Keepalived的下载在官方网站 http://www.keepalived.org/
一、安装
1、首先安装依赖包
查看系统版本
cat /etc/redhat-release
CentOS Linux release 7.2.1511 (Core)
查看内核版本
ls /usr/src/kernels
3.10.0-693.2.2.el7.x86_64
# yum install -y libnl*
# yum install -y libnfnetlink-devel zlib zlib-devel gcc gcc-c++ openssl openssl-devel openssh
# yum install -y libnl-devel libnl3-devel libnfnetlink-devel
pcre: 用来作地址重写的功能。
zlib:nginx 的gzip模块,传输数据打包,省流量(但消耗资源)。
openssl:提供ssl加密协议
2、下载并解压Keepalived
# wget http://www.keepalived.org/software/keepalived-2.2.4.tar.gz
# tar xvf keepalived-2.2.4.tar.gz
3、编译安装
# cd keepalived-2.2.4
# ./configure --prefix=/home/keepalived
# make
# make install
二、配置
keepalived安装完成后默认不会注册为系统服务,所以需要手工添加系统服务脚本。在/etc/init.d目录下新建keepalived文件,并更改权限其即可。
0、创建keepalived的pid目录
用于后面手动添加进程号
[root@Nginx-Master ~]# mkdir -p /usr/local/keepalived/var/run/
[root@Nginx-Master ~]# vi /usr/local/keepalived/var/run/keepalived.pid
建立Nginx用户
[root@Nginx-Master nginx-1.9.7]# groupadd -g 1001 nginx
[root@Nginx-Master nginx-1.9.7]# useradd -u 900 nginx -g nginx -s /sbin/nologin
[root@Nginx-Master nginx-1.9.7]# tail -1 /etc/passwd
nginx:x:900:1001::/home/nginx:/sbin/nologin
1、去 keepalived 源码目录下拷贝启动脚本到/etc/init.d/下
[root@bogon keepalived-1.3.5]# pwd
/usr/local/src/keepalived-1.3.5
[root@bogon keepalived-1.3.5]# cp /usr/local/src/keepalived-1.3.5/keepalived/etc/init.d/keepalived /etc/init.d/keepalived
[root@bogon keepalived-1.3.5]# ll /etc/init.d/ | grep keepalived
-rwxr-xr-x 1 root root 1308 8月 2 14:15 keepalived
2、修改/etc/init.d/keepalived启动脚本
方式1、需要修改的数据有以下几项:
# config: /etc/keepalived/keepalived.conf 文件的位置;
# Source configuration file (we set KEEPALIVED_OPTIONS there) 文件的位置。. /etc/sysconfig/keepalived
修改为实际安装的文件路径,我的安装路径如下:
# config: /usr/local/keepalived/etc/keepalived/keepalived.conf
. /usr/local/keepalived/etc/sysconfig/keepalived
另外添加如下变量,并修改文件中相应的部分:
keepalived=/usr/local/keepalived/sbin/keepalived
keepalived_config=/usr/local/keepalived/etc/keepalived/keepalived.conf
keepalived_pid=/usr/local/keepalived/var/run/keepalived.pid
[root@bogon keepalived-1.3.5]# vim /etc/init.d/keepalived
#!/bin/sh
#
# Startup script for the Keepalived daemon
#
# processname: keepalived
# pidfile: /usr/local/keepalived/run/keepalived.pid
# config: /usr/local/keepalived/etc/keepalived/keepalived.conf
# chkconfig: - 21 79
# description: Start and stop Keepalived
# Source function library
. /etc/rc.d/init.d/functions
# Source configuration file (we set KEEPALIVED_OPTIONS there)
. /usr/local/keepalived/etc/sysconfig/keepalived
keepalived=/usr/local/keepalived/sbin/keepalived
keepalived_config=/usr/local/keepalived/etc/keepalived/keepalived.conf
keepalived_pid=/usr/local/keepalived/var/run/keepalived.pid
RETVAL=0
prog="keepalived"
start() {
echo -n $"Starting $prog: "
daemon $keepalived -f ${keepalived_config} ${KEEPALIVED_OPTIONS}
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
}
2、修改其权限并开机启动
修改权限:chmod 755 /etc/init.d/keepalived
加为系统服务:chkconfig --add keepalived
开机启动:chkconfig keepalived on (centos6.0)
查看开机启动的服务:chkconfig --list
3、备注:keepalived服务控制
systemctl enable keepalived.service #设置开机自动启动 (centos7.0)
systemctl disable keepalived.service #取消开机自动启动
systemctl start keepalived.service #启动服务
systemctl restart keepalived.service #重启服务
systemctl stop keepalived.service #停止服务
systemctl status keepalived.service #查看服务状态
方式2、另一种添加为系统服务的方式
1、复制相应文件到相应目录下
# keepalived启动脚本变量引用文件,默认文件路径是/etc/sysconfig/,也可以不做软链接,直接修改启动脚本中文件路径即可(安装目录下)
[root@bogon /]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived
# 将keepalived主程序加入到环境变量(安装目录下)
[root@bogon /]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/keepalived
# keepalived启动脚本(源码目录下),放到/etc/init.d/目录下就可以使用service命令便捷调用
[root@bogon /]# cp /usr/local/src/keepalived-1.3.5/keepalived/etc/init.d/keepalived /etc/init.d/keepalived
# 将配置文件放到默认路径下
[root@bogon /]# mkdir /etc/keepalived
[root@bogon /]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
[root@bogon /]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
2、设置开机启动
# 设置开机启动
[root@bogon /]# chkconfig keepalived on (centos6.0)
[root@bogon /]# service keepalived start|stop|restart (centos7.0)
附、安装过程中的问题
0、vrrp无法正常识别物理网卡?
