下载源码包
wget https://www.keepalived.org/software/keepalived-2.2.4.tar.gz
指定安装位置
mkdir /app
解压及编译
tar -xf keepalived-2.2.4.tar.gz -C /app
cd keepalived-2.2.4
./configure --prefix=/app/keepalived
如出现
"*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS."
需要安装 libnl libnl-devel
编译
make && make install
如出现
configure: error: libnfnetlink headers missing
需要安装 libnfnetlink-devel
配置系统启动
cp /app/keepalived-2.2.4/keepalived/etc/init.d/keepalived /etc/init.d/
chmod 755 /etc/init.d/keepalived
vim /app/keepalived/etc/sysconfig/keepalived
将 KEEPALIVED_OPTIONS="-D"
修改为 KEEPALIVED_OPTIONS="-f /app/keepalived/etc//keepalived/keepalived.conf -D -S 0"
vim /etc/init.d/keepalived
将 . /etc/sysconfig/keepalived
修改为 /app/keepalived/etc/sysconfig/keepalived
添加进系统服务
chkconfig --add keepalived
systemctl daemon-reload
systemctl start keepalived
配置
vim /app/keepalived/etc//keepalived/keepalived.conf
vrrp_script chk_mysql_port { #检测mysql服务是否在运行。有很多方式,比如进程,用脚本检测等等
script "/etc/chk_proxysql.sh" #这里通过脚本监测
interval 2 #脚本执行间隔,每2s检测一次
weight -5 #脚本结果导致的优先级变更,检测失败(脚本返回非0)则优先级 -5
fall 2 #检测连续2次失败才算确定是真失败。会用weight减少优先级(1-255之间)
rise 1 #检测1次成功就算成功。但不修改优先级
}
vrrp_instance VI_1 {
state MASTER #master1 设置为MASTER
interface eth0 #指定虚拟ip的网卡接口
mcast_src_ip 192.168.1.100 #绑定的地址
virtual_router_id 246 #路由器标识,MASTER和BACKUP必须是一致的
priority 100 #定义优先级,数字越大,优先级越高,在同一个vrrp_instance下,MASTER的优先级必须大于BACKUP的优先级。这样MASTER故障恢复后,就可以将VIP资源再次抢回来
advert_int 1
authentication { #认证类型PASS|AH(IPSEC)
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { #虚拟IP的设置即vip
192.168.1.101
}
track_script { #监控脚本
chk_mysql_port
}
}
检测脚本
#!/bin/bash
counter=$(netstat -ntpl | grep "proxysql" | grep "6033" | wc -l)
if [ "${counter}" -eq 0 ]; then
/etc/init.d/keepalived stop
fi
防火墙配置
# centos 6 防火墙配置
-A INPUT -m state --state NEW -m tcp -p tcp --dport 112 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -d 224.0.0.18 -j ACCEPT
-A INPUT -s 192.168.1.0/24 -p vrrp -j ACCEPT
# centos 7 防火墙配置
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --direct --permanent --add-rule ipv4 filter OUTPUT 0 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --reload