keepalived配置

前兩個配置做完實驗沒截圖，后面的實驗有圖片。

keepalived的的單獨設置

1.確保時間同步 ntpdate 10.1.0.1

2.保證/etc/hosts文件可以解析到

3.本機配置ssh-keygen -t rsa -P ''  ，然后ssh-copy-id -i .ssh/id_rsa.pub root@10.1.44.4

4.此時 登入10.1.44.4就不需要密碼了

5.yum -y install keepalived,分別進行配置兩臺主機的地址分別是10.1.44.4（backup） 和10.1.44.3（master）

備機的配置

global_defs {

notification_email {

root@localhost

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id node61

vrrp_mcast_group4 224.0.100.29

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 16

priority 98

advert_int 1

authentication {

auth_type PASS

auth_pass 01c5c1c8

}

virtual_ipaddress {

10.1.44.99/16 dev eth0

}

}

主機的配置

! Configuration File for keepalived

global_defs {

notification_email {

root@localhost

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id node61

vrrp_mcast_group4 224.0.100.29

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 16

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 01c5c1c8

}

virtual_ipaddress {

10.1.44.99/16 dev eth0

}

}

配置郵件通知機制

郵件腳本:/etc/keepalived/notify.sh

#!/bin/bash

#

contact="root@localhost"

notify() {

mailsubject="$(hostname) to be $1 ,vip floating"

mailbody="$(date +'%F %T'):vrrp transition,$(hostname) changed to be $1"

echo "$mailbody" | mail -s "$mailsubject" $contact

}

case $1 in

master)

notify master

;;

backup)

notify backup

;;

fault)

notify fault

;;

*)

echo "Usage: $(basename $0) {master|backup|fault}"

exit 1

;;

esac

在keepalived.conf中的配置

virtual_ipaddress {

10.1.44.99/16 dev eth0

}

notify_master "/etc/keepalived/notify.sh mater"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

keepalived與HTTP結合的配置

第一步：在主機和備機進行測試

先開啟service keepalived start

ipvsadm -A -t 10.1.44.99:80 -s rr

ipvsadm -a  -t 10.1.44.99:80 -r 10.1.44.2 -g -w 1

ipvsadm -a  -t 10.1.44.99:80 -r 10.1.44.6 -g -w 1

在另一臺設備上使用curl 10.1.44.99

第二步：keepalived配置文件中添加配置

如下為備機配置，主機類似

! Configuration File for keepalived

global_defs {

notification_email {

root@localhost

}

notification_email_from keepalived@localhost

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id node1

vrrp mcast_group4 224.0.100.19

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 15

priority 97

advert_int 1

authentication {

auth_type PASS

auth_pass RrpIoZU8

}

virtual_ipaddress {

10.1.44.99

}

}

virtual_server 10.1.44.99 80 {

delay_loop 3

lb_algo rr

lb_kind DR

protocol TCP

real_server 10.1.44.2 80 {

weight 1

HTTP_GET {

url {

path /

status_code 200

}

connect_timeout 1

nb_get_retry 3

delay_before_retry 1

}

}

real_server 10.1.44.6 80 {

weight 1

HTTP_GET {

url {

path /

status_code 200

}

connect_timeout 1

nb_get_retry 3

delay_before_retry 1

}

}

}

第三步：測試

配置好文件后，生成了如下的規則

（1）正常情況下會輪替

（2）關閉一臺真機

（3）keepalived的主機宕機

此時的ipvsadm的規則已經轉移到備機上，用戶的訪問頁面亦然正常

sorry服務器

sorry_server應該配置在keepalived服務器上，以便于在主備真機全部宕機后，能夠提供錯誤頁顯示服務。

（1）配置文件：

（2）測試

將真機的http服務全部關閉，將調度機的備機啟動，

啟動調度機的主機啟動

keepalived狀態檢測

keepalived調用外部的輔助腳本進行資源監控，并根據監控的結果狀態能實現優先動態調整?？梢允褂迷摲椒ㄈz測nginx服務是否正常；

分兩步：（1）先定義一個腳本；（2）調用此腳本；

實例：

! Configuration File for keepalived

global_defs {

notification_email {

root@localhost

}

notification_email_from keepalived@localhost

smtp_server 127.0.0.1

smtp_connect_timeout 30

router_id node1

vrrp mcast_group4 224.0.100.19

}

vrrp_script chk_down {

       script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"

       interval 1

       weight -5

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 15

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass RrpIoZU8

}

virtual_ipaddress {

10.1.44.99

}

  track_script {

       chk_down

   }

}

當創建了down文件后主節點自動調低優先級。