A主机:10.11.30.17
[root@localhost ~]# yum installopenssl openssl-devel popt popt-devel
[root@localhost /]# tar xvf keepalived-1.2.20.tar.gz
[root@localhost keepalived-1.2.20]#./configure --prefix=/usr/local/keepalived
[root@localhost keepalived-1.2.20]# make
[root@localhost keepalived-1.2.20]# makeinstall
[root@localhost keepalived-1.2.20]# cp/usr/local/keepalived/sbin/keepalived /usr/sbin/
[root@localhostkeepalived-1.2.20]#cp_/usr/local/keepalived/etc/sysconfig/keepalived_/etc/sysconfig/
[root@localhostkeepalived-1.2.20]#cp_/usr/local/keepalived/etc/rc.d/init.d/keepalived_/etc/init.d/
[root@localhost keepalived-1.2.20]# chmod755 /etc/init.d/keepalived
[root@localhost keepalived-1.2.20]#chkconfig --add keepalived
[root@localhost keepalived-1.2.20]# chkconfig--level 2345 keepalived on
[root@localhost keepalived-1.2.20]# mkdir-p /etc/keepalived
[root@localhostkeepalived-1.2.20]#cp_/usr/local/keepalived/etc/keepalived/keepalived.conf_/etc/keepalived
B主机:10.11.30.18
[root@localhost ~]# yum install openssl openssl-devel popt popt-devel
[root@localhost /]# tar xvf keepalived-1.2.20.tar.gz
[root@localhost keepalived-1.2.20]#./configure --prefix=/usr/local/keepalived
[root@localhost keepalived-1.2.20]# make
[root@localhost keepalived-1.2.20]# make install
[root@localhost keepalived-1.2.20]# cp/usr/local/keepalived/sbin/keepalived /usr/sbin/
[root@localhostkeepalived-1.2.20]#cp_/usr/local/keepalived/etc/sysconfig/keepalived_/etc/sysconfig/
[root@localhostkeepalived-1.2.20]#cp_/usr/local/keepalived/etc/rc.d/init.d/keepalived_/etc/init.d/
[root@localhost keepalived-1.2.20]# chmod755 /etc/init.d/keepalived
[root@localhost keepalived-1.2.20]#chkconfig --add keepalived
[root@localhost keepalived-1.2.20]#chkconfig --level 2345 keepalived on
[root@localhost keepalived-1.2.20]# mkdir-p /etc/keepalived
[root@localhostkeepalived-1.2.20]#cp_/usr/local/keepalived/etc/keepalived/keepalived.conf_/etc/keepalived
A主机:10.11.30.17
[root@localhost ~]# vim/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
}
#vrrp sync_group VG_1{ #监控多个网段的实例
# group {
# redis_ms #实例名
# }
# notify_master /root/redis_master.sh #指定当切换到master时,执行的脚本
# netify_backup /root/redis_slave.sh #指定当切换到backup时,执行的脚本
# notify_fault "path/xx.sh VG_1" #故障时执行的脚本
# notify_stop /path/xx.sh #当Keepalived程序终止时执行的脚本
# smtp_alert #使用global_defs中提供的邮件地址和smtp服务器发送邮件通知
#}
vrrp_script chk_redis
{
script "/etc/keepalived/scripts/redis_check.sh 127.0.0.1 6221"
interval 2
timeout 2
fall 2
}
vrrp_instance redis_ms { #实例
state MASTER #指定那个master,那个backup,如果设置nopreempt这个值不起作用,主备由priority决定
interface eth0 #设置实例绑定的网卡
# track_interface { #设置额外的监控,里面那个网卡出现问题都会切换
# eth0
# eth1
# }
# mcast_src_ip #发送多播包的地址,如果不设置默认使用绑定网卡的primary ip
# garp_master_delay #在切换到master状态后,延迟进行gratuitous ARP请求
virtual_router_id 55 #VPID标记
