linux二进制加固软件,在Linux二进制安装keepalived

最新推荐文章于 2024-04-19 13:36:21 发布
最新推荐文章于 2024-04-19 13:36:21 发布
阅读量578 收藏 3
点赞数
文章标签: linux二进制加固软件

在Linux二进制安装keepalived

发布时间:2020-07-28 22:35:11

来源:51CTO

阅读:143

作者:wx5c1cfd6e22842

keepalived的部署

keepalived在很多高可用的集群都会用到,一般前端放置的会是nginx、ipvs、haproxy

比如我们在使用rabbitmq的时候做了这么一个集群,一般做了集群的话,那肯定就需要这么一个高可用的负载均衡器来实现流量的分发,如果使用的是haproxy,比如一台rebbitmq的节点突然宕机或者网卡失效,那么虽然RabbitMQ集群没有任何故障,但是对于外界的客户端来说所有的连接都会被断开,结果将是灾难性的。确保负载均衡服务的可靠性同样显得十分的重要。这里就引入Keepalived工具,它能够通过自身健康检查、资源接管功能做高可用(双机热备),实现故障转移。

Keepalived采用VRRP(Virtual Router Redundancy Protocol,虚拟路由冗余协议),以软件的形式实现服务器热备功能。通常情况下是将两台Linux服务器组成一个热备组(Master和Backup),同一时间热备组内只有一台主服务器Master提供服务,同时Master会虚拟出一个公用的虚拟IP地址,简称VIP。这个VIP只存在在Master上并对外提供服务。如果Keepalived检测到Master宕机或者服务故障,备份服务器Backup会自动接管VIP称为Master,Keepalived并将原Master从热备组中移除。当原Master恢复后,会自动加入到热备组,默认再抢占称为Master,起到故障转移的功能。

Keepalived工作在OSI模型中的第3层、第4层和第7层。

工作在第3层是指Keepalived会定期向热备组中的服务器发送一个ICMP数据包来判断某台服务器是否故障,如果故障则将这台服务器从热备组移除。

工作在第4层是指Keepalived以TCP端口的状态判断服务器是否故障,比如检测RabbitMQ的5672端口,如果故障则将这台服务器从热备组中移除。

工作在第7层是指Keepalived根据用户设定的策略(通常是一个自定义的检测脚本)判断服务器上的程序是否正常运行,如果故障将这台服务器从热备组移除。

首先需要去Keepalived的官网下载Keepalived的安装文件,目前最新的版本为:keepalived-2.0.20.tar.gz,下载地址为http://www.keepalived.org/download.html

可以找到最新版

[root@VM_0_8_centos ~]# mkdir keepalived

[root@VM_0_8_centos ~]# cd keepalived/

[root@VM_0_8_centos keepalived]# wget https://www.keepalived.org/software/keepalived-2.0.20.tar.gz

--2020-02-27 10:46:37-- https://www.keepalived.org/software/keepalived-2.0.20.tar.gz

Resolving www.keepalived.org (www.keepalived.org)... 37.59.63.157, 2001:41d0:8:7a9d::1

Connecting to www.keepalived.org (www.keepalived.org)|37.59.63.157|:443... connected.

HTTP request sent, awaiting response... 200 OK

Length: 1036063 (1012K) [application/x-gzip]

Saving to: ‘keepalived-2.0.20.tar.gz’

100%[==================================================================================================================================>] 1,036,063 13.7KB/s in 1m 43s

2020-02-27 10:48:37 (9.80 KB/s) - ‘keepalived-2.0.20.tar.gz’ saved [1036063/1036063]

解压

[root@VM_0_8_centos keepalived]# ls

keepalived-2.0.20.tar.gz

[root@VM_0_8_centos keepalived]# tar xf keepalived-2.0.20.tar.gz

[root@VM_0_8_centos keepalived]# cd keepalived-2.0.20/

[root@VM_0_8_centos keepalived-2.0.20]# ls

aclocal.m4 AUTHOR build_setup compile configure.ac COPYING doc INSTALL keepalived lib Makefile.in README.md TODO

ar-lib bin_install ChangeLog configure CONTRIBUTORS depcomp genhash install-sh keepalived.spec.in Makefile.am missing snap

[root@VM_0_8_centos keepalived-2.0.20]# ./configure --prefix=/opt/keepalived --with-init=SYSV

checking for a BSD-compatible install... /usr/bin/install -c

checking whether build environment is sane... yes

checking for a thread-safe mkdir -p... /usr/bin/mkdir -p

checking for gawk... gawk

checking whether make sets $(MAKE)... yes

checking whether make supports nested variables... yes

checking whether make supports nested variables... (cached) yes

checking for pkg-config... /usr/bin/pkg-config

checking pkg-config is at least version 0.9.0... yes

checking for gcc... gcc

checking whether the C compiler works... yes

checking for C compiler default output file name... a.out

出现报错:缺少openssl-devel

configure: error:

!!! OpenSSL is not properly installed on your system. !!!

