hjyzye

keepalive (1)

keepalive

keepalived: 在Linux主机上，以daemon方式实现了vrrp协议；并提供了完成配置ipvs规则及实现相应real server状态检测能力；

调用外部脚本；

适用场景：ipvs, haproxy, nginx(reverse proxy)

wrapper:wrapper规则给ipvs；如果不是ipvs，不需要wrapper,不需要ipvsadm，仍然调用ipvs的内核规则；

核心：vrrp stack；

watchdog：监控vrrp进程，跟系统内核有关。

check:健康状态检查

注意高可用时间一定要同步。

时间同步：

[root@node2 ~]# vim /etc/ntp.conf

driftfile /var/lib/ntp/drift

# Permit time synchronization with our time source, but do not

# permit the source to query or modify the service on this system.

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap

# Permit all access over the loopback interface. This could

# be tightened as well, but to do so would effect some of

# the administrative functions.

restrict 127.0.0.1

restrict -6 ::1

server 127.127.1.0

fudge 127.127.1.0 stratum 10

# Hosts on local network are less restricted.

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap

# Use public servers from the pool.ntp.org project.

# Please consider joining the pool (http://www.pool.ntp.org/join.html).

server 0.centos.pool.ntp.org iburst

server 1.centos.pool.ntp.org iburst

server 2.centos.pool.ntp.org iburst

server 3.centos.pool.ntp.org iburst

#broadcast 192.168.1.255 autokey # broadcast server

#broadcastclient # broadcast client

#broadcast 224.0.1.1 autokey # multicast server

#multicastclient 224.0.1.1 # multicast client

#manycastserver 239.255.254.254 # manycast server

#manycastclient 239.255.254.254 autokey # manycast client

[root@node2 ~]# service ntpd restart

关闭 ntpd： [确定]

正在启动 ntpd： [确定]

