HA 高可用性，Keepalived 加上 ipvsadm 讓 HTTP 連線可以備援

一台主機當主要的服務，當 node1 掛了，切換到 node2 持續服務，node2 為備援

環境

node1: 10.10.10.134 (master)
node2: 10.10.10.135 (backup)
vip: 10.10.10.171

node1 與 node2

yum install keepalived ipvsadm -y

node1，vi  /etc/keepalived/keepalived.conf

cat <<EOF> /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     [email protected]                 # 管理者信箱
   }
   notification_email_from node1    # 寄件者
   smtp_server localhost
   smtp_connect_timeout 30
   router_id LVS_DEVEL          # 寄信時的 title 顯示
}

vrrp_instance VI_1 {
    state MASTER                # 這台為主要的，可以兩台都寫 BACKUP，就會由 priority 決定誰是 MASTER
    interface eth0
    virtual_router_id 51        # 數字為 0~255，辨別是那個 instance
    priority 100                # 優先權，數字愈大愈高，master 必需大於 backup
    advert_int 1                # 檢查間隔
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.10.10.171            # VIP
    }
}

virtual_server 10.10.10.171 80 {
    delay_loop 6                        # 健康檢查時間，秒
    lb_algo rr                          # 調度演算法，rr|wrr|lc|wlc|sh|dh|lblc
    lb_kind DR                          # LVS 機制，NAT | TUN | DR
    nat_mask 255.255.255.0
    persistence_timeout 50
    protocol TCP

    real_server 10.10.10.134 80 {       # 真正提供服務的 IP 及 port
        weight 3                        # 權重
        HTTP_GET {                      # 檢查 http 200 OK 當作是 up 還是 down 的
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
   real_server 10.10.10.135 80 {
        weight 3
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
EOF

node2，設定只有部份與 node1 不同

vi /etc/keepalived/keepalived.conf

vrrp_instance VI_1 { 
    state BACKUP       # 這裡為 BAKCUP
    priority 99        # 優先要比 master 低

或者

# 從 node1 copy 到 node2，node2 再 sed 改一下
sed -i 's/state MASTER/state BACKUP/g' /etc/keepalived/keepalived.conf
sed -i 's/priority 100/priority 99/g' /etc/keepalived/keepalived.conf

node1 與 node2

vi /etc/keepalived/realserver.sh

SNS_VIP=10.10.10.171
. /etc/rc.d/init.d/functions
case "$1" in
start)
    ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP
    /sbin/route add -host $SNS_VIP dev lo:0
    echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
    echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
    echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
    echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
    sysctl -p >/dev/null 2>&1
    echo "RealServer Start OK"
    ;;
stop)
    ifconfig lo:0 down
    route del $SNS_VIP >/dev/null 2>&1
    echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
    echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
    echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
    echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
    echo "RealServer Stoped"
    ;;
*)
    echo "Usage: $0 {start|stop}"
    exit 1
esac
exit 0

執行，在 node1 與 node2，設定網路環境

sh /etc/keepalived/realserver.sh start

node1 與 node2，啟動服務

service keepalived start

查看狀態，可以看到連線訊息，及測試 node1 掛了時，IP 會不會掛載到 node2

watch "ipvsadm -L -n ; echo ; ip a | grep 'inet 10'"