1.keepalived的安装
1.1keepalived的工作原理是VRRP,所以只能在同一局域网中使用。
VRRP:(Virtual Router Redundancy Protocol,虚拟路由器冗余协议),VRRP是为了解决静态路由的高可用。VRRP的
基本架构。虚拟路由器由多个路由器组成,每个路由器都有各自的IP和共同的VRID(0-255),其中一个VRRP路由器通过竞选成为
MASTER,占有VIP,对外提供路由服务,其他成为BACKUP,MASTER以IP组播(组播地址:224.0.0.18)形式发送VRRP协议
包,与BACKUP保持心跳连接,若MASTER不可用(或BACKUP接收不到VRRP协议包),则BACKUP通过竞选产生新的
MASTER,并继续对外提供路由服务,从而实现高可用。
好了废话(理论)不说了,开始安装
官网下载:http://www.keepalived.org/index.html
yum install -y popt-devel
tar -zxvf keepalived-2.0.7
cd keepalived-2.0.7
./configure --prefix=/opt/keepalived/keepalived-2.0.7
显示如下警告:
yum -y install libnl libnl-devel
再次执行./configure --prefix=/opt/keepalived/keepalived-2.0.7
显示如下错误:
yum install -y libnfnetlink-devel
再次执行./configure --prefix=/opt/keepalived/keepalived-2.0.7
make && make install
配置成服务
cp opt/keepalived/keepalived-2.0.7/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp opt/keepalived/keepalived-2.0.7/sbin/keepalived /usr/sbin
加入开机启动项
vi /etc/init.d/keepalived
keepalived脚本内容如下:
#!/bin/sh
#
# keepalived High Availability monitor built upon LVS and VRRP
#
# chkconfig: - 86 14
# description: Robust keepalive facility to the Linux Virtual Server project \
# with multilayer TCP/IP stack checks.
### BEGIN INIT INFO
# Provides: keepalived
# Required-Start: $local_fs $network $named $syslog
# Required-Stop: $local_fs $network $named $syslog
# Should-Start: smtpdaemon httpd
# Should-Stop: smtpdaemon httpd
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: High Availability monitor built upon LVS and VRRP
# Description: Robust keepalive facility to the Linux Virtual Server
# project with multilayer TCP/IP stack checks.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
exec="/usr/sbin/keepalived"
prog="keepalived"
config="/etc/keepalived/keepalived.conf"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/keepalived
start() {
[ -x $exec ] || exit 5
[ -e $config ] || exit 6
echo -n $"Starting $prog: "
daemon $exec $KEEPALIVED_OPTIONS
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading $prog: "
killproc $prog -1
retval=$?
echo
return $retval
}
force_reload() {
restart
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status &>/dev/null
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
chmod a+x /etc/init.d/keepalived
cp /opt/keepalived/keepalived-2.0.7//etc/keepalived/keepalived.conf /etc/keepalived/
service keepalived start
service keepalived restart
service keepalived reload
service keepalived stop
解决方案:
systemctl daemon-reload
keepalived.conf部分配置说明:
! Configuration File for keepalived
#全局配置
global_defs {
#收件人
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
#发件人
notification_email_from Alexandre.Cassen@firewall.loc
#邮件发送服务器IP,此处设置为本地
smtp_server 127.0.0.1
#邮件服务器建立连接的超时时长;
smtp_connect_timeout 30
#物理节点的标识符,此处使用主机名;
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
#节点的初始状态,主节点为MASTER;
state MASTER
#绑定虚拟IP的网络接口
interface eth0
#VRRP组名,指明各个节点属于同一VRRP组,主从一致;
virtual_router_id 51
#当前节点的优先级,可用范围0-255;
priority 100
#通告时间间隔,此处设置为1s,主从节点一致;
advert_int 1
#主从服务器验证方式
authentication {
auth_type PASS
#服务器的认证密码必须一致
auth_pass 1111
}
#虚拟IP,格式为ADDR/NETMASK
virtual_ipaddress {
192.168.200.16
192.168.200.17
192.168.200.18
}
}
virtual_server 192.168.200.100 443 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.201.100 443 {
weight 1
SSL_GET {
url {
path /
digest ff20ad2481f97b1754ef3e12ecd3a9cc
}
url {
path /mrtg/
digest 9b3a0c85a887a256d6939da88aabd8cd
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.2 1358 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
sorry_server 192.168.200.200 1358
real_server 192.168.200.2 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.200.3 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.3 1358 {
delay_loop 3
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.200.4 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.200.5 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
测试配置如下:
! Configuration File for keepalived
global_defs {
notification_email {
654321@qq.com
}
notification_email_from 123456@qq.com
smtp_server smtp.mxhichina.com
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens160
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.11.124
}
}
执行:service keepalived start
再执行:ip a
显示如下:
keepalived开机自动重启:
keepalived启动后默认去这个(/etc/keepalived/keepalived.conf)位置读取配置文件,除非另行制定,需要将安装文件下带的配置文
件拷贝过去。
创建keepalived.service文件
vim /lib/systemd/system/keepalived.service
建议手动按照下面修改,不是道是不是Mac编码有问题,copy后运行会报错
[Unit]
Description=Keepalived
After= syslog.target network.target remote-fs.target nss-lookup.target
[Service]
Type=forking
PIDFile=/var/run/keepalived.pid
ExecStart=/opt/keepalived/keeplived-2.0.7/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
Execstop=/bin/kill -QUIT $MAINPID
Private=true
[Install]
WantedBy=multi-user.target
配置systemctl
systemctl enable keepalived.service 设置开机自动启动
reboot重启服务器
主备模式如下:
10.0.11.121服务器的keepalived.conf如下:
! Configuration File for keepalived
global_defs {
notification_email {
123456@qq.com
}
notification_email_from 654321@.com
smtp_server smtp.qq.com
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens160
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.11.124
}
}
10.0.11.109服务器keepalived.conf配置如下:
! Configuration File for keepalived
global_defs {
notification_email {
654321@qq.com
}
notification_email_from 123456@qq.com
smtp_server smtp.qq.com
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens160
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.11.124
}
}
最终效果如下:
不知道为什么,本文有些命令copy不能运行,也许格式不对,可以手打,copy后要注意内容格式,有可能明天开始双主模式,未完待续。。。。。。