1. Cài đặt keepalived trên 2 máy chủ MTA và Proxy
Chuẩn bị 4 IP Vir bao gồm:
10.58.71.72 proxy1
10.58.71.73 proxy2
10.58.71.74 mta1
10.58.71.75 mta2
Cài đặt keepalived trên 4 máy chủ
# yum --disablerepo=\* --enablerepo=c6-media install gcc kernel-headers kernel-devel keepalived
Sửa file cấu hình luật iptables /etc/sysconfig/iptables
Thêm 2 dòng sau: vào đầu phần luật INPUT
-A INPUT -d 224.0.0.0/8 -j ACCEPT
-A INPUT -p vrrp -j ACCEPT
Sau đó khởi động lại iptables
# service iptables restart
2. Cấu hình keepalived trên máy chủ MTA
Chỉnh sửa file /etc/keepalived/keepalived.conf (backup lại file cũ trước)
Trên máy chủ MTA1
[root@mta1 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server localhost
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_smtp {
script "</dev/tcp/127.0.0.1/465"
interval 1
weight -20
fall 2
rise 2
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_3 {
interface eth0
state BACKUP
virtual_router_id 53
priority 100
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
10.58.71.74
}
track_script {
chk_smtp
}
}
vrrp_instance VI_4 {
interface eth0
state MASTER
virtual_router_id 54
priority 101
authentication {
auth_type PASS
auth_pass 123456a@
}
virtual_ipaddress {
10.58.71.75
}
track_script {
chk_smtp
}
}
Trên máy chủ mta2 :
[root@mta2 ~]# cat /etc/keepalived/keepalived.conf
/bin/bash: Configuration: command not found
bal_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server localhost
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_smtp {
script "</dev/tcp/127.0.0.1/465"
interval 1
weight -20
fall 2
rise 2
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_3 {
interface eth0
state MASTER
virtual_router_id 53
priority 101
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
10.58.71.74
}
track_script {
chk_smtp
}
}
vrrp_instance VI_4 {
interface eth0
state BACKUP
virtual_router_id 54
priority 100
authentication {
auth_type PASS
auth_pass 123456a@
}
virtual_ipaddress {
10.58.71.75
}
track_script {
chk_smtp
}
}
3. Cấu hình keepalived trên máy chủ Proxy
[root@proxy1 ~]# cat /etc/keepalived/keepalived.conf
bal_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server localhost
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_pop3 {
script "</dev/tcp/127.0.0.1/995"
interval 1
weight -20
fall 2
rise 2
}
vrrp_script chk_imap {
script "</dev/tcp/127.0.0.1/993"
interval 1
weight -20
fall 2
rise 2
}
vrrp_script chk_web {
script "</dev/tcp/127.0.0.1/443"
interval 1
weight -20
fall 2
rise 2
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
interface eth0
state BACKUP
virtual_router_id 51
priority 100
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
10.58.71.72
}
track_script {
chk_pop3
chk_imap
chk_web
}
}
vrrp_instance VI_2 {
interface eth0
state MASTER
virtual_router_id 52
priority 101
authentication {
auth_type PASS
auth_pass 123456a@
}
virtual_ipaddress {
10.58.71.73
}
track_script {
chk_pop3
chk_imap
chk_web
}
}
Trên máy chủ proxy 2
[root@proxy2 ~]# cat /etc/keepalived/keepalived.conf
/bin/bash: Configuration: command not found
bal_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server localhost
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_pop3 {
script "</dev/tcp/127.0.0.1/995"
interval 1
weight -20
fall 2
rise 2
}
vrrp_script chk_imap {
script "</dev/tcp/127.0.0.1/993"
interval 1
weight -20
fall 2
rise 2
}
vrrp_script chk_web {
script "</dev/tcp/127.0.0.1/443"
interval 1
weight -20
fall 2
rise 2
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 2
weight 2
}
vrrp_instance VI_1 {
interface eth0
state MASTER
virtual_router_id 51
priority 101
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
10.58.71.72
}
track_script {
chk_pop3
chk_imap
chk_web
}
}
vrrp_instance VI_2 {
interface eth0
state BACKUP
virtual_router_id 52
priority 100
authentication {
auth_type PASS
auth_pass 123456a@
}
virtual_ipaddress {
10.58.71.73
}
track_script {
chk_pop3
chk_imap
chk_web
}
}
Tài liệu tham khảo thêm tại đây
Không có nhận xét nào:
Đăng nhận xét