keepalived诞生的目的是为了给ipvs提供高可用性的.


keppalived 服务一般会启动两个进程,一个是vrrp服务和后端服务通信的,一个是checker服务,检测后端real Server健康状况.

邮件服务器:

rhel5:sendmail

rhel6:postfix


keepalived最新版本1.3.5,keepalived配置文件共三部分组成.

global_defs {     #全局配置
    notification_email {    #收件人
    [email protected]
}
notification_email_from keepalived@admin     #发件人
    smtp_server 127.0.01   #发件服务器
    smtp_connect_timeout     #30超时时间
    router_id nginx_slave    #路由标识,自定义
}

vrrp_script chk_port {    #脚本检测名称chk_port
     script "/etc/keepalived/keepalived.jk2.sh"    #脚本的路径
     interval 2    #每隔2秒检测一次
     weight -2        #一旦失败,权重减2
}


VRRP状态机,初始化(initialize)时,大家都是backup状态,通过选举产生master.收到startup且优先级是255时,直接定义为master,收到startup且优先级小雨255时,直接定义为backup.

vrrp_instance VI_1 {        #定义虚拟路由和虚拟ip的.VI_1为名称.
state MASTER
    interface eth0
    virtual_router_id 51        #虚拟路由id,一般不大于255
    priority 100            #初始优先级100,值越大优先级越高.
    advert_int 1
    authentication {
        auth_type PASS         #认证机制,明文认证
        auth_pass 1111        #密码
    }
virtual_ipaddress {            #虚拟vip地址
     192.168.30.129
    }
track_script {        #虚拟路由跟踪脚本.
    chk_port
}   
}


其他脚本定义使用

vrrp_script chk_file {
    script "[[-f /etc/keepalived/down]] && exit 1 || exit 0"
    interval 1
    weight -2
}

实例:

系统Centos 6.5 

2个node节点:

VIp:192.168.30.131

real server:192.168.30.129   

real server:192.168.30.130


#两台real server 操作:

yum install nginx keepalived -y


#这两台real server 先配置好nginx,做static server.

[root@haproxy keepalived]# cat /etc/nginx/conf.d/admin.conf 
#
# The default server
#
server {
    listen       80 default_server;
    server_name  _;
    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;
    location / {
root /data/www/;
index.htm index index.html index.php;
    }
}


以示区别/data/www/index.html 亦两台real server 静态页面取ip地址最后1位.


#配置keepalived:

real server 192.168.30.129的keepalived配置文件:

[root@web2 keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
   notification_email {
[email protected]     #告警通知
   }
   notification_email_from keepalived@admin
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id nginx_slave    #名字可以随便起,标示作用.
}
vrrp_script chk_port {    #检测脚本
     script "/etc/keepalived/keepalived.jk2.sh"
     interval 2    #每个2秒运行一次
     weight -2    #失败,本机keepalived优先级减2
}
vrrp_instance VI_1 {
    state BACKUP    #初始化此节点为backup
    interface eth0    #网卡eth0
    virtual_router_id 51    #虚拟路由id
    priority 100    #优先级,两台优先级可以是一样的,也可以一个高一个低.
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.30.131
    }
track_script {
chk_port
}
}


real server 192.168.30.130的配置文件:

[root@haproxy keepalived]# cat keepalived.conf 
! Configuration File for keepalived
global_defs {
   notification_email {
[email protected]
   }
   notification_email_from keepalived@admin
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id nginx_master标示这是nginx master
}
vrrp_script chk_port {
     script "/etc/keepalived/keepalived.jk2.sh"
     interval 3
     weight -2
}
vrrp_instance VI_1 {
    state MASTER     #初始化状态为master,两台real server都可以初始化为BACKUP状态,让它们之间自己选举.
    interface eth0
    virtual_router_id 51
    priority 101    #优先级高于从节点
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.30.131
    }
track_script {
chk_port
}
}

检测脚本路径和内容,赋予脚本可执行权限chmod a+x ...:

[root@haproxy keepalived]# pwd
/etc/keepalived
[root@haproxy keepalived]# cat keepalived.jk2.sh 
#!/bin/bash
ps -C nginx
if [[ $? -eq 0 ]];then
     exit 0
else
     /etc/init.d/nginx restart > /dev/null
     sleep 3
     ps -C nginx
     if [[ $? -eq 0 ]];then
          exit 0
     else
          exit 1
     fi
fi

#此脚本主要判断本地nginx服务如果down 尝试启动1此,还是down就认为本节点下线,vip自动飘值bakcup节点.


#两台real server 启动keepalived服务:

# /etc/init.d/keepalived start


查看keepalived 的log:

[root@haproxy conf.d]# tail -f /var/log/messages
Aug  4 14:56:09 haproxy Keepalived[51515]: Starting VRRP child process, pid=51518
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Netlink reflector reports IP 192.168.30.130 added
Aug  4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Netlink reflector reports IP 192.168.30.130 added
Aug  4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Netlink reflector reports IP fe80::20c:29ff:feca:1ae added
Aug  4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Registering Kernel netlink reflector
Aug  4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Registering Kernel netlink command channel
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Netlink reflector reports IP fe80::20c:29ff:feca:1ae added
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering Kernel netlink reflector
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering Kernel netlink command channel
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering gratuitous ARP shared channel

#查看master的vip地址,ifconfig 看不到,用ip a或者:ip addr show

[root@haproxy conf.d]# ip a
1: lo:  mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ca:01:ae brd ff:ff:ff:ff:ff:ff
    inet 192.168.30.130/24 brd 192.168.30.255 scope global eth0
    inet 192.168.30.131/32 scope global eth0
    inet6 fe80::20c:29ff:feca:1ae/64 scope link 
       valid_lft forever preferred_lft forever


#测试:打开浏览器访问http://192.168.30.131/ ,其中一台nginx 启动失败即可看到演示效果.