keepalive


keepalived: 在Linux主机上,以daemon方式实现了vrrp协议;并提供了完成配置ipvs规则及实现相应real server状态检测能力;

调用外部脚本;


适用场景:ipvs, haproxy, nginx(reverse proxy)


keepalive (1)_keepalive


wrapper:wrapper规则给ipvs; 如果不是ipvs,不需要wrapper,不需要ipvsadm,仍然调用ipvs的内核规则;

核心:vrrp stack;

watchdog:监控vrrp进程,跟系统内核有关。

check:健康状态检查


注意高可用时间一定要同步。


时间同步:

[root@node2 ~]# vim /etc/ntp.conf 

driftfile /var/lib/ntp/drift


# Permit time synchronization with our time source, but do not

# permit the source to query or modify the service on this system.

restrict default kod nomodify notrap nopeer noquery

restrict -6 default kod nomodify notrap nopeer noquery

restrict 192.168.0.0 mask 255.255.255.0 nomodify notrap


# Permit all access over the loopback interface.  This could

# be tightened as well, but to do so would effect some of

# the administrative functions.

restrict 127.0.0.1

restrict -6 ::1

server  127.127.1.0

fudge   127.127.1.0 stratum 10


# Hosts on local network are less restricted.

#restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap


# Use public servers from the pool.ntp.org project.

# Please consider joining the pool (http://www.pool.ntp.org/join.html).

server 0.centos.pool.ntp.org iburst

server 1.centos.pool.ntp.org iburst

server 2.centos.pool.ntp.org iburst

server 3.centos.pool.ntp.org iburst


#broadcast 192.168.1.255 autokey        # broadcast server

#broadcastclient                        # broadcast client

#broadcast 224.0.1.1 autokey            # multicast server

#multicastclient 224.0.1.1              # multicast client

#manycastserver 239.255.254.254         # manycast server

#manycastclient 239.255.254.254 autokey # manycast client


[root@node2 ~]# service ntpd restart

关闭 ntpd:                                                [确定]

正在启动 ntpd:                                            [确定]


