02 Mar 2017
| 主机 | 角色 | ip |
|---|---|---|
| nignx01 | master | 192.168.33.81 |
| nginx02 | backup | 192.168.33.82 |
| vip | 192.168.33.80 |
keepalived中文文档
keepalived中文博客
keepalivedHOWTO,关于authentication
使用单播还是组播
yum install -y openssl-devel yum install -y keepalived
MASTER上配置
vim /etc/keepalived/keepalived.conf
global_defs {
lvs_id web_router
}
vrrp_script chk_nginx_service {
script "/etc/keepalived/nginx-ha-check"
interval 3
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface eth0
priority 101
virtual_router_id 51
advert_int 1
unicast_src_ip 192.168.33.81
unicast_peer {
192.168.33.82
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.33.80
}
track_script {
chk_nginx_service
}
}
配置简介:
- global_defs, 全局配置,可配置邮件通知和lvs_id
- lvs_id, lvs负载均衡标识id,在一个网络内,应该是唯一的。
- vrrp_script,可有多个脚本块配置
- script, 检测脚本,也可以是一条命令
- interval, 检测时间间隔
- weight, weight大于0时,若脚本返回结果为0,则增加priority;weight小于0时,若脚本返回结果非0,则减小priority。priority的范围为1-255
- fall 2, 连续失败2次才算失败
- rise 1, 成功一次就算成功
- vrrp_instance, 创建vrrp实例
- state, 指定初始状态,主还是从,角色转换根据priority来定
- interface, 网卡
- priority, 优先级,用来确定角色
- virtual_router_id, 相同的VRID为一个组,它将决定多播的MAC地址
- advert_int, 检查间隔,默认为1秒。这就是VRRP的定时器,MASTER每隔这样一个时间间隔,就会发送一个advertisement报文以通知组内其他路由器自己工作正常
- unicast_src_ip, 单播源ip
- unicast_peer, 单播对端ip,可配置多个
- authentication, 安全认证
- auth_type PASS, 使用密码方式认证
- auth_pass, 指定密码
- virtual_ipaddress, 指定vip
- track_script, 指定检查脚本,可配置多个
BACKUP上配置
global_defs {
lvs_id web_router
}
vrrp_script chk_nginx_service {
script "/etc/keepalived/nginx-ha-check"
interval 3
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
priority 100
virtual_router_id 51
advert_int 1
unicast_src_ip 192.168.33.82
unicast_peer {
192.168.33.81
}
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.33.80
}
track_script {
chk_nginx_service
}
}
vim /etc/keepalived/nginx-ha-check **************************************************** #!/bin/bash counter=$(ps -C nginx --no-heading|wc -l) if [ "${counter}" = "0" ]; then /usr/local/nginx/sbin/nginx sleep 2 counter=$(ps -C nginx --no-heading|wc -l) if [ "${counter}" = "0" ]; then /etc/init.d/keepalived stop fi fi **************************************************** chmod 755 /etc/keepalived/nginx-ha-check
# 1. 在master上查看网卡信息 ip a show dev eth1 3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 08:00:27:cc:25:79 brd ff:ff:ff:ff:ff:ff inet 192.168.33.31/24 brd 192.168.33.255 scope global eth1 inet 192.168.33.30/32 scope global eth1 inet6 fe80::a00:27ff:fecc:2579/64 scope link valid_lft forever preferred_lft forever # 2. 手动停止nginx service nginxd stop # 3. 查看日志,看到backup上自动提升角色为master # master上 Mar 2 14:18:31 node1 Keepalived[5977]: Stopping Keepalived v1.2.13 (03/19,2015) Mar 2 14:18:31 node1 Keepalived_vrrp[5980]: VRRP_Instance(VI_1) sending 0 priority Mar 2 14:18:31 node1 Keepalived_vrrp[5980]: VRRP_Instance(VI_1) removing protocol VIPs. Mar 2 14:18:31 node1 Keepalived_healthcheckers[5979]: Netlink reflector reports IP 192.168.33.30 removed # backup上 Mar 2 14:18:32 node2 Keepalived_vrrp[5979]: VRRP_Instance(VI_1) Transition to MASTER STATE Mar 2 14:18:33 node2 Keepalived_vrrp[5979]: VRRP_Instance(VI_1) Entering MASTER STATE Mar 2 14:18:33 node2 Keepalived_vrrp[5979]: VRRP_Instance(VI_1) setting protocol VIPs. Mar 2 14:18:33 node2 Keepalived_vrrp[5979]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth1 for 192.168.33.30 Mar 2 14:18:33 node2 Keepalived_healthcheckers[5978]: Netlink reflector reports IP 192.168.33.30 added # 需要重新开启master节点时,需要先保证nginx服务启动,然后再启动keepalived服务