配置Keepalived单实例实现单IP自动漂移接管

实验要求 ==> 实现Keepalived高可用对之间的故障切换过程，配置的vrrp实例的VIP为192.168.10.66，可以将其配置在网卡别名上。

实验环境 ==> CentOS 7.x

实验目的 ==> 实现Keepalived高可用对之间的故障切换功能

实验主机 ==> 192.168.10.6（主机名：node1）、192.168.10.7（主机名：node2）

实验前提 ==> 高可用对之间时间同步（可通过周期性任务来实现）

实验操作如下。

1、编辑keepalived配置文件

注意：使用vim打开/etc/keepalived/keepalived.conf后，先注释掉virtual_server相关的配置，可在末行模式下使用命令":.,$s/^/#/g"注释。

2、启动keepalived服务

(1) 在node1（192.168.10.6）上

[root@node1 ~]# systemctl start keepalived.service		# 启动keepalived服务
[root@node1 ~]# systemctl status keepalived.service		# 查看keepalived服务状态
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2017-07-08 05:51:16 CST; 5s ago
   		   # 已经在运行中
  Process: 16520 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 16521 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─16521 /usr/sbin/keepalived -D
           ├─16522 /usr/sbin/keepalived -D
           └─16523 /usr/sbin/keepalived -D

Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Netlink reflector reports IP 192.168.10.6 added
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Registering Kernel netlink reflector
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Registering Kernel netlink command channel
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Opening file '/etc/keepalived/keepalived.conf'.
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Configuration is using : 7429 Bytes
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Using LinkWatch kernel netlink reflector...
Jul 08 05:51:18 node1 Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Entering MASTER STATE
																  # node1启动后状态为MASTER路由器
Jul 08 05:51:18 node1 Keepalived_vrrp[16523]: VRRP_Instance(VI_1) setting protocol VIPs.
Jul 08 05:51:18 node1 Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66
																  # node1发送免费ARP通告虚拟路由所在的MAC地址（ens33）
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Netlink reflector reports IP 192.168.10.66 added
														# 已经添加虚拟路由IP（192.168.10.66）

 

同样的信息可在/var/log/message中获得。

[root@node1 ~]# tail -5 /var/log/messages 
Jul  8 05:51:18 localhost Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Entering MASTER STATE
Jul  8 05:51:18 localhost Keepalived_vrrp[16523]: VRRP_Instance(VI_1) setting protocol VIPs.
Jul  8 05:51:18 localhost Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66
Jul  8 05:51:18 localhost Keepalived_healthcheckers[16522]: Netlink reflector reports IP 192.168.10.66 added
Jul  8 05:51:23 localhost Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66

 

查看虚拟路由IP。

[root@node1 ~]# ip addr l
（...省略...）
 ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:13:d1:d8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.6/24 brd 192.168.10.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.10.66/32 scope global ens33# 已经配置了虚拟路由IP
       valid_lft forever preferred_lft forever

 

(2) 在node2（192.168.10.7）上

[root@node2 ~]# systemctl start keepalived.service
[root@node2 ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2017-07-08 06:48:36 CST; 30s ago
  Process: 14507 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 14508 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─14508 /usr/sbin/keepalived -D
           ├─14509 /usr/sbin/keepalived -D
           └─14510 /usr/sbin/keepalived -D

Jul 08 06:48:36 node2 Keepalived_vrrp[14510]: Configuration is using : 62884 Bytes
Jul 08 06:48:36 node2 Keepalived_vrrp[14510]: Using LinkWatch kernel netlink reflector...
Jul 08 06:48:36 node2 Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Entering BACKUP STATE
																  # 启动后作为BACKUP路由器
Jul 08 06:48:36 node2 Keepalived_vrrp[14510]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Netlink reflector reports IP 192.168.10.7 added
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Registering Kernel netlink reflector
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Registering Kernel netlink command channel
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Opening file '/etc/keepalived/keepalived.conf'.
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Configuration is using : 7427 Bytes
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Using LinkWatch kernel netlink reflector...

