案例研究:混合健康检查和失败切换¶
对于此示例,我们使用与失败切换部分中相同的拓扑。这里的想法是使用VRRP VIP作为LVS的VIP。这样我们将引入一个高可用性LVS转发器来执行LVS真实服务器池监控。
Keepalived配置¶
整个配置在 /etc/keepalived/keepalived.conf
文件中完成。在我们的案例研究中,LVS转发器1上的该文件如下所示:
# Configuration File for keepalived
global_defs {
notification_email {
admin@domain.com
0633225522@domain.com
}
notification_email_from keepalived@domain.com
smtp_server 192.168.200.20
smtp_connect_timeout 30
lvs_id LVS_MAIN
}
# VRRP Instances definitions
vrrp_sync_group VG1 {
group {
VI_1
VI_2
}
}
vrrp_sync_group VG2 {
group {
VI_3
VI_4
}
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass k@l!ve1
}
virtual_ipaddress {
192.168.200.10
192.168.200.11
}
}
vrrp_instance VI_2 {
state MASTER
interface eth1
virtual_router_id 52
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass k@l!ve2
}
virtual_ipaddress {
192.168.100.10
}
}
vrrp_instance VI_3 {
state BACKUP
interface eth0
virtual_router_id 53
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass k@l!ve3
}
virtual_ipaddress {
192.168.200.12
192.168.200.13
}
}
vrrp_instance VI_4 {
state BACKUP
interface eth1
virtual_router_id 54
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass k@l!ve4
}
virtual_ipaddress {
192.168.100.11
}
}
# Virtual Servers definitions
virtual_server 192.168.200.10 80 {
delay_loop 30
lb_algo wrr
lb_kind NAT
persistence_timeout 50
protocol TCP
sorry_server 192.168.100.100 80
real_server 192.168.100.2 80 {
weight 2
HTTP_GET {
url {
path /testurl/test.jsp
digest ec90a42b99ea9a2f5ecbe213ac9eba03
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
connect_timeout 3
retry 3
delay_before_retry 2
}
}
real_server 192.168.100.3 80 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
connect_timeout 3
retry 3
delay_before_retry 2
}
}
}
virtual_server 192.168.200.12 443 {
delay_loop 20
lb_algo rr
lb_kind NAT
persistence_timeout 360
protocol TCP
real_server 192.168.100.2 443 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 192.168.100.3 443 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}
我们在LVS转发器2上定义对称的VRRP配置文件。这样两个转发器都处于活动状态,转发器1处理HTTP流,转发器2处理SSL流。