該文檔在CentOS7.6系統下進行編譯安裝keepalived 2.1.3
| 主機名稱 | ip地址 | 操作系統 | 角色 | 軟件版本 | 備註 |
|---|---|---|---|---|---|
| opsproxy-shqs-1 | 10.99.73.38 (real ip) | CentOS 7.6 | keepalived | 2.1.3 | 當前最新版本 |
| opsproxy-shqs-1 | 10.99.73.39 (real ip) | CentOS 7.6 | keepalived | 2.1.3 | 當前最新版本 |
| 10.99.73.40 (vip) | VIP |
一、編譯安裝keepalived
1.1 下載keepalived源碼包
wget https://www.keepalived.org/software/keepalived-2.1.3.tar.gz
tar zxvf keepalived-2.1.3.tar.gz
1.2 編譯安裝keepalived
我的編譯軟件統一安裝在/opt/app/install/目錄下面,然後軟連接到/opt/app/下面。所以這裏設置keepalived的安裝目錄爲/opt/app/install/keepalived
# 準備編譯環境
yum install -y ipvsadm popt popt-devel libnl libnl-devel libnl3-devel libnfnetlink libnfnetlink-devel net-snmp-devel openssl openssl-devel
# 切換到keepalived源碼根目錄
cd keepalived-2.1.3
# 編譯
./configure --with-init=systemd --with-systemdsystemunitdir=/usr/lib/systemd/system --prefix=/opt/app/install/keepalived --with-run-dir=/opt/app/install/keepalived/run
make
# 安裝
make install
# 可執行文件拷貝一份到系統執行文件目錄,該目錄在path變量裏面,可以直接使用haproxy命令
cp /opt/app/install/keepalived/sbin/keepalived /usr/sbin/keepalived
# 或者
# ln -s /opt/app/install/keepalived/sbin/keepalived /usr/sbin/keepalived
# 軟連接(這一步謹是我自己對軟件目錄管理的需求)
ln -s /opt/app/install/keepalived /opt/app/keepalived
# keepalived附加參數文件,爲了跟yum安裝一致,其實是不用配置的。啓動文件指定實際路徑就可以了。
ln -s /opt/app/install/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived
# pid文件放置目錄,目錄可以自己定義在啓動腳本里面使用
mkdir /opt/app/install/keepalived/run
1.3 配置system自啓動文件
根據上面的編譯安裝,實際已經生成了啓動文件,我們這裏進行一些修改。
- 編寫配置文件
vi /usr/lib/systemd/system/keepalived.service [Unit] Description=LVS and VRRP High Availability Monitor After=network-online.target syslog.target Wants=network-online.target [Service] Type=forking PIDFile=/run/keepalived.pid KillMode=process EnvironmentFile=-/etc/sysconfig/keepalived ExecStart=/usr/sbin/keepalived -f /opt/app/keepalived/etc/keepalived/keepalived.conf $KEEPALIVED_OPTIONS ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target - 加載文件
systemctl daemon-reload
以上,keepalived主備節點操作相同。
1.4 keepalived配置文件
這裏僅僅是一個簡單的配置文件,在haproxy服務中使用,部署驗證這些就夠了,更多參數配置需要了在補充吧。
配置文件目錄/opt/app/keepalived/etc/keepalived/keepalived.conf
主備節點需要一致的參數:router_id ,virtual_router_id
主備節點優先級可以設置爲主高備低:priority
-
Master節點
vi /opt/app/keepalived/etc/keepalived/keepalived.conf global_defs { router_id haproxy } vrrp_script chk_haproxy { script "/opt/app/keepalived/etc/keepalived/chk_haproxy.sh" interval 2 weight 2 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 55 priority 101 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.99.73.40 } track_script { chk_haproxy } } -
backup節點
vi /opt/app/keepalived/etc/keepalived/keepalived.conf global_defs { router_id haproxy } vrrp_script chk_haproxy { script "/opt/app/keepalived/etc/keepalived/chk_haproxy.sh" interval 2 weight 2 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 55 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.99.73.40 } track_script { chk_haproxy } }- 定義haproxy狀態監控,如果haproxy沒有運行,會監控到並主動拉起haproxy服務。
vi /opt/app/keepalived/etc/keepalived/chk_haproxy.sh #!/bin/bash if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then systemctl start haproxy fi chmod +x /opt/app/keepalived/etc/keepalived/chk_haproxy.sh -
配置自啓動
systemctl enable keepalived.service -
啓動服務
systemctl start keepalived.service systemctl status keepalived.service -
驗證VIP的漂移
#----------------------------------- # 1. 初次啓動看下VIP #----------------------------------- # 主節點(master) # ip add 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:5f:60:52 brd ff:ff:ff:ff:ff:ff inet 10.99.73.38/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever inet 10.99.73.40/32 scope global eth0 #這裏 valid_lft forever preferred_lft forever # 備節點(backup) # ip add 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:84:54:be brd ff:ff:ff:ff:ff:ff inet 10.99.73.39/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever #----------------------------------- # 2. 關閉主節點keepalived服務 #----------------------------------- # 主節點(master) 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:5f:60:52 brd ff:ff:ff:ff:ff:ff inet 10.99.73.38/24 brd 10.99.73.255 scope global eth0 #可以看到VIP已經漂走了 valid_lft forever preferred_lft forever # 備節點(backup) 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:84:54:be brd ff:ff:ff:ff:ff:ff inet 10.99.73.39/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever inet 10.99.73.40/32 scope global eth0 #可以看到VIP已經漂過來了,很快很快 valid_lft forever preferred_lft forever #----------------------------------- # 3. 重新開啓主節點keepalived服務,因爲我們配置的主節點優先級比較高,雖然備節點正常,但VIP還是會漂過來的。 #----------------------------------- # 主節點(master) 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:5f:60:52 brd ff:ff:ff:ff:ff:ff inet 10.99.73.38/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever inet 10.99.73.40/32 scope global eth0 # 備節點(backup) 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:84:54:be brd ff:ff:ff:ff:ff:ff inet 10.99.73.39/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever -
驗證監控腳本會自動拉起haproxy
# 查看當前haproxy狀態,確認啓動時間以及PID systemctl status haproxy|grep -A 1 Active Active: active (running) since Fri 2020-07-03 16:11:25 CST; 4min 27s ago Main PID: 3942 (haproxy) # 執行關閉haproxy,查看是否被自動拉起服務 systemctl stop haproxy systemctl status haproxy|grep -A 1 Active Active: active (running) since Fri 2020-07-03 16:16:47 CST; 601ms ago Main PID: 8382 (haproxy)可以看到haproxy被keepalived自動拉起來了,驗證完成。