配置keepalived
注意:记得关闭防火墙或者增加vrrp策略
1、安装
keepalived源码包下载地址:http://www.keepalived.org/download.html
说明文档:https://www.keepalived.org/LVS-NAT-Keepalived-HOWTO.html
注意:先创建 /usr/local/keepalived(新建文件夹)
# tar -zxf keepalived-2.1.5.tar.gz # cd keepalived-2.0.0 # ./configure --prefix=/usr/local/keepalived # make && make install # echo $? 0 # # cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ # cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ # cp ./keepalived/etc/init.d/keepalived /etc/init.d/# mkdir /etc/keepalived# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
2、配置
1.修改master服务器 /etc/keepalived/keepalived.conf 文件
[root@ubantu~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { #故障发生时给谁发邮件通知。 1399101720@qq.com } notification_email_from 1399101720@qq.com #通知邮件的发出地址。 smtp_server 127.0.0.1 #发现Email的smtp地址 smtp_connect_timeout 30 #超时时间 router_id node1 script_user root enable_script_security } vrrp_script check_run { script "/etc/keepalived/mysql.sh" interval 10 } vrrp_instance VI_1 { state BACKUP #可以是 MASTER 或 BACKUP,不过当其他节点 keepalived 启动时 #会将 Priority(优先级)比较大的节点选举为 MASTER,因此该项其实没有实质用途。 interface ens18 #本机物理网卡,节点固有 IP(非 VIP)的网卡,用来发 VRRP包。 lvs_sync_daemon_inteface ens18 #绑定 lvs syncd 的网卡。 virtual_router_id 151 #虚拟路由,主从机必需一致。设置 VRID,取值在 0-255 之间,用来区分多个 instance 的 VRRP 组播 #(同一网段中 virtual_router_id 的值不能重复,否则会出错)。 #将决定多播的 MAC 地址 priority 100 #用来选举 master,要成为 master,这个选项的值最好高于其他机器 50 个点, #该项取值范围是 1-255(在此范围之外会被识别成默认值 100)。 advert_int 5 #发 VRRP 包的时间间隔,即多久进行一次 master 选举(可以认为是健康检查时间间隔,默认1秒)。 authentication { #认证区域,保持master和backup一致 auth_type PASS auth_pass 1111 } track_script { check_run } virtual_ipaddress { #VIP(虚拟 IP 地址),随着 state 的变化而增加删除, #当 state 为 master 的时候就添加,当 state 为 backup 的时候删除, #主要由优先级来决定的,和 state 设置的值没有多大关系,可以设置多个 IP 地址。 172.16.127.222 dev ens18 } } virtual_server 172.16.127.222 3306 { #LVS配置,VIP delay_loop 6 #服务轮询的时间间隔 lb_algo wrr #LVS 调度算法 lb_kind DR #LVS 集群算法 persistence_timeout 50 #同一IP的链接50秒内被分配到同一台realserver protocol TCP #用TCP协议检查realserver状态 real_server 172.16.127.49 3306 { #实际服务器的IP和端口 weight 100 notify_down /etc/keepalived/keepalived.sh TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 3306 } } }
2.修改slave服务器 /etc/keepalived/keepalived.conf 文件
[root@ubantu ~]#vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { #故障发生时给谁发邮件通知。 1399101720@qq.com } notification_email_from 1399101720@qq.com #通知邮件的发出地址。 smtp_server 127.0.0.1 #发现Email的smtp地址 smtp_connect_timeout 30 #超时时间 router_id node2 #运行keepalived的机器标识号,主从机必须不同 script_user root enable_script_security } vrrp_script check_run { script "/etc/keepalived/mysql.sh" interval 10 } vrrp_instance VI_1 { state BACKUP #可以是 MASTER 或 BACKUP,不过当其他节点 keepalived 启动时 #会将 Priority(优先级)比较大的节点选举为 MASTER,因此该项其实没有实质用途。 interface enp0s18 #本机物理网卡,节点固有 IP(非 VIP)的网卡,用来发 VRRP包。 lvs_sync_daemon_inteface enp0s18 #绑定 lvs syncd 的网卡。 virtual_router_id 151 #虚拟路由,主从机必需一致。设置 VRID,取值在 0-255 之间,用来区分多个 instance 的 VRRP 组播 #(同一网段中 virtual_router_id 的值不能重复,否则会出错)。 #将决定多播的 MAC 地址 priority 90 #用来选举 master,要成为 master,这个选项的值最好高于其他机器 50 个点, #该项取值范围是 1-255(在此范围之外会被识别成默认值 100)。 advert_int 5 #发 VRRP 包的时间间隔,即多久进行一次 master 选举(可以认为是健康检查时间间隔,默认1秒)。 authentication { #认证区域,保持master和backup一致 auth_type PASS auth_pass 1111 } track_script { check_run } virtual_ipaddress { #VIP(虚拟 IP 地址),随着 state 的变化而增加删除, #当 state 为 master 的时候就添加,当 state 为 backup 的时候删除, #主要由优先级来决定的,和 state 设置的值没有多大关系,可以设置多个 IP 地址。 172.16.127.222 dev enp0s18 } } virtual_server 172.16.127.222 3306 { #LVS配置,VIP delay_loop 6 #服务轮询的时间间隔 lb_algo wrr #LVS 调度算法 lb_kind DR #LVS 集群算法 persistence_timeout 50 #同一IP的链接50秒内被分配到同一台realserver protocol TCP #用TCP协议检查realserver状态 real_server 172.16.127.83 3306 { #实际服务器的IP和端口 weight 100 notify_down /etc/keepalived/keepalived.sh TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 3306 } } }
