本文共 5586 字,大约阅读时间需要 18 分钟。
keepalived诞生的目的是为了给ipvs提供高可用性的.
keppalived 服务一般会启动两个进程,一个是vrrp服务和后端服务通信的,一个是checker服务,检测后端real Server健康状况.
邮件服务器:
rhel5:sendmail
rhel6:postfix
keepalived最新版本1.3.5,keepalived配置文件共三部分组成.
| 1 2 3 4 | global_defs { #全局配置 notification_email { #收件人 main@example.com } |
| 1 2 3 4 5 | notification_email_from keepalived@admin #发件人 smtp_server 127.0.01 #发件服务器 smtp_connect_timeout #30超时时间 router_id nginx_slave #路由标识,自定义 } |
| 1 2 3 4 5 | vrrp_script chk_port { #脚本检测名称chk_port script "/etc/keepalived/keepalived.jk2.sh" #脚本的路径 interval 2 #每隔2秒检测一次 weight -2 #一旦失败,权重减2 } |
VRRP状态机,初始化(initialize)时,大家都是backup状态,通过选举产生master.收到startup且优先级是255时,直接定义为master,收到startup且优先级小雨255时,直接定义为backup.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | vrrp_instance VI_1 { #定义虚拟路由和虚拟ip的.VI_1为名称. state MASTER interface eth0 virtual_router_id 51 #虚拟路由id,一般不大于255 priority 100 #初始优先级100,值越大优先级越高. advert_int 1 authentication { auth_type PASS #认证机制,明文认证 auth_pass 1111 #密码 } virtual_ipaddress { #虚拟vip地址 192.168.30.129 } track_script { #虚拟路由跟踪脚本. chk_port } } |
其他脚本定义使用
| 1 2 3 4 5 | vrrp_script chk_file { script "[[-f /etc/keepalived/down]] && exit 1 || exit 0" interval 1 weight -2 } |
实例:
系统Centos 6.5
2个node节点:
VIp:192.168.30.131
real server:192.168.30.129
real server:192.168.30.130
#两台real server 操作:
| 1 | yum install nginx keepalived -y |
#这两台real server 先配置好nginx,做static server.
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 | [root@haproxy keepalived] # cat /etc/nginx/conf.d/admin.conf # # The default server # server { listen 80 default_server; server_name _; # Load configuration files for the default server block. include /etc/nginx/default .d/*.conf; location / { root /data/www/ ; index.htm index index.html index.php; } } |
以示区别/data/www/index.html 亦两台real server 静态页面取ip地址最后1位.
#配置keepalived:
real server 192.168.30.129的keepalived配置文件:
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | [root@web2 keepalived] # cat keepalived.conf ! Configuration File for keepalived global_defs { notification_email { 215687833@qq.com #告警通知 } notification_email_from keepalived@admin smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id nginx_slave #名字可以随便起,标示作用. } vrrp_script chk_port { #检测脚本 script "/etc/keepalived/keepalived.jk2.sh" interval 2 #每个2秒运行一次 weight -2 #失败,本机keepalived优先级减2 } vrrp_instance VI_1 { state BACKUP #初始化此节点为backup interface eth0 #网卡eth0 virtual_router_id 51 #虚拟路由id priority 100 #优先级,两台优先级可以是一样的,也可以一个高一个低. advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.30.131 } track_script { chk_port } } |
real server 192.168.30.130的配置文件:
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 | [root@haproxy keepalived] # cat keepalived.conf ! Configuration File for keepalived global_defs { notification_email { 215687833@qq.com } notification_email_from keepalived@admin smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id nginx_master标示这是nginx master } vrrp_script chk_port { script "/etc/keepalived/keepalived.jk2.sh" interval 3 weight -2 } vrrp_instance VI_1 { state MASTER #初始化状态为master,两台real server都可以初始化为BACKUP状态,让它们之间自己选举. interface eth0 virtual_router_id 51 priority 101 #优先级高于从节点 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.30.131 } track_script { chk_port } } |
检测脚本路径和内容,赋予脚本可执行权限chmod a+x ...:
| 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 | [root@haproxy keepalived] # pwd /etc/keepalived [root@haproxy keepalived] # cat keepalived.jk2.sh #!/bin/bash ps -C nginx if [[ $? - eq 0 ]]; then exit 0 else /etc/init .d /nginx restart > /dev/null sleep 3 ps -C nginx if [[ $? - eq 0 ]]; then exit 0 else exit 1 fi fi |
#此脚本主要判断本地nginx服务如果down 尝试启动1此,还是down就认为本节点下线,vip自动飘值bakcup节点.
#两台real server 启动keepalived服务:
| 1 | # /etc/init.d/keepalived start |
查看keepalived 的log:
| 1 2 3 4 5 6 7 8 9 10 11 | [root@haproxy conf.d] # tail -f /var/log/messages Aug 4 14:56:09 haproxy Keepalived[51515]: Starting VRRP child process, pid=51518 Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Netlink reflector reports IP 192.168.30.130 added Aug 4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Netlink reflector reports IP 192.168.30.130 added Aug 4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Netlink reflector reports IP fe80::20c:29ff:feca:1ae added Aug 4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Registering Kernel netlink reflector Aug 4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Registering Kernel netlink command channel Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Netlink reflector reports IP fe80::20c:29ff:feca:1ae added Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering Kernel netlink reflector Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering Kernel netlink command channel Aug 4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering gratuitous ARP shared channel |
#查看master的vip地址,ifconfig 看不到,用ip a或者:ip addr show
| 1 2 3 4 5 6 7 8 9 10 11 12 | [root@haproxy conf.d] # ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN link /loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1 /8 scope host lo inet6 ::1 /128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link /ether 00:0c:29:ca:01:ae brd ff:ff:ff:ff:ff:ff inet 192.168.30.130 /24 brd 192.168.30.255 scope global eth0 inet 192.168.30.131 /32 scope global eth0 inet6 fe80::20c:29ff:feca:1ae /64 scope link valid_lft forever preferred_lft forever |
#测试:打开浏览器访问http://192.168.30.131/ ,其中一台nginx 启动失败即可看到演示效果.
转载地址:http://kbebm.baihongyu.com/