环境介绍

1）LB01
Hostname：lb01.example.com
VIP：192.168.3.33（eth0:0）
IP：192.168.3.31（eth0）
OS：Centos 7
2）LB02
Hostname：lb02.example.com
VIP：192.168.3.33（eth0:0）
IP：192.168.3.25（eth0）
OS：Centos 7
3）WEB1
Hostname：web1.example.com
RIP：192.168.3.16（eth0）
OS：Centos 7
4）WEB2
Hostname：web2.example.com
RIP：192.168.3.17（eth0）
OS：Centos 7
5）USER
Hostname：user
UIP：192.168.3.34

安装配置

环境准备（略）
1）主机名配置
2）hosts文件解析
3）时间同步

WEB1
[root@web1 ~]# yum install -y nginx &>/dev/null && echo "web1.example.com" >/usr/share/nginx/html/index.html && systemctl start nginx && systemctl enable nginx
[root@web1 ~]# curl 127.0.0.1
web1.example.com

WEB2
[root@web2 ~]# yum install -y nginx &>/dev/null && echo "web2.example.com" >/usr/share/nginx/html/index.html && systemctl start nginx && systemctl enable nginx
[root@web2 ~]# curl 127.0.0.1
web2.example.com

LB01
[root@lb01 ~]# yum install -y nginx keepalived
[root@lb01 ~]# vim /etc/nginx/nginx.conf
http {
upstream backend {
server 192.168.3.16;
server 192.168.3.17;
}
server {
listen 80 default_server;
server_name www.example.com;
root /usr/share/nginx/html;
location / {
proxy_pass http://backend;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
[root@lb01 ~]# systemctl start nginx && systemctl enable nginx
[root@lb01 ~]# for i in {1..4};do curl 127.0.0.1;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
[root@lb01 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
admin@example.com
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LB01
}
vrrp_script check_lb {
script "/usr/bin/killall -0 nginx" # killall -0 PROCESS 用于判断进程存在与否，存在返回0，不存在返回1
interval 1
}
vrrp_instance LB01 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.33/32 brd 192.168.3.33 dev eth0 label eth0:0
}
track_script {
check_lb
}
}
[root@lb01 ~]# systemctl start keepalived && systemctl enable keepalived
[root@lb01 ~]# ifconfig|grep 192.168.3.33|wc -l
1
[root@lb01 ~]# for i in {1..4};do curl 192.168.3.33;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com

LB02
[root@lb02 ~]# yum install -y nginx keepalived
[root@lb02 ~]# vim /etc/nginx/nginx.conf
http {
upstream backend {
server 192.168.3.16;
server 192.168.3.17;
}
server {
listen 80 default_server;
server_name www.example.com;
root /usr/share/nginx/html;
location / {
proxy_pass http://backend;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
[root@lb02 ~]# systemctl start nginx && systemctl enable nginx
[root@lb02 ~]# for i in {1..4};do curl 127.0.0.1;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
[root@lb02 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
admin@example.com
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LB02
}
vrrp_script check_lb {
script "/usr/bin/killall -0 nginx"
interval 1
}
vrrp_instance LB02 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.3.33/32 brd 192.168.3.33 dev eth0 label eth0:0
}
track_script {
check_lb
}
}
[root@lb02 ~]# systemctl start keepalived.service && systemctl enable keepalived.service
[root@lb02 ~]# ifconfig|grep 192.168.3.33|wc -l
0
[root@lb02 ~]# tail /var/log/messages
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: SECURITY VIOLATION - scripts are being executed but script_security not enabled.
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: Using LinkWatch kernel netlink reflector...
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: VRRP_Instance(LB02) Entering BACKUP STATE
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jul 3 17:23:35 lvs02 Keepalived_vrrp[5652]: VRRP_Script(check_lb) succeeded

USER
[root@user ~]# for i in {1..4};do curl www.example.com;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
[root@lb01 ~]# systemctl stop nginx
[root@lb01 ~]# tail /var/log/messages
Jul 3 17:27:31 lvs01 Keepalived_vrrp[54945]: /usr/bin/killall -0 nginx exited with status 1
[root@lb01 ~]# ifconfig|grep 192.168.3.33|wc -l
0
[root@lb02 ~]# ifconfig|grep 192.168.3.33|wc -l
1
[root@user ~]# for i in {1..4};do curl www.example.com;done
web1.example.com
web2.example.com
web1.example.com
web2.example.com
[root@lb01 ~]# systemctl start nginx
[root@lb01 ~]# ifconfig|grep 192.168.3.33|wc -l
1