EC2でkeepalived+LVS(DSR)
- 7. keepalived+unicast パッチの差分を参考にして 最新版を修正してみた。 ● ソースコード ○ https://github.com/winebarrel/keepalived ● rpm ○ http://bit.ly/10yLoVe
- 8. 動作確認
- 9. 動作確認 基本情報 ● クライアント - curl ○ dagon - 10.0.214.215 ● keepalived+LVS ○ cthulhu(MASTER) - 10.0.214.216 ○ hastur(BACKUP) - 10.0.214.217 ● バックエンド - httpd ○ nyar - 10.0.214.218 ○ yog - 10.0.214.219 ● VIP ○ 192.168.200.16
- 10. 動作確認 事前準備 ● LVS・バックエンドのENIのSource/Dest Check をdisabledにする ● バックエンドでiptablesの設定 sudo iptables -t nat -A PREROUTING -d 192.168.200.16 -j REDIRECT
- 12. 動作確認 - keepalived.cnf(cthulhu) ! Configuration File for keepalived global_defs { router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 51 priority 101 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.16 } vrrp_unicast_bind 10.0.214.216 vrrp_unicast_peer 10.0.214.217 notify_master "/etc/keepalived/notify_master.sh" } virtual_server_group VSG_1 { 192.168.200.16 80 } virtual_server group VSG_1 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 10.0.214.218 80 { weight 1 HTTP_GET { url { path / } } } real_server 10.0.214.219 80 { weight 1 HTTP_GET { url { path / } } } }
- 13. 動作確認 - keepalived.cnf(hastur) ! Configuration File for keepalived global_defs { router_id LVS_DEVEL } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.16 } vrrp_unicast_bind 10.0.214.217 vrrp_unicast_peer 10.0.214.216 notify_master "/etc/keepalived/notify_master.sh" } virtual_server_group VSG_1 { 192.168.200.16 80 } virtual_server group VSG_1 { delay_loop 6 lb_algo rr lb_kind DR protocol TCP real_server 10.0.214.218 80 { weight 1 HTTP_GET { url { path / } } } real_server 10.0.214.219 80 { weight 1 HTTP_GET { url { path / } } } }
- 14. 動作確認 - notify_master.sh #!/bin/bash VIP=192.168.200.16 ROUTE_TABLE_ID=rtb-... INSTANCE_ID=`curl -s 169.254.169.254/latest/meta-data/instance-id` export AWS_ACCESS_KEY_ID=... export AWS_SECRET_ACCESS_KEY=... export AWS_DEFAULT_REGION=ap-northeast-1 aws ec2 delete-route --destination-cidr-block $VIP/32 --route-table-id $ROUTE_TABLE_ID aws ec2 create-route --destination-cidr-block $VIP/32 --route-table-id $ROUTE_TABLE_ID --instance-id $INSTANCE_ID
- 15. 動作確認 - 起動してみる cthulhu hastur cthulhu> sudo /etc/init.d/keepalived start cthulhu> ip addr show | grep "global eth0" inet 10.0.214.216/17 brd 10.0.255.255 scope global eth0 inet 192.168.200.16/32 scope global eth0 cthulhul> sudo ipvsadm -L IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.200.16:http rr -> 10.0.214.218:http Route 1 0 0 -> 10.0.214.219:http Route 1 0 0 hastur> sudo /etc/init.d/keepalived start hastur> ip addr show | grep "global eth0" inet 10.0.214.217/17 brd 10.0.255.255 scope global eth0 hastur> sudo ipvsadm -L IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.200.16:http rr -> 10.0.214.218:http Route 1 0 0 -> 10.0.214.219:http Route 1 0 0
- 16. 動作確認 dagon> while true; do echo `date +%X`" | "`curl -s 192.168.200.16`; sleep 1; done 05:19:46 PM | nyar OK 05:19:47 PM | yog OK 05:19:48 PM | nyar OK 05:19:49 PM | yog OK 05:19:50 PM | nyar OK 05:19:51 PM | yog OK 05:19:52 PM | nyar OK 05:19:53 PM | yog OK 05:19:54 PM | nyar OK 05:19:55 PM | yog OK 05:19:56 PM | nyar OK 05:19:57 PM | yog OK 05:19:58 PM | nyar OK 05:19:59 PM | yog OK 05:20:00 PM | nyar OK dagonからリクエストを投げる
- 17. cthulhuのkeepalivedを殺す 動作確認 cthulhu> sudo killall -9 keepalived 05:22:08 PM | yog OK 05:22:09 PM | nyar OK 05:22:10 PM | yog OK 05:22:11 PM | nyar OK # ←このへんで殺した 05:22:12 PM | yog OK 05:22:13 PM | nyar OK 05:22:14 PM | yog OK 05:22:15 PM | nyar OK sudo killall -9 keepalived hastur> ip addr show | grep "global eth0" inet 10.0.214.217/17 brd 10.0.255.255 scope global eth0 inet 192.168.200.16/32 scope global eth0
- 18. keepalived と LVS の世界が 戻ってきたよー!