priority 100 #优先级,高优先级竞选为master
advert_int 1 #检查间隔,默认1秒
nopreempt #设置为不抢占注:这个配置只能设置在backup主机上,而且这个主机优先级要比另外一台高
# preempt_delay #抢占延时,默认5分钟
debug #debug级别
authentication { #设置认证
auth_type PASS #认证方式
auth_pass 1111 #认证密码
}
virtual_ipaddress { #设置vip
10.11.30.150
}
track_script {
chk_redis
}
notify_master "/etc/keepalived/scripts/redis_master.sh 127.0.0.1 6221"
notify_backup "/etc/keepalived/scripts/redis_backup.sh 10.11.30.18 6221"
}
virtual_server 10.11.30.150 6221 { #VIP设置
delay_loop 6 #健康检查时间间隔
lb_algo rr ##lvs调度算法rr|wrr|lc|wlc|lblc|sh|dh
lb_kind DR #负载均衡转发规则NAT|DR|RUN
persistence_timeout 50 #会话保持时间
protocol TCP #使用的协议
# persistence_granularity <NETMASK> #lvs会话保持粒度
# virtualhost <string> #检查的web服务器的虚拟主机(host:头)
# sorry_server<IPADDR> <port> #备用机,所有realserver失效后启用
real_server 10.11.30.17 6221 { #ip地址设置
weight 1 #默认为1,0为失效
# inhibit_on_failure #在服务器健康检查失效时,将其设为0,而不是直接从ipvs中删除
# notify_up <string> | <quoted-string> #在检测到server up后执行脚本
# notify_down <string> | <quoted-string> #在检测到serverdown后执行脚本
TCP_CHECK {
connect_timeout 3 #连接超时时间
nb_get_retry 3 #重连次数
delay_before_retry 3 #重连间隔时间
connect_port 6221 #健康检查的端口的端口
# bindto <ip>
}
# HTTP_GET | SSL_GET{
# url{ #检查url,可以指定多个
# path /
# digest <string> #检查后的摘要信息
# status_code 200 #检查的返回状态码
# }
# connect_port <port>
# bindto <IPADD>
# connect_timeout 5
# nb_get_retry 3
# delay_before_retry 2
# }
#
# SMTP_CHECK{
# host{
# connect_ip <IP ADDRESS>
# connect_port <port> #默认检查25端口
# bindto <IP ADDRESS>
# }
# connect_timeout 5
# retry 3
# delay_before_retry2
# helo_name <string> | <quoted-string> #smtp helo请求命令参数,可选
# }
# MISC_CHECK{
# misc_path <string> | <quoted-string> #外部脚本路径
# misc_timeout #脚本执行超时时间
# misc_dynamic #如设置该项,则退出状态码会用来动态调整服务器的权重,返回0 正常,不修改;返回1,检查失败,权重改为0;返回2-255,正常,权重设置为:返回状态码-2
# }
}
}
B主机:10.11.30.18
[root@localhost keepalived]# vim/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
}
#vrrp sync_group VG_1{ #监控多个网段的实例
# group {
# redis_ms #实例名
# }
# notify_master /root/redis_master.sh #指定当切换到master时,执行的脚本
# netify_backup /root/redis_slave.sh #指定当切换到backup时,执行的脚本
# notify_fault "path/xx.sh VG_1" #故障时执行的脚本
# notify /path/xx.sh
# smtp_alert #使用global_defs中提供的邮件地址和smtp服务器发送邮件通知
#}
vrrp_script chk_redis
{
script "/etc/keepalived/scripts/redis_check.sh 127.0.0.1 6221"
interval 2
timeout 2
fall 2
}
vrrp_instance redis_ms { #实例
state MASTER #指定那个master,那个backup,如果设置nopreempt这个值不起作用,主备由priority决定
interface eth0 #设置实例绑定的网卡
# track_interface { #设置额外的监控,里面那个网卡出现问题都会切换
# eth0
# eth1
# }
# mcast_src_ip #发送多播包的地址,如果不设置默认使用绑定网卡的primary ip
# garp_master_delay #在切换到master状态后,延迟进行gratuitous ARP请求
virtual_router_id 55 #VPID标记
priority 90 #优先级,高优先级竞选为master
advert_int 1 #检查间隔,默认1秒
nopreempt #设置为不抢占注:这个配置只能设置在backup主机上,而且这个主机优先级要比另外一台高
# preempt_delay #抢占延时,默认5分钟
debug #debug级别
authentication { #设置认证
