keepalived使用例子

1

简要说明

本文使用vagrant初始化2个centos系统，然后再安装nginxs使用keepalived实现高可用
本文假设读者已经安装号了virtualbox和vagrant

准备服务器

• 准备Vagrantfile

# -*- mode: ruby -*-
# vi: set ft=ruby :
Vagrant.configure("2") do |config|
  (1..2).each do |i|
       config.vm.define "node#{i}" do |node|
           # 设置虚拟机的Box
           node.vm.box = "centos/7"

           # 设置虚拟机的主机名
           node.vm.hostname="node#{i}"

           # 设置虚拟机的IP
           node.vm.network "private_network", ip: "192.168.1.#{10+i}"
           node.vm.provision "shell", inline: <<-SHELL
              # 创建root账户并设置密码
              echo "root:123456" | chpasswd
              # 允许root通过SSH登录
              sed -i 's/PermitRootLogin prohibit-password/PermitRootLogin yes/' /etc/ssh/sshd_config
              systemctl restart sshd
            SHELL

           # 设置主机与虚拟机的共享目录
          #  node.vm.synced_folder "~/VmProjects/Distributed/node#{i}/workspace", "/home/vagrant/workspace"

           # VirtaulBox相关配置
           node.vm.provider "virtualbox" do |v|
               # 设置虚拟机的名称
               v.name = "node#{i}"
               # 设置虚拟机的内存大小
               v.memory = 2048
               # 设置虚拟机的CPU个数
               v.cpus = 1
           end
       end
  end
end

• 启动服务器（两台执行）

# 启动虚拟机
vagrant up 
# 销毁虚拟机
# vagrant destroy

• 分别登录node1和node2安装nginx(这里以node1为例子)

vagrant ssh node1
su root

rpm -Uvh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
yum install -y nginx
yum install -y vim 
# 如需安装stream模块，则执行如下命令
# yum install nginx-mod-stream --skip-broken
# 启动nginx
nginx 

安装keepalived（两台执行）

# 1.安装依赖
yum install -y ipvsadm popt popt-devel libnl libnl-devel libnl3-devel libnfnetlink libnfnetlink-devel net-snmp-devel openssl openssl-devel gcc wget
yum install -y libnl3.x86_64 libnl3-devel.x86_64
# 2.下载包
cd ~
wget https://www.keepalived.org/software/keepalived-2.2.7.tar.gz --no-check-certificate
tar -zxvf keepalived-2.2.7.tar.gz -C /opt/ && cd /opt/keepalived-2.2.7 && ls
# 3.安装
./configure --prefix=/usr/local/keepalived
make && make install
ln -s /usr/local/keepalived/sbin/keepalived  /usr/bin/keepalived

# 4.检查安装
keepalived -v

mkdir -p /usr/local/keepalived/run
mkdir -p /etc/keepalived/

cat > /usr/lib/systemd/system/keepalived.service << "EOF"

[Unit]
Description=LVS and VRRP High Availability Monitor
After=network-online.target syslog.target
Wants=network-online.target

[Service]
Type=simple
PIDFile=/usr/local/keepalived/run/keepalived.pid
KillMode=process
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/bin/keepalived -f /etc/keepalived/keepalived.conf $KEEPALIVED_OPTIONS 
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target
EOF

systemctl daemon-reload

配置keepalived node1执行

echo "node1" > /usr/share/nginx/html/index.html

interface=eth1
state=MASTER
auth_pass=password112
priority=100

cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
   router_id 101
   script_user root
}
vrrp_script chk_nginx {
    script "/etc/keepalived/check_nginx.sh"     
    interval 2  # 检测间隔，可以根据需要调整
    weight 2
}

vrrp_instance VI_1 {
    state $state  # 在一个节点上使用 MASTER，在另一个节点上使用 BACKUP
    interface $interface  # 使用您的网络接口名称，通常是 eth1
    virtual_router_id 51  # 唯一的虚拟路由ID
    priority $priority  # 在MASTER节点上使用较高的优先级，BACKUP节点使用较低的优先级
    advert_int 1  # 广播间隔
    authentication {
        auth_type PASS
        auth_pass $auth_pass  # 将YOUR_PASSWORD替换为您的VRRP密码
    }
    virtual_ipaddress {
        192.168.1.13  # 用于Nginx高可用的虚拟IP地址
    }
    track_script {
        chk_nginx
    }
}