!!! Can not include OpenSSL headers files. !!!

[root@VM_0_8_centos keepalived-2.0.20]# yum -y install openssl-devel

Loaded plugins: fastestmirror, langpacks

Determining fastest mirrors

Resolving Dependencies

--> Running transaction check

---> Package openssl-devel.x86_64 1:1.0.2k-19.el7 will be installed

安装后重新再执行

[root@VM_0_8_centos keepalived-2.0.20]# ./configure --prefix=/opt/keepalived --with-init=SYSV

再次报错,说这个版本不支持ipv6,需要安装依赖包

*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.

[root@VM_0_8_centos keepalived-2.0.20]# yum -y install libnl libnl-devel

Loaded plugins: fastestmirror, langpacks

Loading mirror speeds from cached hostfile

Package libnl-1.1.4-3.el7.x86_64 already installed and latest version

安装完依赖包再次执行

[root@VM_0_8_centos keepalived-2.0.20]# ./configure --prefix=/opt/keepalived --with-init=SYSV

编译

[root@VM_0_8_centos keepalived-2.0.20]# make && make install

将启动文件放到/etc/init.d下,可以使用service来启动keepalived

[root@VM_0_8_centos keepalived-2.0.20]# cp /opt/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/

[root@VM_0_8_centos keepalived-2.0.20]# cp /opt/keepalived/etc/sysconfig/keepalived /etc/sysconfig

[root@VM_0_8_centos keepalived-2.0.20]# cp /opt/keepalived/sbin/keepalived /usr/sbin

[root@VM_0_8_centos keepalived-2.0.20]# chmod +x /etc/init.d/keepalived

[root@VM_0_8_centos keepalived-2.0.20]# chkconfig --add keepalived

[root@VM_0_8_centos keepalived-2.0.20]# chkconfig keepalived on

[root@VM_0_8_centos keepalived-2.0.20]# cp /opt/keepalived/etc/keepalived/keepalived.conf /etc/keepalived.conf

启动失败,查看报错,这里提示 Unable to find configuration file /etc/keepalived/keepalived.conf,没有发现我们的配置文件的地址,这里是因为我们在安装的时候指定了自己的安装路径

[root@VM_0_8_centos keepalived-2.0.20]# service keepalived start

Starting keepalived (via systemctl): Job for keepalived.service failed because the control process exited with error code. See "systemctl status keepalived.service" and "journalctl -xe" for details.

[FAILED]

[root@VM_0_8_centos keepalived-2.0.20]# journalctl -xe

939c4529e6fa9071dfd6d2cd20618b01.png

找出放置我们配置文件的地方,修改文件地址

[root@VM_0_8_centos ~]# find / -name keepalived.conf

/opt/keepalived/etc/keepalived/keepalived.conf

/etc/keepalived.conf

/root/keepalived/keepalived-2.0.20/keepalived/etc/keepalived/keepalived.conf

在最后一行添加我们配置文件的地址

[root@VM_0_8_centos ~]# vim /etc/sysconfig/keepalived

[root@VM_0_8_centos ~]# tail -1 /etc/sysconfig/keepalived

KEEPALIVED_OPTIONS="-f /etc/keepalived.conf -D -S 0"

使用systemctl启动成功

[root@VM_0_8_centos ~]# systemctl restart keepalived

[root@VM_0_8_centos ~]# systemctl status keepalived

● keepalived.service - SYSV: Start and stop Keepalived

Loaded: loaded (/etc/rc.d/init.d/keepalived; bad; vendor preset: disabled)

Active: active (running) since Thu 2020-02-27 11:02:22 CST; 10s ago

Docs: man:systemd-sysv-generator(8)

Process: 30129 ExecStart=/etc/rc.d/init.d/keepalived start (code=exited, status=0/SUCCESS)