auth_type PASS #认证方式
auth_pass 1111 #认证密码
}
virtual_ipaddress { #设置vip
10.11.30.150
}
track_script {
chk_redis
}
notify_master "/etc/keepalived/scripts/redis_master.sh 127.0.0.1 6221"
notify_backup "/etc/keepalived/scripts/redis_backup.sh 10.11.30.17 6221"
}
virtual_server 10.11.30.150 6221 { #VIP设置
delay_loop 6 #健康检查时间间隔
lb_algo rr ##lvs调度算法rr|wrr|lc|wlc|lblc|sh|dh
lb_kind DR #负载均衡转发规则NAT|DR|RUN
persistence_timeout 50 #会话保持时间
protocol TCP #使用的协议
# persistence_granularity <NETMASK> #lvs会话保持粒度
# virtualhost <string> #检查的web服务器的虚拟主机(host:头)
# sorry_server<IPADDR> <port> #备用机,所有realserver失效后启用
real_server 10.11.30.18 6221 { #ip地址设置
weight 1 #默认为1,0为失效
# inhibit_on_failure #在服务器健康检查失效时,将其设为0,而不是直接从ipvs中删除
# notify_up <string> | <quoted-string> #在检测到server up后执行脚本
# notify_down <string> | <quoted-string> #在检测到serverdown后执行脚本
TCP_CHECK {
connect_timeout 3 #连接超时时间
nb_get_retry 3 #重连次数
delay_before_retry 3 #重连间隔时间
connect_port 6221 #健康检查的端口的端口
# bindto <ip>
}
# HTTP_GET | SSL_GET{
# url{ #检查url,可以指定多个
# path /
# digest <string> #检查后的摘要信息
# status_code 200 #检查的返回状态码
# }
# connect_port <port>
# bindto <IPADD>
# connect_timeout 5
# nb_get_retry 3
# delay_before_retry 2
# }
#
# SMTP_CHECK{
# host{
# connect_ip <IP ADDRESS>
# connect_port <port> #默认检查25端口
# bindto <IP ADDRESS>
# }
# connect_timeout 5
# retry 3
# delay_before_retry 2
# helo_name <string> | <quoted-string> #smtp helo请求命令参数,可选
# }
# MISC_CHECK{
# misc_path <string> | <quoted-string> #外部脚本路径
# misc_timeout #脚本执行超时时间
# misc_dynamic #如设置该项,则退出状态码会用来动态调整服务器的权重,返回0 正常,不修改;返回1,检查失败,权重改为0;返回2-255,正常,权重设置为:返回状态码-2
# }
}
}
A主机脚本:10.11.30.17
[root@localhost ~]# mkdir/etc/keepalived/scripts/
[root@localhost scripts]# ls
redis_backup.sh redis_check.sh redis_master.sh
[root@localhost scripts]#
检测活跃脚本,如果不活跃,keep自动切换
[root@localhost scripts]# vimredis_check.sh
#!/bin/bash
ALIVE=`/usr/local/bin/redis-cli -h $1 -p $2PING`
LOGFILE="/etc/keepalived/redis-check.log"
echo "[CHECK]" >> $LOGFILE
date '+ %Y%m%d-%H:%M' >> $LOGFILE
if [ $ALIVE == "PONG" ]; then
echo "Success: redis-cli -h $1 -p $2 PING $ALIVE" >>$LOGFILE 2>&1
exit 0
else
echo "Failed:redis-cli -h $1 -p $2 PING $ALIVE " >>$LOGFILE 2>&1
exit 1
fi
当keep处于master状态下执行这个脚本
[root@localhost scripts]# vimredis_master.sh
#!/bin/bash
REDISCLI="/usr/local/bin/redis-cli -h$1 -p $2"
LOGFILE="/etc/keepalived/redis-master.log"
echo "[master]" >> $LOGFILE
date '+ %Y%m%d-%H:%M' >> $LOGFILE
echo "Being master...." >>$LOGFILE 2>&1
$REDISCLI SLAVEOF NO ONE >> $LOGFILE2>&1
当keep处于backup状态下执行这个脚本
[root@localhost scripts]# vimredis_backup.sh
#!/bin/bash
REDISCLI="/usr/local/bin/redis-cli"
LOGFILE="/etc/keepalived/redis-slave.log"
echo "[slave]" >> $LOGFILE
date '+ %Y%m%d-%H:%M' >> $LOGFILE
echo "Being slave...." >>$LOGFILE 2>&1
$REDISCLI -p $2 SLAVEOF $1 $2 >>$LOGFILE 2>&1