目录

  • 基础信息
  • 安装
  • 1. yum 安装
  • 2. 源码安装
  • 配置
  • HA配置
  • 主机配置
  • 副机配置(非主机)
  • 负载均衡配置(未验证)
  • 运行
  • 问题及维护
  • 1. 虚拟ip无法访问
  • 2. keepalived支持机器数量
  • 3. keepalived启动失败
  • 3.1 pid文件写入异常
  • 3.2 配置文件位置错误
  • 3.3 配置文件中网卡配置错误


基础信息

版本:v1.3.5
系统:CentOS 7.5

安装

1. yum 安装

yum install -y keepalived

安装结果

keepalived配置路径 keepalived1.3.5 配置_keepalived

2. 源码安装

下载地址

# 解压
tar xvf keepalived-1.3.5.tar.gz
# 配置
cd keepalived-1.3.5
./configure
# 编译安装
make && make install

编译安装时可以设置目录,如

./configure --prefix=/usr/local/keepalived

源码安装需要安装gcc、openssl等必备软件及依赖
安装gcc安装openssl 其他依赖也可以参照gcc和openssl的安装方式安装

配置

官方配置文件说明

在线安装时,配置文件默认位置:/etc/keepalived/keepalived.conf,(离线安装配置文件默认位置:/usr/local/etc/keepalived/keepalived.conf,注意⚠️服务默认读取配置文件位置为/etc/keepalived/keepalived.conf)此配置文件内容较全,建议将此文件备份下

当无法找到对应配置文件时,可以使用find 或者whereis命令查看下

keepalived配置路径 keepalived1.3.5 配置_双活_02


keepalived支持ha及负载,以下配置基于如下网络及服务配置

ip

子网掩码

网卡

服务端口

192.168.1.50

255.255.254.0

ens33

8080

192.168.1.51

255.255.254.0

ens33

8080

这里服务使用python完成测试使用python快速创建http服务

HA配置

配置文件中,主要有三类配置
global_defs: 全局配置
vrrp_instance: 冗余路由配置实例
virtual_server: 虚拟服务配置(配置负载等内容)

主机配置

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.55
    }
}

副机配置(非主机)

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.55
    }
}

主、副器配置应只在实例的状态配置不一致
建议: 具体配置信息建议查看官网 官方配置文件说明

负载均衡配置(未验证)

一般用F5、nginx做负载均衡的比较多
Keepalived的配置思路是从vip的端口起开始配置,官方参考如下

virtual_server 10.10.10.3 1358 {
    delay_loop 3
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.200.4 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.5 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

运行

安装完成后,会自动注册成系统服务

systemctl start keepalived   //启动keepalived
systemctl restart keepalived  //重新启动keepalived
systemctl status keepalived   //查看keepalived状态
systemctl enable keepalived  //加入开机启动keepalived
systemctl disable keepalived  //禁止开机启动keepalived

日志查看

tail -f /var/log/messages

启动后网络信息

keepalived配置路径 keepalived1.3.5 配置_负载均衡_03


inet 192.168.1.55/32 scope global ens33 即为虚拟ip

keepalived配置路径 keepalived1.3.5 配置_双活_04


⚠️注意 当出现错误信息

(VI_1): Cannot start in MASTER state if not address owner

keepalived配置路径 keepalived1.3.5 配置_keepalived_05


检查HA机器中有一台正常活着即是正常的

关闭192.168.1.51机器,重新访问

keepalived配置路径 keepalived1.3.5 配置_HA_06


192.168.1.50 自动设置ip,日志如下

keepalived配置路径 keepalived1.3.5 配置_双活_07

问题及维护

1. 虚拟ip无法访问

这个问题有以下可能导致此问题

a. 网络配置错误,虚拟ip其实也是实际存在的,只是动态的分配到机器上的,当网卡被添加虚拟ip信息后,网关、掩码等信息不正确,导致客户机无法路由到虚拟ip机器。所以建议在实施keepalived方案前建议先对网络进行划分。

b. 启用严格遵守VRRP协议(全局设置中包含:vrrp_strict),此设置不一定会导致无法使用keepalived,但如果对网络并不是十分熟悉,仍建议删除此项设置。

keepalived配置路径 keepalived1.3.5 配置_HA_08

2. keepalived支持机器数量

说实话,我也不知道,但是弄个三五几台问题不大,从生产稳定的角度,也不建议弄太多,毕竟切换也需要时间。

3. keepalived启动失败

错误信息:Job for keepalived.service failed because a configured resource limit was exceeded. See “systemctl status keepalived.service” and “journalctl -xe” for details.

查看错误信息得知:

keepalived配置路径 keepalived1.3.5 配置_keepalived配置路径_09

3.1 pid文件写入异常

修改keepalived.service

vi /lib/systemd/system/keepalived.service#修改PIDFile=/var/run/keepalived.pid # 重新load以下服务 systemctl daemon-reload

3.2 配置文件位置错误

Unable to find configuration file /etc/keepalived/keepalived.conf (glob returned 3)

keepalived配置路径 keepalived1.3.5 配置_keepalived_10


复制配置文件到目标目录( /etc/keepalived/keepalived.conf )

3.3 配置文件中网卡配置错误

Cant find interface ens33 for vrrp_instance VI_1 !!!

keepalived配置路径 keepalived1.3.5 配置_keepalived_11


修改配置文件中网卡

# 查看网卡信息
ip a

网卡信息:

keepalived配置路径 keepalived1.3.5 配置_keepalived配置路径_12


修改配置文件

keepalived配置路径 keepalived1.3.5 配置_keepalived配置路径_13


重启服务即可

其他类似错误,可借助日志逐个分析原因并修正