openstack 实例配置keepalived

#!/bin/bash
nginx1:192.168.97.101
nginx2:192.168.97.102
vip: 192.168.97.241

#安装软件

yum install nginx wget

echo -e "192.168.97.101 nginx-master " > /usr/share/nginx/html/index.html
echo -e "192.168.97.102 nginx-backup " > /usr/share/nginx/html/index.html

yum install keepalived -y

##配置检查脚本,两台节点都配置
 

cat <<END> /etc/nginx/check_nginx_alive.sh
#!/bin/sh
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ]
 then echo 'nginx server is died'
  systemctl stop keepalived
fi
END

chmod a+x /etc/nginx/check_nginx_alive.sh

##配置keepalived.conf
###主节点配置
cp /etc/keepalived/keepalived.conf{,.bk}

egrep -v '#|^$' /etc/keepalived/keepalived.conf
! Configuration File for keepalived
vrrp_script check_nginx_alive {
    script "/etc/nginx/check_nginx_alive.sh"
    interval 3
    weight -10
}
global_defs {
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.97.241
    }
    track_script {
    check_nginx_alive
    }
}
virtual_server 192.168.97.241 80 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP
    real_server 192.168.97.101 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}

###备节点配置

egrep -v '#|^$' /etc/keepalived/keepalived.conf
! Configuration File for keepalived
vrrp_script check_nginx_alive {
    script "/etc/nginx/check_nginx_alive.sh"
    interval 3
    weight -10
}
global_defs {
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.97.241
    }
   track_script {
    check_nginx_alive
    }
}
virtual_server 192.168.97.241 80 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP
    real_server 192.168.97.102 80 {
        weight 1
        TCP_CHECK {
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}

##启动服务
systemctl start keepalived && systemctl enable keepalived
##修改openstack中实例端口属性

在OpenStack中默认由于安全组策略限制，云主机只响应自己的iP地址请求，如果需要做HA，可以用以下两种方式实现
这里使用的是第一种，第二种忽略

1、 增加allow_address_pairs属性

neutron port-list |grep 192.168.97.101
neutron port-update  958ea025-d13c-4c8b-af8a-207339fe5299 --allowed_address_pairs list=true type=dict ip_address=192.168.97.241
neutron port-list |grep 192.168.97.102
neutron port-update 184cee31-9eee-4282-9da9-dce542c1056a --allowed_address_pairs list=true type=dict ip_address=192.168.97.241

2、 关闭neutron port的安全组特性 ，这种方法忽略

neutron port-update --no-security-groups $port_id
neutron port-update $port_id --port-security-enabled=False

##测试
web 输入 192.168.97.241  显示ok，
手动关闭主节点keepalived ，备节点显示ok