前言:
在生产环境中,公网与内网都是独立分开的,所以称之为双网络。公网和内网在故障时实现同步漂移,例如:Keepalived+LVS-NAT
模式,这时就需要用到vrrp_sync_group
设置同步漂移组。如果做双主双活,需要分别在两端加2个VIP,以达到互为主备的效果。
1.示意图:
- 多播IP是:224.0.0.111。
- 内网VIP1与内网VIP2互为主备。
- 公网VIP1与公网VIP2互为主备。
- 内网VIP1和公网VIP1是为一个同步组。
- 内网VIP2和公网VIP2是为一个同步组。
+------+ |Client| +------+ /\ +--------+ |Internet| +--------+ /\ +--------+ |NAT 网络| +--------+ /\ +----------------------+ | 内网VIP1:10.16.8.100 | | 内网VIP2:10.16.8.101 | +----------------------+ / \ +-----------------------+ +-----------------------+ | KA+Lvs-NAT | | KA+Lvs-NAT | |内网VIP1:Master (eth1) | |内网VIP1:BACKUP (eth1) | |内网VIP2:BACKUP (eth1) | |内网VIP2:Master (eth1) | |内网:10.16.8.10 (eth1) |<---->|内网:10.16.8.11 (eth1) | |-----------------------|多播IP|-----------------------| |公网VIP1:Master (eth2) |<---->|公网VIP1:BACKUP (eth2) | |公网VIP2:BACKUP (eth2) | |公网VIP2:Master (eth2) | |公网:172.16.8.10(eth2) | |公网:172.16.8.11(eth2) | +-----------------------+ +-----------------------+ \ / +-----------------------+ | 公网VIP1:172.16.8.100 | | 公网VIP2:172.16.8.101 | +-----------------------+ \/ +------+ |资源池| +------+
2.ka67配置文件
global_defs { notification_email { root@localhost } notification_email_from ka@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id ka67 vrrp_mcast_group4 224.0.0.111 } vrrp_sync_group VG_1 { group { External_1 Internal_1 } } vrrp_sync_group VG_2 { group { External_2 Internal_2 } } vrrp_instance External_1 { state MASTER interface eth1 virtual_router_id 171 priority 100 advert_int 1 authentication { auth_type PASS auth_pass renwole0 } virtual_ipaddress { 10.16.8.100 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" } vrrp_instance External_2 { state BACKUP interface eth1 virtual_router_id 172 priority 95 advert_int 1 authentication { auth_type PASS auth_pass renwole1 } virtual_ipaddress { 10.16.8.101 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" } vrrp_instance Internal_1 { state MASTER interface eth2 virtual_router_id 191 priority 100 advert_int 1 authentication { auth_type PASS auth_pass renwole2 } virtual_ipaddress { 172.16.8.100 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" } vrrp_instance Internal_2 { state BACKUP interface eth2 virtual_router_id 192 priority 95 advert_int 1 authentication { auth_type PASS auth_pass renwole3 } virtual_ipaddress { 172.16.8.101 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" }
3.ka68配置文件
global_defs { notification_email { root@localhost } notification_email_from ka@localhost smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id ka68 vrrp_mcast_group4 224.0.0.111 } vrrp_sync_group VG_1 { group { External_1 Internal_1 } } vrrp_sync_group VG_2 { group { External_2 Internal_2 } } vrrp_instance External_1 { state BACKUP interface eth1 virtual_router_id 171 priority 100 advert_int 1 authentication { auth_type PASS auth_pass renwole0 } virtual_ipaddress { 10.16.8.100 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" } vrrp_instance External_2 { state MASTER interface eth1 virtual_router_id 172 priority 95 advert_int 1 authentication { auth_type PASS auth_pass renwole1 } virtual_ipaddress { 10.16.8.101 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" } vrrp_instance Internal_1 { state BACKUP interface eth2 virtual_router_id 191 priority 100 advert_int 1 authentication { auth_type PASS auth_pass renwole2 } virtual_ipaddress { 172.16.8.100 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" } vrrp_instance Internal_2 { state MASTER interface eth2 virtual_router_id 192 priority 95 advert_int 1 authentication { auth_type PASS auth_pass renwole3 } virtual_ipaddress { 172.16.8.101 } notify_master "/usr/local/keepalived/etc/keepalived/notify.sh master" notify_backup "/usr/local/keepalived/etc/keepalived/notify.sh backup" notify_fault "/usr/local/keepalived/etc/keepalived/notify.sh fault" }