[root@node200 ~]# date

2016年 03月 14日 星期一 20:36:53 CST


[root@node200 ~]# ntpdate 192.168.0.131

14 Mar 20:36:37 ntpdate[29864]: step time server 192.168.0.131 offset 10774951.322311 sec


[root@node2 ~]# date

2016年 03月 14日 星期一 20:36:47 CST


---------------------------------------------------------------------------

安装程序

[root@node200 ~]# yum install keepalived -y

[root@node2 ~]#  yum install keepalived -y


[root@node200 ~]# rpm -ql keepalived

/etc/keepalived              

/etc/keepalived/keepalived.conf

/etc/rc.d/init.d/keepalived                 ##服务脚本

/etc/sysconfig/keepalived               ### 脚本配置文件

/usr/bin/genhash

/usr/libexec/keepalived

/usr/sbin/keepalived

/usr/share/doc/keepalived-1.2.13

/usr/share/doc/keepalived-1.2.13/AUTHOR

/usr/share/doc/keepalived-1.2.13/CONTRIBUTORS

/usr/share/doc/keepalived-1.2.13/COPYING

/usr/share/doc/keepalived-1.2.13/ChangeLog

/usr/share/doc/keepalived-1.2.13/NOTE_vrrp_vmac.txt

/usr/share/doc/keepalived-1.2.13/README

/usr/share/doc/keepalived-1.2.13/TODO

/usr/share/doc/keepalived-1.2.13/VERSION

/usr/share/doc/keepalived-1.2.13/keepalived.conf.SYNOPSIS

/usr/share/doc/keepalived-1.2.13/samples

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.HTTP_GET.port    ###以下样例

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.IPv6

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.SMTP_CHECK

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.SSL_GET

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.fwmark

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.inhibit

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.misc_check

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.misc_check_arg

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.quorum

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.sample

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.status_code

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.track_interface

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.virtual_server_group

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.virtualhost

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.lvs_syncd

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.routes

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.scripts

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.static_ipaddress

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.sync

/usr/share/doc/keepalived-1.2.13/samples/sample.misccheck.smbcheck.sh

/usr/share/man/man1/genhash.1.gz

/usr/share/man/man5/keepalived.conf.5.gz

/usr/share/man/man8/keepalived.8.gz

/usr/share/snmp/mibs/KEEPALIVED-MIB.txt


复制脚本

[root@node200 keepalived]# cp keepalived.conf{,.bak}

[root@node200 keepalived]# ls

keepalived.conf  keepalived.conf.bak


[root@node2 ~]# cd /etc/keepalived/ 

[root@node2 keepalived]# cp keepalived.conf{,.bak}

[root@node2 keepalived]# ls

keepalived.conf  keepalived.conf.bak

[root@node2 keepalived]# 


修改密码

[root@node200 ~]# useradd kaadmin

[root@node200 ~]# echo "redhat" | passwd --stdin kaadmin

更改用户 kaadmin 的密码 。

passwd: 所有的身份验证令牌已经成功更新。


[root@node2 ~]# useradd kaadmin

[root@node2 ~]# echo "redhat" | passwd --stdin kaadmin

更改用户 kaadmin 的密码 。

passwd: 所有的身份验证令牌已经成功更新。


配置文件

[root@node2 keepalived]# vim keepalived.conf

! Configuration File for keepalived


global_defs {

   notification_email {

        kaadmin@zye.com             ###通知到的邮件地址

}

   notification_email_from aaa@zye.com     ###发送邮件地址

   smtp_server 127.0.0.1              ###本机

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}


vrrp_instance VI_1 {                 ###实例名称

    state MASTER                  ###主节点 

    interface eth0                 ###通告接口

    virtual_router_id 61

    priority 100

    advert_int 1             ###发送的时间间隔

    authentication {

        auth_type PASS

        auth_pass asd@123

    }

    virtual_ipaddress {

       192.168.0.10           ###配置虚拟ip地址

   }

}


#virtual_server 192.168.200.100 443 {

#    delay_loop 6

#    lb_algo rr

#    lb_kind NAT

#    nat_mask 255.255.255.0

#    persistence_timeout 50

#    protocol TCP

#

#    real_server 192.168.201.100 443 {


复制到另外节点

[root@node2 keepalived]# scp keepalived.conf 192.168.0.200:/etc/keepalived/

The authenticity of host '192.168.0.200 (192.168.0.200)' can't be established.

RSA key fingerprint is 0e:95:8d:de:b9:2f:c4:75:8d:70:af:e2:84:65:7f:86.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.0.200' (RSA) to the list of known hosts.

root@192.168.0.200's password: 

keepalived.conf


配置另一节点

[root@node200 keepalived]# vim keepalived.conf

! Configuration File for keepalived


global_defs {

   notification_email {

        kaadmin@zye.com

}

   notification_email_from aaa@zye.com

   smtp_server 127.0.0.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}


vrrp_instance VI_1 {

    state BACKUP        ###从节点

    interface eth0

    virtual_router_id 61

    priority 99        ###优先级

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass asd@123

    }

    virtual_ipaddress {

       192.168.0.10

   }

}


#virtual_server 192.168.200.100 443 {

#    delay_loop 6

#    lb_algo rr

#    lb_kind NAT

#    nat_mask 255.255.255.0

#    persistence_timeout 50

#    protocol TCP


--------------------------------------------------------------------------------

查看双方变化

[root@node200 ~]# tail -f /var/log/messages

[root@node200 keepalived]# service keepalived restart

停止 keepalived:                                          [失败]

正在启动 keepalived:                                      [确定]


node200日志分析

Mar 14 21:54:18 node200 Keepalived[32324]: Starting Keepalived v1.2.13 (03/19,2015)

Mar 14 21:54:18 node200 Keepalived[32325]: Starting Healthcheck child process, pid=32327

Mar 14 21:54:18 node200 Keepalived[32325]: Starting VRRP child process, pid=32328

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Netlink reflector reports IP 192.168.0.200 added

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Netlink reflector reports IP fe80::20c:29ff:fe9f:1fe5 added

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Registering Kernel netlink reflector

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Registering Kernel netlink command channel

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Registering gratuitous ARP shared channel

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Opening file '/etc/keepalived/keepalived.conf'.

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Configuration is using : 62978 Bytes

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: Using LinkWatch kernel netlink reflector...

