1. 安裝Keepalived
安裝使用yum即可峡继,如果為離線環(huán)境冯袍,需要將Centos ISO作為一個(gè)私有局域網(wǎng)鏡像,配置一下yum源即可碾牌。
yum install keepalived
2. 修改主節(jié)點(diǎn)Keepalived配置項(xiàng)
cd /etc/keepalived
vim keepalived.conf
! Configuration File for keepalived
global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout 30
router_id lb001 # 全局唯一的routerid
script_user root
# vrrp_skip_check_adv_addr
# vrrp_strict # 不使用vrrp嚴(yán)格模式
# vrrp_garp_interval 0
# vrrp_gna_interval 0
}
# 定義檢測(cè)kong 網(wǎng)關(guān)的腳本
vrrp_script chk_nginx {
script "/etc/keepalived/kong_check.sh" ## 檢測(cè) Kong 狀態(tài)的腳本路徑
interval 1 # 執(zhí)行頻率
weight 0 # shell腳本執(zhí)行返回狀態(tài)為0 成功康愤,weight大于0儡循,將修改優(yōu)先級(jí)加weight,返回狀態(tài)非零 weight 小于 0 翘瓮,優(yōu)先級(jí)減去weight
}
vrrp_instance kong_gateway {
state MASTER # 主節(jié)點(diǎn)為MASTER
interface eth0 # 綁定 本地eth0 網(wǎng)卡
virtual_router_id 59 # 同一組MASTER贮折,BACKUP此標(biāo)識(shí)必須一樣,局域網(wǎng)內(nèi)有多組keepalived時(shí)候资盅,注意此參數(shù)必須跟其他組不一樣
priority 100 # 指定MASTER優(yōu)先級(jí)调榄,要比BACKUP節(jié)點(diǎn)大
advert_int 1 # MASTER 發(fā)送VRRP包周期
authentication {
auth_type PASS
auth_pass kong # 局域網(wǎng)多個(gè)組keepalive的時(shí)候,最好修改一下呵扛,不同組每庆,密碼不一樣
}
track_script {
chk_nginx ## 執(zhí)行 Nginx 監(jiān)控的服務(wù)
}
virtual_ipaddress {
10.26.11.200 # 虛擬IP地址,需要同本機(jī)地址同網(wǎng)段
}
}
MASTER今穿,BACKUP 能互通缤灵,并同網(wǎng)段
3. BACKUP節(jié)點(diǎn)配置
! Configuration File for keepalived
global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout 30
router_id lb002 # 全局唯一的routerid
script_user root
# vrrp_skip_check_adv_addr
# vrrp_strict # 不使用vrrp嚴(yán)格模式
# vrrp_garp_interval 0
# vrrp_gna_interval 0
}
# 定義檢測(cè)kong 網(wǎng)關(guān)的腳本
vrrp_script chk_nginx {
script "/etc/keepalived/kong_check.sh" ## 檢測(cè) Kong 狀態(tài)的腳本路徑
interval 1 # 執(zhí)行頻率
weight 0 # shell腳本執(zhí)行返回狀態(tài)為0 成功,weight大于0蓝晒,將修改優(yōu)先級(jí)加weight腮出,返回狀態(tài)非零 weight 小于 0 ,優(yōu)先級(jí)減去weight
}
vrrp_instance kong_gateway {
state BACKUP # 主節(jié)點(diǎn)為BACKUP
interface eth0 # 綁定 本地eth0 網(wǎng)卡
virtual_router_id 59 # 同一組MASTER芝薇,BACKUP此標(biāo)識(shí)必須一樣胚嘲,局域網(wǎng)內(nèi)有多組keepalived時(shí)候,注意此參數(shù)必須跟其他組不一樣
priority 90 # 指定MASTER優(yōu)先級(jí)洛二,要比BACKUP節(jié)點(diǎn)大
advert_int 1 # MASTER 發(fā)送VRRP包周期
authentication {
auth_type PASS
auth_pass kong # 局域網(wǎng)多個(gè)組keepalive的時(shí)候馋劈,最好修改一下,不同組晾嘶,密碼不一樣
}
track_script {
chk_nginx ## 執(zhí)行 Nginx 監(jiān)控的服務(wù)
}
virtual_ipaddress {
10.26.11.200 # 虛擬IP地址妓雾,需要同本機(jī)地址同網(wǎng)段
}
}
默認(rèn)配置為搶占模式,如果MASTER機(jī)器出現(xiàn)故障垒迂,又恢復(fù)后械姻,MASTER優(yōu)先級(jí) 比BACKUP大,會(huì)搶奪VIP地址綁定娇斑。如果不設(shè)置搶占模式需要將MASTER和BACKUP的節(jié)點(diǎn)的state屬性都設(shè)置為backup策添。然后在vrrp_instance節(jié)點(diǎn)增加nopreempt屬性。
4. 檢測(cè)kong網(wǎng)關(guān)腳本
#!/bin/bash
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
kong start
sleep 2
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
systemctl stop keepalived
fi
fi
5. 啟動(dòng)Keepalived
systemctl start keealived
6. 參考資料
https://www.keepalived.org/manpage.html
https://blog.csdn.net/mofiu/article/details/76644012
VIP設(shè)置為公網(wǎng)IP