[root@node200 ~]# date

2016年 03月 14日星期一 20:36:53 CST

[root@node200 ~]# ntpdate 192.168.0.131

14 Mar 20:36:37 ntpdate[29864]: step time server 192.168.0.131 offset 10774951.322311 sec

[root@node2 ~]# date

2016年 03月 14日星期一 20:36:47 CST

---------------------------------------------------------------------------

安装程序

[root@node200 ~]# yum install keepalived -y

[root@node2 ~]# yum install keepalived -y

[root@node200 ~]# rpm -ql keepalived

/etc/keepalived

/etc/keepalived/keepalived.conf

/etc/rc.d/init.d/keepalived ##服务脚本

/etc/sysconfig/keepalived ### 脚本配置文件

/usr/bin/genhash

/usr/libexec/keepalived

/usr/sbin/keepalived

/usr/share/doc/keepalived-1.2.13

/usr/share/doc/keepalived-1.2.13/AUTHOR

/usr/share/doc/keepalived-1.2.13/CONTRIBUTORS

/usr/share/doc/keepalived-1.2.13/COPYING

/usr/share/doc/keepalived-1.2.13/ChangeLog

/usr/share/doc/keepalived-1.2.13/NOTE_vrrp_vmac.txt

/usr/share/doc/keepalived-1.2.13/README

/usr/share/doc/keepalived-1.2.13/TODO

/usr/share/doc/keepalived-1.2.13/VERSION

/usr/share/doc/keepalived-1.2.13/keepalived.conf.SYNOPSIS

/usr/share/doc/keepalived-1.2.13/samples

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.HTTP_GET.port ###以下样例

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.IPv6

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.SMTP_CHECK

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.SSL_GET

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.fwmark

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.inhibit

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.misc_check

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.misc_check_arg

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.quorum

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.sample

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.status_code

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.track_interface

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.virtual_server_group

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.virtualhost

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.lvs_syncd

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.routes

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.scripts

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.static_ipaddress

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.sync

/usr/share/doc/keepalived-1.2.13/samples/sample.misccheck.smbcheck.sh

/usr/share/man/man1/genhash.1.gz

/usr/share/man/man5/keepalived.conf.5.gz

/usr/share/man/man8/keepalived.8.gz

/usr/share/snmp/mibs/KEEPALIVED-MIB.txt

复制脚本

[root@node200 keepalived]# cp keepalived.conf{,.bak}

[root@node200 keepalived]# ls

keepalived.conf keepalived.conf.bak

[root@node2 ~]# cd /etc/keepalived/

[root@node2 keepalived]# cp keepalived.conf{,.bak}

[root@node2 keepalived]# ls

keepalived.conf keepalived.conf.bak

[root@node2 keepalived]#

修改密码

[root@node200 ~]# useradd kaadmin

[root@node200 ~]# echo "redhat" | passwd --stdin kaadmin

更改用户 kaadmin 的密码。

passwd：所有的身份验证令牌已经成功更新。

[root@node2 ~]# useradd kaadmin

[root@node2 ~]# echo "redhat" | passwd --stdin kaadmin

更改用户 kaadmin 的密码。

passwd：所有的身份验证令牌已经成功更新。

配置文件

[root@node2 keepalived]# vim keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

[email protected] ###通知到的邮件地址

}

notification_email_from [email protected] ###发送邮件地址

smtp_server 127.0.0.1 ###本机

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_instance VI_1 { ###实例名称

state MASTER ###主节点

interface eth0 ###通告接口

virtual_router_id 61

priority 100

advert_int 1 ###发送的时间间隔

authentication {

auth_type PASS

auth_pass asd@123

}

virtual_ipaddress {

192.168.0.10 ###配置虚拟ip地址

}

#virtual_server 192.168.200.100 443 {

# delay_loop 6

# lb_algo rr

# lb_kind NAT

# nat_mask 255.255.255.0

# persistence_timeout 50

# protocol TCP

# real_server 192.168.201.100 443 {

复制到另外节点

[root@node2 keepalived]# scp keepalived.conf 192.168.0.200:/etc/keepalived/

The authenticity of host '192.168.0.200 (192.168.0.200)' can't be established.

RSA key fingerprint is 0e:95:8d:de:b9:2f:c4:75:8d:70:af:e2:84:65:7f:86.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.0.200' (RSA) to the list of known hosts.

[email protected]'s password:

keepalived.conf

配置另一节点

[root@node200 keepalived]# vim keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

[email protected]

}

notification_email_from [email protected]

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_instance VI_1 {

state BACKUP ###从节点

interface eth0

virtual_router_id 61

priority 99 ###优先级

advert_int 1

authentication {

auth_type PASS

auth_pass asd@123

}

virtual_ipaddress {

192.168.0.10

}

#virtual_server 192.168.200.100 443 {

# delay_loop 6

# lb_algo rr

# lb_kind NAT

# nat_mask 255.255.255.0

# persistence_timeout 50

# protocol TCP

--------------------------------------------------------------------------------

查看双方变化

[root@node200 ~]# tail -f /var/log/messages

[root@node200 keepalived]# service keepalived restart

停止 keepalived： [失败]

正在启动 keepalived： [确定]

node200日志分析

Mar 14 21:54:18 node200 Keepalived[32324]: Starting Keepalived v1.2.13 (03/19,2015)

Mar 14 21:54:18 node200 Keepalived[32325]: Starting Healthcheck child process, pid=32327

Mar 14 21:54:18 node200 Keepalived[32325]: Starting VRRP child process, pid=32328

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Netlink reflector reports IP 192.168.0.200 added

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Netlink reflector reports IP fe80::20c:29ff:fe9f:1fe5 added

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Registering Kernel netlink reflector

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Registering Kernel netlink command channel

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Registering gratuitous ARP shared channel

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Opening file '/etc/keepalived/keepalived.conf'.

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Configuration is using : 62978 Bytes

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Using LinkWatch kernel netlink reflector...

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Entering BACKUP STATE

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Netlink reflector reports IP 192.168.0.200 added

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Netlink reflector reports IP fe80::20c:29ff:fe9f:1fe5 added

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Registering Kernel netlink reflector

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Registering Kernel netlink command channel

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Opening file '/etc/keepalived/keepalived.conf'.

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Configuration is using : 7521 Bytes

Mar 14 21:54:18 node200 kernel: IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)

Mar 14 21:54:18 node200 kernel: IPVS: Connection hash table configured (size=4096, memory=64Kbytes)

Mar 14 21:54:18 node200 kernel: IPVS: ipvs loaded.

