keepalived诞生的目的是为了给ipvs提供高可用性的.
keppalived 服务一般会启动两个进程,一个是vrrp服务和后端服务通信的,一个是checker服务,检测后端real Server健康状况.
邮件服务器:
rhel5:sendmail
rhel6:postfix
keepalived最新版本1.3.5,keepalived配置文件共三部分组成.
|
1
2
3
4
|
global_defs {
#全局配置
notification_email {
#收件人
main@example.com
}
|
|
1
2
3
4
5
|
notification_email_from keepalived@admin
#发件人
smtp_server 127.0.01
#发件服务器
smtp_connect_timeout
#30超时时间
router_id nginx_slave
#路由标识,自定义
}
|
|
1
2
3
4
5
|
vrrp_script chk_port {
#脚本检测名称chk_port
script
"/etc/keepalived/keepalived.jk2.sh"
#脚本的路径
interval 2
#每隔2秒检测一次
weight -2
#一旦失败,权重减2
}
|
VRRP状态机,初始化(initialize)时,大家都是backup状态,通过选举产生master.收到startup且优先级是255时,直接定义为master,收到startup且优先级小雨255时,直接定义为backup.
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
vrrp_instance VI_1 {
#定义虚拟路由和虚拟ip的.VI_1为名称.
state MASTER
interface eth0
virtual_router_id 51
#虚拟路由id,一般不大于255
priority 100
#初始优先级100,值越大优先级越高.
advert_int 1
authentication {
auth_type PASS
#认证机制,明文认证
auth_pass 1111
#密码
}
virtual_ipaddress {
#虚拟vip地址
192.168.30.129
}
track_script {
#虚拟路由跟踪脚本.
chk_port
}
}
|
其他脚本定义使用
|
1
2
3
4
5
|
vrrp_script chk_file {
script
"[[-f /etc/keepalived/down]] && exit 1 || exit 0"
interval 1
weight -2
}
|
实例:
系统Centos 6.5
2个node节点:
VIp:192.168.30.131
real server:192.168.30.129
real server:192.168.30.130
#两台real server 操作:
|
1
|
yum
install
nginx keepalived -y
|
#这两台real server 先配置好nginx,做static server.
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
|
[root@haproxy keepalived]
# cat /etc/nginx/conf.d/admin.conf
#
# The default server
#
server {
listen 80 default_server;
server_name _;
# Load configuration files for the default server block.
include
/etc/nginx/default
.d/*.conf;
location / {
root
/data/www/
;
index.htm index index.html index.php;
}
}
|
以示区别/data/www/index.html 亦两台real server 静态页面取ip地址最后1位.
#配置keepalived:
real server 192.168.30.129的keepalived配置文件:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
[root@web2 keepalived]
# cat keepalived.conf
! Configuration File
for
keepalived
global_defs {
notification_email {
215687833@qq.com
#告警通知
}
notification_email_from keepalived@admin
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id nginx_slave
#名字可以随便起,标示作用.
}
vrrp_script chk_port {
#检测脚本
script
"/etc/keepalived/keepalived.jk2.sh"
interval 2
#每个2秒运行一次
weight -2
#失败,本机keepalived优先级减2
}
vrrp_instance VI_1 {
state BACKUP
#初始化此节点为backup
interface eth0
#网卡eth0
virtual_router_id 51
#虚拟路由id
priority 100
#优先级,两台优先级可以是一样的,也可以一个高一个低.
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.30.131
}
track_script {
chk_port
}
}
|
real server 192.168.30.130的配置文件:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
[root@haproxy keepalived]
# cat keepalived.conf
! Configuration File
for
keepalived
global_defs {
notification_email {
215687833@qq.com
}
notification_email_from keepalived@admin
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id nginx_master标示这是nginx master
}
vrrp_script chk_port {
script
"/etc/keepalived/keepalived.jk2.sh"
interval 3
weight -2
}
vrrp_instance VI_1 {
state MASTER
#初始化状态为master,两台real server都可以初始化为BACKUP状态,让它们之间自己选举.
interface eth0
virtual_router_id 51
priority 101
#优先级高于从节点
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.30.131
}
track_script {
chk_port
}
}
|
检测脚本路径和内容,赋予脚本可执行权限chmod a+x ...:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
[root@haproxy keepalived]
# pwd
/etc/keepalived
[root@haproxy keepalived]
# cat keepalived.jk2.sh
#!/bin/bash
ps
-C nginx
if
[[ $? -
eq
0 ]];
then
exit
0
else
/etc/init
.d
/nginx
restart >
/dev/null
sleep
3
ps
-C nginx
if
[[ $? -
eq
0 ]];
then
exit
0
else
exit
1
fi
fi
|
#此脚本主要判断本地nginx服务如果down 尝试启动1此,还是down就认为本节点下线,vip自动飘值bakcup节点.
#两台real server 启动keepalived服务:
|
1
|
# /etc/init.d/keepalived start
|
查看keepalived 的log:
|
1
2
3
4
5
6
7
8
9
10
11
|
[root@haproxy conf.d]
# tail -f /var/log/messages
Aug 4 14:56:09 haproxy Keepalived[51515]: Starting VRRP child process, pid=51518
Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Netlink reflector reports IP 192.168.30.130 added
Aug 4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Netlink reflector reports IP 192.168.30.130 added
Aug 4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Netlink reflector reports IP fe80::20c:29ff:feca:1ae added
Aug 4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Registering Kernel netlink reflector
Aug 4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Registering Kernel netlink
command
channel
Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Netlink reflector reports IP fe80::20c:29ff:feca:1ae added
Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering Kernel netlink reflector
Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering Kernel netlink
command
channel
Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering gratuitous ARP shared channel
|
#查看master的vip地址,ifconfig 看不到,用ip a或者:ip addr show
|
1
2
3
4
5
6
7
8
9
10
11
12
|
[root@haproxy conf.d]
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link
/loopback
00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1
/8
scope host lo
inet6 ::1
/128
scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link
/ether
00:0c:29:ca:01:ae brd ff:ff:ff:ff:ff:ff
inet 192.168.30.130
/24
brd 192.168.30.255 scope global eth0
inet 192.168.30.131
/32
scope global eth0
inet6 fe80::20c:29ff:feca:1ae
/64
scope link
valid_lft forever preferred_lft forever
|
#测试:打开浏览器访问http://192.168.30.131/ ,其中一台nginx 启动失败即可看到演示效果.
本文转自青衫解衣 51CTO博客,原文链接:http://blog.51cto.com/215687833/1955360
