两台服务器,安装keepalived和apache,即实现高可用,又实现负载均衡。
为了防止检测httpd服务时出现回环,用iptables对正常客户请求数据包打上标记,忽略另一台服务器检测包。
-
iptables -t mangle -A PREROUTING -d 192.168.2.100 -p tcp --dport 80 -m mac ! --mac-source 00:0C:29:5A:5A:36 -j MARK --set-mark 1
mac地址是另一台服务器的网卡mac。
keepalived配置如下
-
! Configuration File for keepalived
-
-
global_defs {
-
router_id S208
-
}
-
-
vrrp_instance NW3007 {
-
state MASTER
-
interface eth0
-
virtual_router_id 51
-
priority 200
-
advert_int 5
-
track_interface {
-
eth0
-
}
-
authentication {
-
auth_type PASS
-
auth_pass 1111
-
}
-
virtual_ipaddress {
-
192.168.2.100
-
}
-
}
-
-
virtual_server fwmark 1 {
-
delay_loop 5
-
lb_algo rr
-
lb_kind DR
-
protocol TCP
-
-
real_server 192.168.2.131 80 {
-
HTTP_GET {
-
url {
-
path /
-
#digest的值用"genhash -s 192.168.2.132 -p 80 -u /"获得
-
digest 3be873cedd792b389c2b2495aa2b9b31
-
status_code 200
-
}
-
connect_port 80
-
connect_timeout 2
-
nb_get_retry 2
-
delay_before_retry 2
-
}
-
# TCP_CHECK {
-
# connect_port 80
-
# connect_timeout 2
-
# delay_before_retry 2
-
# }
-
}
-
real_server 192.168.2.132 80 {
-
#weight 1
-
HTTP_GET {
-
url {
-
path /
-
#digest的值用"genhash -s 192.168.2.131 -p 80 -u /"获得
-
digest e051e54a58c467f7e3e23e648bf7ab83
-
status_code 200
-
}
-
connect_port 80
-
connect_timeout 2
-
nb_get_retry 2
-
delay_before_retry 2
-
}
-
# TCP_CHECK {
-
# connect_port 80
-
# connect_timeout 2
-
# }
-
}
-
}
创建文件/etc/sysconfig/network-scripts/ifcfg-lo:0,内容如下
-
DEVICE=lo:0
-
ONBOOT=yes
-
BOOTPROTO=static
-
IPADDR=192.168.2.100
-
NETMASK=255.255.255.255
在sysctl.conf中添加
-
net.ipv4.conf.eth0.arp_ignore = 1
-
net.ipv4.conf.eth0.arp_announce = 2
另一台服务器基本一致,priority值改一下,iptables的mac改一下。
阅读(4957) | 评论(0) | 转发(1) |