Shulou(Shulou.com)06/03 Report--

Overview of keepalived

The function of Keepalived is to detect the status of the server. If a web server goes down or fails, Keepalived will detect and remove the faulty server from the system, and use other servers to replace the server's work. When the server is working normally, Keepalived will automatically add the server to the server farm, and all these tasks will be done automatically without human intervention. All that needs to be done manually is to repair the failed server.

How keepalived works

1. Keepalived is based on VRRP protocol. The full name of VRRP is Virtual Router Redundancy Protocol, that is, virtual routing redundancy protocol.

2. Virtual routing redundancy protocol can be considered as a protocol to achieve high availability of routers, that is, N routers with the same function form a router group, in which there is a master and multiple backup,master with a vip providing external services (the default route of other machines in the local area network of the router is the vip). Master sends multicast, and when the backup does not receive the vrrp packet, it is considered that the master is down. At this point, you need to choose a backup as master according to the priority of VRRP. In this way, the high availability of the router can be ensured.

3. Keepalived has three main modules, which are core, check and vrrp. Core module is the core of keepalived, which is responsible for the startup and maintenance of the main process as well as the loading and parsing of global configuration files. Check is responsible for health check-ups, including common check-ups. The vrrp module is used to implement the VRRP protocol.

Experimental environment

Scheduling server DR1 (master): 192.168.100.66 centos7-1

Scheduling server DR2 (standby): 192.168.100.77 centos7-2

Node server web1: 192.168.100.88 centos7-3

Node server web2: 192.168.100.99 centos7-4

Drift address vip: 192.168.100.100

Client client: 192.168.100.200 windows7

Configure centos7-1

Yum install ipvsadm keepalived-y

Modify the network card mode to host only and fix IP:192.168.100.66

[root@dr1 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33

BOOTPROTO=static

IPADDR=192.168.100.66

NETMASK=255.255.255.0

GATEWAY=192.168.100.1

[root@dr1 ~] # service network restart

Restarting network (via systemctl): [OK]

[root@dr1 ~] # vim / etc/sysctl.conf

# add routing forwarding feature

Net.ipv4.ip_forward=1

# proc response to disable the redirect feature

Net.ipv4.conf.all.send_redirects=0

Net.ipv4.conf.default.send_redirects=0

Net.ipv4.conf.ens33.send_redirects=0

# effective routing forwarding feature

[root@dr1] # sysctl-p

Build a virtual network card

[root@dr1 ~] # cd / etc/sysconfig/network-scripts/

[root@dr1 network-scripts] # cp ifcfg-ens33 ifcfg-ens33:0

[root@dr1 network-scripts] # vim ifcfg-ens33:0

# delete the original content

DEVICE=ens33:0

ONBOOT=yes

IPADDR=192.168.100.100

NETWASK=255.255.255.0

# enable virtual network card

[root@dr1 network-scripts] # ifup ens33:0

Add a service startup script

[root@dr1 ~] # cd / etc/init.d/

[root@dr1 init.d] # vim dr.sh

#! / bin/bash

GW=192.168.100.1

VIP=192.168.100.100

RIP1=192.168.100.88

RIP2=192.168.100.99

Case "$1" in

Start)

/ sbin/ipvsadm-- save > / etc/sysconfig/ipvsadm

Systemctl start ipvsadm

/ sbin/ifconfig ens33:0$ VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up

/ sbin/route add-host $VIP dev ens33:0

/ sbin/ipvsadm-A-t $VIP:80-s rr

/ sbin/ipvsadm-a-t $VIP:80-r $RIP1:80-g

/ sbin/ipvsadm-a-t $VIP:80-r $RIP2:80-g

Echo "ipvsadm starting- [ok]"

Stop)

/ sbin/ipvsadm-C

Systemctl stop ipvsadm

Ifconfig ens33:0 down

Route del $VIP

Echo "ipvsamd stoped- [ok]"

Status)

If [!-e ar/lock/subsys/ipvsadm]; then

Echo "ipvsadm stoped-"

Exit 1

Else

Echo "ipvsamd Runing- [ok]"

Fi

*)

Echo "Usage: $0 {start | stop | status}"

Exit 1

Esac

Exit 0

# Grant script execution permission

[root@dr1 init.d] # chmod + x dr.sh

# Startup script

[root@dr1 init.d] # service dr.sh start

# View ipvsadm status

[root@dr1 init.d] # systemctl status ipvsadm # check the enabled status of the service

