keepalived支持的健康检测方式有:HTTP_GET|SSL_GET、TCP_CHECK、SMTP_CHECK、MISC_CHECK。
由于keepalived自身并不支持udp检测,有TCP_CHECK但是没有UDP_CHECK,所以这里只能使用MISC_CHECK混合检测方式调用外部脚本来对udp协议进行健康检测
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
}
virtual_ipaddress {
192.168.53.100/24
}
}
virtual_server 192.168.53.100 53 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.53.10 53 {
weight 1
MISC_CHECK {
misc_path "/etc/keepalived/UDP_CHECK.sh "
misc_timeout 10
}
}
}
UDP_CHECK.sh脚本内容如下:
#!/bin/bash
#PORT=`netstat -anpt |grep :53 |wc -l`
PORT=`netstat -anptu |grep nginx |wc -l`
if [ $PORT -eq 0 ];then
systemctl stop keepalived
fi
我这里是在测试dnsmasq服务高,使用的nginx代理53UDP端口,所以脚本中检测的是nginx服务的UDP端口