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Entering BACKUP STATE

Mar 14 21:54:18 node200 Keepalived_vrrp[32328]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Netlink reflector reports IP 192.168.0.200 added

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Netlink reflector reports IP fe80::20c:29ff:fe9f:1fe5 added

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Registering Kernel netlink reflector

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Registering Kernel netlink command channel

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Opening file '/etc/keepalived/keepalived.conf'.

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Configuration is using : 7521 Bytes

Mar 14 21:54:18 node200 kernel: IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)

Mar 14 21:54:18 node200 kernel: IPVS: Connection hash table configured (size=4096, memory=64Kbytes)

Mar 14 21:54:18 node200 kernel: IPVS: ipvs loaded.

Mar 14 21:54:18 node200 Keepalived_healthcheckers[32327]: Using LinkWatch kernel netlink reflector...

Mar 14 21:54:22 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Transition to MASTER STATE

Mar 14 21:54:23 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Entering MASTER STATE

Mar 14 21:54:23 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) setting protocol VIPs.

Mar 14 21:54:23 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.0.10

Mar 14 21:54:23 node200 Keepalived_healthcheckers[32327]: Netlink reflector reports IP 192.168.0.10 added

Mar 14 21:54:28 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.0.10

Mar 14 22:02:28 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Received higher prio advert

Mar 14 22:02:28 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Entering BACKUP STATE

Mar 14 22:02:28 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) removing protocol VIPs.

Mar 14 22:02:28 node200 Keepalived_healthcheckers[32327]: Netlink reflector reports IP 192.168.0.10 removed

Mar 14 22:02:31 node200 dbus: avc:  received setenforce notice (enforcing=0)

Mar 14 22:02:31 node200 dbus: avc:  received setenforce notice (enforcing=0)

Mar 14 22:02:57 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Transition to MASTER STATE

Mar 14 22:02:57 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Received higher prio advert

Mar 14 22:02:57 node200 Keepalived_vrrp[32328]: VRRP_Instance(VI_1) Entering BACKUP STATE



[root@node2 ~]# tail -f /var/log/messages

[root@node2 keepalived]# service keepalived restart

停止 keepalived:                                          [失败]

正在启动 keepalived:                                      [确定]


node2日志分析

Mar 14 22:02:57 node2 Keepalived_vrrp[26391]: VRRP_Instance(VI_1) sending 0 priority

Mar 14 22:02:57 node2 Keepalived_vrrp[26391]: VRRP_Instance(VI_1) removing protocol VIPs.

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26390]: Netlink reflector reports IP 192.168.0.10 removed

Mar 14 22:02:57 node2 Keepalived[26415]: Starting Keepalived v1.2.13 (03/19,2015)

Mar 14 22:02:57 node2 Keepalived[26416]: Starting Healthcheck child process, pid=26418

Mar 14 22:02:57 node2 Keepalived[26416]: Starting VRRP child process, pid=26419

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Netlink reflector reports IP 192.168.0.131 added

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Netlink reflector reports IP fe80::20c:29ff:fe10:b905 added

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Registering Kernel netlink reflector

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Registering Kernel netlink command channel

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Registering gratuitous ARP shared channel

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Opening file '/etc/keepalived/keepalived.conf'.

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Netlink reflector reports IP 192.168.0.131 added

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Configuration is using : 62976 Bytes

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: Using LinkWatch kernel netlink reflector...

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Netlink reflector reports IP fe80::20c:29ff:fe10:b905 added

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Registering Kernel netlink reflector

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Registering Kernel netlink command channel

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Opening file '/etc/keepalived/keepalived.conf'.

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Configuration is using : 7519 Bytes

Mar 14 22:02:57 node2 Keepalived_healthcheckers[26418]: Using LinkWatch kernel netlink reflector...

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Transition to MASTER STATE

Mar 14 22:02:57 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election

Mar 14 22:02:58 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Entering MASTER STATE

Mar 14 22:02:58 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) setting protocol VIPs.