# turn off firewall and security features

[root@dr1 init.d] # systemctl stop firewalld.service

[root@dr1 init.d] # setenforce 0

Configure centos7-2

Install ipvsdam and keepalived software packages

[root@dr2 ~] # yum install ipvsdam keepalived-y

Modify the network card mode to host only and fix IP:192.168.100.77

[root@dr2 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33

BOOTPROTO=static

IPADDR=192.168.100.77

NETMASK=255.255.255.0

GATEWAY=192.168.100.1

[root@dr2 ~] # service network restart

Restarting network (via systemctl): [OK]

[root@dr2 ~] # vim / etc/sysctl.conf

# add routing forwarding feature

Net.ipv4.ip_forward=1

# proc response to disable the redirect feature

Net.ipv4.conf.all.send_redirects=0

Net.ipv4.conf.default.send_redirects=0

Net.ipv4.conf.ens33.send_redirects=0

# effective routing forwarding feature

[root@dr1] # sysctl-p

Build a virtual network card

[root@dr1 ~] # cd / etc/sysconfig/network-scripts/

[root@dr1 network-scripts] # cp ifcfg-ens33 ifcfg-ens33:0

[root@dr1 network-scripts] # vim ifcfg-ens33:0

# delete the original content

DEVICE=ens33:0

ONBOOT=yes

IPADDR=192.168.100.100

NETWASK=255.255.255.0

# enable virtual network card

[root@dr2 ~] # ifup ens33:0

Add a service startup script

[root@dr2 ~] # cd / etc/init.d/

[root@dr2 ~] # vim dr.sh

#! / bin/bash

GW=192.168.100.1

VIP=192.168.100.100

RIP1=192.168.100.88

RIP2=192.168.100.99

Case "$1" in

Start)

/ sbin/ipvsadm-- save > / etc/sysconfig/ipvsadm

Systemctl start ipvsadm

/ sbin/ifconfig ens33:0$ VIP broadcast $VIP netmask 255.255.255.255 broadcast $VIP up

/ sbin/route add-host $VIP dev ens33:0

/ sbin/ipvsadm-A-t $VIP:80-s rr

/ sbin/ipvsadm-a-t $VIP:80-r $RIP1:80-g

/ sbin/ipvsadm-a-t $VIP:80-r $RIP2:80-g

Echo "ipvsadm starting- [ok]"

Stop)

/ sbin/ipvsadm-C

Systemctl stop ipvsadm

Ifconfig ens33:0 down

Route del $VIP

Echo "ipvsamd stoped- [ok]"

Stop)

/ sbin/ipvsadm-C

Systemctl stop ipvsadm

Ifconfig ens33:0 down

Route del $VIP

Echo "ipvsamd stoped- [ok]"

Status)

If [!-e ar/lock/subsys/ipvsadm]; then

Echo "ipvsadm stoped-"

Exit 1

Else

Echo "ipvsamd Runing- [ok]"

Fi

*)

Echo "Usage: $0 {start | stop | status}"

Exit 1

Esac

Exit 0

[root@dr2 ~] # chmod + x dr.sh

[root@dr2 ~] # service dr.sh start

[root@dr2 ~] # systemctl status ipvsadm # check the enabled status of the service

[root@dr2 ~] # systemctl stop firewalld.service

[root@dr2 ~] # setenforce 0

Configure centos7-3

Install the httpd package

[root@web-1 ~] # yum install httpd-y

Modify the network card mode: host only and fix IP:192.168.100.88

[root@web-1 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33

BOOTPROTO=static

IPADDR=192.168.100.88

NETMASK=255.255.255.0

GATEWAY=192.168.100.1

[root@web-1 ~] # service network restart # restart the Nic

[root@web-1 ~] # systemctl stop firewalld.service # turn off the firewall

[root@web-1 ~] # setenforce 0

[root@web-1 ~] # systemctl start httpd.service # start the website service

Create the home page of the website

[root@web-1 ~] # cd / var/www/html/

[root@web-1 ~] # echo "this is accp web" > index.html**

Create a virtual network card

[root@web-1 ~] # cd / etc/sysconfig/network-scripts/

[root@web-1 ~] # cp ifcfg-lo ifcfg-lo:0

[root@web-1 ~] # vim ifcfg-lo:0

# delete all the original information and add the following:

DEVICE=Lo:0

IPADDR=192.168.100.100

NETMASK=255.255.255.0

ONBOOT=yes

Write a service startup script

[root@web-1 ~] # cd / etc/init.d/

[root@web-1 ~] # vim web.sh # Control Service startup script

#! / bin/bash

VIP=192.168.100.100

Case "$1" in

Start)

