1.安装依赖以及Keepalived
安装Keepalived依赖
yum install curl gcc autoconf automake openssl-devel libnl3-devel iptables-devel ipset-devel net-snmp-devel libnfnetlink-devel file-devel aclocal autoheader autoreconf -y
安装Keepalived
# 下载Keepalived
curl -O --progress https://www.keepalived.org/software/keepalived-2.2.7.tar.gz
# 解压
tar -xvf keepalived-2.2.7.tar.gz
# 安装
cd keepalived-2.2.7/
# 指定安装目录/usr/local/keepalived
./configure --prefix=/usr/local/keepalived
make & make install
配置环境
Keepalived 启动脚本变量引用文件,默认文件路径是 /etc/sysconfig/,也可以不做软链接,直接修改启动脚本中文件路径即可
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived
# 将keepalived 主程序加入到环境变量
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/keepalived
# keepalived 启动脚本(源码目录下),放到 /etc/init.d/ 目录下就可以使用 service 命令便捷调用
cp /etc/keepalived/keepalived-2.2.7/keepalived/etc/init.d/keepalived /etc/init.d/keepalived
# 将配置文件放到默认路径下 (可以在/etc/init.d/keepalived中修改默认路径)
mkdir /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf.sample /etc/keepalived/keepalived.conf
2. 修改配置
# 修改keepalived.conf配置
vim /etc/keepalived/keepalived.conf
keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
xxx@xx.com
}
notification_email_from xx@xx.com
smtp_server smtp.sohu.com
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight 2
fall 1
}
vrrp_instance nginx_master {
state MASTER
interface ens33
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_nginx
}
virtual_ipaddress {
192.168.10.213
}
}
virtual_server 192.168.200.100 443 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.201.100 443 {
weight 1
SSL_GET {
url {
path /
digest ff20ad2481f97b1754ef3e12ecd3a9cc
}
url {
path /mrtg/
digest 9b3a0c85a887a256d6939da88aabd8cd
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.2 1358 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
sorry_server 192.168.200.200 1358
real_server 192.168.200.2 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.200.3 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.3 1358 {
delay_loop 3
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.200.4 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.200.5 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
配置详解
-
global_defs =>
notification_email 故障发生时给谁发邮件通知
notification_email_from 通知邮件从哪个地址发出
smtp_server 通知邮件的smtp地址
smtp_connect_timeout 连接smtp服务器的超时时间
enable_traps开启SNMP(Simple Network Management Protocol)陷阱
router_id 标志本节点的字符串,通常为ip地址,故障发生时邮件会通知到 -
vrrp_script check_nginx =>
check_nginx 自定义脚本名称
script: 自己写的监测脚本。
interval 2: 每2s监测一次
weight -20:监测失败,则相应的vrrp_instance的优先级会减少20个点 -
vrrp_instance nginx_master =>
vrrp_instance 自定义节点名称
state:只有BACKUP和MASTER。MASTER为工作状态,BACKUP是备用状态
interface:为网卡接口:可通过ip addr查看自己的网卡接口
virtual_router_id:虚拟路由标志。同组的virtual_router_id应该保持一致。它将决定多播的MAC地址
priority:设置本节点的优先级,优先级高的为MASTER
advert_int: MASTER与BACKUP同步检查的时间间隔
virtual_ipaddress:虚拟IP
nginx_check.sh
#!/bin/bash
nginx_kp_check(){
nginxpid=`ps -C nginx --no-header |wc -l`
if [ $nginxpid -eq 0 ]; then
/user/local/nginx/sbin/nginx
sleep 1
nginxpid=`ps -C nginx --no-header |wc -l`
if [ $nginxpid -eq 0 ];then
systemctl stop keepalived
fi
fi
}
nginx_kp_check
3. 修改Keepalived日志路径
默认在/var/log/messages中
# 修改/usr/local/keepalived/etc/sysconfig/keepalived
vim /usr/local/keepalived/etc/sysconfig/keepalived
# 把KEEPALIVED_OPTIONS="-D" 修改为:KEEPALIVED_OPTIONS="-D -d -S 0"
KEEPALIVED_OPTIONS="-D -d -S 0"
# 在/etc/rsyslog.conf 末尾追加
vim /etc/rsyslog.conf
local0.* /var/log/keepalived.log
4. 重启rsyslog
systemctl restart rsyslog
5. 启动/重启Keepalived
service keepalived start
service keepalived restart
6.查看日志
tail -f /var/log/keepalived.log
7.查看Ip是否成功
ip a show |grep -w inet
出现指定VIP则成功
注意:
从服务器记得修改 vrrp_instance.state 为 BACKUP
改 vrrp_instance.priority 比MASTER 低的值
测试结果
- 当MASTER节点Nginx挂了时,会尝试再次启动Nginx,无法启动时,会自动切换到BACKUP节点上,当MASTER节点恢复时,自动从BACKUP节点恢复到MASTER节点。
- 当所有节点都挂了时,哪个节点恢复了虚拟IP就指向哪个节点。
恢复时注意先启动Nginx再启动Keepalived