CentOS7配置keepalived(1) 编译安装keepalived
该文档在CentOS7.6系统下进行编译安装keepalived 2.0.20
| 主机名称 | ip地址 | 操作系统 | 角色 | 软件版本 | 备注 |
|---|---|---|---|---|---|
| opsproxy-shqs-1 | 10.99.73.38 (real ip) | CentOS 7.6 | keepalived | 2.0.20 | |
| opsproxy-shqs-1 | 10.99.73.39 (real ip) | CentOS 7.6 | keepalived | 2.0.20 | |
| 10.99.73.40 (vip) | VIP |
备注:
当前最新 版本应该是2.1.3, 在centos7下编译安装后,功能一切正常,就是就是日志配置不生效(还是生成在/var/log/messages下,rsyslog的配置不生效)。
同样的方式编译安装2.0.20以及1系列版本1.4.5日志的配置是生效的。
一、编译安装keepalived
1.1 下载keepalived源码包
wget https://www.keepalived.org/software/keepalived-2.0.20.tar.gz
tar zxvf keepalived-2.0.20.tar.gz
1.2 编译安装keepalived
我的编译软件统一安装在/opt/app/install/目录下面,然后软连接到/opt/app/下面。所以这里设置keepalived的安装目录为/opt/app/install/keepalived
# 准备编译环境
yum install -y ipvsadm popt popt-devel libnl libnl-devel libnl3-devel libnfnetlink libnfnetlink-devel net-snmp-devel openssl openssl-devel
# 切换到keepalived源码根目录
cd keepalived-2.0.20
# 编译
./configure --with-init=systemd --with-systemdsystemunitdir=/usr/lib/systemd/system --prefix=/opt/app/install/keepalived --with-run-dir=/opt/app/install/keepalived/run
make
# 安装
make install
# 可执行文件拷贝一份到系统执行文件目录,该目录在path变量里面,可以直接使用keepalived命令
cp /opt/app/install/keepalived/sbin/keepalived /usr/sbin/keepalived
# 或者
# ln -s /opt/app/install/keepalived/sbin/keepalived /usr/sbin/keepalived
# 软连接(这一步谨是我自己对软件目录管理的需求)
ln -s /opt/app/install/keepalived /opt/app/keepalived
# keepalived附加参数文件,为了跟yum安装一致,其实是不用配置的。启动文件指定实际路径就可以了。
ln -s /opt/app/install/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived
# pid文件放置目录,目录可以自己定义在启动脚本里面使用
mkdir /opt/app/install/keepalived/run
1.3 配置system自启动文件
根据上面的编译安装,实际已经生成了启动文件,我们这里进行一些修改。
- 编写配置文件
vi /usr/lib/systemd/system/keepalived.service [Unit] Description=LVS and VRRP High Availability Monitor After=network-online.target syslog.target Wants=network-online.target [Service] Type=forking PIDFile=/run/keepalived.pid KillMode=process EnvironmentFile=-/etc/sysconfig/keepalived ExecStart=/usr/sbin/keepalived -f /opt/app/keepalived/etc/keepalived/keepalived.conf $KEEPALIVED_OPTIONS ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target - 加载文件
systemctl daemon-reload
以上,keepalived主备节点操作相同。
1.4 keepalived配置文件
这里仅仅是一个简单的配置文件,在haproxy服务中使用,部署验证这些就够了,更多参数配置需要了在补充吧。
配置文件目录/opt/app/keepalived/etc/keepalived/keepalived.conf
主备节点需要一致的参数:router_id ,virtual_router_id
主备节点优先级可以设置为主高备低:priority
-
Master节点
vi /opt/app/keepalived/etc/keepalived/keepalived.conf global_defs { router_id haproxy } vrrp_script chk_haproxy { script "/opt/app/keepalived/etc/keepalived/chk_haproxy.sh" interval 2 weight 2 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 55 priority 101 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.99.73.40 } track_script { chk_haproxy } } -
backup节点
vi /opt/app/keepalived/etc/keepalived/keepalived.conf global_defs { router_id haproxy } vrrp_script chk_haproxy { script "/opt/app/keepalived/etc/keepalived/chk_haproxy.sh" interval 2 weight 2 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 55 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 10.99.73.40 } track_script { chk_haproxy } }- 定义haproxy状态监控,如果haproxy没有运行,会监控到并主动拉起haproxy服务。
vi /opt/app/keepalived/etc/keepalived/chk_haproxy.sh #!/bin/bash if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then systemctl start haproxy fi chmod +x /opt/app/keepalived/etc/keepalived/chk_haproxy.sh -
配置自启动
systemctl enable keepalived.service -
启动服务
systemctl start keepalived.service systemctl status keepalived.service -
验证VIP的漂移
