Keepalived
IP规划
keepalived官网地址
安装Keepalived
- 下载安装包
- 解压:tar -zxvf keepalived-2.1.5.tar.gz
- cd keepalived-2.1.5
- ./configure --prefix=/usr/local/keepalived --sysconf=/etc
- make && make install
--prefix: 安装目录;--sysconf: 同步核心配置到/etc目录下,
/etc/keepalived/keepalived.conf,固定位置,改成其他位置则keepalived启动不了,/var/log/messages中会报错。 配置过程中可能会出现警告信息,如下所示:*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-devel ...解决办法:安装libnl/libnl-3依赖,yum -y install libnl libnl-devel, 然后重新安装步骤的第4步和第五部一下,此时OK。
##Keepalived 核心配置文件
! 全局配置
global_defs {
! 配置切换通知的email
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
! 配置发件人
notification_email_from Alexandre.Cassen@firewall.loc
! 配置邮箱服务器地址
smtp_server 192.168.200.1
! 配置链接邮箱服务器的超时时间
smtp_connect_timeout 30
! 路由ID:当前安装Keepalived节点主机的标识符,全局唯一
router_id LVS_DEVEL
! 全局vrrp协议配置
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
! 计算机节点,基于vrrp协议的一个实例
vrrp_instance VI_1 {
! 表示状态,当前服务器的nginx的主节点,MASTER/BACKUP
state MASTER
! 当前实例绑定的网卡
interface eth0
! 保证主备节点一致即可
virtual_router_id 51
! 权重,master权重一般高于backup,如果有多个,那就是选举,谁的权重高,谁就当选
priority 100
! 主备之间同步检查时间间隔,单位秒
advert_int 2
! 认证权限密码。防止非法节点进入
authentication {
auth_type PASS
auth_pass 1111
}
! 虚拟出来的ip,可以有多个(vip)
virtual_ipaddress {
192.168.200.16
192.168.200.17
192.168.200.18
}
}
! 下方都是虚拟主机,这里不需要可以删除
virtual_server 192.168.200.100 443 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.201.100 443 {
weight 1
SSL_GET {
url {
path /
digest ff20ad2481f97b1754ef3e12ecd3a9cc
}
url {
path /mrtg/
digest 9b3a0c85a887a256d6939da88aabd8cd
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.2 1358 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
sorry_server 192.168.200.200 1358
real_server 192.168.200.2 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.200.3 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.3 1358 {
delay_loop 3
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.200.4 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 192.168.200.5 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
启动 Keepalived
cd /usr/local/keepalived/sbin
./keepalived
关闭 Keepalived
ps -ef | grep keepalived, 查出进程号,直接kill -9 进程ID。
Keepalived 注册为系统服务
进入Keepalived的安装目录(安装包解压后的文件夹内),里面有一个keepalived文件夹,进入,里面有一个 etc 文件夹。拷贝 etc/init.d/keepalived 到系统目录/etc/init.d/ 文件夹下。
cp ./keepalived/etc/init.d/keepalived /etc/init.d/
cp ./keepalived/etc/sysconfig/keepalived /etc/sysconfig/
然后刷新系统服务,使刚加进去的服务生效。
systemctl daemon-reload
这样就可以在系统服务中使用Keepalived了。 ###系统中使用Keepalived
systemctl start keepalived.service # 启动Keepalived服务
systemctl stop keepalived.service # 停止Keepalived服务
systemctl restart keepalived.service # 重新启动Keepalived服务