• 欢迎光临~

keepalived

开发技术 开发技术 2021-01-01 360次浏览

keepalived

官方文档:http://www.keepalived.org/doc/

安装keepalived

下载二进制安装包

wget http://www.keepalived.org/software/keepalived-1.4.1.tar.gz
tar axf keepalived-1.4.1.tar.gz 
cd keepalived-1.4.1

安装依赖包

yum -y install libnl libnl-devel libnfnetlink-devel gcc gcc-c++ openssl-devel popt-devel 

#"编译安装"

./configure --prefix=/usr/local/keepalived && echo $?
make && make install && echo $?

#"生成主配置文件"

mkdir -pv /etc/keepalived
cp ./keepalived/etc/keepalived/keepalived.conf /etc/keepalived/

#"生成执行脚本"

cp ./keepalived/etc/init.d/keepalived /etc/rc.d/init.d/

#“生成其他文件”

cp ./bin/keepalived /usr/local/sbin/
cp ./keepalived/etc/sysconfig/keepalived /etc/sysconfig/

#"启动keepalived"

service keepalived start

报错
Starting keepalived: /bin/bash: keepalived: command not found
[FAILED]
解决方法


vim /etc/init.d/keepalived

#添加如下行,加载环境变量
source /etc/profile

设置开机启动

chkconfig keepalived on

keepalived双机热备

主机名 IP 集群角色 VIP
test151 10.72.60.151 master 10.72.60.201
test152 10.72.60.152 buckup 10.72.60.201

master配置文件

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
    #"接收邮件地址,徐sendmail服务"
   notification_email {
     a@B.com
     b@B.com
     c@B.com
   }
   #"邮件发送人地址"
   notification_email_from master@B.com
   #"smtp地址,这里用的是263的smtp"
   smtp_server smtp.263.net
   smtp_connect_timeout 30
   #"路由标识,用主机名即可"
   router_id test151
   vrrp_skip_check_adv_addr
   #"vrrpm模式"
   #vrrp_strict #"不能单播,导致VIP ping不通"
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

#"vrrp实例设置"
vrrp_instance VI_1 {
    #"节点在keepalived中的角色,一个集群中可以有多个master"
    state MASTER
    #"交互网卡"
    interface ens33
    #"虚拟路由标识,用ip的最后一位即可"
    #"发送检测数据包的地址,默认interface绑定网卡的IP"
    # mcast_src_ip  192.168.3.123
    virtual_router_id 151
    #"粘连性(优先级),相同角色优先级大的为主节点"
    priority 100
    #"同步检测时间间隔,单位为s"
    advert_int 1
    #"验证类型和密码,全部节点一致"
    authentication {
    #"验证类型,有PASS、AH等"
        auth_type PASS
    #"验证密码"
        auth_pass 1111
    }
    #"虚拟IP,可以设置多个"
    virtual_ipaddress {
        10.72.60.201
    }
}

backup 配置文件

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
    #"接收邮件地址,徐sendmail服务"
   notification_email {
     a@B.com
     b@B.com
     c@B.com
   }
   #"邮件发送人地址"
   notification_email_from master@B.com
   #"smtp地址,这里用的是263的smtp"
   smtp_server smtp.263.net
   smtp_connect_timeout 30
   #"路由标识,用主机名即可"
   router_id test152
   vrrp_skip_check_adv_addr
   #"vrrpm模式"
   #vrrp_strict #"不能单播,导致VIP ping不通"
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

#"vrrp实例设置"
vrrp_instance VI_1 {
    #"节点在keepalived中的角色,一个集群中可以有多个master"
    state BACKUP
    #"交互网卡"
    interface ens33
    #"虚拟路由标识,用ip的最后一位即可"
    #"发送检测数据包的地址,默认interface绑定网卡的IP"
    # mcast_src_ip  192.168.3.123
    virtual_router_id 152
    #"粘连性(优先级),相同角色优先级大的为主节点"
    priority 50
    #"同步检测时间间隔,单位为s"
    advert_int 1
    #"验证类型和密码,全部节点一致"
    authentication {
    #"验证类型,有PASS、AH等"
        auth_type PASS
    #"验证密码"
        auth_pass 1111
    }
    #"虚拟IP,可以设置多个"
    virtual_ipaddress {
        #<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPT> label <LABEL>
        10.72.60.201
    }
}
启动

systemctl start keepalived

keepalived+HAProxy

HAproxy状态是自己脚本判断的,所以理论上keepalived+啥都行

master

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
    #"接收邮件地址,徐sendmail服务"
   notification_email {
     a@B.com
     b@B.com
     c@B.com
   }
   #"邮件发送人地址"
   notification_email_from master@B.com
   #"smtp地址,这里用的是263的smtp"
   smtp_server smtp.263.net
   smtp_connect_timeout 30
   #"路由标识,用主机名即可"
   router_id test151
   vrrp_skip_check_adv_addr
   #"vrrpm模式"
   #vrrp_strict #"不能单播,导致VIP ping不通"
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

