keepalived安装配置
#安装所需依赖包
yum -y install ipvsadm kernel-devel
#源码安装
tar -zxf keepalived-1.1.20.tar.gz
cd keepalived-1.1.20
安装编译keeepalived时需要支持LVS时才可以做LVS调度:
例如出现下面情况,将不支持lvs!
Keepalived configuration
------------------------
Keepalived version : 1.1.15
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : No
IPVS sync daemon support : No
Use VRRP Framework : Yes
Use LinkWatch : No
Use Debug flags : No
解决办法,指定kernel目录:
./configure '--prefix=/usr/local/keepalived' --with-kernel-dir=/usr/src/kernels/2.6.18-274.el5-x86_64/
Ipvs具体实现是由ipvsadm这个程序来完成,因此判断一个系统是否具备ipvs功能,只需要察看ipvsadm程序是否被安装。
察看ipvsadm程序的办法就是在任意路径执行命令ipvsadm,根据结果判断是否安装此模块.
如果安装则显示如下:
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
使用yum install -y ipvsadm安装模块。
检查当前加载的内核模块,看是否存在ip_vs模块
[[email protected] home]# lsmod|grep ip_vs
ip_vs 121217 0
如果没有显示,这表明没有加入进内核,可以手动执行ipvsadm以后,完成在内核加载ip_vs模块
正确情况:
Keepalived configuration
------------------------
Keepalived version : 1.1.15
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : Yes
IPVS sync daemon support : Yes
Use VRRP Framework : Yes
Use LinkWatch : No
Use Debug flags : No
然后在make,make install
ipvsadm
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
mkdir -p /etc/keepalived
vi /etc/keepalived/keepalived.conf
==========================================================================
master:
! Configuration File for keepalived
global_defs {
router_id ip111
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 111
advert_int 1
priority 250 #优先级
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
125.126.127.62
}
}
virtual_server 125.126.127.62 80 {
delay_loop 6
lb_algo wlc #算法
lb_kind DR #模式
nat_mask 255.255.255.0
protocol TCP
real_server 125.126.127.6 80 {
weight 1
TCP_CHECK { #基于端口的健康检查!
connect_port 80
connect_timeout 3
}
nb_get_retry 3
delay_before_retry 3
}
real_server 125.126.127.7 80 {
weight 1
TCP_CHECK { #基于端口的健康检查!
connect_port 80
connect_timeout 3
}
nb_get_retry 3
delay_before_retry 3
}
}
=============================================================================
slave:
! Configuration File for keepalived
global_defs {
router_id ip111
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 111
advert_int 1
priority 100 #优先级
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
125.126.127.62
}
}
virtual_server 125.126.127.62 80 {
delay_loop 6
lb_algo wlc
lb_kind DR
nat_mask 255.255.255.0
protocol TCP
real_server 125.126.127.6 80 {
weight 1
TCP_CHECK { #基于端口的健康检查!
connect_port 80
connect_timeout 3
}
nb_get_retry 3
delay_before_retry 3
}
real_server 125.126.127.7 80 {
weight 1
TCP_CHECK { #基于端口的健康检查!
connect_port 80
connect_timeout 3
}
nb_get_retry 3
delay_before_retry 3
}
}
==============================================================================
realserver:
Real Server1
Eth0 IP:125.126.127.6/24
GW:125.126.127.1
sysctl -w "net.ipv4.ip_forward=0"
sysctl -w "net.ipv4.conf.lo.arp_ignore=1"
sysctl -w "net.ipv4.conf.lo.arp_announce=2"
sysctl -w "net.ipv4.conf.all.arp_ignore=1"
sysctl -w "net.ipv4.conf.all.arp_announce=2"
ifconfig lo:0 125.126.127.62/32 broadcast 125.126.127.62 up
route add -host 125.126.127.62 dev lo:0
Real Server2
Eth0 IP:125.126.127.7/24
GW:125.126.127.1
sysctl -w "net.ipv4.ip_forward=0"
sysctl -w "net.ipv4.conf.lo.arp_ignore=1"
sysctl -w "net.ipv4.conf.lo.arp_announce=2"
sysctl -w "net.ipv4.conf.all.arp_ignore=1"
sysctl -w "net.ipv4.conf.all.arp_announce=2"
ifconfig lo:0 125.126.127.62/32 broadcast 125.126.127.62 up
route add -host 125.126.127.62 dev lo:0
keepalived的master与slave是通过vrrp2协议进行通讯.以决定各自的状态及vip等相关信息,MASTER会发送广播包,广播地址为224.0.0.18.