keepalived安装配置实例教程(centos5.9)_集群与高可用

当前位置：首页 > 服务器配置 > 集群与高可用 > 正文

keepalived安装配置实例教程(centos5.9): 发布时间：2020-02-29编辑：脚本学堂

本文介绍了keepalived在centos下的安装与配置过程，centos 5.9下keepalived的安装过程，keepalived主备配置教程。

keepalived是什么

keepalived是由C语言编写的路由软件，是lvs的扩展项目，主要用作RealServer的健康状态检查以及LoadBalance主机和BackUP主机之间failover的实现。

keepalived是一个类似于layer3, 4 & 7交换机制的软件，即常说的第3层、第4层和第7层交换。

本节重点介绍centos 5.9下keepalived的安装过程。

1、获取安装软件
下载地址：http://www.keepalived.org/download.html
直接下载最新的版本1.2.13，也可以通过wget自动下载

# wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz

2、安装前提
a、确保ipvs已经被安装

#如下，执行ipvsadm检查ipvs是否已经安装(当前大多数linux缺省已安装)
[root@HKBO ~]# ipvsadm
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port           Forward Weight ActiveConn InActConn

#检查当前加载的内核模块，看是否存在ip_vs模块
[root@HKBO ~]# lsmod|grep ip_vs
ip_vs    122113 0

b、安装相应的依赖包

# yum -y install gcc gcc-c++ gcc-g77 ncurses-devel bison libaio-devel
> cmake libnl* libpopt* popt-static openssl-devel

3、安装keepalived

[root@HKBO ~]# more /etc/issue
CentOS release 5.9 (Final)

# mkdir /usr/local/keepalived
# cd /usr/local/src
# wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz
# tar -xvf keepalived-1.2.13.tar.gz
# cd keepalived-1.2.13
# ./configure --disable-fwmark --prefix=/usr/local/keepalived
         ...............
Keepalived configuration
------------------------
Keepalived version       : 1.2.13
Compiler    : gcc
Compiler flags           : -g -O2 -DETHERTYPE_IPV6=0x86dd
Extra Lib   : -lssl -lcrypto -lcrypt
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
IPVS use libnl           : No
fwmark socket support    : No
Use VRRP Framework       : Yes
Use VRRP VMAC            : No
SNMP support: No
SHA1 support: No
Use Debug flags          : No

# make && make install
# ls /usr/local/keepalived/ #查看安装完成后，生成了4个目录
bin etc sbin share

# cd /usr/local/keepalived/etc
[root@HKBO etc]# tree
.
|-- keepalived
|   |-- keepalived.conf   #keepalived的配置样例
|   `-- samples
|       |-- client.pem
|       |-- dh1024.pem
|       |-- keepalived.conf.HTTP_GET.port
|       |-- keepalived.conf.IPv6
|       |-- keepalived.conf.SMTP_CHECK
|       |-- keepalived.conf.SSL_GET
|       |-- keepalived.conf.fwmark
|       |-- keepalived.conf.inhibit
|       |-- keepalived.conf.misc_check
|       |-- keepalived.conf.misc_check_arg
|       |-- keepalived.conf.quorum
|       |-- keepalived.conf.sample
|       |-- keepalived.conf.status_code
|       |-- keepalived.conf.track_interface
|       |-- keepalived.conf.virtual_server_group
|       |-- keepalived.conf.virtualhost
|       |-- keepalived.conf.vrrp
|       |-- keepalived.conf.vrrp.localcheck
|       |-- keepalived.conf.vrrp.lvs_syncd
|       |-- keepalived.conf.vrrp.routes
|       |-- keepalived.conf.vrrp.scripts
|       |-- keepalived.conf.vrrp.static_ipaddress
|       |-- keepalived.conf.vrrp.sync
|       |-- root.pem
|       `-- sample.misccheck.smbcheck.sh
|-- rc.d
|   `-- init.d
|       `-- keepalived
`-- sysconfig
    `-- keepalived

