基本环境:centos7
1、源码包安装
cd /usr/local/src/ #进入到准备放源文件的目录
[root@localhost src]# pwd
/usr/local/src
[root@localhost src]# wget http://www.keepalived.org/software/keepalived-2.0.18.tar.gz #下载源码
[root@localhost src]# tar xvf keepalived-2.0.18.tar.gz # 解压
[root@localhost src]# cd keepalived-2.0.18 #进入到解压后的目录
[root@localhost src keepalived-2.0.18]# ./configure --prefix=/usr/local/keepalived #校验
[root@localhost src keepalived-2.0.18]# make && make install # 编译安装
2、初始化及启动
[root@localhost /]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived
# 将keepalived主程序加入到环境变量(安装目录下)
[root@localhost /]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/keepalived
# keepalived启动脚本(源码目录下),放到/etc/init.d/目录下就可以使用service命令便捷调用
[root@localhost /]# cp /usr/local/src/keepalived-2.0.18/keepalived/etc/init.d/keepalived /etc/init.d/keepalived
# 将配置文件放到默认路径下
[root@localhost /]# mkdir /etc/keepalived
[root@localhost /]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
加为系统服务:chkconfig –add keepalived
开机启动:chkconfig keepalived on
查看开机启动的服务:chkconfig –list
启动、关闭、重启service keepalived start|stop|restart
3、keepalived 配置
vim /etc/keepalived/keepalived.conf #配置keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_DEVEL #设定本机的唯一标识,一般为主机名
#script_user root
enable_script_security #必须加上这个,我看其他博客很少配置这个,但我不加上这个不能执行守护脚本
# user root
}
vrrp_script check_nginx_status {
script "/etc/keepalived/check_nginx_status.sh" # 指定脚本位置
interval 5 # 执行脚本的间隔
weight -20 # 设置脚本执行优先级
user root
fall 2
# rise 1
}
vrrp_instance VI_1 {
state MASTER #标示状态为:MASTER 备份机为:BACKUP
interface ens33 #设置实例绑定的网卡
virtual_router_id 51 # 主从virtual_router_id必须相同
priority 100 #MASTER权重必须要高于BACKUP 比如BACKUP为99
advert_int 1 #MASTER与BACKUP负载均衡器之间同步检查的时间间隔,单位是秒
authentication { #主从服务器验证方式
auth_type PASS
auth_pass 1111
}
track_script { #执行检查脚本,当检测到nginx宕掉后,把keepalived也杀死,从而进行故障转移
check_nginx_status
}
virtual_ipaddress { #设置vip 主从需设置一致
192.168.3.100
}
}
4、检测脚本
创建脚本文件: check_nginx_status.sh,这个脚本是检测nginx是否正在运行。
脚本逻辑为:先检测nginx是否在运行,没有则重启nginx,等2秒后再检测一次,如果nginx依旧没有启动,则停止keepalived。
脚本注意 开头一定要有 #!/bin/bash,不然keepalived 执行不起。
#!/bin/bash
counter=$(ps - C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
/usr/local/nginx/sbin/nginx
sleep 2
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
systemctl stop keepalived
fi
fi
脚本赋权限:chmod 755 check_nginx_status.sh
注意给执行权限 chmod 755, 不能给777。至少root用户不能给777权限,安全机制导致不会被keepalived执行
5、配置文件检测:
请在v2.0.13及以上版本使用,之前的版本reload两次后进程会终止,官方已恢复。
/usr/local/keepalived/sbin/keepalived -t
6、问题:
Disabling track script check_nginx_status due to insecure
该问题原因为 check_nginx_status.sh 的权限问题。 root 用户777 权限会出现该问题