keepalived安装与配置
前言
在多机环境下,安装keepalived,保证高可用; 同时多个机器对外暴露一个VIP(Virtual IP),客户端连接VIP即可;
开始
0. 前置条件
- 多个机器,如:
- Node1(主节点 MASTER): 192.168.31.1
- Node2(备用节点 SLAVE): 192.168.31.2
- root权限;
1. 安装
在每个机器上安装keepalived:
sudo apt install keepalived -y
systemctl enable keepalived
systemctl start keepalived
2. 配置
-
默认是没有配置文件的,需要手动添加并修改:
cd /etc/keepalived touch keepalived.conf -
主节点的
keepalived.conf内容如下:#检查应用是否正常的script: vrrp_script chk_service_ok { #这里只检查/tmp/service_ok这个文件是否存在: script "ls /tmp/service_ok" #间隔2秒检查一次: interval 2 } vrrp_instance VI_1 { #指定网卡名称;可以通过:ip addr命令查看网卡信息: interface enp3s0 #主节点: state MASTER #虚拟路由ID,主节点、备用节点必须为通一个ID: virtual_router_id 51 #优先级;主节点比备用节点高: priority 100 #VIP: virtual_ipaddress { 192.168.31.20/25 } #上文指定的检查脚本: track_script { chk_service_ok } } -
备用节点的
keepalived.conf内容如下:#检查应用是否正常的script: vrrp_script chk_service_ok { #这里只检查/tmp/service_ok这个文件是否存在: script "ls /tmp/service_ok" #间隔2秒检查一次: interval 2 } vrrp_instance VI_1 { #指定网卡名称;可以通过:ip addr命令查看网卡信息: interface enp3s0 #备用节点: state SLAVE #虚拟路由ID,主节点、备用节点必须为通一个ID: virtual_router_id 51 #优先级;主节点比备用节点高: priority 50 #VIP: virtual_ipaddress { 192.168.31.20/25 } #上文指定的检查脚本: track_script { chk_service_ok } } -
在主节点和备用节点同时创建
/tmp/service_ok文件:touch /tmp/service_ok -
重启keepalived:
systemctl restart keepalived -
测试:使用ssh连接虚拟IP:
ssh root@192.168.31.20 #此时连接的是主节点192.168.31.1; #删除主节点的/tmp/service_ok文件后, #ssh连接会断开; #再次连接后,连接的是备用节点192.168.31.2; #再次创建主节点的/tmp/service_ok文件后, #ssh会断开,再次连接后,恢复为主节点;
3. 配置多个要监听的应用
配置多个要监听的应用,只需添加多个IP和检查脚本; 如下为Nginx监听脚本: 主节点:
vrrp_script chk_service_ok {
script "ls /tmp/service_ok"
interval 2
}
vrrp_script chk_nginx_ok {
script "/etc/keepalived/chk_nginx.sh"
interval 2
}
vrrp_instance VI_1 {
interface enp5s0
state MASTER
virtual_router_id 51
priority 100
virtual_ipaddress {
192.168.31.20/25
}
track_script {
chk_service_ok
}
}
vrrp_instance VI_2 {
interface enp5s0
state MASTER
virtual_router_id 52
priority 100
virtual_ipaddress {
192.168.31.21/25
}
track_script {
chk_nginx_ok
}
}
备用节点:
vrrp_script chk_service_ok {
script "ls /tmp/service_ok"
interval 2
}
vrrp_script chk_nginx_ok {
script "/etc/keepalived/chk_nginx.sh"
interval 2
}
vrrp_instance VI_1 {
interface enp3s0
state BACKUP
virtual_router_id 51
priority 50
virtual_ipaddress {
192.168.31.20/25
}
track_script {
chk_service_ok
}
}
vrrp_instance VI_2 {
interface enp3s0
state BACKUP
virtual_router_id 52
priority 50
virtual_ipaddress {
192.168.31.21/25
}
track_script {
chk_nginx_ok
}
}
chk_nginx.sh内容如下:
#!/bin/bash
set -ex
if [ -z "`pidof nginx`" ]; then
exit 1
fi
4. 测试
客户端使用VIP:192.168.31.21访问Nginx应用:
#Nginx端口为8080:
curl 192.168.31.21:8080
#此时访问的是主节点;
#关闭主节点的Nginx:
systemctl stop nginx
#再次访问:
curl 192.168.31.21:8080
#此时访问的是备用节点;
5. 查看日志和配置
-
默认日志路径:
/var/log/messages; -
修改日志级别和路径: Keepalived日志路径;
-
默认全局配置:
/etc/sysconfig/keepalived; -
默认全局配置文件内容(如果不存在该文件,需要手动创建;cat /etc/sysconfig/keepalived):
# Options for keepalived. keepalived--help ' Output and keepalived (8) and # keepalived.conf (5) Man pages for a list of all options. Here are the most # common ones: # --VRRP -P only run with VRRP subsystem. #--check -C is run with Health-checker subsystem. #--DONT-RELEASE-VRRP -v dont remove VRRP VIPs & vroutes on daemon stop. #--dont-release-ipvs -i dont remove Ipvs topology on daemon stop. #--dump-conf -D dump the configuration data. #--log-detail -D Detailed log messages. #--log-facility -S 0-7 Set local syslog facility (Default=log_daemon) # keepalived_options= '-d '