Main PID: 30136 (keepalived)

CGroup: /system.slice/keepalived.service

├─30136 keepalived -f /etc/keepalived.conf -D -S 0

├─30138 keepalived -f /etc/keepalived.conf -D -S 0

└─30139 keepalived -f /etc/keepalived.conf -D -S 0

Feb 27 11:02:31 VM_0_8_centos Keepalived_vrrp[30139]: Sending gratuitous ARP on eth0 for 192.168.200.18

Feb 27 11:02:31 VM_0_8_centos Keepalived_vrrp[30139]: Sending gratuitous ARP on eth0 for 192.168.200.16

Feb 27 11:02:31 VM_0_8_centos Keepalived_vrrp[30139]: Sending gratuitous ARP on eth0 for 192.168.200.17

Feb 27 11:02:31 VM_0_8_centos Keepalived_vrrp[30139]: Sending gratuitous ARP on eth0 for 192.168.200.18

Feb 27 11:02:31 VM_0_8_centos Keepalived_healthcheckers[30138]: HTTP_CHECK on service [192.168.200.3]:tcp:1358 failed after 3 retry.

Feb 27 11:02:31 VM_0_8_centos Keepalived_healthcheckers[30138]: Removing service [192.168.200.3]:tcp:1358 to VS [10.10.10.2]:tcp:1358

Feb 27 11:02:31 VM_0_8_centos Keepalived_healthcheckers[30138]: Lost quorum 1-0=1 > 0 for VS [10.10.10.2]:tcp:1358

Feb 27 11:02:31 VM_0_8_centos Keepalived_healthcheckers[30138]: Adding sorry server [192.168.200.200]:tcp:1358 to VS [10.10.10.2]:tcp:1358

Feb 27 11:02:31 VM_0_8_centos Keepalived_healthcheckers[30138]: Removing alive servers from the pool for VS [10.10.10.2]:tcp:1358

Feb 27 11:02:31 VM_0_8_centos Keepalived_healthcheckers[30138]: Remote SMTP server [192.168.200.1]:25 connected.

使用service进行启动停止

[root@VM_0_8_centos ~]# service keepalived stop

Stopping keepalived (via systemctl): [ OK ]

[root@VM_0_8_centos ~]# service keepalived start

Starting keepalived (via systemctl): [ OK ]

[root@VM_0_8_centos ~]# service keepalived status

● keepalived.service - SYSV: Start and stop Keepalived

Loaded: loaded (/etc/rc.d/init.d/keepalived; bad; vendor preset: disabled)

Active: active (running) since Thu 2020-02-27 11:03:27 CST; 10s ago

Docs: man:systemd-sysv-generator(8)

Process: 30394 ExecStop=/etc/rc.d/init.d/keepalived stop (code=exited, status=0/SUCCESS)

Process: 30469 ExecStart=/etc/rc.d/init.d/keepalived start (code=exited, status=0/SUCCESS)

Main PID: 30476 (keepalived)

CGroup: /system.slice/keepalived.service

├─30476 keepalived -f /etc/keepalived.conf -D -S 0

├─30478 keepalived -f /etc/keepalived.conf -D -S 0

└─30479 keepalived -f /etc/keepalived.conf -D -S 0

Feb 27 11:03:36 VM_0_8_centos Keepalived_vrrp[30479]: Sending gratuitous ARP on eth0 for 192.168.200.18

Feb 27 11:03:36 VM_0_8_centos Keepalived_vrrp[30479]: Sending gratuitous ARP on eth0 for 192.168.200.16

Feb 27 11:03:36 VM_0_8_centos Keepalived_vrrp[30479]: Sending gratuitous ARP on eth0 for 192.168.200.17

Feb 27 11:03:36 VM_0_8_centos Keepalived_vrrp[30479]: Sending gratuitous ARP on eth0 for 192.168.200.18

Feb 27 11:03:37 VM_0_8_centos Keepalived_healthcheckers[30478]: HTTP_CHECK on service [192.168.200.3]:tcp:1358 failed after 3 retry.