#"检查nginx状态"
vrrp_script check_haproxy {
       script "/etc/keepalived/check_haproxy.sh"
       interval 1  #每1秒执行一次
}

#"vrrp实例设置"
vrrp_instance VI_1 {
    #"节点在keepalived中的角色,一个集群中可以有多个master"
    state MASTER
    #"交互网卡"
    interface ens33
    #"虚拟路由标识,用ip的最后一位即可"
    #"发送检测数据包的地址,默认interface绑定网卡的IP"
    # mcast_src_ip  192.168.3.123
    virtual_router_id 151
    #"粘连性(优先级),相同角色优先级大的为主节点"
    priority 100
    #"同步检测时间间隔,单位为s"
    advert_int 1
    #"验证类型和密码,全部节点一致"
    authentication {
    #"验证类型,有PASS、AH等"
        auth_type PASS
    #"验证密码"
        auth_pass 1111
    }
    #"虚拟IP,可以设置多个"
    virtual_ipaddress {
        10.72.60.201
    }
    #"执行nginx状态检查"
    track_script {
       check_haproxy
    }
}

#check_haproxy.sh脚本
vim /etc/keepalived/check_haproxy.sh

#!/bin/bash
source /etc/profile
if [ `ps -C haproxy --no-header | wc -l` -eq 0 ];then
#yum安装启动方式
#   /etc/rc.d/init.d/haproxy start 
#编译安装启动方式
    /usr/local/sbin/haproxy -f /etc/haproxy/haproxy.cfg
    sleep 2
    if [ `ps -C haproxy --no-header | wc -l` -eq 0 ];then
    #启动失败,关闭keepalived
        systemctl stop keepalived 
    fi
fi

chmod 777 /etc/keepalived/check_haproxy.sh

buckup

与master不同之处:router_id、state、virtual_router_id、priority
vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
    #"接收邮件地址,徐sendmail服务"
   notification_email {
     a@B.com
     b@B.com
     c@B.com
   }
   #"邮件发送人地址"
   notification_email_from master@B.com
   #"smtp地址,这里用的是263的smtp"
   smtp_server smtp.263.net
   smtp_connect_timeout 30
   #"路由标识,用主机名即可"
   router_id test152
   vrrp_skip_check_adv_addr
   #"vrrpm模式"
   #vrrp_strict #"不能单播,导致VIP ping不通"
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

#"检查nginx状态"
vrrp_script check_haproxy {
       script "/etc/keepalived/check_haproxy.sh"
       interval 1  #每1秒执行一次
}

#"vrrp实例设置"
vrrp_instance VI_1 {
    #"节点在keepalived中的角色,一个集群中可以有多个master"
    state BACKUP
    #"交互网卡"
    interface ens33
    #"虚拟路由标识,用ip的最后一位即可"
    #"发送检测数据包的地址,默认interface绑定网卡的IP"
    # mcast_src_ip  192.168.3.123
    virtual_router_id 152
    #"粘连性(优先级),相同角色优先级大的为主节点"
    priority 50
    #"同步检测时间间隔,单位为s"
    advert_int 1
    #"验证类型和密码,全部节点一致"
    authentication {
    #"验证类型,有PASS、AH等"
        auth_type PASS
    #"验证密码"
        auth_pass 1111
    }
    #"虚拟IP,可以设置多个"
    virtual_ipaddress {
        10.72.60.201
    }
    #"执行nginx状态检查"
    track_script {
       check_haproxy
    }
}

#check_haproxy.sh脚本
vim /etc/keepalived/check_haproxy.sh

#!/bin/bash
source /etc/profile
if [ `ps -C haproxy --no-header | wc -l` -eq 0 ];then
#yum安装启动方式
#   /etc/rc.d/init.d/haproxy start 
#编译安装启动方式
    /usr/local/sbin/haproxy -f /etc/haproxy/haproxy.cfg
    sleep 2
    if [ `ps -C haproxy --no-header | wc -l` -eq 0 ];then
    #启动失败,关闭keepalived
        systemctl stop keepalived 
    fi
fi

chmod 777 /etc/keepalived/check_haproxy.sh

报错处理

Keepalived_vrrp[29634]: WARNING - script '/etc/keepalived/nginx_check.sh' is not executable for uid:gid 0:0 - disabling.
Keepalived_vrrp[29634]: SECURITY VIOLATION - scripts are being executed but script_security not enabled.

原因:/etc/keepalived/nginx_check.sh无法执行,这里是没有执行权限
解决方法:chmod 777 /etc/keepalived/check_haproxy.sh

{{o.name}}
{{m.name}}
程序员灯塔
转载请注明原文链接:keepalived
喜欢 (0)
违法和不良信息举报电话:022-22558618 举报邮箱:dljd@tidljd.com