo:0 down route del $VIP / dev/null 2 > & 1 echo "0" > / proc/sys/net/ipv4/conf/lo/arp_ignore echo "0" > / proc/sys/net/ipv4/conf/lo/arp_announce echo "0" > / proc/sys/net/ipv4/conf/all/arp_ignore Echo "0" > / proc/sys/net/ipv4/conf/all/arp_announce echo "RealServer Stoped" *) echo "Usage: $0 {start | stop}" exit 1 esac exit 0 [root@web-2 ~] # chmod + x web.sh [root @ web-2 ~] # service web.sh start# enable the virtual network card [root@web-2 ~] # ifup lo:0 firefox "http://127.0.0.1/" & # Direct access Network Station # shut down and restart the service [root@web-2 ~] # service web.sh stop[ root @ web-2 ~] # service web.sh start step 5: test using the Win7 client

1. Using win7, adjust the Nic to host-only mode

two。 Use the client to try to connect to the server

C:\ Users\ czt > ping 192.168.100.100 is Ping 192.168.100.100 with 32 bytes of data: reply from 192.168.100.100: bytes = 32 time

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.