Mar 14 22:02:58 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.0.10

Mar 14 22:02:58 node2 Keepalived_healthcheckers[26418]: Netlink reflector reports IP 192.168.0.10 added

Mar 14 22:03:03 node2 Keepalived_vrrp[26419]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.0.10


使用查看IP地址方法确认VIP

[root@node2 keepalived]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff

    inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0

    inet 192.168.0.10/32 scope global eth0

    inet6 fe80::20c:29ff:fe10:b905/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff


-----------------------------------------------------------------------

通过外部脚本来确定主备角色,不停止keepalived进程


主备节点配置

! Configuration File for keepalived


global_defs {

   notification_email {

        kaadmin@zye.com

}

   notification_email_from aaa@zye.com

   smtp_server 127.0.0.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}


vrrp_script chk_mt_down {

 script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

 interval 1

 weight -5

 }


vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 61

    priority 99

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass asd@123

    }

    virtual_ipaddress {

       192.168.0.10

   }


   track_script {

         chk_mt_down

   }


}


----------------------------------------------------------------------------


主备节点验证

[root@node200 keepalived]# service keepalived reload

[root@node2 keepalived]# service keepalived reload


主节点

[root@node2 keepalived]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff

    inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0

    inet 192.168.0.10/32 scope global eth0

    inet6 fe80::20c:29ff:fe10:b905/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff

[root@node2 keepalived]# touch down

[root@node2 keepalived]# ip a                  ####没有虚拟地址

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff

    inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0

    inet6 fe80::20c:29ff:fe10:b905/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff

[root@node2 keepalived]# 


备节点

[root@node200 keepalived]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff

    inet 192.168.0.200/24 brd 192.168.0.255 scope global eth0

    inet 192.168.0.10/32 scope global eth0

    inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether fe:12:9c:9d:00:66 brd ff:ff:ff:ff:ff:ff



--------------------------------------------------------------------------------


双主模型


主节点1

[root@node2 keepalived]# vim keepalived.conf

rrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 61

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass asd@123

    }

    virtual_ipaddress {

       192.168.0.10

   }

   track_script {

         chk_mt_down

   }

}

vrrp_instance VI_2 {

    state BACKUP

    interface eth0

    virtual_router_id 62

    priority 99

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass asd@123

    }

    virtual_ipaddress {

       192.168.0.20

   }

   track_script {

         chk_mt_down

   }

}


主节点2

[root@node200 keepalived]# vim keepalived.conf

vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 61

    priority 99

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass asd@123

    }

    virtual_ipaddress {

       192.168.0.10

   }


   track_script {

         chk_mt_down

   }

}


vrrp_instance VI_2 {

    state MASTER

    interface eth0

    virtual_router_id 62

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass asd@123

    }

    virtual_ipaddress {

       192.168.0.20

   }


   track_script {

         chk_mt_down

   }

}


-------------------------------------------------------------------------------------

重启验证


重启

[root@node2 keepalived]# !ser

service keepalived reload

重新载入 keepalived:                                      [确定]


[root@node200 keepalived]# !ser

service keepalived reload

重新载入 keepalived:                                      [确定]


[root@node2 keepalived]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:10:b9:05 brd ff:ff:ff:ff:ff:ff

    inet 192.168.0.131/24 brd 192.168.0.255 scope global eth0

    inet 192.168.0.10/32 scope global eth0

    inet6 fe80::20c:29ff:fe10:b905/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 92:c4:6a:81:8c:3e brd ff:ff:ff:ff:ff:ff


[root@node200 keepalived]# ip a

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff

    inet 192.168.0.200/24 brd 192.168.0.255 scope global eth0

    inet 192.168.0.20/32 scope global eth0

    inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether fe:12:9c:9d:00:66 brd ff:ff:ff:ff:ff:ff




健康状态检测方法:

pick one healthchecker

               # HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK


        ipvs配置示例(1)

