前期工作(两台机子同做)
1,关闭防火墙和selinux
systemctl stop firewalld
setenforce 0
2,时间同步
yum -y install ntp ntpdate
ntpdate cn.pool.ntp.org
3,下载源码包
wget https://www.keepalived.org/software/keepalived-2.0.1.tar.gz
注:keepalived的官方站点是https://www.keepalived.org,官方文档是http://www.keepalived.org/documentation.html,通过官方地址可以获取到keepalived软件包
安装编译(两台机子同)
tar -xf keepalived-2.0.1.tar.gz -C /usr/local/src/
mkdir -p /data/keepalived
yum install openssl-devel gcc* -y
cd /usr/local/src/keepalived-2.0.1
./configure --prefix=/data/keepalived/
make
make install
编译参数说明
–with-kernel-dir=DIR path to linux kernel source directory
–with-kernel-dir这个参数很重要,不是要把keepalived编译进内核,而是指定使用内核源码里面的头文件,就是include目录。如果使用LVS时,才需要用到此参数,否则不需要。
–disable-lvs-syncd do not use LVS synchronization daemon
–disable-lvs do not use the LVS framework
提示:如果只想做keepalived其他服务(http,db,nginx,haproxy)高可用而不做lvs的高可用,可以使用–disable-lvs-syncd和–disable-lvs禁止lvs功能,因为后面要使用lvs功能,因此本文没有禁用lvs功能。
查看安装目录
cd /data/keepalived/
tree -l
bash: tree: command not found…
yum install tree -y
tree -l
.
├── bin
│ └── genhash
├── etc
│ ├── keepalived
│ │ ├── keepalived.conf
│ │ └── samples
│ │ ├── client.pem
│ │ ├── dh1024.pem
│ │ ├── keepalived.conf.conditional_conf
│ │ ├── keepalived.conf.fwmark
│ │ ├── keepalived.conf.HTTP_GET.port
│ │ ├── keepalived.conf.inhibit
│ │ ├── keepalived.conf.IPv6
│ │ ├── keepalived.conf.misc_check
│ │ ├── keepalived.conf.misc_check_arg
│ │ ├── keepalived.conf.quorum
│ │ ├── keepalived.conf.sample
…
keepalived 的启动过程并不会对配置文件进行语法检查,就算没有配置文件, keepalived 的守护进程照样能够被运行起来。在默认状态下–即不指定配置文件的位置 —keepalived 先查找文件 /etc/keepalived/keepalived.conf ,如果为了省事,可以手动创建这个文件,然后在这个文件里书写规则,来达到控制 keepalived 运行的目的。
配置规范启动
从解压安装包文件中拷贝启动文件
cd /usr/local/src/keepalived-2.0.1/keepalived/etc
cp -R init /data/keepalived/
cp -R init /data/keepalived/etc/
cp -R init.d /data/keepalived/etc/
ll /data/keepalived/etc/
total 0
drwxr-xr-x. 2 root root 86 Jun 26 17:21 init
drwxr-xr-x. 2 root root 135 Jun 26 17:21 init.d
drwxr-xr-x. 3 root root 44 Jun 26 17:08 keepalived
drwxr-xr-x. 2 root root 24 Jun 26 17:08 sysconfig
配置启动项
cp /data/keepalived/etc/init.d/keepalived /etc/init.d/
cp /data/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /data/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /data/keepalived/sbin/keepalived /usr/sbin/
启动服务
systemctl start keepalived.service
ps -ef | grep keepalived
root 7232 1 8 17:25 ? 00:00:06 /data/keepalived/sbin/keepalived -D
root 7233 7232 0 17:25 ? 00:00:00 /data/keepalived/sbin/keepalived -D
root 49000 1395 0 17:27 pts/0 00:00:00 grep --color=auto keepalived
root 49001 7232 0 17:27 ? 00:00:00 /data/keepalived/sbin/keepalived -D
源码安装keepalived完成
keepalived 双实例双主模式配置
部署思路
ip | vip |
---|---|
192.168.153.142 | 主vip:192.168.153.100 备vip:192.168.153.200 |
192.168.153.143 | 主vip:192.168.153.200 备vip:192.168.153.100 |
注意:备节点priority要小于主节点;否则容易脑裂。
节点:192.168.153.142
cd /etc/keepalived/
mv keepalived.conf keepalived.conf.bar
vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.153.100/24 dev ens33 label ens33:1
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 56
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.153.200/24 dev ens33 label ens33:2
}
}
节点:192.168.153.143
cd /etc/keepalived/
mv keepalived.conf keepalived.conf.bar
vi keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.153.100/24 dev ens33 label ens33:1
}
}
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 56
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.153.200/24 dev ens33 label ens33:2
}
}
两台机子都启动服务
节点:192.168.153.142
节点:192.168.153.143
停止节点192.168.153.142服务
节点:192.168.153.142
节点:192.168.153.143
节点192.168.153.142的vip切换到了节点192.168.153.143上;同样停止节点192.168.153.143的服务,开启节点192.168.153.142服务侧vip切换到192.168.153.142上了.
完成keepalived双主模式。