Feb 27 11:03:37 VM_0_8_centos Keepalived_healthcheckers[30478]: Removing service [192.168.200.3]:tcp:1358 to VS [10.10.10.2]:tcp:1358

Feb 27 11:03:37 VM_0_8_centos Keepalived_healthcheckers[30478]: Lost quorum 1-0=1 > 0 for VS [10.10.10.2]:tcp:1358

Feb 27 11:03:37 VM_0_8_centos Keepalived_healthcheckers[30478]: Adding sorry server [192.168.200.200]:tcp:1358 to VS [10.10.10.2]:tcp:1358

Feb 27 11:03:37 VM_0_8_centos Keepalived_healthcheckers[30478]: Removing alive servers from the pool for VS [10.10.10.2]:tcp:1358

Feb 27 11:03:37 VM_0_8_centos Keepalived_healthcheckers[30478]: Remote SMTP server [192.168.200.1]:25 connected.

芒果绵绵冰
关注
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
keepalived介绍,安装,及配置文件说明
chunlin
08-01 1099
文章目录一、keepalived 介绍1. 故障排查2. 故障切换3. VRRP:虚拟路由冗余协议4. 运行状态与隔离5. keepalived核心组件6. keepalived 配置文件详解全局配置:VRRPD配置:VRRP实例配置LVS配置:二、keepalived安装与配置二进制安装:配置规范启动配置启动项修改配置文件启动验证:停止master端keepalived服务配置双主高可用方案:mysql01端配置文件mysql02端配置文件验证:两端都启动keepalivedmysql01端结果mysql
高可用(keepalived)部署方案
热门推荐
北城青的博客
10-18 1万+
高可用说起来感觉很高大上,我刚接触的时候也是一头雾水,但是需求的时候很容易理解的,当一台服务器挂了另一台能够马上顶上去继续提供服务,这就叫做高可用,需求其实不难理解,只是需要自身根据项目的实际需求还有环境进行搭建环境,每一步还有整体的安装方法都需要自己去踩坑的,而且这个坑非常多,要不停的复现各种问题,然后尝试各种思路来解决碰到的问题,而且我们的客户大部分都是离线环境,也就是不接触外网的,所以安装起来就会有很多问题,我所需要达到的目的就是,根据我的文档步骤安装就能实现需求,所以工作量是可想而知的,你需要下各种
linux安装部署keepalived,利用keepalived多台nginx虚拟IP浮动
01-09
一、准备 软件包名称:keepalived  2.0.19 操作系统环境 演示环境为centos7.7-x86_64-minimal 操作系统 IP 部署 说明 192.168.1.91 — 虚IP映射域名 192.168.1.97 keepalived 主要节点 192.168.1.98 keepalived 备份节点 二、keepalived 编译安装 上传keepalived安装包至相应目录,这里我们指定 /kp/keepalived [root@pve-97 keepalived]# pwd /kp/keep
nginx & keepalived 本地二进制部署
爱死亡机器人
08-15 395
修改配置文件,配置文件略有不同,因为这个采用了非抢占模式。其余节点需要修改priority优先级即可,其他不用动。安装keepalived软件,二进制安装。启动并验证keepalived。创建nginx日志存放目录。配置nginx启动服务文件。1master1节点配置。修改nginx配置文件。master2节点配置。master3节点配置。启动并检查nginx。
Keepalivedkeepalived部署
qq_41466440的博客
06-30 628
如下有部分是操作系统自带的,并不是所有的都需要。亦可通过window本地下载并上传。
如何在Linux系统中安装Keepalived
weixin_43924444的博客
08-24 646
虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。Keepalived配置文件为:/etc/keepalived/keepalived.conf,
k8s 二进制部署 .pdf
12-08
在本文中,我们将深入探讨如何使用二进制方式部署高可用 Kubernetes (k8s) 集群。根据提供的信息,我们将在六台机器上进行部署:两台 Master 节点,两台 Node 节点,以及两台运行 Nginx 和 Keepalived 的服务器,...
Linux安装Keepalived及原理分析
09-15
Linux环境下安装Keepalived是一项关键任务,它涉及到了系统的高可用性和负载均衡。Keepalived是一款开源软件,主要目标是防止单点故障,确保服务的持续性。它通过实现Virtual Router Redundancy Protocol(VRRP)...
Linux-Centos6.9-keepalived-1.4.5-离线安装资源包
03-10