! Configuration File for keepalived


global_defs {

  notification_email {

kaadmon@magedu.com

  }

  notification_email_from kaadmin@magedu.com

  smtp_server 127.0.0.1

  smtp_connect_timeout 30

  router_id LVS_DEVEL

}


vrrp_script chk_mt_down {

   script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

   interval 1

   weight -5 

}


vrrp_instance VI_1 {

   state MASTER

   interface eth0

   virtual_router_id 57

   priority 100

   advert_int 1

   authentication {

       auth_type PASS

       auth_pass VI1pass

   }

   virtual_ipaddress {

172.16.100.52/32 brd 172.16.100.52 dev eth0 label eth0:0

   }

   track_script {

chk_mt_down

   }

}


virtual_server 172.16.100.52 80 {

   delay_loop 6

   lb_algo rr

   lb_kind DR

   nat_mask 255.255.0.0

#    persistence_timeout 50

   protocol TCP


   real_server 172.16.100.8 80 {

       weight 1

       HTTP_GET {

           url {

             path /index.html

             status_code 200

           }

           connect_timeout 2

           nb_get_retry 3

           delay_before_retry 1

       }

   }

   real_server 172.16.100.9 80 {

       weight 1

       HTTP_GET {

           url {

             path /index.html

             status_code 200

           }

           connect_timeout 2

           nb_get_retry 3

           delay_before_retry 1

       }

   }

}


haproxy双主示例:

(1) 脚本

#!/bin/bash

# Author: MageEdu <linuxedu@foxmail.com>

# description: An example of notify script


vip=172.16.100.52

contact='kaadmin@localhost'


notify() {

   mailsubject="`hostname` to be $1: $vip floating"

   mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"

   echo $mailbody | mail -s "$mailsubject" $contact

}


case "$1" in

   master)

       notify master

/etc/rc.d/init.d/haproxy start

       exit 0

   ;;

   backup)

       notify backup

/etc/rc.d/init.d/haproxy restart

       exit 0

   ;;

   fault)

       notify fault

/etc/rc.d/init.d/haproxy stop

       exit 0

   ;;

   *)

       echo 'Usage: `basename $0` {master|backup|fault}'

       exit 1

   ;;

esac


(2) 节点1配置

! Configuration File for keepalived


global_defs {

  notification_email {

kaadmon@magedu.com

  }

  notification_email_from kaadmin@magedu.com

  smtp_server 127.0.0.1

  smtp_connect_timeout 30

  router_id LVS_DEVEL

}


vrrp_script chk_mt_down {

   script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

   interval 1

   weight -5 

}


vrrp_script chk_haproxy {

   script "killall -0 haproxy &> /dev/null"

   interval 1

   weight -5

}


vrrp_instance VI_1 {

   state MASTER

   interface eth0

   virtual_router_id 57

   priority 100

   advert_int 1

   authentication {

       auth_type PASS

       auth_pass VI1pass

   }

   virtual_ipaddress {

172.16.100.52/32 brd 172.16.100.52 dev eth0 label eth0:0

   }

   track_script {

chk_mt_down

 chk_haproxy

   }

   notify_master "/etc/keepalived/notify.sh master"

   notify_backup "/etc/keepalived/notify.sh backup"

   notify_fault "/etc/keepalived/notify.sh fault"

}

vrrp_instance VI_2 {

   state BACKUP

   interface eth0

   virtual_router_id 58

   priority 99

   advert_int 1

   authentication {

       auth_type PASS

       auth_pass VI2pass

   }

   virtual_ipaddress {

172.16.100.53/32 brd 172.16.100.53 dev eth0 label eth0:1

   }

   track_script {

chk_mt_down

 chk_haproxy

   }

   notify_master "/etc/keepalived/notify.sh master"

   notify_backup "/etc/keepalived/notify.sh backup"

   notify_fault "/etc/keepalived/notify.sh fault"

}



(3) 节点2配置


! Configuration File for keepalived


global_defs {

  notification_email {

kaadmon@magedu.com

  }

  notification_email_from kaadmin@magedu.com

  smtp_server 127.0.0.1

  smtp_connect_timeout 30

  router_id LVS_DEVEL

}


vrrp_script chk_mt_down {

   script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

   interval 1

   weight -5 

}


vrrp_script chk_haproxy {

   script "killall -0 haproxy &> /dev/null"

   interval 1

   weight -5

}


vrrp_instance VI_1 {

   state BACKUP

   interface eth0

   virtual_router_id 57

   priority 99

   advert_int 1

   authentication {

       auth_type PASS

       auth_pass VI1pass

   }

   virtual_ipaddress {

172.16.100.52/32 brd 172.16.100.52 dev eth0 label eth0:0

   }

   track_script {

chk_mt_down

chk_haproxy

   }


   notify_master "/etc/keepalived/notify.sh master"

   notify_backup "/etc/keepalived/notify.sh backup"

   notify_fault "/etc/keepalived/notify.sh fault"

