Suse Linux Server上源碼安裝Keepalived HA
提示:請先閱讀一遍再進行操作,因爲文檔是邊操作邊寫的,過程中有一些坑,先閱讀一遍,可以避開
一:安裝
**注:**如果的鏡像源可以直接使用就忽略環境準備環節,直接使用源安裝依賴sudo zypper in libnl3 libnl3-devel
環境準備【如果已有可以忽略】在執行Keepalived配置的時候會有提示
執行:./configure --prefix=/usr/local/keepalived
參考提示:*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
1.原始機器確實libnl-3包的依賴: libnl/libnl-3 dev
2. 獲取依賴包:wget http://www.infradead.org/~tgr/libnl/files/libnl-3.2.25.tar.gz
3. 解壓依賴包並編譯安裝:
<1>: tar -zxvf libnl-3.2.25.tar.gz
<2>: cd libnl-3.2.25
<3>: ./configure --prefix=/usr \
--sysconfdir=/etc \
--disable-static && make
<4>: sudo make install
安裝完成後還是有問題,還是上面的提示,接着安裝:libnl 和 libnl3-devel 這兩個依賴
官方提示:對1.1.x版本的支持有限,只能根據要求提供後端端口。 不要開發基於libnl1的新應用程序,並考慮將應用程序移植到libnl3
- 這一步可能沒必要【如果不好使請補上這一步】:
<1>: wget https://github.com/thom311/libnl/releases/download/libnl3_5_0/libnl-3.5.0.tar.gz
<2>: tar -zxvf libnl-3.5.0.tar.gz -C ~
<3>: cd libnl-3.5.0/
<4>: ./configure --prefix=/usr \
--sysconfdir=/etc \
--disable-static && make
<5>: sudo make install
- 依次安裝依賴【依賴有先後順序】:
- libnl-config依賴
<1>: wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home:/plater/Leap_15.1/noarch/libnl-config-3.4-lp151.80.4.noarch.rpm
# 如果直接執行安裝就會報如下錯誤:sudo rpm -ivh libnl-config-3.4-lp151.80.4.noarch.rpm
# 使用zyppera安裝也會報錯:sudo zypper in libnl-config-3.4-lp151.80.4.noarch.rpm
# warning: libnl-config-3.4-lp151.80.4.noarch.rpm: Header V3 RSA/SHA256 Signature, key # ID 9e79112d: NOKEY
# Preparing... ################################# [100%]
# file /etc/libnl/classid from install of libnl-config-3.4-lp151.80.4.noarch # conflicts with file from package libnl-config-3.2.23-2.21.noarch
# file /etc/libnl/pktloc from install of libnl-config-3.4-lp151.80.4.noarch # conflicts with file from package libnl-config-3.2.23-2.21.noarch
# 文件有衝突,因爲這個包已經安裝過了,只是版本低而已
# 所以如果系統已經安裝了【只是版本較低】只需要更新即可,如果原機器沒有安裝,這個命令同樣可以安裝而不是更新
<2>: sudo rpm -Uvh libnl-config-3.4-lp151.80.4.noarch.rpm
- libnl3-200依賴
<1>: wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home%3A/plater/Leap_15.1/x86_64/libnl3-200-3.4-lp151.80.4.x86_64.rpm
<2>: sudo rpm -Uvh libnl3-200-3.4-lp151.80.4.x86_64.rpm
- libnl3-devel依賴
<1>: wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home%3A/plater/Leap_15.1/x86_64/libnl3-devel-3.4-lp151.80.4.x86_64.rpm
<2>: sudo rpm -Uvh libnl3-devel-3.4-lp151.80.4.x86_64.rpm
- 依賴安裝完後,開始安裝Keepalived
<1>: cd keepalived-2.0.18
<2>: ./configure --prefix=/usr/local/keepalived # 指定安裝目錄
<3>: make
<4>: sudo make install
- 註冊爲系統服務:
<1>: sudo cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
在源文件的目錄[注意:是解壓文件的目錄,不是安裝文件的目錄,安裝文件的目錄沒有etc/init.d這個目錄存在]下有兩個個快捷啓動文件一個是【解壓目錄keepalived/etc/init.d/keepalived文件】和【解壓目錄keepalived/etc/sysconfig/keepalived文件[這個文件和安裝目錄的一樣,拷貝那個都行]】下一個keepalived.conf配置文件需要複製,具體執行如下命令:
拷貝解壓目錄的這個文件到系統的/etc/init.d目錄下:
<2>: sudo cp /home/vi030241/keepalived-2.0.18/keepalived/etc/init.d/keepalived /etc/init.d/
<3>: sudo cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
# 或者,這兩個文件一樣
sudo cp /home/vi030241/keepalived-2.0.18/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
建立系統的keepalived.conf配置文件目錄,然後拷貝配置文件到這個目錄中
<4>: sudo mkdir /etc/keepalived/
<5>: sudo cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
到此Keepalived的安裝就算完成了,接下來就是修改配置文件【兩臺機器安裝操作類似】
二:配置
- 修改/etc/keepalived/keepalived.conf配置文件
MASTER:
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id cc_monitor_HA # 這種唯一ID,主備相同
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP # 設置爲非搶佔模式,兩個節點都必須設置爲BACKUP,通過priority參數來確定MASTER
interface eth0
virtual_router_id 51
priority 150 # MASTER的值至少大於BACKUP 50個點以上
advert_int 1
nopreempt # 設置爲非搶佔模式,而且只在MASTER一側設置,BACKUP不能設置【參考官網對改屬性的說明】
authentication {
auth_type PASS
auth_pass 1qaz!QAZ...