# cd /usr/local/keepalived/sbin
# ./keepalived --help            #获取keepalived的一些帮助
Usage: ./keepalived [OPTION...]
-f, --use-file=FILE          Use the specified configuration file
-P, --vrrp      Only run with VRRP subsystem
-C, --check     Only run with Health-checker subsystem
-l, --log-console            Log messages to local console
-D, --log-detailDetailed log messages
-S, --log-facility=[0-7]     Set syslog facility to LOG_LOCAL[0-7]
-V, --dont-release-vrrp      Don't remove VRRP VIPs and VROUTEs on daemon stop
-I, --dont-release-ipvs      Don't remove IPVS topology on daemon stop
-R, --dont-respawn           Don't respawn child processes
-n, --dont-fork Don't fork the daemon process
-d, --dump-conf Dump the configuration data
-p, --pid=FILE Use specified pidfile for parent process
-r, --vrrp_pid=FILE          Use specified pidfile for VRRP child process
-c, --checkers_pid=FILE      Use specified pidfile for checkers child process
-v, --version   Display the version number
-h, --help      Display this help message

# mkdir /etc/keepalived/
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
# ln -s /usr/local/keepalived/sbin/keepalived /sbin/

# service keepalived restart
Stopping keepalived: [FAILED]
Starting keepalived: [ OK ]

# service keepalived status
keepalived (pid 12092) is running...

# chkconfig keepalived on

# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:04:2c brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.66/24 brd 192.168.1.255 scope global eth0
    inet 192.168.200.16/32 scope global eth0
    inet 192.168.200.17/32 scope global eth0
    inet 192.168.200.18/32 scope global eth0
    inet6 fe80::250:56ff:fe84:42c/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

4、有关keepalived.conf的配置项

[root@HKBO keepalived]# more keepalived.conf
! Configuration File for keepalived

#全局定义块，包含邮件定义部分，
global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL //负载均衡器标识，在一个网络内，它应该是唯一的
}

#VRRP实例定义块，负责负载均衡器之间的失败切换
vrrp_instance VI_1 {
    state MASTER          //只有MASTER和BACKUP 2种状态，主为MASTER，从为BACKUP，使用大写
    interface eth0        //监控的网络接口
    virtual_router_id 51 //同一实例下virtual_router_id必须相同
    priority 100          //定义优先级，数字越大，优先级越高
    advert_int 1          //MASTER与BACKUP负载均衡器之间同步检查的时间间隔，单位是秒
    authentication {      //验证类型和密码
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {   //虚拟IP地址virtual_ipaddress,可以定义多个
        192.168.200.16
        192.168.200.17
        192.168.200.18
    }
}

#虚拟服务器定义块
virtual_server 192.168.200.100 443 {    //定义虚拟服务器
    delay_loop 6           //delay_loop，健康检查时间间隔，单位是秒
    lb_algo rr//负载调度算法，这里设置为rr，即轮询算法，互联网应用常使用wlc或rr
    lb_kind NAT            //负载均衡转发规则。一般包括DR,NAT,TUN3种，在我的方案中，都使用DR的方式
    nat_mask 255.255.255.0 //子网掩码
    persistence_timeout 50 //会话保持时间，单位是秒（可以适当延长时间以保持session）
    protocol TCP           //转发协议类型，有tcp和udp两种

    real_server 192.168.201.100 443 {   //真实服务器IP及端口
        weight 1           //默认为1,0为失效
        SSL_GET {
            url {
path /
digest ff20ad2481f97b1754ef3e12ecd3a9cc
            }
            url {
path /mrtg/
digest 9b3a0c85a887a256d6939da88aabd8cd
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.2 1358 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server 192.168.200.200 1358

    real_server 192.168.200.2 1358 {
        weight 1
        HTTP_GET {
            url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.3 1358 {
        weight 1
        HTTP_GET {
            url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
            }
            url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

