centos部署keepalived服务

背景：在CentOS7，CentOS8下

# 设置nginx的主页内容index.html，用于测试
cd /usr/local/nginx/html
echo 'This is Master' > index.html
curl http://localhost

# 获取和安装keepalived
wget -c https://www.keepalived.org/software/keepalived-2.0.20.tar.gz
# 解压文件
tar -zxvf keepalived-2.0.20.tar.gz
# 编译安装
cd keepalived-2.0.20
./configure
# 检查确保如下信息为 yes
    Use VRRP Framework         : Yes
    Use VRRP VMAC                     : Yes
    Use VRRP authentication  : Yes

make && make install && cd ..

# 添加到系统服务，配置开机自启
# keepalived1.2.24版本的操作
cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/keepalived
chmod +x /etc/init.d/keepalived
chkconfig keepalived on
# 链接配置文件
cd /usr/local/etc/sysconfig
ln -s `pwd`/keepalived /etc/sysconfig/keepalived
# 链接程序文件
cd /usr/local/sbin
ln -s `pwd`/keepalived /usr/sbin/keepalived

# keepalived2.0.20版本的系统服务配置文件在这：
# /usr/apps/keepalived-2.0.20/keepalived/keepalived.service，
# 不过我也不记得当时是否有复制该文件到其他地方了。
# 然后，它的配置方法是：systemctl enable --now keepalived.service 

# 配置keepalived
#     查看keepalived的配置文件模板
less /usr/local/etc/keepalived/keepalived.conf
# 配置文件默认路径：/etc/keepalived/keepalived.conf，该路径下必须要有该文件
mkdir /etc/keepalived
vi /etc/keepalived/keepalived.conf
# 添加以下配置语句
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 21 # 虚拟路由的标识，同一个VRRP的MASTER和BACKUP应相同
    mcast_src_ip 192.168.78.21 # 设置real IP(可省略，默认将使用网卡的主IP)
    priority 100 # 优先级，权重(权重最高的主机将接管 virtual_ipaddress)，范围0-254
    advert_int 1 # MASTER，BACKUP之间的同步检查的时间间隔，单位秒
    authentication { # 设置验证类型和密码
        auth_type PASS # 验证类型，PASS表示用密码验证
        auth_pass 123456
    }
    virtual_ipaddress { # 设置virtual IP地址池，每行一个
        192.168.78.20 # 为MASTER和BACKUP设置相同的virtual IP
    }
}

# 完成上述配置后，才可以启动服务
service keepalived start  |  systemctl start keepalived.service
# 查看keepalived进程是否存在，是否已启动
ps aux | grep keepalived
ip a | grep 192.168.78.20

使用IP 192.168.78.20访问本服务器，可以看到之前编写的index.html内容。

# 配置备用服务器的keepalived
# 备用服务器和主服务器一样的安装和配置，然后修改成以下配置
vrrp_instance VI_1 {
    state BACKUP
    priority 90
    ……
}

# 配置并保存防火墙策略
iptables -I INPUT -s192.168.78.21 -p112 -jACCEPT
service iptables save
iptables -I INPUT -s192.168.78.22 -p112 -jACCEPT
service iptables save

# 修改备用服务器的nginx的index.html
cd /usr/local/nginx/html
echo 'This is Backup' > index.html
# 可以配置多台备用服务器 

# 主服务器中停止网络服务，查看，浏览器中显示的内容会自动切换成备用服务器的index.html的内容
service network stop
service network start

# keepalived监控nginx服务
# 在MASTER和BACKUP中都修改成如下配置
vrrp_script chk_nginx { # 配置用于检测nginx运行的脚本
    script "/chk_nginx.sh" # 脚本文件的路径
    interval 5 # 检测间隔5秒一次
    weight -20 #检测失败时，权重的变化(减少20，原来是100，现在变为80)
}
vrrp_instance VI_1 { # 为VI_1 添加监控脚本
   ……
   track_script {
        chk_nginx
    }
}

# 编写监控脚本的代码
vi /chk_nginx.sh

#! /bin/bash
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
    service nginx start
    sleep 2
    if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
        service keepalived stop
    fi
fi
# 授权
chmod +x /chk_nginx.sh
# 重新加载服务
service keepalived reload

# nginx + keepalived 高可用测试
service nginx stop
ps -C nginx --no-header
cd /usr/local/nginx/sbin
# 编写并执行test.sh脚本
vi test.sh

#! /bin/bash
service nginx stop
chmod -x nginx

# 测试完成后，使用‘chmod +x nginx’恢复执行权限
chmod +x test.sh
./test.sh
# 刷新浏览器，查看内容变化
# 小结：如果一台nginx出现故障，该服务器上的keepalived会尝试重启nginx，如果不行，则把keepalived自身也关闭掉，然后集群中的其他服务器会自动接管，继续提供服务。