 

此时VIP应该只配置在node1的ens33接口上，而不是配置在本主机（node2）的ens34接口上。

[root@node2 ~]# ip a
 ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:68:80:eb brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.7/24 brd 192.168.10.255 scope global ens34
       valid_lft forever preferred_lft forever
       # BACKUP状态下没有配置VIP

 

3、暂停node1上的keepalived服务，测试node2节点是否会自动转变为MASTER状态

(1) 在node1（192.168.10.6）上

[root@node1 ~]# systemctl stop keepalived.service
[root@node1 ~]# tail /var/log/messages 
Jul  8 06:58:20 localhost Keepalived[16723]: Stopping Keepalived v1.2.13 (11/05,2016)
											 # 关闭keepalived服务
Jul  8 06:58:20 localhost systemd: Stopping LVS and VRRP High Availability Monitor...
Jul  8 06:58:20 localhost Keepalived_vrrp[16725]: VRRP_Instance(VI_1) sending 0 priority
												# 将自身优先级将为0，以让其它节点接任Master
Jul  8 06:58:20 localhost Keepalived_vrrp[16725]: VRRP_Instance(VI_1) removing protocol VIPs.
																	 # 移除VIP
Jul  8 06:58:20 localhost Keepalived_healthcheckers[16724]: Netlink reflector reports IP 192.168.10.66 removed
															# VIP已经从node1上移除
Jul  8 06:58:20 localhost systemd: Stopped LVS and VRRP High Availability Monitor.

 

查看ip地址。

[root@node1 ~]# ip a
 ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:13:d1:d8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.6/24 brd 192.168.10.255 scope global ens33
       valid_lft forever preferred_lft forever
       # node1已经移除了VIP

 

(2) 在node2（192.168.10.7）上

[root@node2 ~]# tail /var/log/messages 
Jul  8 06:58:21 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jul  8 06:58:22 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Entering MASTER STATE
																	# node2转变为Master状态
Jul  8 06:58:22 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) setting protocol VIPs.
																	# node2设置VIP
Jul  8 06:58:22 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens34 for 192.168.10.66
																	# node2发送免费ARP，通告现在VIP对应的MAC地址
Jul  8 06:58:22 localhost Keepalived_healthcheckers[14509]: Netlink reflector reports IP 192.168.10.66 added
Jul  8 06:58:27 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens34 for 192.168.10.66

 

此时在node2的ens34接口上应该配置有VIP。

[root@node2 ~]# ip a
 ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:68:80:eb brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.7/24 brd 192.168.10.255 scope global ens34
       valid_lft forever preferred_lft forever
    inet 192.168.10.66/32 scope global ens34# VIP
       valid_lft forever preferred_lft forever

 

4、再次启动node1节点的keepalived服务，测试node1是否能够转变为Master状态，并夺回VIP

(1) 在node1（192.168.10.6）上

[root@node1 ~]# systemctl start keepalived.service
[root@node1 ~]# tail /var/log/messages
Jul  8 07:14:38 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jul  8 07:14:38 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election
Jul  8 07:14:39 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Entering MASTER STATE
Jul  8 07:14:39 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) setting protocol VIPs.
Jul  8 07:14:39 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66
Jul  8 07:14:39 localhost Keepalived_healthcheckers[16777]: Netlink reflector reports IP 192.168.10.66 added
Jul  8 07:14:44 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66
																	# node1再次发送免费ARP
[root@node1 ~]# 
[root@node1 ~]# 
[root@node1 ~]# ip a
 ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:13:d1:d8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.6/24 brd 192.168.10.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.10.66/32 scope global ens33	# VIP已经夺回
       valid_lft forever preferred_lft forever

 

(2) 在node2（192.168.10.7）上

[root@node2 ~]# tail /var/log/messages
Jul  8 07:14:39 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Received higher prio advert
												# node2收到node1发送的vrrp报文，发现node1的优先级比自己的高
Jul  8 07:14:39 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Entering BACKUP STATE
												# node2重新返回BACKUP状态
Jul  8 07:14:39 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) removing protocol VIPs.
Jul  8 07:14:39 localhost Keepalived_healthcheckers[14509]: Netlink reflector reports IP 192.168.10.66 removed
															# node2将VIP移除

 

此时node2上应该没有配置VIP。

[root@node2 ~]# ip a
 ens34: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:68:80:eb brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.7/24 brd 192.168.10.255 scope global ens34
       valid_lft forever preferred_lft forever

 

测试演示完毕。

补充：

此外，也可将VIP配置在网卡别名上，例如：

# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
	...
    virtual_ipaddress {
        192.168.10.66 dev ens33 label ens33:0
    }
}

 

这样配置的VIP则可以通过ifconfig命令来查看。

原文链接：https://blog.51cto.com/xuweitao/1953656