keepalived安装配置
一、配置环境准备
系统:centos 6.5
kep1 10.67.91.115 master
kep2 10.67.91.117 slave
二、安装keepalived(两台服务器都要安装)
yum -y install keepalived
三、启动keepalived并检查
1、两台服务器上启动keep服务
[root@kep1 ~]# /etc/init.d/keepalived start
正在启动 keepalived: [确定]
[root@kep2 ~]# /etc/init.d/keepalived start
正在启动 keepalived: [确定]
2、两台服务器上检查进程(启动后会有3个进程,说明安装成功)
[root@kep1 ~]# ps -ef | grep keep|grep -v grep
root 1286 1 0 05:40 ? 00:00:00 /usr/sbin/keepalived -D
root 1288 1286 0 05:40 ? 00:00:00 /usr/sbin/keepalived -D
root 1289 1286 0 05:40 ? 00:00:00 /usr/sbin/keepalived -D
3、一切正常后,两台服务器先关闭掉keep服务
[root@kep2 ~]# /etc/init.d/keepalived stop
停止 keepalived: [确定]
四、keep配置文件路径,
如果是yum安装,那么这是默认的路径
[root@kep1 ~]# ls -l /etc/keepalived/keepalived.conf
五、主服务器配置:
vim /etc/keepalived/keepalived.conf , 键入以下内容
global_defs {
notification_email {
admin@company.com (这里可以定义多个报警邮箱)
}
notification_email_from alarm@company.com (报警人)
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/bin/check_ng.sh" (检测脚本路径)
interval 2 (检测的间隔)
weight 2 (#如果脚本执行结果非0,并且weight配置的值小于0,则优先级相应的减少;如果脚本执行结果为0,并且weight配置的值大于0,则优先级相应的增加;其他情况,维持原本prority的优先级。)
}
vrrp_instance VI_1 {
state MASTER (显示定义为主服务器)
interface eth0 (绑定的网口,该网口即上面提到的两个IP的接口)
virtual_router_id 51 (定义的ID,官方的是 51,主从服务器必须一致)
mcast_src_ip 10.67.91.115 (主服务器的IP)
priority 100 (优先级,任意定义,但是一定要比从服务器高)
advert_int 1 ( VRRP Multicast 广播周期秒数)
authentication {
auth_type PASS
auth_pass 1111 (默认即可)
}
track_script {
chk_http_port (调用检测脚本)
}
virtual_ipaddress {
10.67.91.100 (绑定的虚IP)
}
}
六、从服务器配置
vim /etc/keepalived/keepalived.conf , 键入以下内容
global_defs {
notification_email {
admin@company.com (这里可以定义多个报警邮箱)
}
notification_email_from alarm@company.com (报警人)
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/bin/check_ng.sh" (检测脚本路径)
interval 2 (检测脚本执行的间隔)
weight 2
}
vrrp_instance VI_1 {
state BACKUP (显示定义为从服务器)
interface eth0 (绑定的网口,该网口即上面提到的两个IP的接口)
virtual_router_id 51 (定义的ID,官方的是 51,主从服务器必须一直)
mcast_src_ip 10.67.91.117 (从服务器的IP)
priority 50 (优先级,任意定义,但是一定要比主服务器低)
advert_int 1
authentication {
auth_type PASS
auth_pass 1111 (默认即可)
}
track_script {
chk_http_port (调用检测脚本)
}
virtual_ipaddress {
10.67.91.100 (绑定的虚IP)
}
}
七、编辑 vim /bin/check_ng.sh
#!/bin/bash
N= `ps -C nginx --no-header |wc -l`
if [ $N -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 3
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
这是一个针对nginx状态进行检测的脚本,第一次nginx服务死掉时,会重新启动,如果Nginx服务依旧没有起来,则杀掉keepalived进程
八、服务器上都启动 keepalived 进程
/etc/init.d/keepalived start
执行 /sbin/ip a 我们看一下IP的使用情况
主服务器:
eth1: mtu 1500 qdisc pfifo_fast qlen 1000
link/ether 80:c1:6e:71:f1:a2 brd ff:ff:ff:ff:ff:ff
inet 10.67.91.115/8 brd 10.255.255.255 scope global eth1
inet 10.67.91.100/32 scope global eth1
可见虚IP已经挂载上了
同时查看 tail -f /var/log/messages , keepalived 日志显示如下:
Jun 28 18:44:25 proxy1 Keepalived_vrrp: Using LinkWatch kernel netlink reflector...
Jun 28 18:44:25 proxy1 Keepalived_vrrp: VRRP sockpool: [ifindex(3), proto(112), fd(10,11)] www.2cto.com
Jun 28 18:44:25 proxy1 Keepalived_vrrp: VRRP_Script(chk_http_port) succeeded
Jun 28 18:44:26 proxy1 Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 28 18:44:27 proxy1 Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE (这里显示其角色为主服务)
Jun 28 18:44:27 proxy1 Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 28 18:44:27 proxy1 Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 10.67.91.100
同时从服务器日志显示为:
Jun 28 18:42:14 proxy2 Keepalived: Starting Keepalived v1.2.2 (06/21,2012)
Jun 28 18:42:14 proxy2 Keepalived: Starting VRRP child process, pid=23588
Jun 28 18:42:14 proxy2 Keepalived_vrrp: Registering Kernel netlink reflector
Jun 28 18:42:14 proxy2 Keepalived_vrrp: Registering Kernel netlink command channel
Jun 28 18:42:14 proxy2 Keepalived_vrrp: Registering gratutious ARP shared channel
Jun 28 18:42:14 proxy2 Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Jun 28 18:42:14 proxy2 Keepalived_vrrp: Configuration is using : 65440 Bytes
Jun 28 18:42:14 proxy2 Keepalived_vrrp: Using LinkWatch kernel netlink reflector...
Jun 28 18:42:14 proxy2 Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE (显示为BACKUP,从)
Jun 28 18:42:14 proxy2 Keepalived_vrrp: VRRP sockpool: [ifindex(3), proto(112), fd(10,11)]
此时我们关闭主上的keepalived服务,则从的日志变为:
Jun 28 18:43:49 proxy2 Keepalived_vrrp: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 28 18:43:50 proxy2 Keepalived_vrrp: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 28 18:43:50 proxy2 Keepalived_vrrp: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 28 18:43:50 proxy2 Keepalived_vrrp: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 10.67.91.100
可见他已经接管了10.67.91.100 这一个虚IP,并且把自己的状态置为了主 MASTER
此时再把原来主上的keepalived进程起来,则其日志为:
Jun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance(VI_1) Received higher prio advert
Jun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 28 18:44:26 proxy2 Keepalived_vrrp: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 28 18:44:26 proxy2 avahi-daemon[6552]: Withdrawing address record for 10.67.91.100 on eth1
表示接收到了更高权限的消息,于是他把自己的状态置为了从,并且归还 10.67.91.100 这个IP
如此,就实现了高可用 HA。
九、keepalived检测脚本及注意事项
默认每隔3秒钟执行一次检测脚本,检查nginx服务是否启动,如果没启动就把nginx服务启动起来,如果启动不成功,就把keepalived服务down掉,让漂浮到备keepalived上
检测脚本检测脚本一定要写在vrrp_instance的前面也就是上面,而且花括号一定要有空格,追踪trace_script要定在vip的后面,多少人栽在了这上面好多小时。
