CentOS安装Keepalived
1、基础依赖包安装
yum install gcc yum -y install openssl-devel yum -y install libnl libnl-devel yum -y install libnfnetlink-devel yum -y install net-tools yum -y install vim
2、安装包下载、解压编译和安装
官网下载keepalived安装包:
https://www.keepalived.org/download.html
此处下载最新版本2.0.18
将keepalived-2.0.18.tar.gz安装包上传到服务器上的某个目录下,此处为/usr/local/src目录下:
进入安装目录下并解压安装包:
cd /usr/local/src/ tar -zxvf keepalived-2.0.18.tar.gz
将解压的目录移动到/usr/local/keepalived下并进入移动后的目录:
mv keepalived-2.0.18 ../keepalived cd ../keepalived/
生成makefile文件:
./configure
安装执行:
make && make install
完成后会在以下路径生成:
/usr/local/etc/keepalived/keepalived.conf /usr/local/etc/sysconfig/keepalived /usr/local/sbin/keepalived
3 、初始化及启动
将配置文件放到默认路径下:
mkdir /etc/keepalived cp /usr/local/keepalived/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
将keepalived启动脚本(源码目录下),放到/etc/init.d/目录下:
cp /usr/local/keepalived/keepalived/etc/init.d/keepalived /etc/rc.d/init.d/
将keepalived启动脚本变量引用文件放到/etc/sysconfig/目录下:
cp /usr/local/keepalived/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
将keepalived主程序加入到环境变量/usr/sbin/目录下:
cp /usr/local/sbin/keepalived /usr/sbin/
启动keepalived:
service keepalived start
附注:
service keepalived stop //停止服务 service keepalived status //查看服务状态
4 、配置文件修改
停止keepalived服务,修改keepalived.conf配置文件(第3步中的/etc/keepalived/keepalived.conf )并重新启动keepalived服务加载配置文件。
配置属性说明可参照keepalived.conf文件,在具体使用中可参考修改:
! Configuration File for keepalived # 全局定义块 global_defs { # 邮件通知配置,用于服务有故障时发送邮件报警,可选项 notification_email { 541223550@qq.com } # 通知邮件从哪里发出 notification_email_from root@localhost # 通知邮件的smtp地址 smtp_server 127.0.0.1 # 连接smtp服务器的超时时间 smtp_connect_timeout 30 # 标识本节点的字条串,通常为hostname,但不一定非得是hostname。故障发生时,邮件通知会用到 router_id LVS_DEVEL } # 做健康检查的脚本配置,当时检查失败时会将vrrp_instance的priority减少相应的值 vrrp_script chk_haproxy { # 待执行脚本 script "/etc/keepalived/chk_nginx.sh" # 执行间隔 interval 2 # 控制priority增减 weight 2 } # VRRP实例定义块 vrrp_instance VI_1 { # 标识当前节点的状态,可以是MASTER或BACKUP,当其他节点keepalived启动时会将priority比较大的节点选举为MASTER state MASTER # 节点固有IP(非VIP)的网卡,用来发VRRP包 interface ens192 # 取值在0-255之间,用来区分多个instance的VRRP组播。同一网段中virtual_router_id的值不能重复,否则会出错 virtual_router_id 100 # 用来选举master的,要成为master,那么这个选项的值最好高于其他机器50个点,该项取值范围是[1-254](在此范围之外会被识别成默认值100) priority 200 # 发VRRP包的时间间隔,即多久进行一次master选举(可以认为是健康查检时间间隔) advert_int 1 # 认证区域,认证类型有PASS和HA(IPSEC),推荐使用PASS(密码只识别前8位) authentication { auth_type PASS auth_pass 1111 } # 调用chk_http_port中定义的脚本,当使用track_script时可以不用加nopreempt,只需要加上preempt_delay 5,这里的间隔时间要大于vrrp_script中定义的时长 track_script { chk_haproxy } # 允许一个priority比较低的节点作为master,即使有priority更高的节点启动。nopreemt必须在state为BACKUP的节点上才生效(因为是BACKUP节点决定是否来成为MASTER的) nopreempt # 启动多久之后进行接管资源(VIP/Route信息等),前提是没有nopreempt选项 preempt_delay 300 # 虚拟ip地址 virtual_ipaddress { 192.168.26.34 } } # 虚拟服务定义块 virtual_server 192.168.26.34 9999{ # 延迟轮询时间(单位秒) delay_loop 6 # 后端调试算法 lb_algo wrr # LVS调度类型NAT/DR/TUN lb_kind DR # nat掩码 nat_mask 255.255.255.0 # 持久化超时时间,保持客户端的请求在这个时间段内全部发到同一个真实服务器,解决客户连接的相关性问题 persistence_timeout 1 # 传输协议 protocol TCP # 真实提供服务的服务器 real_server 192.168.26.36 9999 { # 权重 weight 1 # 健康检查方式 HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK TCP_CHECK { # 连接超时时间 connect_timeout 10 # 检测失败后的重试次数,若达到重试次数还是失败则将其从服务器池中移除 nb_get_retry 3 # 下次重试的时间延迟 delay_before_retry 3 # 连接端口 connect_port 9999 } } real_server 192.168.26.54 9999 { weight 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 9999 } } } virtual_server 192.168.26.34 3306{ delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.255.0 persistence_timeout 1 protocol TCP real_server 192.168.26.36 3306 { weight 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 3306 } } real_server 192.168.26.54 3306 { weight 1 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 3306 } } }
修改完之后重新启动
