配置前提:
(1) 各节点时间必须同步
(2) 确保iptables及selinux不会成为阻碍
(3) 各节点之间可通过主机名互相通信(对KA并非必须)
建议使用/etc/hosts文件实现
(4) 确保各节点的用于集群服务的接口支持MULTICAST通信
单主配置实例: node1为主 node2为从
node1
[root@node1 ~]#ntpdate 172.16.0.1 各节点时间必须同步 [root@node1 ~]#vim /etc/chrony.conf
[root@node1 ~]#systemctl restart chronyd.service [root@node1 ~]#systemctl enable chronyd.service 开机启动chronyd.service [root@node1 ~]#vim /etc/hosts 各节点之间可通过主机名互相通信
[root@node1 ~]#ping node2
[root@node1 ~]#ip link set multicast on dev ens33 确保各节点的用于集群服务的接口支持MULTICAST通信
[root@node1 ~]#yum install keepalived -y
[root@node1 /etc/keepalived]#cp keepalived.conf{,.bak}
[root@node1 /etc/keepalived]#vim keepalived.conf
global_defs {
notification_email {
root@localhost #设置报警邮件地址,可以设置多个,每行一个。需要开启sendmail服务。
}
notification_email_from keepalived@localhost #设置邮件的发送地址
smtp_server 127.0.0.1 #设置SMTP Server地址
smtp_connect_timeout 30 #设置SMTP Server的超时时间
router_id node1 #表示运行Keepalived服务器的一个标识。发邮件时显示大邮件主题中的信息
vrrp_mcast_group4 224.1.101.33
}
vrrp_instance VI_1 { #vrrp 实例定义部分
state MASTER #指定Keepalived的角色,MASTER表示些主机是主服务器。BACKUP表示此主机是备用服务器
interface ens33 #指定HA监测网络的接口
virtual_router_id 33 #虚拟路由标识,这个标识是一个数字,同一个vrrp实例使用唯一的标识,即同一个vrrp_instance下MASTER与BACKUP必须是一致的
priority 100 #定义优先级,数字越大,优先级越高
advert_int 1
authentication {
auth_type PASS #设置验证类型和密码,MASTER和BACKUP必须使用相同的密码才能正常通信
auth_pass Nl9OliUQ # openssl rand -base64 7 得出随机八位数
}
virtual_ipaddress { #设置虚拟IP地址,可以设置多个虚拟IP地址,每行一个
172.16.0.99/16 dev ens33 label ens33:0
}
}
[root@node1 /etc/keepalived]#scp keepalived.conf node2:/etc/keepalived/ 传到node2中
[root@node2 /etc/keepalived]#systemctl start keepalived.service 启动时,由于优先级高于node2,所以node2关闭
[root@node2 /etc/keepalived]#systemctl status keepalived.service 查看日志
node2 [root@node2 ~]#ntpdate 172.16.0.1 各节点时间必须同步 [root@node2 ~]#vim /etc/chrony.conf
[root@node2 ~]#systemctl restart chronyd.service [root@node2 ~]#systemctl enable chronyd.service 开机启动chronyd.service [root@node2 ~]#vim /etc/hosts 各节点之间可通过主机名互相通信
[root@node2 ~]#ping node1
[root@node2 ~]#ip link set multicast on dev ens33 确保各节点的用于集群服务的接口支持MULTICAST通信
[root@node2 ~]#yum install keepalived -y
[root@node2 /etc/keepalived]#vim keepalived.conf
global_defs {
notification_email {
root@localhost #设置报警邮件地址,可以设置多个,每行一个。需要开启sendmail服务。
}
notification_email_from keepalived@localhost #设置邮件的发送地址
smtp_server 127.0.0.1 #设置SMTP Server地址
smtp_connect_timeout 30 #设置SMTP Server的超时时间
router_id node2 #表示运行Keepalived服务器的一个标识。发邮件时显示大邮件主题中的信息
vrrp_mcast_group4 224.1.101.33
}
vrrp_instance VI_1 { #vrrp 实例定义部分
state BACKUP #指定Keepalived的角色,MASTER表示些主机是主服务器。BACKUP表示此主机是备用服务器
interface ens33 #指定HA监测网络的接口
virtual_router_id 33 #虚拟路由标识,这个标识是一个数字,同一个vrrp实例使用唯一的标识,即同一个vrrp_instance下MASTER与BACKUP必须是一致的
priority 80 #定义优先级,数字越大,优先级越高
advert_int 1
authentication {
auth_type PASS #设置验证类型和密码,MASTER和BACKUP必须使用相同的密码才能正常通信
auth_pass Nl9OliUQ # openssl rand -base64 7 得出随机八位数
}
virtual_ipaddress { #设置虚拟IP地址,可以设置多个虚拟IP地址,每行一个
172.16.0.99/16 dev ens33 label ens33:0
}
}
测试:
[root@node2 /etc/keepalived]#systemctl start keepalived.service
[root@node2 /etc/keepalived]#systemctl status keepalived.service 查看日志
[root@node2 /etc/keepalived]#tcpdump -i ens33 -nn host 224.1.101.33 node1开启时
08:25:13.748659 IP 172.16.250.149 > 224.1.101.33: VRRPv2, Advertisement, vrid 33, prio 100, authtype simple, intvl 1s, length 20
[root@node2 /etc/keepalived]#tcpdump -i ens33 -nn host 224.1.101.33 node1关闭时