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Using LinkWatch kernel netlink reflector...

Mar 14 21:54:22 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Transition to MASTER STATE

Mar 14 21:54:23 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Entering MASTER STATE

Mar 14 21:54:23 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) setting protocol VIPs.

Mar 14 21:54:23 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.0.10

Mar 14 21:54:23 node200 Keepalived_healthcheckers[32327]: Netlink reflector reports IP 192.168.0.10 added

Mar 14 21:54:28 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.0.10

Mar 14 22:02:28 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Received higher prio advert

Mar 14 22:02:28 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Entering BACKUP STATE

Mar 14 22:02:28 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) removing protocol VIPs.

Mar 14 22:02:28 node200 Keepalived_healthcheckers[32327]: Netlink reflector reports IP 192.168.0.10 removed

Mar 14 22:02:31 node200 dbus: avc: received setenforce notice (enforcing=0)

Mar 14 22:02:57 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Transition to MASTER STATE

Mar 14 22:02:57 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Received higher prio advert

Mar 14 22:02:57 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Entering BACKUP STATE

[root@node2 ~]# tail -f /var/log/messages

[root@node2 keepalived]# service keepalived restart

停止 keepalived： [失败]

正在启动 keepalived： [确定]

node2日志分析

Mar 14 22:02:57 node2 Keepalived_vrrp[26391]: VRRP_Instance(VI_1) sending 0 priority

Mar 14 22:02:57 node2 Keepalived_vrrp[26391]: VRRP_Instance(VI_1) removing protocol VIPs.

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26390]: Netlink reflector reports IP 192.168.0.10 removed

Mar 14 22:02:57 node2 Keepalived[26415]: Starting Keepalived v1.2.13 (03/19,2015)

Mar 14 22:02:57 node2 Keepalived[26416]: Starting Healthcheck child process, pid=26418

Mar 14 22:02:57 node2 Keepalived[26416]: Starting VRRP child process, pid=26419

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Netlink reflector reports IP 192.168.0.131 added

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Netlink reflector reports IP fe80::20c:29ff:fe10:b905 added

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Registering Kernel netlink reflector

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Registering Kernel netlink command channel

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Registering gratuitous ARP shared channel

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Opening file '/etc/keepalived/keepalived.conf'.

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Netlink reflector reports IP 192.168.0.131 added

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Configuration is using : 62976 Bytes

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Using LinkWatch kernel netlink reflector...

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Netlink reflector reports IP fe80::20c:29ff:fe10:b905 added

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Registering Kernel netlink reflector

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Registering Kernel netlink command channel

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Opening file '/etc/keepalived/keepalived.conf'.

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Configuration is using : 7519 Bytes

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Using LinkWatch kernel netlink reflector...

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Transition to MASTER STATE

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election

Mar 14 22:02:58 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Entering MASTER STATE

Mar 14 22:02:58 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) setting protocol VIPs.

Mar 14 22:02:58 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.0.10

Mar 14 22:02:58 node2 Keepalived_healthcheckers[26418]: Netlink reflector reports IP 192.168.0.10 added

Mar 14 22:03:03 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.0.10

使用查看IP地址方法确认VIP

[root@node2 keepalived]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff

inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0

inet 192.168.0.10/32 scope global eth0

inet6 fe80::20c:29ff:fe10:b905/64 scope link

valid_lft forever preferred_lft forever

3: pan0: mtu 1500 qdisc noop state DOWN

link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff

-----------------------------------------------------------------------

通过外部脚本来确定主备角色，不停止keepalived进程

主备节点配置

! Configuration File for keepalived

global_defs {

notification_email {

[email protected]

}

notification_email_from [email protected]