}


vrrp_instance VI_2 {

   state MASTER

   interface eth0

   virtual_router_id 58

   priority 100

   advert_int 1

   authentication {

       auth_type PASS

       auth_pass VI2pass

   }

   virtual_ipaddress {

       172.16.100.53/32 brd 172.16.100.53 dev eth0 label eth0:1

   }

   track_script {

       chk_mt_down

       chk_haproxy

   }

   notify_master "/etc/keepalived/notify.sh master"

   notify_backup "/etc/keepalived/notify.sh backup"

   notify_fault "/etc/keepalived/notify.sh fault"

}

两台主机分别是254.150;254.151




254.150

[root@node200 ~]# yum info keepalived

已加载插件:fastestmirror, refresh-packagekit, security

Loading mirror speeds from cached hostfile

 * base: mirrors.opencas.cn

 * epel: mirror01.idc.hinet.net

 * extras: mirrors.skyshe.cn

 * updates: mirrors.skyshe.cn

可安装的软件包

Name        : keepalived

Arch        : x86_64

Version     : 1.2.13

Release     : 5.el6_6

Size        : 214 k

Repo        : base

Summary     : Load balancer and high availability service

URL         : http://www.keepalived.org/

License     : GPLv2+

Description : Keepalived provides simple and robust facilities for load balancing

            : and high availability.  The load balancing framework relies on the

            : well-known and widely used Linux Virtual Server (IPVS) kernel module

            : providing layer-4 (transport layer) load balancing.  Keepalived

            : implements a set of checkers to dynamically and adaptively maintain

            : and manage a load balanced server pool according their health.

            : Keepalived also implements the Virtual Router Redundancy Protocol

            : (VRRPv2) to achieve high availability with director failover.