keepalived-1.4.5.tar.gz execserver.sh nginx_check.sh rhel6.9依赖rpm 含: rpm -ivh zlib-1.2.3-29.el6.x86_64.rpm rpm -ivh zlib-devel-1.2.3-29.el6.x86_64.rpm rpm -ivh keyutils-libs-devel-1.4-5.el6.x86_64...
一套完整的K8s高可用集群二进制部署(-V1.20)
10-17
Kubernetes 高可用集群二进制部署指南 本文档将指导您部署一套完整的 Kubernetes 高可用集群,我们将从基础知识点开始,介绍 Kubernetes 集群的两种部署方式,然后详细介绍如何准备环境、部署 Etcd 集群、安装 ...
安装keepalived确实的rpm包
07-09
安装keepalived时缺少的一些包,收集起来共享,包括 autoconf-2.63-5.1.el6.noarch.rpm automake-1.11.1-1.2.el6.noarch.rpm cluster-glue-1.0.5-2.el6.i686.rpm cluster-glue-libs-1.0.5-2.el6.i686.rpm cluster-glue-libs-devel-1.0.5-2.el6.i686.rpm glib2-2.22.5-5.el6.i686.rpm glib2-devel-2.22.5-5.el6.i686.rpm glib2-static-2.22.5-5.el6.i686.rpm keyutils-libs-1.4-1.el6.i686.rpm keyutils-libs-devel-1.4-1.el6.i686.rpm krb5-devel-1.8.2-3.el6.i686.rpm krb5-libs-1.8.2-3.el6.i686.rpm libcom_err-1.41.12-3.el6.i686.rpm libcom_err-devel-1.41.12-3.el6.i686.rpm libselinux-2.0.94-2.el6.i686.rpm libselinux-devel-2.0.94-2.el6.i686.rpm libselinux-static-2.0.94-2.el6.i686.rpm libselinux-utils-2.0.94-2.el6.i686.rpm libsepol-2.0.41-3.el6.i686.rpm libsepol-devel-2.0.41-3.el6.i686.rpm libsepol-static-2.0.41-3.el6.i686.rpm libtool-2.2.6-15.5.el6.i686.rpm libtool-ltdl-2.2.6-15.5.el6.i686.rpm libtool-ltdl-devel-2.2.6-15.5.el6.i686.rpm openssl-1.0.0-4.el6.i686.rpm openssl-devel-1.0.0-4.el6.i686.rpm openssl-static-1.0.0-4.el6.i686.rpm pkgconfig-0.23-9.1.el6.i686.rpm zlib-1.2.3-25.el6.i686.rpm zlib-devel-1.2.3-25.el6.i686.rpm zlib-static-1.2.3-25.el6.i686.rpm
Python-一款针对二进制加固工具底层使用的clang是ollvm编译的
08-10
to Obfuscate iPA which contain bitcode, 是一款针对二进制加固工具,底层使用的clang是ollvm编译的
二进制keepalived-2.0.13.tar已经编译好可以直接使用
04-03
已经编译好直接做env 后 使用 ,进行高可用使用,飘vip ,已经测试额可以正常使用。已经编译好的了,这几个应用都是。
详解Keepalived安装与配置
09-15
主要介绍了详解Keepalived安装与配置,小编觉得挺不错的,现在分享给大家,也给大家做个参考。一起跟随小编过来看看吧
keepalived离线安装包及教程.zip
08-12
keepalived-2.0.20.tar.gz 离线安装无需其他依赖包,直接解压安装即可.
keepalived二进制安装基于Ubuntu20.04
Jason_SDN的博客
03-15 697
网址 https://keepalived.org/download.html 下载二进制包 [root@ubuntu2004 ~]#wget https://keepalived.org/software/keepalived-2.2.7.tar.gz
centos7.x上二进制安装keepalived
weixin_42715225的博客
01-03 656
前言 … … 安装流程 从keepalived官网上下载需要使用的版本,这里以2.2.2版本为例,把包文件"keepalived-2.2.2.tar.gz"放置在/usr/local目录下 操作如下 yum -y install gcc libnl libnl-devel openssl openssl-devel cd /usr/local/ tar -zxvf keepalived-2.2.2.tar.gz -C /usr/local/ cd keepalived-2.2.2 ./configure -
keepalived部署
最新发布
qq_42690568的博客
04-19 1017
keepalived的部署及配置
K8S V1.18.15集群二进制部署指南
该资源是一份关于在六台机器上使用二进制方式部署Kubernetes (k8s) 集群的详细指南,重点强调了高可用性配置。集群包含两台Master节点,两台Node节点以及两台运行Nginx和Keepalived的服务器,用于提供高可用的API...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值