vrrp_instance VI_1 {
state MASTER
interface ens160 #需根据不同的系统进行修改,默认是eth0
virtual_router_id 51
mcast_src_ip 192.168.2.146
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
# 192.168.200.16
#192.168.200.17
# 192.168.200.18
192.168.2.147
}
1、修改启动脚本 /etc/init.d/keepalived 后,未生效?
对于此问题一般的解决方法是执行如下命令,重新加载脚本。
[root@bogon sbin]# systemctl daemon-reload
以上方法大多时候会生效,但也有例外。此时,可以试试如下方法:
删除路径 /usr/lib/systemd/system/ 下相应的启动脚本
[root@bogon /]# chkconfig --del keepalived
[root@bogon /]# cd /usr/lib/systemd/system/
[root@bogon system]# ls | grep keepalived
keepalived.service
[root@bogon system]# rm keepalived.service
rm:是否删除普通文件 "keepalived.service"?y
然后重新注册为系统服务:
[root@bogon system]# chkconfig --add keepalived
重新注册后,修改后的配置文件就会生效。
2、a configured resource limit was exceeded?
执行 systemctl start keepalived.service 后出现如下错误:
[root@bogon sbin]# systemctl start keepalived.service
Job for keepalived.service failed because a configured resource limit was exceeded. See "systemctl status keepalived.service" and "journalctl -xe" for details.
这个问题在网上找了半天也没找可以解决的方法,但是把 问题1 解决之后 问题2 就没再出现
3、安装时出现如下问题?
缺少依赖包,安装一下就好:
[root@bogon /]# yum install -y libnfnetlink-devel
4、Failed to start LVS and VRRP High Availability Monitor?
处理方法:需要将进程号手动写入pid文件
处理步骤:查看keepalived的进程
[root@rbtnode1 ~]# ps aux | grep keepalived
root 10960 0.0 0.0 48028 1044 ? Ss 09:01 0:00 /usr/local/keepalived/sbin/keepalived -D
root 10961 0.0 0.1 48028 1920 ? S 09:01 0:00 /usr/local/keepalived/sbin/keepalived -D
root 10962 0.0 0.0 48028 1516 ? S 09:01 0:00 /usr/local/keepalived/sbin/keepalived -D
root 19427 0.0 0.0 112664 972 pts/0 S+ 10:06 0:00 grep --color=auto keepalived
将进程号手动写入pid文件
[root@rbtnode1 ~]# echo 10960 >> /usr/local/keepalived/var/run/keepalived.pid
5、如果vrrp无法切换,需要关闭防火墙?
systemctl stop firewalld.service #停止firewall
systemctl disable firewalld.service #禁止firewall开机启动
6、无法ping通vip地址?