#----------------------------------- # 1. 初次启动看下VIP #----------------------------------- # 主节点(master) # ip add 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:5f:60:52 brd ff:ff:ff:ff:ff:ff inet 10.99.73.38/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever inet 10.99.73.40/32 scope global eth0 #这里 valid_lft forever preferred_lft forever # 备节点(backup) # ip add 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:84:54:be brd ff:ff:ff:ff:ff:ff inet 10.99.73.39/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever #----------------------------------- # 2. 关闭主节点keepalived服务 #----------------------------------- # 主节点(master) 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:5f:60:52 brd ff:ff:ff:ff:ff:ff inet 10.99.73.38/24 brd 10.99.73.255 scope global eth0 #可以看到VIP已经漂走了 valid_lft forever preferred_lft forever # 备节点(backup) 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:84:54:be brd ff:ff:ff:ff:ff:ff inet 10.99.73.39/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever inet 10.99.73.40/32 scope global eth0 #可以看到VIP已经漂过来了,很快很快 valid_lft forever preferred_lft forever #----------------------------------- # 3. 重新开启主节点keepalived服务,因为我们配置的主节点优先级比较高,虽然备节点正常,但VIP还是会漂过来的。 #----------------------------------- # 主节点(master) 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:5f:60:52 brd ff:ff:ff:ff:ff:ff inet 10.99.73.38/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever inet 10.99.73.40/32 scope global eth0 # 备节点(backup) 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fa:16:3e:84:54:be brd ff:ff:ff:ff:ff:ff inet 10.99.73.39/24 brd 10.99.73.255 scope global eth0 valid_lft forever preferred_lft forever -
验证监控脚本会自动拉起haproxy
# 查看当前haproxy状态,确认启动时间以及PID systemctl status haproxy|grep -A 1 Active Active: active (running) since Fri 2020-07-03 16:11:25 CST; 4min 27s ago Main PID: 3942 (haproxy) # 执行关闭haproxy,查看是否被自动拉起服务 systemctl stop haproxy systemctl status haproxy|grep -A 1 Active Active: active (running) since Fri 2020-07-03 16:16:47 CST; 601ms ago Main PID: 8382 (haproxy)可以看到haproxy被keepalived自动拉起来了,验证完成。
1.5 日志配置
- 编辑启动环境变量文件,将日志配置到local[0-7]中的一个,这里配置到local1 (因为我已经将haproxy的日志配置到local0)
vi /opt/app/install/keepalived/etc/sysconfig/keepalived
# Options for keepalived. See `keepalived --help' output and keepalived(8) and
# keepalived.conf(5) man pages for a list of all options. Here are the most
# common ones :
#
# --vrrp -P Only run with VRRP subsystem.
# --check -C Only run with Health-checker subsystem.
# --dont-release-vrrp -V Dont remove VRRP VIPs & VROUTEs on daemon stop.
# --dont-release-ipvs -I Dont remove IPVS topology on daemon stop.
# --dump-conf -d Dump the configuration data.
# --log-detail -D Detailed log messages.
# --log-facility -S 0-7 Set local syslog facility (default=LOG_DAEMON)
#
KEEPALIVED_OPTIONS="-D -d -S 1"
- 配置rsyslog
vi /etc/rsyslog.d/keepalived.conf
$ModLoad imudp
$UDPServerRun 514
local1.* /var/log/keepalived.log
- 重启rsyslog,然后重启keepalived
systemctl restart rsyslog
systemctl restart keepalived
systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; vendor preset: disabled)
Active: active (running) since Sun 2020-07-05 00:55:27 CST; 427ms ago
Process: 32314 ExecStart=/usr/sbin/keepalived -f /opt/app/keepalived/etc/keepalived/keepalived.conf $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 32315 (keepalived)
Tasks: 2
Memory: 704.0K
CGroup: /system.slice/keepalived.service
├─32315 /usr/sbin/keepalived -f /opt/app/keepalived/etc/keepalived/keepalived.conf -D -d -S 1
└─32316 /usr/sbin/keepalived -f /opt/app/keepalived/etc/keepalived/keepalived.conf -D -d -S 1
可以看到配置已经生效了。
tail -f /var/log/keepalived.log
...<省略>