}
virtual_ipaddress {
10.188.146.XXX # 虛擬IP,自己機器試驗的同一網段即可,因爲是客戶機器,本IP可能是客戶提供
}
}
# 配置LVS的,如果配了,啓動會報下面的截圖的錯誤,不是配置的問題,是機器本身的原因
#virtual_server 10.188.XXX.YYY 8090 {
# delay_loop 3
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
#
# real_server 10.188.XXX.YYY 8090 {
# weight 3
# HTTP_GET {
# url {
# path /
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
#
# real_server 10.188.XXX.YYY 8090 {
# weight 1
# HTTP_GET {
# url {
# path /
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
#}
BACKUP:
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id cc_monitor_HA # 參考上面的說明
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP # 參考上面的說明
interface eth0
virtual_router_id 51
priority 99 # 參考上面的說明
advert_int 1
authentication {
auth_type PASS
auth_pass 1qaz!QAZ...
}
virtual_ipaddress {
10.188.146.254 # 參考上面的說明
}
}
#virtual_server 10.188.XXX.YYY 8090 {
# delay_loop 3
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
#
# real_server 10.188.XXX.YYY 8090 {
# weight 3
# HTTP_GET {
# url {
# path /
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
#
# real_server 10.188.XXX.YYY 8090 {
# weight 1
# HTTP_GET {
# url {
# path /
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
#}
更多配置參數及配置參數的意思參考官方文檔
wget ftp://ftp.pbone.net/mirror/ftp.opensuse.org/distribution/leap/15.1/repo/oss/x86_64/ipvsadm-1.29-lp151.3.3.x86_64.rpm
如何上來就把LVS配上,啓動Keepalived的時候就報下面的錯誤【服務器的原因,沒有IPVS模塊,這裏不管,因爲這裏不需要配置LVS,所以上面被註釋的配置不用打開,這樣就沒有問題】
-
註釋掉上面LVS的配置後就可以正常啓動了
啓動後優先級設置得高的通過競選成爲MASTER,另外一臺則就是BACKUP
可以通過sudo less /var/log/messages日誌文件查看到,這裏就不截圖了
同時可以使用: ip add show 來查看VIP的飄移綁定情況
-
測試殺死MASTER,查看BACKUP是否會接管成爲MASTER,然後啓動MASTER,看是否會搶佔
sudo pkill keepalived 然後查看日誌 sudo less /var/log/messages 並查看BACKUP的VIP綁定 ip add show
然後重新啓動殺死的MASTER sudo /usr/sbin/keepalived 然後查看日誌,看VIP綁定情況
-
接下來解釋一下非搶佔模式:意思是Keepalived也有可能掛掉的可能,那麼假設MASTER掛掉只會,BACKUP會切換爲MASTER,那麼當掛掉的這個MASTER修好後,又啓動了,此時接管BACKUP已經是MASTER了,那麼他是繼續當MASTER還是交出管理權給修改的機器,主動變成BACKUP?那就和剛剛上面設置的nopreempt參數有個了,如果設置了就不強佔,修好的主動成爲BACKUP,即使他的優先級高,這是也沒用,接管的還是MASTER,這樣可以提升性能,如果經常的切換是耗性能的,如果是BACKUP機器掛掉了就沒這個現象,因爲他本身就不是MASTER