vim /etc/keepalived/keepalived.conf
#vrrp_strict #在全局配置下面
7、centos7.0系统下添加多个虚拟ip地址
有时你也许想要给一个网卡多个地址。你该怎么做呢?另外买一个网卡来分配地址?在小型网络中其实不用这么做。我们现在可以在CentOS/RHEL 7中给一个网卡分配多个ip地址。想知道怎么做么?好的,跟随我,这并不难。
首先,让我们找到网卡的IP地址。在我的CentOS 7服务器中,我只使用了一个网卡。
用root特权运行下面的命令:
ip addr
示例输出:
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:80:63:19 brd ff:ff:ff:ff:ff:ffinet 192.168.1.150/24 brd 192.168.1.255 scope global enp0s3valid_lft forever preferred_lft forever
如上所见,我的网卡名是enp0s3,ip地址是192.168.1.150。
如你所知,网卡的配置文件存储在 /etc/sysconfig/network-scripts/ 目录下。每个网卡的详细内容将会以不同的名字存储,比如ifcfg-enp0s3。
让我们看下ifcfg-enp0s3的细节。
cat /etc/sysconfig/network-scripts/ifcfg-enp0s3
示例输出:
TYPE="Ethernet"BOOTPROTO="none"DEFROUTE="yes"IPV4_FAILURE_FATAL="no"IPV6INIT="yes"IPV6_AUTOCONF="yes"IPV6_DEFROUTE="yes"IPV6_FAILURE_FATAL="no"NAME="enp0s3"UUID="e9f9caef-cb9e-4a19-aace-767c6ee6f849"ONBOOT="yes"HWADDR="08:00:27:80:63:19"IPADDR0="192.168.1.150"PREFIX0="24"GATEWAY0="192.168.1.1"DNS1="192.168.1.1"IPV6_PEERDNS="yes"IPV6_PEERROUTES="yes"
好的,现在我们将在相同的子网中分配多个地址了。
编辑文件 /etc/sysconfig/network-scripts/ifcfg-enp0s3:
vi /etc/sysconfig/network-scripts/ifcfg-enp0s3
像下面那样加入额外的IP地址。
TYPE="Ethernet"BOOTPROTO="none"DEFROUTE="yes"IPV4_FAILURE_FATAL="no"IPV6INIT="yes"IPV6_AUTOCONF="yes"IPV6_DEFROUTE="yes"IPV6_FAILURE_FATAL="no"NAME="enp0s3"UUID="933cdc9b-b383-4ddd-b219-5a72c69c9cf0"ONBOOT="yes"HWADDR="08:00:27:3F:AB:68"IPADDR0="192.168.1.150"IPADDR1="192.168.1.151"IPADDR2="192.168.1.152"PREFIX0="24"GATEWAY0="192.168.1.1"DNS1="192.168.1.1"IPV6_PEERDNS="yes"IPV6_PEERROUTES="yes"
如你所见,我已经加了两个IP地址:IPADDR1=”192.168.1.151″ & IPADDR2=”192.168.1.152″
类似地,你可以加入更多的ip地址。
最后,保存并退出文件。重启网络服务来使更改生效。
systemctl restart network
现在,让我们检查是否已经加入了ip地址。
ip addr
示例输出:
: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:3f:ab:68 brd ff:ff:ff:ff:ff:ffinet 192.168.1.150/24 brd 192.168.1.255 scope global enp0s3valid_lft forever preferred_lft foreverinet 192.168.1.151/24 brd 192.168.1.255 scope global secondary enp0s3valid_lft forever preferred_lft foreverinet 192.168.1.152/24 brd 192.168.1.255 scope global secondary enp0s3valid_lft forever preferred_lft foreverinet6 fe80::a00:27ff:fe3f:ab68/64 scope linkvalid_lft forever preferred_lft forever
如你所见,单个网卡已经有3个ip地址了。
让我们ping一下新增的IP地址:
ping -c 4 192.168.1.151
示例输出:
PING 192.168.1.151 (192.168.1.151) 56(84) bytes of data.64 bytes from 192.168.1.151: icmp_seq=1 ttl=64 time=0.048 ms
如果你想要使用不同的子网,你要改变PREFIX0=24成不同的子网,比如 PREFIX3=16。
比如,我想要添加一个A类地址(*比如10.0.0.1)到我的网卡中。
TYPE="Ethernet"BOOTPROTO="none"DEFROUTE="yes"IPV4_FAILURE_FATAL="no"IPV6INIT="yes"IPV6_AUTOCONF="yes"IPV6_DEFROUTE="yes"IPV6_FAILURE_FATAL="no"NAME="enp0s3"UUID="933cdc9b-b383-4ddd-b219-5a72c69c9cf0"ONBOOT="yes"HWADDR="08:00:27:3F:AB:68"IPADDR0="192.168.1.150"IPADDR1="192.168.1.151"IPADDR2="192.168.1.152"IPADDR3="10.0.0.1"PREFIX0="24"PREFIX3=16GATEWAY0="192.168.1.1"DNS1="192.168.1.1"IPV6_PEERDNS="yes"IPV6_PEERROUTES="yes"
你可以看到我已经添加一个A类地址(10.0.0.1)并且前缀是16。
保存并退出文件。重启网络服务,接着,ping新增的地址:
ping -c 4 10.0.0.1
8、开机后keepalived无法正常启动,因为pid号会变化,导致每次需手动更新如下文件?
[root@rbtnode1 ~]# > /usr/local/keepalived/var/run/keepalived.pid
9、关闭nginx进程后,keepalived无法正常切换?
可以改成监控物理接口,监控nginx进程还需修改shell脚本,未完待续!
强制关闭进程建议用如下命令:
ps -ef | grep keepalived
root 3775 1 0 14:05 ? 00:00:00 /usr/local/sbin/keepalived -D
root 3776 3775 0 14:05 ? 00:00:00 /usr/local/sbin/keepalived -D
root 3777 3775 0 14:05 ? 00:00:00 /usr/local/sbin/keepalived -D
root 8257 1269 0 14:41 pts/0 00:00:00 grep --color=auto keepalived
kill -s 9 3775