keepalived-单主机模式:
说明:仅演示VIP地址流动
工作模式:主备模式-单虚拟路由
拓扑:
环境说明:
1、ka1和ka2分别是2台keepalived服务器
2、配置一个单主虚拟路由器,实现一个vrrp实例
示例:单主机模式实现VIP地址流动
1、ka1 keepalived配置:
[root@lvs-ka1 keepalived]# yum install -y keepalived #centos6.4 + base源
[root@lvs-ka1 keepalived]# cat /etc/keepalived/keepalived.conf
[root@lvs-ka1 keepalived]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected] #可以配置收件人邮箱,需要额外邮箱配置
}
notification_email_from [email protected] #发件人
smtp_server 127.0.0.1 #依赖本机的postfix提供的邮箱服务
smtp_connect_timeout 30 #服务器连接超时时间
router_id ka1 #本地主机名标识
vrrp_mcast_group4 224.100.100.100 #ipv4组播地址,宣告优先级
vrrp_instance VI_1 { #虚拟路由器实例
state MASTER #主
interface ens33 #绑定为当前虚拟路由使用的物理接口
virtual_router_id 66 #当前虚拟路由器唯一标识:0-255
priority 100 #作为master的优先级
advert_int 1 #vrrp通告的时间间隔,1s
authentication { #同一个虚拟路由器成员间的认证
auth_type PASS
auth_pass 123456
}
virtual_ipaddress { #VIP设置
172.16.0.100/24 dev ens33 label ens33:1 #VIP绑定接口
}
}
[root@lvs-ka1 ~]# cat /etc/hosts
10.0.0.125 ka1
10.0.0.126 ka2
[root@lvs-ka1 ~]# ssh-keygen
[root@lvs-ka1 ~]# ssh-copy-id 10.0.0.126
2、ka2 keepalived配置:
[root@lvs-ka1 keepalived]# yum install -y keepalived #centos6.4 + base源
[root@lvs-ka1 keepalived]# cat /etc/keepalived/keepalived.conf
[root@lvs-ka1 keepalived]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected] #可以配置收件人邮箱,需要额外邮箱配置
}
notification_email_from [email protected] #发件人
smtp_server 127.0.0.1 #依赖本机的postfix提供的邮箱服务
smtp_connect_timeout 30 #服务器连接超时时间
router_id ka1 #本地主机名标识
vrrp_mcast_group4 224.100.100.100 #ipv4组播地址,宣告优先级
vrrp_instance VI_1 { #虚拟路由器实例
state BACKUP #从
interface ens33 #绑定为当前虚拟路由使用的物理接口
virtual_router_id 66 #当前虚拟路由器唯一标识:0-255
priority 80 #作为backup优先级
advert_int 1 #vrrp通告的时间间隔,1s
authentication { #同一个虚拟路由器成员间的认证
auth_type PASS
auth_pass 123456
}
virtual_ipaddress { #VIP设置
172.16.0.100/24 dev ens33 label ens33:1 #VIP绑定接口
}
}
[root@lvs-ka1 ~]# cat /etc/hosts
10.0.0.125 ka1
10.0.0.126 ka2
[root@lvs-ka1 ~]# ssh-keygen
[root@lvs-ka1 ~]# ssh-copy-id 10.0.0.125
3、验证:观察VIP的漂移
先启动ka2 keepalived服务:
ka2是BACKUP角色,此时VIP绑定在ka2的ens33端口
[root@lvs-ka2 keepalived]# systemctl start keepalived
[root@lvs-ka2 keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:50:56:34:07:10 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.126/24 brd 10.0.0.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 172.16.0.100/24 scope global ens33:1
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe34:710/64 scope link
valid_lft forever preferred_lft forever
[root@lvs-ka2 keepalived]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.122 0.0.0.0 UG 100 0 0 ens33
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
[root@rs2 ~]# tcpdump -i ens33 -nn host 224.100.100.100 #vrrp宣告
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
21:24:04.205830 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
21:24:05.210191 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
21:24:06.211423 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
21:24:07.215022 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
再启动ka1 keepalived服务:
ka1是MASTER角色,默认抢占式,优先级比BACKUP角色高,VIP飘逸到ka1的ens33端口
[root@lvs-ka1 keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:50:56:31:8a:01 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.125/24 brd 10.0.0.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 172.16.0.100/24 scope global ens33:1
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe31:8a01/64 scope link
valid_lft forever preferred_lft forever
[root@lvs-ka1 keepalived]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.122 0.0.0.0 UG 100 0 0 ens33
10.0.0.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33
172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33
[root@rs2 ~]# tcpdump -i ens33 -nn host 224.100.100.100 #vrrp宣告
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
21:27:51.604517 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
21:27:52.607219 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
21:27:53.608804 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
21:27:54.609974 IP 10.0.0.126 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 90, authtype simple, intvl 1s, length 20
21:27:54.610469 IP 10.0.0.125 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
21:27:55.620706 IP 10.0.0.125 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
21:27:56.632074 IP 10.0.0.125 > 224.100.100.100: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
[root@lvs-ka2 keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:50:56:34:07:10 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.126/24 brd 10.0.0.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe34:710/64 scope link
valid_lft forever preferred_lft forever
标签:10.0,00,主机,keepalived,forever,模式,lft,ens33 From: https://www.cnblogs.com/cnblogsfc/p/14264490.html