EOF


cat >  /etc/keepalived/check_nginx.sh << "EOF"
#!/bin/bash
NGINX_STATUS=$(curl -s -o /dev/null -w '%{http_code}' http://localhost:80)
echo "NGINX_STATUS:$NGINX_STATUS"
if [ "$NGINX_STATUS" != "200" ]; then
    echo "return is not 200:$(date)" >> ~/log.log
    exit 1
else
    echo "return is 200:$(date)" >> ~/log.log
    exit 0
fi
EOF


chmod +x /etc/keepalived/check_nginx.sh

systemctl start keepalived
systemctl enable keepalived

配置keepalived node2执行

echo "node2" > /usr/share/nginx/html/index.html

interface=eth1
state=BACKUP
auth_pass=password112
priority=100

cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
   router_id 101
   script_user root
}
vrrp_script chk_nginx {
    script "/etc/keepalived/check_nginx.sh"     
    interval 2  # 检测间隔，可以根据需要调整
    weight 2
}

vrrp_instance VI_1 {
    state $state  # 在一个节点上使用 MASTER，在另一个节点上使用 BACKUP
    interface $interface  # 使用您的网络接口名称，通常是 eth1
    virtual_router_id 51  # 唯一的虚拟路由ID
    priority $priority  # 在MASTER节点上使用较高的优先级，BACKUP节点使用较低的优先级
    advert_int 1  # 广播间隔
    authentication {
        auth_type PASS
        auth_pass $auth_pass  # 将YOUR_PASSWORD替换为您的VRRP密码
    }
    virtual_ipaddress {
        192.168.1.13  # 用于Nginx高可用的虚拟IP地址
    }
    track_script {
        chk_nginx
    }
}

EOF


cat >  /etc/keepalived/check_nginx.sh << "EOF"
#!/bin/bash
NGINX_STATUS=$(curl -s -o /dev/null -w '%{http_code}' http://localhost:80)
echo "NGINX_STATUS:$NGINX_STATUS"
if [ "$NGINX_STATUS" != "200" ]; then
    echo "return is not 200:$(date)" >> ~/log.log
    exit 1
else
    echo "return is 200:$(date)" >> ~/log.log
    exit 0
fi
EOF

chmod +x /etc/keepalived/check_nginx.sh

systemctl start keepalived
systemctl enable keepalived
tail  /var/log/messages

测试

ps -ef | grep keepa
ps -ef | grep nginx
# 1. 先关闭 nginx 和keepalived 
ps -ef | grep nginx |grep -v grep  | awk  '{print $2}' | xargs -r kill -9 
systemctl stop keepalived

# 2. node1上打开nginx 和keepalived 
nginx
systemctl start keepalived
# 3. node1上查看ip已经存在虚IP ,以及 curl 192.168.1.13 ,发现实际访问的是node1

# 4. node2上打开nginx 和keepalived 
nginx
systemctl start keepalived
tail  /var/log/messages   # 查看日志可以看到， (VI_1) Entering BACKUP STATE，该主机进入备份状态

# 5.node1上杀死nginx 
ps -ef | grep nginx |grep -v grep  | awk  '{print $2}' | xargs -r kill -9 


# 6. node1上 ip addr 查看当前vip 13已经发生漂移，curl 192.168.1.13 ，发现实际访问的是node2

# 7. node1上 ip addr 查看当前vip 13已经发生漂移， tail  /var/log/messages  发现打印日志如下
[root@node2 keepalived-2.2.7]# tail  /var/log/messages
Sep 24 13:38:46 node2 systemd: Started LVS and VRRP High Availability Monitor.
Sep 24 13:38:46 node2 Keepalived[30935]: Starting Keepalived v2.2.7 (01/16,2022)
Sep 24 13:38:46 node2 Keepalived[30935]: Running on Linux 3.10.0-1127.el7.x86_64 #1 SMP Tue Mar 31 23:36:51 UTC 2020 (built for Linux 3.10.0)
Sep 24 13:38:46 node2 Keepalived[30935]: Command line: '/usr/bin/keepalived' '-f' '/etc/keepalived/keepalived.conf'
Sep 24 13:38:46 node2 Keepalived[30935]: Configuration file /etc/keepalived/keepalived.conf
Sep 24 13:38:46 node2 Keepalived[30935]: daemon is already running
Sep 24 13:40:07 node2 Keepalived_vrrp[30415]: (VI_1) received lower priority (100) advert from 192.168.1.11 - discarding
Sep 24 13:40:08 node2 Keepalived_vrrp[30415]: (VI_1) received lower priority (100) advert from 192.168.1.11 - discarding
Sep 24 13:40:09 node2 Keepalived_vrrp[30415]: (VI_1) received lower priority (100) advert from 192.168.1.11 - discarding
Sep 24 13:40:10 node2 Keepalived_vrrp[30415]: (VI_1) Entering MASTER STATE

其他命令

#  关闭keepalived 和nginx 
ps -ef | grep nginx |grep -v grep  | awk  '{print $2}' | xargs -r kill -9 
systemctl stop keepalived
# 重启keepalived
systemctl restart keepalived

• 参考文件： https://www.cnblogs.com/huaxiayuyi/p/16796134.html