|
LVS + Keepalived
2015/06/10 |
|
This is the Redundant configuration for LVS + Keepalived Server itself.
This example is based on the environment below.
|
+----------------+-----------------+
| |
192.168.0.30|eth0 --- VIP:192.168.0.29 --- eth0|192.168.0.31
+-------+--------+ +--------+-------+
| LVS+Keepalived | | LVS+Keepalived |
+-------+--------+ +--------+-------+
10.0.0.30|eth1 ----- VIP:10.0.0.29 ---- eth1|10.0.0.31
| |
+----------------+-----------------+
|
+------------+ | +------------+
| Backend01 |10.0.0.51 | 10.0.0.52| Backend02 |
| Web Server +------------+-------------+ Web Server |
| |eth0 eth0| |
+------------+ +------------+
|
|
HTTP packets to the eth0 on LVS Server are forwarded to Backend01 and Backend02 Servers with NAT.
Change the default gateway to internal IP address of LVS on both Backend Web Servers first. (it's 10.0.0.29 on the example)
|
|
| [1] | Install ipvsadm and keepalived. |
|
[root@dlp ~]#
yum -y install ipvsadm keepalived # enable IP forward [root@dlp ~]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf [root@dlp ~]# sysctl -p
touch /etc/sysconfig/ipvsadm [root@dlp ~]# systemctl start ipvsadm [root@dlp ~]# systemctl enable ipvsadm |
| [2] | Configure Keepalived. It's OK to configure the same settings except one setting on both backend servers. (but only for the "priority" section, Change it on both backend server.) |
|
[root@dlp ~]# mv /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.org
[root@dlp ~]#
vi /etc/keepalived/keepalived.conf # create new
global_defs {
notification_email {
root@dlp.srv.world
}
notification_email_from root@dlp.srv.world
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_Server
}
vrrp_instance VI_1 {
state BACKUP
# monitored interface
interface eth0
# virtual router's ID
virtual_router_id 51
# set priority (change this value on each server)
# (large number means priority is high)
priority 100
nopreempt
# VRRP sending interval
advert_int 1
# authentication info between Keepalived servers
authentication {
auth_type PASS
auth_pass password
}
virtual_ipaddress {
# virtual IP address
192.168.0.29 dev eth0
10.0.0.29/24 dev eth1
}
}
virtual_server 192.168.0.29 80 {
# monitored interval
delay_loop 3
# distribution method
lvs_sched rr
# routing method
lvs_method NAT
protocol TCP
# backend server#1
real_server 10.0.0.51 80 {
weight 1
HTTP_GET {
url {
# monitored path
path /
# status code for normally state
status_code 200
}
# timeout(sec)
connect_timeout 3
}
}
# backend server#2
real_server 10.0.0.52 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
}
}
}
systemctl start keepalived [root@dlp ~]# systemctl enable keepalived |
| [3] |
It's OK, Access to the Service IP address and make sure it works normally.
|