[root@node200 ~]# yum install keepalived -y


查看配置文件

[root@node200 ~]# ls /etc/keepalived/

keepalived.conf

[root@node200 ~]# rpm -ql keepalived

/etc/keepalived

/etc/keepalived/keepalived.conf

/etc/rc.d/init.d/keepalived

/etc/sysconfig/keepalived

/usr/bin/genhash

/usr/libexec/keepalived

/usr/sbin/keepalived

/usr/share/doc/keepalived-1.2.13

/usr/share/doc/keepalived-1.2.13/AUTHOR

/usr/share/doc/keepalived-1.2.13/CONTRIBUTORS

/usr/share/doc/keepalived-1.2.13/COPYING

/usr/share/doc/keepalived-1.2.13/ChangeLog

/usr/share/doc/keepalived-1.2.13/NOTE_vrrp_vmac.txt

/usr/share/doc/keepalived-1.2.13/README

/usr/share/doc/keepalived-1.2.13/TODO

/usr/share/doc/keepalived-1.2.13/VERSION

/usr/share/doc/keepalived-1.2.13/keepalived.conf.SYNOPSIS

/usr/share/doc/keepalived-1.2.13/samples

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.HTTP_GET.port

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.IPv6

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.SMTP_CHECK

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.SSL_GET

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.fwmark

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.inhibit

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.misc_check

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.misc_check_arg

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.quorum

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.sample

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.status_code

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.track_interface

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.virtual_server_group

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.virtualhost

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.lvs_syncd

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.routes

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.scripts

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.static_ipaddress

/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.sync

/usr/share/doc/keepalived-1.2.13/samples/sample.misccheck.smbcheck.sh

/usr/share/man/man1/genhash.1.gz

/usr/share/man/man5/keepalived.conf.5.gz

/usr/share/man/man8/keepalived.8.gz

/usr/share/snmp/mibs/KEEPALIVED-MIB.txt


备份及编辑配置文件

[root@node200 keepalived]# cp keepalived.conf{,.bak} && ls

keepalived.conf  keepalived.conf.bak

[root@node200 keepalived]# vim keepalived.conf


[root@node200 ~]# useradd keep

[root@node200 ~]#  echo "redhat" | passwd --stdin keep

更改用户 keep 的密码 。

passwd: 所有的身份验证令牌已经成功更新。


[root@node200 keepalived]# vim keepalived.conf

! Configuration File for keepalived


global_defs {

   notification_email {

      keep@zye.com

   }

   notification_email_from zhu@zhu.com

   smtp_server 127.0.0.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}


vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 71

    priority 99

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1qaz!QAZ

    }

    virtual_ipaddress {

       172.168.254.220

    }

}


#virtual_server 192.168.200.100 443 {

#    delay_loop 6


测试抢占模式

[root@node200 ~]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff

    inet 172.168.254.150/24 brd 172.168.254.255 scope global eth0

    inet 172.168.254.220/32 scope global eth0

    inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 0e:02:63:4a:ac:8d brd ff:ff:ff:ff:ff:ff


通过创建文件来调整主备模式

[root@node200 keepalived]# touch down

[root@node200 keepalived]# ls

down  keepalived.conf  keepalived.conf.bak


[root@node200 keepalived]# vim keepalived.conf

vrrp_script chk_mt_down {

        script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

        interval 1

        weight -20

}


vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 51

    priority 99

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 9999

    }

    virtual_ipaddress {

        172.168.254.220

    }


track_script {

        chk_mt_down

}


}


#virtual_server 192.168.200.100 443 {


[root@node200 keepalived]# service keepalived restart

停止 keepalived:                                          [确定]

正在启动 keepalived:                                      [确定]


双主模型

[root@node200 keepalived]# vim keepalived.conf

track_script {

        chk_mt_down

}


}


vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 51

    priority 99

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 9999

    }

    virtual_ipaddress {

        172.168.254.220

    }


track_script {

        chk_mt_down

}


}



vrrp_instance VI_2 {

    state MASTER

    interface eth0

    virtual_router_id 52

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 9999

    }

    virtual_ipaddress {

        172.168.254.221

    }


track_script {

        chk_mt_down

}


}



#virtual_server 192.168.200.100 443 {


[root@node200 keepalived]# service keepalived reload

重新载入 keepalived:                                      [确定]


查看

[root@node200 keepalived]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff

    inet 172.168.254.150/24 brd 172.168.254.255 scope global eth0

    inet 172.168.254.221/32 scope global eth0

    inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 0e:02:63:4a:ac:8d brd ff:ff:ff:ff:ff:ff


使用down脚本测试

[root@node200 keepalived]# touch down

[root@node200 keepalived]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff

    inet 172.168.254.150/24 brd 172.168.254.255 scope global eth0

    inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 0e:02:63:4a:ac:8d brd ff:ff:ff:ff:ff:ff


[root@node200 keepalived]# rm -rf down

[root@node200 keepalived]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:9f:1f:e5 brd ff:ff:ff:ff:ff:ff

    inet 172.168.254.150/24 brd 172.168.254.255 scope global eth0

    inet 172.168.254.221/32 scope global eth0

    inet6 fe80::20c:29ff:fe9f:1fe5/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 0e:02:63:4a:ac:8d brd ff:ff:ff:ff:ff:ff








254.151

[root@node2 ~]# yum install keepalived -y


[root@node2 ~]# useradd keep

[root@node2 ~]# echo "redhat" | passwd --stdin keep

更改用户 keep 的密码 。

passwd: 所有的身份验证令牌已经成功更新。


[root@node2 ~]# vim /etc/keepalived/keepalived.conf

 1 ! Configuration File for keepalived

  2 

  3 global_defs {

  4    notification_email {

  5       keep@zye.com

  6    }

  7    notification_email_from zhu@zhu.com

  8    smtp_server 127.0.0.1

  9    smtp_connect_timeout 30

 10    router_id LVS_DEVEL

 11 }

 12 

 13 vrrp_instance VI_1 {

 14     state MASTER

 15     interface eth0

 16     virtual_router_id 71

 17     priority 100

 18     advert_int 1

 19     authentication {

 20         auth_type PASS

 21         auth_pass 1qaz!QAZ

 22     }

 23     virtual_ipaddress {

 24        172.168.254.220

 25     }

 26 }

 27 

 28 #virtual_server 192.168.200.100 443 {

 29 #    delay_loop 6

 30 #    lb_algo rr

 31 #    lb_kind NAT

 32 #    nat_mask 255.255.255.0


复制配置文件到163.200

[root@node2 ~]# cd /etc/keepalived/

You have new mail in /var/spool/mail/root

[root@node2 keepalived]# scp keepalived.conf 192.168.163.200:/etc/keepalived/

The authenticity of host '192.168.163.200 (192.168.163.200)' can't be established.

