Keepalived安装配置
2015-12-15 16:05:04   来源:   评论:0 点击: 收藏

一、安装所需的环境(安装相关依赖包):这里以centos为例 yum -y install gcc gcc-c++ gcc-g77 ncurses-devel bison libaio-devel
一、安装所需的环境(安装相关依赖包):这里以centos为例
 

#yum -y install gcc gcc-c++ gcc-g77 ncurses-devel bison libaio-devel  openssl-devel openssl

二,下载并安装keepalived
创建一个文件夹并进入

#mkdir /soft 
 
#cd /soft
 
#wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz
 
#tar zxvf keepalived-1.2.13.tar.gz
 
#cd keepalived-1.2.13
 
#./configure --disable-fwmark --prefix=/usr/local/keepalived



#
make && make install

查看安装完成后,生成了4个目录



三,相关配置
# cd /usr/local/keepalived/etc
# tree


# mkdir /etc/keepalived/
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/  
 
# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
 
# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
 
# ln -s /usr/local/keepalived/sbin/keepalived /sbin/

# service keepalived restart
Stopping keepalived: [FAILED]
Starting keepalived: [  OK  ]

#
chkconfig keepalived on

# service keepalived status
keepalived (pid  12092) is running...

有关keepalived.conf的配置项

#全局定义块,包含邮件定义部分,
global_defs {
  notification_email {
    acassen@firewall.loc
    failover@firewall.loc
    sysadmin@firewall.loc
  }
  notification_email_from Alexandre.Cassen@firewall.loc
  smtp_server 192.168.200.1
  smtp_connect_timeout 30
  router_id LVS_DEVEL  //负载均衡器标识,在一个网络内,它应该是唯一的
}

#VRRP实例定义块,负责负载均衡器之间的失败切换
vrrp_instance VI_1 {
    state MASTER                      //只有MASTER和BACKUP 2种状态,主为MASTER,从为BACKUP,使用大写                                        
    interface eth0                    //监控的网络接口                                              
    virtual_router_id 51              //同一实例下virtual_router_id必须相同                          
    priority 100                      //定义优先级,数字越大,优先级越高                            
    advert_int 1                      //MASTER与BACKUP负载均衡器之间同步检查的时间间隔,单位是秒      
    authentication {                  //验证类型和密码                                                
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {                //虚拟ip地址virtual_ipaddress,可以定义多个
        192.168.200.16
        192.168.200.17
        192.168.200.18
    }
}

#虚拟服务器定义块
virtual_server 192.168.200.100 443 {                              //定义虚拟服务器                                          
    delay_loop 6                                                  //delay_loop,健康检查时间间隔,单位是秒                                    
    lb_algo rr                                                    //负载调度算法,这里设置为rr,即轮询算法,互联网应用常使用wlc或rr                      
    lb_kind NAT                                                    //负载均衡转发规则。一般包括DR,NAT,TUN3种,在我的方案中,都使用DR的方式  
    nat_mask 255.255.255.0                                        //子网掩码      
    persistence_timeout 50                                        //会话保持时间,单位是秒(可以适当延长时间以保持session)                                
    protocol TCP                                                  //转发协议类型,有tcp和udp两种 
                                                                                    
    real_server 192.168.201.100 443 {                              //真实服务器IP及端口                                            
        weight 1                                                  //默认为1,0为失效                          
        SSL_GET {                                                                  
            url {                                                                  
              path /                                                                
              digest ff20ad2481f97b1754ef3e12ecd3a9cc                              
            }
            url {
              path /mrtg/
              digest 9b3a0c85a887a256d6939da88aabd8cd
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.2 1358 {
    delay_loop 6
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server 192.168.200.200 1358

    real_server 192.168.200.2 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.3 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
 

配置主备keepalived

a、配置主备keepalived
#主,以下主要列出keepalived.conf差异部分
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.220
        192.168.1.230
    }
}

#备,以下主要列出keepalived.conf差异部分
vrrp_instance VI_1 {
    state BACKUP 
    interface eth0
    virtual_router_id 51
    priority 90 
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.220
        192.168.1.230
    }
}

b、测试主备keepalived
#启动主服务器上的keepalived服务
[root@MASTER ~]# service keepalived start
Starting keepalived: [  OK  ]

[root@SZ-SYS-APP01 ~]# ip addr
1: lo: mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
      valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:1f:37 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.65/24 brd 192.168.1.255 scope global eth0
    inet 192.168.1.220/32 scope global eth0    #可以看到220和230的虚IP
    inet 192.168.1.230/32 scope global eth0
    inet6 fe80::250:56ff:fe84:1f37/64 scope link 
      valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop 
    link/sit 0.0.0.0 brd 0.0.0.0

#启动备用服务器上的keepalived服务
[root@BACKUP ~]# service keepalived start
Starting keepalived: [  OK  ]
#下面的查询结果中,虚IP220和230并为出现在备用服务器
[root@HKBO ~]# ip addr
1: lo: mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
      valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:04:2c brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.66/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::250:56ff:fe84:42c/64 scope link 
      valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop 
    link/sit 0.0.0.0 brd 0.0.0.0

#关闭主服务上的keepalived服务,观察vip是否会漂移到备用服务        
[root@MASTER ~]# service keepalived stop
Stopping keepalived: [  OK  ]
[root@MASTER ~]# ip addr    #关闭后,该命令可以看到220和230的虚IP已经不存在于主服务器
1: lo: mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
      valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:1f:37 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.65/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::250:56ff:fe84:1f37/64 scope link 
      valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop 
    link/sit 0.0.0.0 brd 0.0.0.0

#此时在备用服务器上查看到了漂移的vip地址
[root@BACKUP ~]# ip addr
1: lo: mtu 16436 qdisc noqueue 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
      valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:04:2c brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.66/24 brd 192.168.1.255 scope global eth0
    inet 192.168.1.220/32 scope global eth0
    inet 192.168.1.230/32 scope global eth0
    inet6 fe80::250:56ff:fe84:42c/64 scope link 
      valid_lft forever preferred_lft forever
3: sit0: mtu 1480 qdisc noop 
    link/sit 0.0.0.0 brd 0.0.0.0

#如果再次启动主服务器上的keepalived服务,则会vip自动漂移到主服务器,不再验证。
#Author : Leshami
#Blog  :http://www.linuxidc.com

6、配置双主keepalived

双主的keepalived方式实际上是互为主备,以避免单点故障
#配置主备keepalived
MasterA: 192.168.1.65, VirtualIP: 192.168.1.220
MasterB: 192.168.1.66, VirtualIP: 192.168.1.230
#主,以下主要列出keepalived.conf差异部分
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.220
    }
}

vrrp_instance VI_2 {
    state BACKUP
    interface eth0
    virtual_router_id 52
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.230
    }
}

#备,以下主要列出keepalived.conf差异部分
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.220
    }
}

vrrp_instance VI_2 {
    state MASTER
    interface eth0
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.230
    }
}

#从上面的配置文件中可以看出,实际上是增加了一个vrrp实例
#验证过程略



相关热词搜索:Keepalived 安装 配置

上一篇:LVS,Nginx,HAProxy 优缺点
下一篇:我所了解的各公司使用的Ceph存储集群