5、配置主备keepalived
a、配置主备keepalived

#主，以下主要列出keepalived.conf差异部分
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.220
        192.168.1.230
    }
}

#备，以下主要列出keepalived.conf差异部分
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.220
        192.168.1.230
    }
}

b、测试主备keepalived

#启动主服务器上的keepalived服务
[root@MASTER ~]# service keepalived start
Starting keepalived: [ OK ]

[root@SZ-SYS-APP01 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:1f:37 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.65/24 brd 192.168.1.255 scope global eth0
    inet 192.168.1.220/32 scope global eth0    #可以看到220和230的虚IP
    inet 192.168.1.230/32 scope global eth0
    inet6 fe80::250:56ff:fe84:1f37/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

#启动备用服务器上的keepalived服务
[root@BACKUP ~]# service keepalived start
Starting keepalived: [ OK ]
#下面的查询结果中，虚IP220和230并为出现在备用服务器
[root@HKBO ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:04:2c brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.66/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::250:56ff:fe84:42c/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

#关闭主服务上的keepalived服务，观察vip是否会漂移到备用服务
[root@MASTER ~]# service keepalived stop
Stopping keepalived: [ OK ]
[root@MASTER ~]# ip addr    #关闭后，该命令可以看到220和230的虚IP已经不存在于主服务器
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:1f:37 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.65/24 brd 192.168.1.255 scope global eth0
    inet6 fe80::250:56ff:fe84:1f37/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

#此时在备用服务器上查看到了漂移的vip地址
[root@BACKUP ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
    link/ether 00:50:56:84:04:2c brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.66/24 brd 192.168.1.255 scope global eth0
    inet 192.168.1.220/32 scope global eth0
    inet 192.168.1.230/32 scope global eth0
    inet6 fe80::250:56ff:fe84:42c/64 scope link
       valid_lft forever preferred_lft forever
3: sit0: <NOARP> mtu 1480 qdisc noop
    link/sit 0.0.0.0 brd 0.0.0.0

#如果再次启动主服务器上的keepalived服务，则会vip自动漂移到主服务器，不再验证。

6、配置双主keepalived
双主的keepalived方式实际上是互为主备，以避免单点故障

#配置主备keepalived
MasterA: 192.168.1.65, VirtualIP: 192.168.1.220
MasterB: 192.168.1.66, VirtualIP: 192.168.1.230
#主，以下主要列出keepalived.conf差异部分
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.220
    }
}

vrrp_instance VI_2 {
    state BACKUP
    interface eth0
    virtual_router_id 52
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.230
    }
}

#备，以下主要列出keepalived.conf差异部分
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.220
    }
}

vrrp_instance VI_2 {
    state MASTER
    interface eth0
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.230
    }
}

#从上面的配置文件中可以看出，实际上是增加了一个vrrp实例
#验证过程略

7、编译时的错误No SO_MARK

#如果在编译时碰到了No SO_MARK错误，如下
# ./configure
checking for gcc... gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
          ...........
checking for nl_socket_alloc in -lnl-3... no
checking for nl_socket_modify_cb in -lnl... no
configure: WARNING: keepalived will be built without libnl support.
checking for kernel version... 2.6.18
checking for IPVS syncd support... yes
checking for kernel macvlan support... no
checking whether SO_MARK is declared... no
configure: error: No SO_MARK declaration in headers

#可以通过增加disable-fwmark参数来解决
--disable-fwmark        compile without SO_MARK support

上一篇：Lvs DR模式实现负载均衡
下一篇：heartbeat启动后无反应怎么办

与 keepalived安装配置实例教程(centos5.9) 有关的文章

本文标题：keepalived安装配置实例教程(centos5.9)
本页链接：http://www.jb200.com/article/30079.html

浏览排行

栏目分类

热点文章

keepalived安装配置实例教程(centos5.9)