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_script chk_mt_down {

script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

interval 1

weight -5

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 61

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass asd@123

}

virtual_ipaddress {

192.168.0.10

}

track_script {

chk_mt_down

}

----------------------------------------------------------------------------

主备节点验证

[root@node200 keepalived]# service keepalived reload

[root@node2 keepalived]# service keepalived reload

主节点

[root@node2 keepalived]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff

inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0

inet 192.168.0.10/32 scope global eth0

inet6 fe80::20c:29ff:fe10:b905/64 scope link

valid_lft forever preferred_lft forever

3: pan0: mtu 1500 qdisc noop state DOWN

link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff

[root@node2 keepalived]# touch down

[root@node2 keepalived]# ip a ####没有虚拟地址

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff

inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0

inet6 fe80::20c:29ff:fe10:b905/64 scope link

valid_lft forever preferred_lft forever

3: pan0: mtu 1500 qdisc noop state DOWN

link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff

[root@node2 keepalived]#

备节点

[root@node200 keepalived]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff

inet 192.168.0.200/24 brd 192.168.0.255 scope global eth0

inet 192.168.0.10/32 scope global eth0

inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link

valid_lft forever preferred_lft forever

3: pan0: mtu 1500 qdisc noop state DOWN

link/ether fe:12:9c:9d:00:66 brd ff:ff:ff:ff:ff:ff

--------------------------------------------------------------------------------

双主模型

主节点1

[root@node2 keepalived]# vim keepalived.conf

rrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 61

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass asd@123

}

virtual_ipaddress {

192.168.0.10

}

track_script {

chk_mt_down

}

vrrp_instance VI_2 {

state BACKUP

interface eth0

virtual_router_id 62

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass asd@123

}

virtual_ipaddress {

192.168.0.20

}

track_script {

chk_mt_down

}

主节点2

[root@node200 keepalived]# vim keepalived.conf

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 61

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass asd@123

}

virtual_ipaddress {

192.168.0.10

}

track_script {

chk_mt_down

}

vrrp_instance VI_2 {

state MASTER

interface eth0

virtual_router_id 62

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass asd@123

}

virtual_ipaddress {

192.168.0.20

}

track_script {

chk_mt_down

}

-------------------------------------------------------------------------------------

重启验证

重启

[root@node2 keepalived]# !ser

service keepalived reload

重新载入 keepalived： [确定]

[root@node200 keepalived]# !ser

service keepalived reload

重新载入 keepalived： [确定]

[root@node2 keepalived]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff

inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0

inet 192.168.0.10/32 scope global eth0

inet6 fe80::20c:29ff:fe10:b905/64 scope link

valid_lft forever preferred_lft forever

3: pan0: mtu 1500 qdisc noop state DOWN

link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff

[root@node200 keepalived]# ip a

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff

inet 192.168.0.200/24 brd 192.168.0.255 scope global eth0

inet 192.168.0.20/32 scope global eth0

inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link

valid_lft forever preferred_lft forever

3: pan0: mtu 1500 qdisc noop state DOWN

link/ether fe:12:9c:9d:00:66 brd ff:ff:ff:ff:ff:ff

健康状态检测方法：

pick one healthchecker

# HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK

ipvs配置示例(1)

! Configuration File for keepalived

global_defs {

notification_email {

[email protected]

}

notification_email_from [email protected]

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_script chk_mt_down {

script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

interval 1

weight -5

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 57

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass VI1pass

}

virtual_ipaddress {

172.16.100.52/32 brd 172.16.100.52 dev eth0 label eth0:0

}

track_script {

chk_mt_down

}

virtual_server 172.16.100.52 80 {

delay_loop 6

lb_algo rr

lb_kind DR

nat_mask 255.255.0.0

# persistence_timeout 50

protocol TCP

real_server 172.16.100.8 80 {

weight 1

HTTP_GET {

url {

path /index.html

status_code 200

}

connect_timeout 2

nb_get_retry 3

delay_before_retry 1

}

real_server 172.16.100.9 80 {

weight 1

HTTP_GET {

url {

path /index.html

status_code 200

}

connect_timeout 2

nb_get_retry 3

delay_before_retry 1

}

haproxy双主示例：

(1) 脚本

#!/bin/bash

# Author: MageEdu

# description: An example of notify script

vip=172.16.100.52

contact='kaadmin@localhost'

notify() {

mailsubject="`hostname` to be $1: $vip floating"

mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"

echo $mailbody | mail -s "$mailsubject" $contact

}

case "$1" in

master)

notify master

/etc/rc.d/init.d/haproxy start

exit 0

;;

backup)

notify backup

/etc/rc.d/init.d/haproxy restart

exit 0

;;

fault)

notify fault

/etc/rc.d/init.d/haproxy stop

exit 0

;;

echo 'Usage: `basename $0` {master|backup|fault}'

exit 1

;;

esac

(2) 节点1配置

! Configuration File for keepalived

global_defs {

notification_email {

[email protected]

