keepalived安装配置
cd /app
wget https://www.keepalived.org/software/keepalived-2.2.4.tar.gz
yum -y install libnl libnl-devel #安装依赖
tar -zxf keepalived-2.2.4.tar.gz
cd keepalived-2.2.4
./configure --prefix=/usr/local/keepalived
make && make install
复制配置文件
mkdir -p /etc/keepalived
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ #主配置文件
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/sbin/keepalived /sbin/
设置开机启动
chkconfig keepalived on
启动keepalived
[root@keepalived02 ~]# systemctl start keepalived [root@keepalived02 ~]# ps -ef | grep keepalived root 4186 1 0 23:55 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D root 4187 4186 0 23:55 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D root 4188 4186 0 23:55 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D root 4198 14104 0 23:56 pts/0 00:00:00 grep --color=auto keepalived
MASTER节点配置文件
[root@keepalived01 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state MASTER #该节点设置为MASTER interface eth0 virtual_router_id 51 # 同一个VRRP实例中每个节点的虚拟路由ID必须相同 priority 100 # MASTER节点的优先级必须高于BACKUP节点 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.3.254 #VIP } } #在keepalived的主备模型中,当主节点正常的时候,备节点永远处于闲置状态,不会接受web请求,这样就会浪费一半的资源 #所以。在下面再添加一个实例,配置成双主模型 vrrp_instance VI_2 { state BACKUP #该节点设置为backup interface eth0 virtual_router_id 52 # 同一个VRRP实例中每个节点的虚拟路由ID必须相同 priority 90 # MASTER节点的优先级必须高于BACKUP节点 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.3.253 #VIP2 } } virtual_server 192.168.200.100 443 { delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.201.100 443 { weight 1 SSL_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } connect_timeout 3 retry 3 delay_before_retry 3 } } } virtual_server 10.10.10.2 1358 { delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP sorry_server 192.168.200.200 1358 real_server 192.168.200.2 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.200.3 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334c } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334c } connect_timeout 3 retry 3 delay_before_retry 3 } } } virtual_server 10.10.10.3 1358 { delay_loop 3 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.200.4 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.200.5 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } } [root@keepalived01 ~]#
BACKUP节点配置文件
[root@keepalived02 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state BACKUP #该节点设置为backup interface eth0 virtual_router_id 51 # 同一个VRRP实例中每个节点的虚拟路由ID必须相同 priority 90 # MASTER节点的优先级必须高于BACKUP节点 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.3.254 #VIP } } #在keepalived的主备模型中,当主节点正常的时候,备节点永远处于闲置状态,不会接受web请求,这样就会浪费一半的资源 #所以。在下面再添加一个实例,配置成双主模型 vrrp_instance VI_2 { state MASTER #该节点设置为MASTER interface eth0 virtual_router_id 52 # 同一个VRRP实例中每个节点的虚拟路由ID必须相同 priority 100 # MASTER节点的优先级必须高于BACKUP节点 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.3.253 #VIP2 } } virtual_server 192.168.200.100 443 { delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.201.100 443 { weight 1 SSL_GET { url { path / digest ff20ad2481f97b1754ef3e12ecd3a9cc } url { path /mrtg/ digest 9b3a0c85a887a256d6939da88aabd8cd } connect_timeout 3 retry 3 delay_before_retry 3 } } } virtual_server 10.10.10.2 1358 { delay_loop 6 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP sorry_server 192.168.200.200 1358 real_server 192.168.200.2 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.200.3 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334c } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334c } connect_timeout 3 retry 3 delay_before_retry 3 } } } virtual_server 10.10.10.3 1358 { delay_loop 3 lb_algo rr lb_kind NAT persistence_timeout 50 protocol TCP real_server 192.168.200.4 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } real_server 192.168.200.5 1358 { weight 1 HTTP_GET { url { path /testurl/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl2/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } url { path /testurl3/test.jsp digest 640205b7b0fc66c1ea91c463fac6334d } connect_timeout 3 retry 3 delay_before_retry 3 } } }
如果只配置一个VIP节点,主节点宕机,VIP飘逸到从节点;主节点恢复,VIP由从节点飘逸回到主节点。
这里配置2个VIP 【主备都正常情况,主节点同时有2个VIP,备节点只有一个VIP;主节点宕机,备节点有2个VIP,主节点恢复,备节点又回到一个VIP】
#在keepalived的主备模型中,当主节点正常的时候,备节点永远处于闲置状态,不会接受web请求,这样就会浪费一半的资源 #所以。在下面再添加一个实例,配置成双主模型
添加nginx存活状态检测脚本,如果nginx不在线,就执行关闭keepalived服务
脚本内容如下
[root@keepalived01 ~]# cat /etc/keepalived/nginx_check.sh #!/bin/bash #判断nginx是否正常运行
#!/bin/bash
#判断nginx是否正常运行
d=`date --date today +%Y%m%d_%H:%M%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading | wc -l`
#如果进程数量为0,则启动nginx,并且再次检测nginx进程数量;如果再次为0,则说明nginx无法启动,此时关闭keepalived
if [ $n -eq "0" ]; then
/usr/local/nginx/sbin/nginx -s reload
n2=`ps -C nginx --no-heading | wc -l`
if [ $n -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >>/var/log/check_ng.log
killall keepalived
fi
fi
赋予脚本执行权限
chmod +x nginx_check.sh
脚本插入在keepalived.conf (主备节点都操作)
[root@keepalived01 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script chk_nginx { script "/etc/keepalived/nginx_check.sh" #脚本位置 interval 2 #检测时间间隔 weight -20 #权重减20 } vrrp_instance VI_1 { state MASTER #该节点设置为MASTER interface eth0 virtual_router_id 51 # 同一个VRRP实例中每个节点的虚拟路由ID必须相同 priority 100 # MASTER节点的优先级必须高于BACKUP节点 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { ### 将 track_script 块加入 instance 配置块 chk_nginx ###执行 Nginx 监控的服务 } virtual_ipaddress { 192.168.3.254 #VIP } } #在keepalived的主备模型中,当主节点正常的时候,备节点永远处于闲置状态,不会接受web请求,这样就会浪费一半的资源 #所以。在下面再添加一个实例,配置成双主模型 vrrp_instance VI_2 { state BACKUP #该节点设置为backup interface eth0 virtual_router_id 52 # 同一个VRRP实例中每个节点的虚拟路由ID必须相同 priority 90 # MASTER节点的优先级必须高于BACKUP节点 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_nginx } virtual_ipaddress { 192.168.3.253 #VIP2 } }
浙公网安备 33010602011771号