keepalived安装配置

到官网下载你需要的版本

https://www.keepalived.org/download.html

#安装依赖包和环境配置（此步骤也可忽略）

 yum install kernel-devel -y

ln -s /usr/src/kernels/2.6.32-754.23.1.el6.x86_64/ /usr/src/linux

#进入你安装包的位置

[root@1 ~]#cd /usr/local/src/

[root@1 src]#tar zxvf keepalived-1.2.16.tar.gz

[root@1 src]#cd keepalived-1.2.16

[root@1 keepalived-1.2.16]# ls
AUTHOR  ChangeLog  configure.in  COPYING  genhash  install-sh  keepalived.spec.in  Makefile.in  TODO
bin     configure  CONTRIBUTORS  doc      INSTALL  keepalived  lib                 README       VERSION
[root@1 keepalived-1.2.16]# ./configure    #下面有常见报错解决方法

 ######################################################################################

Keepalived configuration
------------------------
Keepalived version       : 1.2.16
Compiler                 : gcc
Compiler flags           : -g -O2
Extra Lib                : -lssl -lcrypto -lcrypt
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
IPVS use libnl           : No
fwmark socket support    : Yes
Use VRRP Framework       : Yes
Use VRRP VMAC            : Yes
SNMP support             : No
SHA1 support             : No
Use Debug flags          : No

  ######################################################################################

 [root@1 keepalived-1.2.16]# make

 ######################################################################################

Make complete
make[1]: Leaving directory `/usr/local/src/keepalived-1.2.16/genhash'

Make complete

 ######################################################################################

[root@1 keepalived-1.2.16]# make install

 ######################################################################################

install -d /usr/local/share/man/man1
install -m 644 ../doc/man/man1/genhash.1 /usr/local/share/man/man1
make[1]: Leaving directory `/usr/local/src/keepalived-1.2.16/genhash'

 ######################################################################################

 #配置服务启动

[root@1 keepalived-1.2.16]# cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/　　   #生成启动脚本命令

[root@1 keepalived-1.2.16]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/  #配置启动脚本的参数

[root@1 keepalived-1.2.16]# mkdir /etc/keepalived

[root@1 keepalived-1.2.16]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/  #把keepalived.conf模板拷贝到/etc/keepalived下

[root@1 keepalived-1.2.16]# cp /usr/local/sbin/keepalived /usr/bin/

#配置文件

#首次操作前建议进行备份“cp keepalived.conf keepalived.conf.ori”

[root@1 keepalived-1.2.16]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {#全局配置
   notification_email { #服务挂掉后收件人邮箱
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc #服务挂掉后发件人邮箱
   smtp_server 192.168.200.1 #邮件服务器地址
   smtp_connect_timeout 30 #超时时间
   router_id LVS_01 #keepalived服务ID（同网段不能重复）
}

vrrp_instance VI_1 { #vrrp实例
    state MASTER #服务器状态（只是个标识，主要通过优先级配置决定主备角色）
    interface eth0 #通信端口
    virtual_router_id 51 #vrrd实例ID
    priority 150 #优先级（如果主为100那么备机建议配置为50；小50）
    advert_int 1 #心跳消息发送间隔1秒
    authentication { #服务密钥对
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress { #VIP地址
        192.168.200.16/24

    }
}

 #启动服务

[root@1 keepalived-1.2.16]# /etc/init.d/keepalived start
Starting keepalived:                                       [  OK  ]

[root@1 keepalived-1.2.16]# ps -ef| grep keepalived
root     13328     1  0 15:21 ?        00:00:00 keepalived -D
root     13329 13328  0 15:21 ?        00:00:00 keepalived -D
root     13330 13328  0 15:21 ?        00:00:00 keepalived -D
root     13336 11773  0 15:22 pts/1    00:00:00 grep keepalived

"""

 #通过ifconfig无法查看到VIP

#因为ifconfig是通过“ifconfig eth0:0 192.168.1.10 up/down”添加的ip

#而ip addr是通过“ip addr add/del 192.168.1.20/24 dev eth0”添加的ip

"""

[root@1 keepalived]# ifconfig 
eth0      Link encap:Ethernet  HWaddr 00:00:20:D3:DF:CE  
          inet addr:192.168.200.115  Bcast:192.168.200.255  Mask:255.255.255.0
          inet6 addr: fe80::200:290f:fed3:dfce/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:21084605 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1601067 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:3250709524 (3.0 GiB)  TX bytes:496090441 (473.3 MiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:1340000 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1340000 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:148470250 (141.5 MiB)  TX bytes:148470250 (141.5 MiB)

[root@1 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:00:20:d3:df:ce brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.115/24 brd 192.168.200.255 scope global eth0
    inet 192.168.200.116/24 scope global secondary eth0
    inet6 fe80::200:290f:fed3:dfce/64 scope link 
       valid_lft forever preferred_lft forever

#将配置文件拷贝到对端

[root@1 keepalived]# scp keepalived.conf 192.168.200.117:/etc/keepalived/
root@192.168.200.117's password:
keepalived.conf                                                                                                                          100%  542     0.5KB/s   00:00    

 #登录到备机

[root@2 ~]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_02
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.116/24
    }
}

 #启动服务

[root@2 keepalived-1.2.16]# /etc/init.d/keepalived start
Starting keepalived:                                       [  OK  ]

 #此时备机不应该有VIP，如果有那就产生裂脑了

 #模拟故障

#主服务停掉keepalived

[root@1 keepalived]# /etc/init.d/keepalived stop
Stopping keepalived:                                       [  OK  ]

 #查看从服务IP信息

[root@2 keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:0c:20:d0:cd:0a brd ff:ff:ff:ff:ff:ff
    inet 192.168.200.117/24 brd 192.168.1.255 scope global eth0
    inet 192.168.200.116/24 scope global secondary eth0
    inet6 fe80::200:29ff:fedd:cd0a/64 scope link
       valid_lft forever preferred_lft forever

#主服务器keepalived恢复后VIP会被掠夺回来

 #常见报错：

checking openssl/ssl.h usability... no
checking openssl/ssl.h presence... no
checking for openssl/ssl.h... no

configure: error:
  !!! OpenSSL is not properly installed on your system. !!!
  !!! Can not include OpenSSL headers files.            !!!

[root@1 keepalived-1.2.16]# yum -y install openssl-devel

* 参考oldboy视频整理