08:26:20.811002 IP 172.16.252.245 > 224.1.101.33: VRRPv2, Advertisement, vrid 33, prio 80, authtype simple, intvl 1s, length 20
双主模型实例:
node1
[root@node1 /etc/keepalived]#vim keepalived.conf
vrrp_instance VI_1 {
interface ens33
authentication {
auth_type PASS
auth_pass NcxCHRPP
}
virtual_ipaddress {
172.16.0.99/16 dev ens33
}
}
vrrp_instance VI_2 {
state BACKUP
priority 90
interface ens33
virtual_router_id 34
advert_int 1
authentication {
auth_type PASS
auth_pass AcxRHRQP
}
virtual_ipaddress {
172.16.0.88/16 dev ens33
}
}
node2
[root@node2 /etc/keepalived]#vim keepalived.conf
vrrp_instance VI_1 {
state BACKUP
priority 80
interface ens33
virtual_router_id 33
advert_int 1
authentication {
auth_type PASS
auth_pass NcxCHRPP
}
virtual_ipaddress {
172.16.0.99/16 dev ens33
}
}
vrrp_instance VI_2 {
state MASTER
priority 100
interface ens33
virtual_router_id 34
advert_int 1
authentication {
auth_type PASS
auth_pass AcxRHRQP
}
virtual_ipaddress {
172.16.0.88/16 dev ens33
}
}
测试:
[root@node1 /etc/keepalived]#systemctl stop keepalived.service
[root@node1 /etc/keepalived]#systemctl stop keepalived.service
[root@node1 /etc/keepalived]#systemctl start keepalived.service
[root@node2 /etc/keepalived]#systemctl start keepalived.service
[root@node2 ~]#tcpdump -i ens33 -nn host 224.1.101.33
09:07:18.318146 IP 172.16.250.149 > 224.1.101.33: VRRPv2, Advertisement, vrid 33, prio 100, authtype simple, intvl 1s, length 20
09:07:18.725960 IP 172.16.252.245 > 224.1.101.33: VRRPv2, Advertisement, vrid 34, prio 100, authtype simple, intvl 1s, length 20
09:07:19.319033 IP 172.16.250.149 > 224.1.101.33: VRRPv2, Advertisement, vrid 33, prio 100, authtype simple, intvl 1s, length 20
[root@node1 /etc/keepalived]#systemctl stop keepalived.service
09:09:58.514319 IP 172.16.250.149 > 224.1.101.33: VRRPv2, Advertisement, vrid 33, prio 100, authtype simple, intvl 1s, length 20
09:09:58.969318 IP 172.16.250.149 > 224.1.101.33: VRRPv2, Advertisement, vrid 34, prio 96, authtype simple, intvl 1s, length 20
09:09:59.515444 IP 172.16.250.149 > 224.1.101.33: VRRPv2, Advertisement, vrid 33, prio 100, authtype simple, intvl 1s, length 20
09:09:59.970398 IP 172.16.250.149 > 224.1.101.33: VRRPv2, Advertisement, vrid 34, prio 96, authtype simple, intvl 1s, length 20
通知脚本的使用方式:
[root@node1 /etc/keepalived]#vim notify.sh
#!/bin/bash
#
contact='root@localhost'
notify() {
local mailsubject="$(hostname) to be $1, vip floating"
local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
[root@node1 /etc/keepalived]#chmod +x notify.sh
[root@node1 /etc/keepalived]#bash -n notify.sh
[root@node1 /etc/keepalived]#bash -x notify.sh master 脚本调用
[root@node1 /etc/keepalived]#bash -x notify.sh backup 脚本调用
[root@node1 /etc/keepalived]#bash -x notify.sh fault 脚本调用
[root@node1 /etc/keepalived]#scp -p notify.sh node2:/etc/keepalived/ 保留权限复制到node2
[root@node1 /etc/keepalived]#cp keepalived.conf{,.dual}
[root@node1 /etc/keepalived]#vim keepalived.conf 将双主模型删除
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 33
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass r6SYByVN
}
virtual_ipaddress {
172.16.0.99/16 dev ens33 lable ens33:0
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
[root@node2 /etc/keepalived]#cp keepalived.conf{,.dual}
[root@node2 /etc/keepalived]#vim keepalived.conf 做node1同样的操作
原创文章,作者:Linux.rookie,如若转载,请注明出处:http://www.178linux.com/78611
