centos7下keepalived1.3.4安装与使用

keepalived是集群管理中保证集群高可用的一个服务软件，其功能类似于heartbeat，用来防止单点故障。

一、下载keepalived

http://www.keepalived.org/

如：keepalived-1.3.4.tar.gz

二、安装keepalived

> tar xf keepalived-1.3.4.tar.gz
> cd keepalived-1.3.4
> ./configure --prefix=/data/keepalived
> make && make install

复制/sbin/keepalived到/usr/sbin下

> cp /data/keepalived/sbin/keepalived /usr/sbin/

keepalived默认会读取/etc/keepalived/keepalived.conf配置文件

> mkdir /etc/keepalived
> cp /data/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf

复制sysconfig文件到/etc/sysconfig下

> cp /data/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

复制启动脚本到/etc/init.d下

> cd /data/keepalived-1.3.4
> cp ./keepalived/etc/init.d/keepalived /etc/init.d/
> chmod 755 /etc/init.d/keepalived

　　

三、实验环境说明

两台虚拟机，IP分别为192.168.1.222和192.168.1.233，虚拟机与真实主机是桥接模式上网并互通。

分别装上了nginx和haproxy，nginx创建了两个虚拟主机，端口号为8080和8082，配置如下：

server {
    listen       8080;
    server_name  localhost;

    location / {
        root   /data/www/site1;
        index  index.html index.htm;
    }
}
server {
    listen       8082;
    server_name  localhost;

    location / {
        root   /data/www/site2;
        index  index.html index.htm;
    }
}

haproxy绑定80端口，反向代理这四台主机，配置如下：

global
    log 127.0.0.1 local3 info
    chroot /data/haproxy
    user haproxy
    group haproxy
    daemon
    stats socket /data/haproxy/haproxy.sock mode 600 level admin
    stats timeout 2m

defaults
    log global
    mode http
    option httplog
    option dontlognull
    timeout connect 5000
    timeout client 50000
    timeout server 50000

frontend http_front
    bind *:80
    stats uri /haproxy?stats
    #默认使用的后端
    default_backend http_back

backend http_back
    balance roundrobin
    option httpchk GET /index.html
    option forwardfor header X-Forwarded-For
    server node1 192.168.1.222:8080 check inter 2000 rise 3 fall 3 weight 30
    server node2 192.168.1.222:8082 check inter 2000 rise 3 fall 3 weight 30
    server node3 192.168.1.233:8080 check inter 2000 rise 3 fall 3 weight 30
    server node4 192.168.1.233:8082 check inter 2000 rise 3 fall 3 weight 30

　　

三、keepalived的配置

两台虚拟主机上分别装上keepalived
keepalived的配置文件/etc/keepalived/keepalived.conf

#全局配置
global_defs {
   #接收通知的email
   notification_email {
       lackone@126.com
   }
   #发送通知的email
   notification_email_from haproxy_01@126.com
   #smtp服务器地址
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   #运行的标识
   router_id haproxy_01
}
#vrrp的实例配置
#haproxy_01名称可自定义
vrrp_instance haproxy_01 {
    #主节点
    state MASTER
    #实例绑定的网卡
    #注意centos7下第一块网卡不是eth0，请自行查看，不然keepalived无法启动成功
    interface eno16777736
    #虚拟路由ID，唯一
    virtual_router_id 51
    #权重
    priority 150
    #检查的时间间隔
    advert_int 2
    #验证
    authentication {
        auth_type PASS
        auth_pass haproxy_01
    }
    #设置虚拟IP地址
    virtual_ipaddress {
        192.168.1.10
        192.168.1.11
    }
}

另一台主机上的配置只需修改

state BACKUP
priority 100

配置好后，启动keepalived服务

> service keepalived start

查看网络接口列表

> ip addr list

tcpdump查看，这里的eno16777736是我的网卡名

> tcpdump -i eno16777736 -n 'host 224.0.0.18'

19:13:30.260858 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24
19:13:32.261878 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24
19:13:34.263286 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24

然后我们手动把MASTER的keepalived关掉

> service keepalived stop

然后再用tcpdump查看

> tcpdump -i eno16777736 -n 'host 224.0.0.18'

19:16:05.120377 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24
19:16:07.121645 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24
19:16:09.122353 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24

很明显看到已从222切换到了233了。

然后我们通过浏览器访问192.168.1.10或192.168.1.11可以看到后台服务切换正常，实现了222和233两台主机间服务的高可用。