3、两台服务器创建脚本
[root@ubantu ~]#vi /etc/keepalived/keepalived.sh
pkill keepalived
[root@ubantu ~]#
[root@ubantu ~]#vi /etc/keepalived/mysql.sh ql -uroot -puw7!23!Qw2 -e "select version();" >/dev/null 2>&1 #mysql -u数据库账号 -p数据库密码 -e "show status;"# if [ $? -ne 0 ] ;then #echo $(date)". mysql error!" >>/etc/keepalived/action.log sudo service keepalived stop if [ $? -ne 0 ] ;then echo $(date +'%Y-%m-%d %H:%M:%S')". mysql error.but ACTION keepalived-stop failed." >>/etc/keepalived/action.log else echo $(date +'%Y-%m-%d %H:%M:%S')". mysql error.ACTION keepalived-stop success." >>/etc/keepalived/action.log fi else keepalivedcheck=`ps -C keepalived --no-header | wc -l` if [ $keepalivedcheck -eq 0 ] ;then sudo service keepalived start if [ $? -ne 0 ] ;then echo $(date +'%Y-%m-%d %H:%M:%S')". mysql normal,keepalived already stopped.but ACTION keepalived-start failed" >>/etc/keepalived/action.log else echo $(date +'%Y-%m-%d %H:%M:%S')". mysql normal,keepalived already stopped.ACTION keepalived-start success" >>/etc/keepalived/action.log fi ###test code #else #echo $(date)". keepalived is running!" >>/etc/keepalived/action.log ##test code fi #echo $(date)". mysql running!" >>/etc/keepalived/action.log fi [root@ubantu ~]#
最后授权执行脚本:chmod +x /etc/keepalived/某某.sh
4、启动
root@ubuntu:/#service keepalived start root@ubuntu:/# ps -ef | grep keep root 2063 1 0 16:35 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D root 2064 2063 0 16:35 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D root 2065 2063 0 16:35 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D root 14999 17440 0 17:53 pts/0 00:00:00 grep --color=auto keep
5、查看两端的虚拟IP启动情况,系统日志
1.master的
root@ubuntu:/# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fe:fc:fe:d1:fb:17 brd ff:ff:ff:ff:ff:ff inet 172.16.127.49/24 brd 172.16.127.255 scope global ens18 valid_lft forever preferred_lft forever inet 172.16.127.222/32 scope global ens18 valid_lft forever preferred_lft forever inet6 fe80::fcfc:feff:fed1:fb17/64 scope link valid_lft forever preferred_lft forever
2.slave的
root@ubuntu:/# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: enp0s18: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether fe:fc:fe:e0:c5:44 brd ff:ff:ff:ff:ff:ff inet 172.16.127.83/24 brd 172.16.127.255 scope global enp0s18 valid_lft forever preferred_lft forever inet6 fe80::fcfc:feff:fee0:c544/64 scope link valid_lft forever preferred_lft forever
对比上面的说明绑上VIP了
3.抓包检查,只有一台服务向224.0.0.18发送,就证明正常了
root@ubuntu:/# tcpdump -i ens18 vrrp -n tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ens18, link-type EN10MB (Ethernet), capture size 262144 bytes 17:57:34.245115 IP 172.16.127.49 > 224.0.0.18: VRRPv2, Advertisement, vrid 151, prio 100, authtype simple, intvl 5s, length 20 17:57:39.245262 IP 172.16.127.49 > 224.0.0.18: VRRPv2, Advertisement, vrid 151, prio 100, authtype simple, intvl 5s, length 20 17:57:44.245503 IP 172.16.127.49 > 224.0.0.18: VRRPv2, Advertisement, vrid 151, prio 100, authtype simple, intvl 5s, length 20