RSA key fingerprint is 0e:95:8d:de:b9:2f:c4:75:8d:70:af:e2:84:65:7f:86.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '192.168.163.200' (RSA) to the list of known hosts.

root@192.168.163.200's password: 

keepalived.conf                                                                                           100% 3561     3.5KB/s   00:00    

You have new mail in /var/spool/mail/root


查看虚拟IP

[root@node2 ~]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:55:35:62 brd ff:ff:ff:ff:ff:ff

    inet 172.168.254.151/24 brd 172.168.254.255 scope global eth0

    inet 172.168.254.220/32 scope global eth0

    inet6 fe80::20c:29ff:fe55:3562/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 26:a9:e4:0e:31:1a brd ff:ff:ff:ff:ff:ff


测试抢占模式

[root@node2 keepalived]# service keepalived stop

停止 keepalived:                                          [确定]


重新上线

[root@node2 keepalived]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:55:35:62 brd ff:ff:ff:ff:ff:ff

    inet 172.168.254.151/24 brd 172.168.254.255 scope global eth0

    inet 172.168.254.220/32 scope global eth0

    inet6 fe80::20c:29ff:fe55:3562/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 26:a9:e4:0e:31:1a brd ff:ff:ff:ff:ff:ff


通过创建文件来调整主备模式

[root@node2 keepalived]# vim keepalived.conf

  router_id LVS_DEVEL

}


vrrp_script chk_mt_down {

        script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

        interval 1

        weight -20

}


vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 9999

    }

    virtual_ipaddress {

        172.168.254.220

    }

track_script {

        chk_mt_down

}

}


[root@node2 keepalived]# service keepalived restart

停止 keepalived:                                          [确定]

正在启动 keepalived:                                      [确定]


通过日志查看由主到备,删除down回到主

Jan 12 16:50:28 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) Received higher prio advert

Jan 12 16:50:28 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) Entering BACKUP STATE

Jan 12 16:50:28 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) removing protocol VIPs.

Jan 12 16:50:28 node2 Keepalived_healthcheckers[25805]: Netlink reflector reports IP 172.168.254.220 removed

Jan 12 16:51:39 node2 Keepalived_vrrp[25806]: VRRP_Script(chk_mt_down) succeeded

Jan 12 16:51:41 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) forcing a new MASTER election

Jan 12 16:51:41 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) forcing a new MASTER election

Jan 12 16:51:42 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) Transition to MASTER STATE

Jan 12 16:51:43 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) Entering MASTER STATE

Jan 12 16:51:43 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) setting protocol VIPs.

Jan 12 16:51:43 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 172.168.254.220

Jan 12 16:51:43 node2 Keepalived_healthcheckers[25805]: Netlink reflector reports IP 172.168.254.220 added

Jan 12 16:51:48 node2 Keepalived_vrrp[25806]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 172.168.254.220


双主模型

vrrp_script chk_mt_down {

        script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

        interval 1

        weight -20

}


vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 9999

    }

    virtual_ipaddress {

        172.168.254.220

    }

track_script {

        chk_mt_down

}

}



vrrp_instance VI_2 {

    state BACKUP

    interface eth0

    virtual_router_id 52

    priority 99

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 9999

    }

    virtual_ipaddress {

        172.168.254.221

    }

track_script {

        chk_mt_down

}

}

#virtual_server 192.168.200.100 443 {


[root@node2 keepalived]# service keepalived reload

重新载入 keepalived:                                      [确定]


查看

[root@node2 keepalived]# ip addr show

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host 

       valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

    link/ether 00:0c:29:55:35:62 brd ff:ff:ff:ff:ff:ff

    inet 172.168.254.151/24 brd 172.168.254.255 scope global eth0

    inet 172.168.254.220/32 scope global eth0

    inet6 fe80::20c:29ff:fe55:3562/64 scope link 

       valid_lft forever preferred_lft forever

3: pan0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN 

    link/ether 26:a9:e4:0e:31:1a brd ff:ff:ff:ff:ff:ff