安装环境说明

• 两台服务器，系统centos7
• 服务器1 IP 192.168.2.191
• 服务器2 IP 192.168.2.192
• 软件版本，keepalived-1.3.5.tar.gz
• 密码：hmd7
• 服务器1 VIP 192.168.2.95
• 服务器2 VIP 192.168.2.96
• 本次配置，服务器1和服务器2互为主备

编译安装

# tar zxvf keepalived-1.3.5.tar.gz     #解压# cd keepalived-1.3.5/# ./configure# make && make install      #编译安装

配置文件

• 机器1配置

在/etc/keepalived/ 目录下创建keepalived.conf

# vim /etc/keepalived/keepalived.conf     #添加以下内容

! Configuration File for keepalivedglobal_defs {    notification_email {        root@localhost    }       notification_email_from www@example.com    smtp_server mail.example.com    smtp_connect_timeout 30    router_id LVS_DEVEL}vrrp_script chk_nginx {    script "/etc/keepalived/check_nginx.sh"     interval 2     weight -5      fall 3       rise 2 }vrrp_instance VI_1 {    state MASTER    interface eth0          #网卡接口名称    virtual_router_id 51    priority 101     advert_int 1    authentication {        auth_type PASS        auth_pass 1111    }       virtual_ipaddress {        192.168.2.95       #虚拟地址1    }       track_script {       chk_nginx    }}vrrp_instance VI_2 {    state BACKUP    interface eth0           #网卡接口名    virtual_router_id 52    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 1111    }    virtual_ipaddress {        192.168.2.96    #虚拟地址2    }    track_script {       chk_nginx    }}

• 服务器2配置

在/etc/keepalived/ 目录下创建keepalived.conf

vim /etc/keepalived/keepalived.conf     #添加以下内容

Configuration File for keepalivedglobal_defs {    notification_email {        root@localhost    }    notification_email_from www@example.com    smtp_server mail.example.com    smtp_connect_timeout 30    router_id LVS_DEVEL}vrrp_script chk_nginx {    script "/etc/keepalived/check_nginx.sh"    interval 2    weight -5    fall 3    rise 2}vrrp_instance VI_1 {    state BACKUP    interface eth0            #网卡名称    virtual_router_id 51    priority 100     advert_int 1    authentication {        auth_type PASS        auth_pass 1111    }       virtual_ipaddress {        192.168.2.95      #虚拟地址1    }       track_script {       chk_nginx    }}vrrp_instance VI_2 {    state MASTER    interface eth0         #网卡名称    virtual_router_id 52    priority 101    advert_int 1    authentication {        auth_type PASS        auth_pass 1111    }    virtual_ipaddress {        192.168.2.96      #虚拟地址2    }    track_script {       chk_nginx    }}

• nginx检查脚本

# vim /etc/keepalived/check_nginx.sh

#!/bin/bashcounter=$(ps -C nginx --no-heading|wc -l)if [ "${counter}" = "0" ]; then    /usr/local/nginx/sbin/nginx    sleep 2    counter=$(ps -C nginx --no-heading|wc -l)    if [ "${counter}" = "0" ]; then        service keepalived stop    fifi

# chmod +x check_nginx.sh

系统服务配置

# vim /lib/systemd/system/keepalived.service

[Unit]Description=LVS and VRRP High Availability MonitorAfter=syslog.target network.target[Service]Type=simplePIDFile=/usr/local/var/run/keepalived.pidKillMode=processEnvironmentFile=-/usr/local/etc/sysconfig/keepalivedExecStart=/usr/local/sbin/keepalived --dont-fork -DExecReload=/bin/kill -HUP $MAINPID[Install]WantedBy=multi-user.target

启动命令

# systemctl enable keepalived.service  # 设置开机自启动# systemctl start keepalived.service# systemctl stop keepalived.service

注意事项

防火墙启用状态下执行

# firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 \  --in-interface enp0s8 --destination 224.0.0.18 --protocol vrrp -j ACCEPT# firewall-cmd --direct --permanent --add-rule ipv4 filter OUTPUT 0 \  --out-interface enp0s8 --destination 224.0.0.18 --protocol vrrp -j ACCEPT# firewall-cmd --reload

修改成单播通信

服务器网络环境中，路由交换层禁用了ARP的广播限制，造成了keepalived主备协议无法通过广播的方式进行通信，造成主备两台服务器都强制占用HAVIP地址，出现同时两台服务器都有VIP地址的情况出现。必须通过配置来指定IP的两台服务器间进行通

需要修改配置文件

priority 100    unicast_src_ip  192.168.2.192    #本机实际IP    unicast_peer {             192.168.2.191         #对端实际IP    }

另一台服务器配置相似，只是互换IP地址

验证

服务启动后，可查看VIP是否绑定

# ip addr

显示结果