前言:
在生产环境当中,内网与公网都是分开的,要实现内网和公网同步漂移,比如:Keepalived+LVS-NAT模式,那么就需要设置vrrp_sync_group同步组,不同的是下面配置只是主备模式,而不是主主模式。
1.示意图:
- 多播IP是:224.0.0.111。
- Master内网和公网VIP属同组。
- BACKUP内网与公网VIP属同组。
+------+ |Client| +------+ /\ +--------+ |Internet| +--------+ /\ +--------+ |NAT 网络| +--------+ /\ +---------------------+ | 内网VIP:10.16.8.100 | +---------------------+ / \ +-----------------------+ +-----------------------+ |KA+Lvs/Nginx/HAProxy | |KA+Lvs/Nginx/HAProxy | |内网VIP:Master (eth1) | |内网VIP:BACKUP (eth1) | |内网:10.16.8.10 (eth1) |<---->|内网:10.16.8.11 (eth1) | |-----------------------|多播IP|-----------------------| |公网VIP:Master (eth2) |<---->|公网VIP:BACKUP (eth2) | |公网:172.16.8.10(eth2) | |公网:172.16.8.11(eth2) | +-----------------------+ +-----------------------+ \ / +----------------------+ | 公网VIP:172.16.8.100 | +----------------------+ \/ +------+ |资源池| +------+
2.ka67配置文件
global_defs { notification_email { root@localhost } notification_email_from ka@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id ka67 vrrp_mcast_group4 224.0.0.111 } vrrp_sync_group VG_1 { group { External_1 Internal_1 } } vrrp_instance External_1 { state MASTER interface eth1 virtual_router_id 171 priority 100 advert_int 1 authentication { auth_type PASS auth_pass renwole0 } virtual_ipaddress { 10.16.8.100 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" } vrrp_instance Internal_1 { state MASTER interface eth2 virtual_router_id 191 priority 100 advert_int 1 authentication { auth_type PASS auth_pass renwole1 } virtual_ipaddress { 172.16.8.100 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" }
3.ka68配置文件
global_defs { notification_email { root@localhost } notification_email_from ka@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id ka68 vrrp_mcast_group4 224.0.0.111 } vrrp_sync_group VG_1 { group { External_1 Internal_1 } } vrrp_instance External_1 { state BACKUP interface eth1 virtual_router_id 171 priority 100 advert_int 1 authentication { auth_type PASS auth_pass renwole0 } virtual_ipaddress { 10.16.8.100 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" } vrrp_instance Internal_1 { state BACKUP interface eth2 virtual_router_id 191 priority 100 advert_int 1 authentication { auth_type PASS auth_pass renwole1 } virtual_ipaddress { 172.16.8.100 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" }