}

notification_email_from [email protected]

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_script chk_mt_down {

script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

interval 1

weight -5

}

vrrp_script chk_haproxy {

script "killall -0 haproxy &> /dev/null"

interval 1

weight -5

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 57

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass VI1pass

}

virtual_ipaddress {

172.16.100.52/32 brd 172.16.100.52 dev eth0 label eth0:0

}

track_script {

chk_mt_down

chk_haproxy

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

vrrp_instance VI_2 {

state BACKUP

interface eth0

virtual_router_id 58

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass VI2pass

}

virtual_ipaddress {

172.16.100.53/32 brd 172.16.100.53 dev eth0 label eth0:1

}

track_script {

chk_mt_down

chk_haproxy

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

(3) 节点2配置

! Configuration File for keepalived

global_defs {

notification_email {

[email protected]

}

notification_email_from [email protected]

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_script chk_mt_down {

script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

interval 1

weight -5

}

vrrp_script chk_haproxy {

script "killall -0 haproxy &> /dev/null"

interval 1

weight -5

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 57

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass VI1pass

}

virtual_ipaddress {

172.16.100.52/32 brd 172.16.100.52 dev eth0 label eth0:0

}

track_script {

chk_mt_down

chk_haproxy

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

vrrp_instance VI_2 {

state MASTER

interface eth0

virtual_router_id 58

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass VI2pass

}

virtual_ipaddress {

172.16.100.53/32 brd 172.16.100.53 dev eth0 label eth0:1

}

track_script {

chk_mt_down

chk_haproxy

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

两台主机分别是254.150；254.151

254.150

[root@node200 ~]# yum info keepalived

已加载插件：fastestmirror, refresh-packagekit, security

Loading mirror speeds from cached hostfile

* base: mirrors.opencas.cn

* epel: mirror01.idc.hinet.net

* extras: mirrors.skyshe.cn

* updates: mirrors.skyshe.cn

可安装的软件包

Name : keepalived

Arch : x86_64

Version : 1.2.13

Release : 5.el6_6

Size : 214 k

Repo : base

Summary : Load balancer and high availability service

URL : http://www.keepalived.org/

License : GPLv2+

Description : Keepalived provides simple and robust facilities for load balancing

: and high availability. The load balancing framework relies on the

: well-known and widely used Linux Virtual Server (IPVS) kernel module

: providing layer-4 (transport layer) load balancing. Keepalived

: implements a set of checkers to dynamically and adaptively maintain

: and manage a load balanced server pool according their health.

: Keepalived also implements the Virtual Router Redundancy Protocol

: (VRRPv2) to achieve high availability with director failover.

[root@node200 ~]# yum install keepalived -y

查看配置文件

[root@node200 ~]# ls /etc/keepalived/

keepalived.conf

[root@node200 ~]# rpm -ql keepalived

/etc/keepalived

/etc/keepalived/keepalived.conf

/etc/rc.d/init.d/keepalived

/etc/sysconfig/keepalived

/usr/bin/genhash

/usr/libexec/keepalived

/usr/sbin/keepalived

/usr/share/doc/keepalived-1.2.13

/usr/share/doc/keepalived-1.2.13/AUTHOR

/usr/share/doc/keepalived-1.2.13/CONTRIBUTORS

/usr/share/doc/keepalived-1.2.13/COPYING

/usr/share/doc/keepalived-1.2.13/ChangeLog

/usr/share/doc/keepalived-1.2.13/NOTE_vrrp_vmac.txt

/usr/share/doc/keepalived-1.2.13/README

/usr/share/doc/keepalived-1.2.13/TODO

/usr/share/doc/keepalived-1.2.13/VERSION

/usr/share/doc/keepalived-1.2.13/keepalived.conf.SYNOPSIS

/usr/share/doc/keepalived-1.2.13/samples

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.HTTP_GET.port