记录在CentOS6.9 下配置keepalived 1.4.3 HA双机
主要参考以下文章:
https://blog.youkuaiyun.com/libaineu2004/article/details/79551455
https://www.cnblogs.com/clsn/p/8052649.html#auto_id_17
https://blog.youkuaiyun.com/xyang81/article/details/52556886
http://www.cnblogs.com/kgdxpr/p/3325788.html
首先从官网下载:http://www.keepalived.org/download.html
安装编译依赖包:
sudo yum -y install gcc make kernel-devel
sudo yum -y install curl libnl3-devel iptables-devel libnfnetlink-devel ipset-devel openssl-devel net-snmp-devel编译安装:
tar -zxf keepalived-1.4.3.tar.gz
cd keepalived-1.4.3
./configure --prefix=/usr/local/keepalived
make
sudo make install配置keepalived
sudo mkdir /etc/keepalived
sudo cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
sudo vim /etc/keepalived/keepalived.conf主服务器:
! Configuration File for keepalived
global_defs {
router_id WEB_MASTER
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth1 #这里一定要确认网卡名称,否则启动一段时间后自动停止,提示:keepalived dead but subsys locked
virtual_router_id 51
priority 150
#mcast_src_ip 172.16.19.171
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.19.179
}
}
备服务器
! Configuration File for keepalived
global_defs {
router_id WEB_SLAVE1
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth1 #这里一定要确认网卡名称,否则启动一段时间后自动停止,提示:keepalived dead but subsys locked
virtual_router_id 51
priority 100
#mcast_src_ip 172.16.19.172
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.19.179
}
}
编辑keepalived启动文件:
cd
cat "" > keepalived
vim keepalived添加以下内容:
#!/bin/sh
#
# keepalived High Availability monitor built upon LVS and VRRP
#
# chkconfig: - 86 14
# description: Robust keepalive facility to the Linux Virtual Server project \
# with multilayer TCP/IP stack checks.
### BEGIN INIT INFO
# Provides: keepalived
# Required-Start: $local_fs $network $named $syslog
# Required-Stop: $local_fs $network $named $syslog
# Should-Start: smtpdaemon httpd
# Should-Stop: smtpdaemon httpd
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: High Availability monitor built upon LVS and VRRP
# Description: Robust keepalive facility to the Linux Virtual Server
# project with multilayer TCP/IP stack checks.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
exec="/usr/local/keepalived/sbin/keepalived"
prog="keepalived"
config="/etc/keepalived/keepalived.conf"
[ -e /usr/local/keepalived/etc/sysconfig/$prog ] && /usr/local/keepalived/etc/sysconfig/$prog
lockfile=/var/lock/subsys/keepalived
start() {
[ -x $exec ] || exit 5
[ -e $config ] || exit 6
echo -n $"Starting $prog: "
daemon $exec $KEEPALIVED_OPTIONS
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading $prog: "
killproc $prog -1
retval=$?
echo
return $retval
}
force_reload() {
restart
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status &>/dev/null
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $? 下面内容是根据我的安转路径配置的:
exec="/usr/local/keepalived/sbin/keepalived"
prog="keepalived"
config="/etc/keepalived/keepalived.conf"
[ -e /usr/local/keepalived/etc/sysconfig/$prog ] && /usr/local/keepalived/etc/sysconfig/$prog移动文件:
sudo mv keepalived /etc/init.d/keepalived
sudo chmod a+x /etc/init.d/keepalived
sudo chmod a+x /usr/local/keepalived/sbin/keepalived
sudo chmod a+x /usr/local/keepalived/etc/sysconfig/keepalived
启动keepalived,并查看状态:
sudo /etc/init.d/keepalived start
sudo /etc/init.d/keepalived status
ps -ef|grep keep|grep -v grep输出如下:
[taiji@localhost ~]$ sudo /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[taiji@localhost ~]$ sudo /etc/init.d/keepalived status
keepalived (pid 15074) is running...
[taiji@localhost ~]$ ps -ef|grep keep|grep -v grep
root 15074 1 0 13:22 ? 00:00:00 /usr/local/keepalived/sbin/keepalived
root 15075 15074 0 13:22 ? 00:00:00 /usr/local/keepalived/sbin/keepalived
root 15076 15074 0 13:22 ? 00:00:00 /usr/local/keepalived/sbin/keepalived
[taiji@localhost ~]$ 若是希望使用sudo service keepalived status,需要重起服务器。
调整广播模式,由于只有主备两台电脑,采用单播模式,keepalived.conf都需要增加下面配置,注意调整IP
unicast_src_ip 172.16.19.171 #本地IP地址
unicast_peer {
172.16.19.172 #对端IP地址,此地址一定不能忘记
}测试效果,需要关闭 iptables
sudo service iptables stop172.16.19.171,172.16.19.172服务器都开启keepalived
首先测试关闭171的服务:
171:
172:
171重起keepalived:
以上默认抢占模式,非抢占模式:
和非抢占模式的配置相比,只改了两个地方:
1> 在vrrp_instance块下两个节点各增加了nopreempt指令,表示不争抢vip
2> 节点的state都为BACKUP
两个keepalived节点都启动后,默认都是BACKUP状态,双方在发送组播信息后,会根据优先级来选举一个MASTER出来。由于两者都配置了nopreempt,所以MASTER从故障中恢复后,不会抢占vip。这样会避免VIP切换可能造成的服务延迟。
配置防火墙:
-A INPUT -p vrrp -d 172.16.19.172 -i eth1 -j ACCEPT
注意:这里限制了目标地址(可以忽略),制定网卡为 eth1, 不要直接拷贝,否则keepalived 的广播无法穿透防火墙
配置开机启动:
sudo vim /etc/rc.d/rc.local
在文件最后增加启动脚本
/etc/init.d/keepalived start
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
