1)LB01
Hostname:lb01.example.com
VIP:192.168.3.33(eth0:0)
IP:192.168.3.31(eth0)
OS:Centos 7
2)LB02
Hostname:lb02.example.com
VIP:192.168.3.33(eth0:0)
IP:192.168.3.25(eth0)
OS:Centos 7
3)WEB1
Hostname:web1.example.com
RIP:192.168.3.16(eth0)
OS:Centos 7
4)WEB2
Hostname:web2.example.com
RIP:192.168.3.17(eth0)
OS:Centos 7
5)USER
Hostname:user
UIP:192.168.3.34
环境准备(略)
1)主机名配置
2)hosts文件解析
3)时间同步
WEB1
[root@web1 ~]# yum install -y nginx &>/dev/null && echo "web1.example.com" >/usr/share/nginx/html/index.html && systemctl start nginx && systemctl enable nginx
[root@web1 ~]# curl 127.0.0.1
web1.example.com
WEB2
[root@web2 ~]# yum install -y nginx &>/dev/null && echo "web2.example.com" >/usr/share/nginx/html/index.html && systemctl start nginx && systemctl enable nginx
[root@web2 ~]# curl 127.0.0.1
web2.example.com
LB01
[root@lb01 ~]# yum install -y nginx keepalived
[root@lb01 ~]# vim /etc/nginx/nginx.conf
http {
upstream backend {
server 192.168.3.16;
server 192.168.3.17;
}
server {
listen 80 default_server;
server_name www.example.com;
root /usr/share/nginx/html;
location / {
proxy_pass http://backend;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
[root@lb01 ~]# systemctl start nginx && systemctl enable nginx
[root@lb01 ~]# for i in {1..4};do curl 127.0.0.1;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
[root@lb01 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
admin@example.com
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LB01
}
vrrp_script check_lb {
script "/usr/bin/killall -0 nginx" # killall -0 PROCESS 用于判断进程存在与否,存在返回0,不存在返回1
interval 1
}
vrrp_instance LB01 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.33/32 brd 192.168.3.33 dev eth0 label eth0:0
}
track_script {
check_lb
}
}
[root@lb01 ~]# systemctl start keepalived && systemctl enable keepalived
[root@lb01 ~]# ifconfig|grep 192.168.3.33|wc -l
1
[root@lb01 ~]# for i in {1..4};do curl 192.168.3.33;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
LB02
[root@lb02 ~]# yum install -y nginx keepalived
[root@lb02 ~]# vim /etc/nginx/nginx.conf
http {
upstream backend {
server 192.168.3.16;
server 192.168.3.17;
}
server {
listen 80 default_server;
server_name www.example.com;
root /usr/share/nginx/html;
location / {
proxy_pass http://backend;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
[root@lb02 ~]# systemctl start nginx && systemctl enable nginx
[root@lb02 ~]# for i in {1..4};do curl 127.0.0.1;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
[root@lb02 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
admin@example.com
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LB02
}
vrrp_script check_lb {
script "/usr/bin/killall -0 nginx"
interval 1
}
vrrp_instance LB02 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.33/32 brd 192.168.3.33 dev eth0 label eth0:0
}
track_script {
check_lb
}
}
[root@lb02 ~]# systemctl start keepalived.service && systemctl enable keepalived.service
[root@lb02 ~]# ifconfig|grep 192.168.3.33|wc -l
0
[root@lb02 ~]# tail /var/log/messages
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: SECURITY VIOLATION - scripts are being executed but script_security not enabled.
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: Using LinkWatch kernel netlink reflector...
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: VRRP_Instance(LB02) Entering BACKUP STATE
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: VRRP_Script(check_lb) succeeded
USER
[root@user ~]# for i in {1..4};do curl www.example.com;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
[root@lb01 ~]# systemctl stop nginx
[root@lb01 ~]# tail /var/log/messages
Jul 3 17:27:31 lvs01 Keepalived_vrrp[54945]: /usr/bin/killall -0 nginx exited with status 1
[root@lb01 ~]# ifconfig|grep 192.168.3.33|wc -l
0
[root@lb02 ~]# ifconfig|grep 192.168.3.33|wc -l
1
[root@user ~]# for i in {1..4};do curl www.example.com;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
[root@lb01 ~]# systemctl start nginx
[root@lb01 ~]# ifconfig|grep 192.168.3.33|wc -l
1
原文:https://www.cnblogs.com/liming-linux-python/p/10421120.html