keepalive 安装配置

1. 下载 keepalived-2.0.20.tar.gz

2. 编译安装

   • 安装相应的依赖

     yum install -y gcc openssl-devel popt-devel
     yum -y install libnl libnl-devel
     yum install -y libnfnetlink-devel
     

   • 解压：tar -zxf keepalived-2.0.20.tar.gz

   • 编译安装：

     cd keepalived-2.0.20
     ./configure --prefix=/usr/local/keepalived
     make && make install
     

   • 修改配置文件位置（keepalived的默认配置文件地址和我们安装的地址不一样）

     cp keepalived/etc/init.d/keepalived /etc/init.d/
     mkdir /etc/keepalived
     cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
     cp keepalived/etc/sysconfig/keepalived /etc/sysconfig/
     cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
     

   • 启动keepalive

     service keepalived start
     or
     systemctl start keepalived
     

3. 配置文件keepalived.conf

   ! Configuration File for keepalived
   global_defs {
           notificationd LVS_DEVEL
   }
   #预先定义一个脚本，方便后面调用，也可以定义多个，方便选择；
   vrrp_script chk_haproxy {
       script "/etc/keepalived/chkHaproxy.sh"  #具体脚本路径
       interval 2  #脚本循环运行间隔
   }
   #VRRP虚拟路由冗余协议配置
   vrrp_instance MYSQL_VIP {   #MYSQL_VIP 是自定义的名称；
       state BACKUP   #MASTER表示是一台主设备，BACKUP表示为备用设备(因为设置为开启不抢占，所以都设置为备用)
       nopreempt
       interface eth33   #指定VIP需要绑定的物理网卡
       virtual_router_id 55   #VRID虚拟路由标识，也叫做分组名称，该组内的设备需要相同
       priority 130   #定义这台设备的优先级 1-254；开启了不抢占，所以此处优先级必须高于另一台
       advert_int 1   #生存检测时的组播信息发送间隔，组内一致
       authentication {    #设置验证信息，组内一致
           auth_type PASS   #有PASS 和 AH 两种，常用 PASS
           auth_pass 123456    #密码
       }
       virtual_ipaddress {
           192.168.88.20    #指定VIP地址，组内一致，可以设置多个IP
       }
       track_script {    #使用在这个域中使用预先定义的脚本，上面定义的
           chk_haproxy
       }
   
       notify_backup "/etc/init.d/haproxy restart"   #表示当切换到backup状态时,要执行的脚本
       notify_fault "/etc/init.d/haproxy stop"     #故障时执行的脚本
   }
   

   • 创建脚本文件
     vim /etc/keepalived/chkHaproxy.sh 添加如下内容：

     #!/bin/bash
     if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
         /etc/init.d/keepalived stop
     fi
     

     添加可在执行权限: chmod +x /etc/keepalived/chkHaproxy.sh

   • 重启keepalived service keepalived restart

4. 开机自启

       chkconfig --add keepalived #开机自启
       chkconfig keepalived on
       or
       systemctl enable keepalived 
   

5. 主备机同时绑定vip的解决方法
   vim /etc/sysconfig/selinux

   #SELINUX=enforcing                      #注释掉
   #SELINUXTYPE=targeted                   #注释掉
   SELINUX=disabled                        #增加
   

   setenforce 0

   查看报文检测组播通信 sudo tcpdump -i ens33 vrrp -n

   # 防火墙开启keepalived vrrp组播通信地址
   firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface eth33 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
   firewall-cmd --reload