LVS + Keepalived
2016/06/12 |
This is the Redundant configuration for LVS + Keepalived Server itself.
This example is based on the environment below. | --------+-------------------------------------------------------------------- | +-----------------+-------------------+--------------------+ |10.0.0.40(VIP) |10.0.0.40(VIP) | | eth0|10.0.0.30 eth0|10.0.0.31 eth0|10.0.0.51 eth0|10.0.0.52 +------+-----+ +------+-----+ +-------+------+ +-------+------+ | LVS Server | | LVS Server | | Backend#1 | | Backend#2 | | #1 | | #2 | | Web Server | | Web Server | +------------+ +------------+ +--------------+ +--------------+ |
HTTP packets to 10.0.0.40(VIP) on LVS Server are forwarded to Backend01 and Backend02 Servers with DSR(Direct Server Return).
|
[1] | Install ipvsadm and Keepalived on all LVS Servers. |
root@dlp:~# apt-get -y install ipvsadm keepalived
|
[2] | Configure Keepalived. It's OK to configure the same settings except one setting on both backend servers. (but only for the "priority" section, Change it on both backend server.) |
root@dlp:~#
vi /etc/keepalived/keepalived.conf # create new global_defs { notification_email { root@dlp.srv.world } notification_email_from root@dlp.srv.world smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_Server } vrrp_instance VI_1 { state BACKUP # monitored interface interface eth0 # virtual router's ID virtual_router_id 51 # set priority (change this value on each server) # (large number means priority is high) priority 100 nopreempt # VRRP sending interval advert_int 1 # authentication info between Keepalived servers authentication { auth_type PASS auth_pass password } virtual_ipaddress { # virtual IP address 10.0.0.40 dev eth0 } } virtual_server 10.0.0.40 80 { # monitored interval delay_loop 3 # distribution method lvs_sched rr # routing method lvs_method DR protocol TCP # backend server#1 real_server 10.0.0.51 80 { weight 1 HTTP_GET { url { # monitored path path / # status code for normally state status_code 200 } # timeout(sec) connect_timeout 3 } } # backend server#2 real_server 10.0.0.52 80 { weight 1 HTTP_GET { url { path / status_code 200 } connect_timeout 3 } } } systemctl restart keepalived
|
[3] | For DSR mode, return packets from backends to clients are directly returned, so it's nesessary to configure following settings. Set it on all backend servers. |
# specify virtual IP address root@node01:~# iptables -t nat -A PREROUTING -d 10.0.0.40 -j REDIRECT
|
[4] |
It's OK, Access to the Service IP address and make sure it works normally.
|