Ifconfig lo:0$ VIP netmask 255.255.255.255 broadcast $VIP

/ sbin/route add-host $VIP dev lo:0

Echo "1" > / proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce

Echo "1" > / proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce

Sysctl-p > / dev/null 2 > & 1

Echo "RealServer Start OK"

Stop)

Ifconfig lo:0 down

Route del $VIP / dev/null 2 > & 1

Echo "0" > / proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "0" > / proc/sys/net/ipv4/conf/lo/arp_announce

Echo "0" > / proc/sys/net/ipv4/conf/all/arp_ignore

Echo "0" > / proc/sys/net/ipv4/conf/all/arp_announce

Echo "RealServer Stoped"

*)

Echo "Usage: $0 {start | stop}"

Exit 1

Esac

Exit 0

[root@web-1 ~] # chmod + x web.sh

[root@web-1 ~] # service web.sh start

[root@web-1 ~] # ifup lo:0

Check the IP on the web2 node server, and you can see the virtual IP, which means no problem: ifconfig.

Firefox "http://127.0.0.1/" & # visit the website directly

[root@web-1 ~] # service web.sh stop

[root@web-1 ~] # service web.sh start # it is recommended to restart the service

Configure centos7-4

Install the httpd package

[root@web-2 ~] # yum install httpd-y

Adjust the network card mode to host only and fix IP:192.168.100.99

[root@web-2 ~] # vim / etc/sysconfig/network-scripts/ifcfg-ens33

BOOTPROTO=static

IPADDR=192.168.100.99

NETMASK=255.255.255.0

GATEWAY=192.168.100.1

[root@web-2 ~] # service network restart # restart the Nic

[root@web-2 ~] # systemctl stop firewalld.service # turn off the firewall

[root@web-2 ~] # setenforce 0

[root@web-2 ~] # systemctl start httpd.service

[root@web-2 ~] # systemctl status httpd.service

[root@web-2 ~] # cd / var/www/html/

[root@web-2 ~] # echo "this is benet web" > index.html

[root@web-2 ~] # cd / etc/sysconfig/network-scripts/

[root@web-2 ~] # cp ifcfg-lo ifcfg-lo:0

[root@web-2 ~] # vim ifcfg-lo:0

DEVICE=Lo:0

IPADDR=192.168.100.100

NETMASK=255.255.255.0

ONBOOT=yes

[root@web-2 ~] # cd / etc/init.d/

[root@web-2 ~] # vim web.sh # Control Service startup script

#! / bin/bash

VIP=192.168.100.100

Case "$1" in

Start)

Ifconfig lo:0$ VIP netmask 255.255.255.255 broadcast $VIP

/ sbin/route add-host $VIP dev lo:0

Echo "1" > / proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce

Echo "1" > / proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "2" > / proc/sys/net/ipv4/conf/lo/arp_announce

Sysctl-p > / dev/null 2 > & 1

Echo "RealServer Start OK"

Stop)

Ifconfig lo:0 down

Route del $VIP / dev/null 2 > & 1

Echo "0" > / proc/sys/net/ipv4/conf/lo/arp_ignore

Echo "0" > / proc/sys/net/ipv4/conf/lo/arp_announce

Echo "0" > / proc/sys/net/ipv4/conf/all/arp_ignore

Echo "0" > / proc/sys/net/ipv4/conf/all/arp_announce

Echo "RealServer Stoped"

*)

Echo "Usage: $0 {start | stop}"

Exit 1

Esac

Exit 0

[root@web-2 ~] # chmod + x web.sh

[root@web-2 ~] # service web.sh start

# enable virtual network card

[root@web-2 ~] # ifup lo:0

Firefox "http://127.0.0.1/" & # visit the website directly

# shut down and restart the service

[root@web-2 ~] # service web.sh stop

[root@web-2 ~] # service web.sh start

Testing using the Win7 client

C:\ Users\ czt > ping 192.168.100.100

Ping 192.168.100.100 has 32 bytes of data:

Reply from 192.168.100.100: bytes = 32 time

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.