1、基础依赖包安装
yum install gcc
yum -y install openssl-devel
yum -y install libnl libnl-devel
yum -y install libnfnetlink-devel
yum -y install net-tools
yum -y install vim
2、安装包下载、解压编译和安装
官网下载keepalived安装包:
此处下载最新版本2.0.18
将keepalived-2.0.18.tar.gz安装包上传到服务器上的某个目录下,此处为/usr/local/src目录下:
进入安装目录下并解压安装包:
cd /usr/local/src/
tar -zxvf keepalived-2.0.18.tar.gz
将解压的目录移动到/usr/local/keepalived下并进入移动后的目录:
mv keepalived-2.0.18 ../keepalived
cd ../keepalived/
生成makefile文件:
./configure
安装执行:
make && make install
完成后会在以下路径生成:
/usr/local/etc/keepalived/keepalived.conf
/usr/local/etc/sysconfig/keepalived
/usr/local/sbin/keepalived
3 、初始化及启动
将配置文件放到默认路径下:
mkdir /etc/keepalived
cp /usr/local/keepalived/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
将keepalived启动脚本(源码目录下),放到/etc/init.d/目录下:
cp /usr/local/keepalived/keepalived/etc/init.d/keepalived /etc/rc.d/init.d/
将keepalived启动脚本变量引用文件放到/etc/sysconfig/目录下:
cp /usr/local/keepalived/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
将keepalived主程序加入到环境变量/usr/sbin/目录下:
cp /usr/local/sbin/keepalived /usr/sbin/
启动keepalived:
service keepalived start
附注:
service keepalived stop //停止服务
service keepalived status //查看服务状态
4 、配置文件修改
停止keepalived服务,修改keepalived.conf配置文件(第3步中的/etc/keepalived/keepalived.conf )并重新启动keepalived服务加载配置文件。
配置属性说明可参照keepalived.conf文件,在具体使用中可参考修改:
! Configuration File for keepalived
# 全局定义块
global_defs {
# 邮件通知配置,用于服务有故障时发送邮件报警,可选项
notification_email {
[email protected]
}
# 通知邮件从哪里发出
notification_email_from [email protected]
# 通知邮件的smtp地址
smtp_server 127.0.0.1
# 连接smtp服务器的超时时间
smtp_connect_timeout 30
# 标识本节点的字条串,通常为hostname,但不一定非得是hostname。故障发生时,邮件通知会用到
router_id LVS_DEVEL
}
# 做健康检查的脚本配置,当时检查失败时会将vrrp_instance的priority减少相应的值
vrrp_script chk_haproxy {
# 待执行脚本
script "/etc/keepalived/chk_nginx.sh"
# 执行间隔
interval 2
# 控制priority增减
weight 2
}
# VRRP实例定义块
vrrp_instance VI_1 {
# 标识当前节点的状态,可以是MASTER或BACKUP,当其他节点keepalived启动时会将priority比较大的节点选举为MASTER
state MASTER
# 节点固有IP(非VIP)的网卡,用来发VRRP包
interface ens192
# 取值在0-255之间,用来区分多个instance的VRRP组播。同一网段中virtual_router_id的值不能重复,否则会出错
virtual_router_id 100
# 用来选举master的,要成为master,那么这个选项的值最好高于其他机器50个点,该项取值范围是[1-254](在此范围之外会被识别成默认值100)
priority 200
# 发VRRP包的时间间隔,即多久进行一次master选举(可以认为是健康查检时间间隔)
advert_int 1
# 认证区域,认证类型有PASS和HA(IPSEC),推荐使用PASS(密码只识别前8位)
authentication {
auth_type PASS
auth_pass 1111
}
# 调用chk_http_port中定义的脚本,当使用track_script时可以不用加nopreempt,只需要加上preempt_delay 5,这里的间隔时间要大于vrrp_script中定义的时长
track_script {
chk_haproxy
}
# 允许一个priority比较低的节点作为master,即使有priority更高的节点启动。nopreemt必须在state为BACKUP的节点上才生效(因为是BACKUP节点决定是否来成为MASTER的)
nopreempt
# 启动多久之后进行接管资源(VIP/Route信息等),前提是没有nopreempt选项
preempt_delay 300
# 虚拟ip地址
virtual_ipaddress {
192.168.26.34
}
}
# 虚拟服务定义块
virtual_server 192.168.26.34 9999{
# 延迟轮询时间(单位秒)
delay_loop 6
# 后端调试算法
lb_algo wrr
# LVS调度类型NAT/DR/TUN
lb_kind DR
# nat掩码
nat_mask 255.255.255.0
# 持久化超时时间,保持客户端的请求在这个时间段内全部发到同一个真实服务器,解决客户连接的相关性问题
persistence_timeout 1
# 传输协议
protocol TCP
# 真实提供服务的服务器
real_server 192.168.26.36 9999 {
# 权重
weight 1
# 健康检查方式 HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK
TCP_CHECK {
# 连接超时时间
connect_timeout 10
# 检测失败后的重试次数,若达到重试次数还是失败则将其从服务器池中移除
nb_get_retry 3
# 下次重试的时间延迟
delay_before_retry 3
# 连接端口
connect_port 9999
}
}
real_server 192.168.26.54 9999 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 9999
}
}
}
virtual_server 192.168.26.34 3306{
delay_loop 6
lb_algo wrr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 1
protocol TCP
real_server 192.168.26.36 3306 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
real_server 192.168.26.54 3306 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 3306
}
}
}
修改完之后重新启动