001-keepalived
2019-06-02 本文已影响0人
mo371
编译安装keepalived:
yum -y install openssl openssl-devel
mkdir /usr/local/soft
cd soft
wget https://www.keepalived.org/software/keepalived-1.2.12.tar.gz
tar zxvf keepalived-1.2.12.tar.gz
ln -s keepalived-1.2.12 keepalived
cd keepalived
./configure --sysconf=/etc
make
echo $?
make install
echo $?
cd /etc/keepalived/
cp keepalived.conf keepalived.conf.20190528
[root@node1 ~]# more /etc/keepalived/keepalived.conf
! Configuration File for keepalived
#全局配置
global_defs {
notification_email {
root@node1
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_SERVER #设备在组中的标识,可以一样也可以不一样
}
vrrp_script chk_nginx { #nginx健康检查
script "/etc/keepalived/nginx.sh" #检查脚本
interval 1 #检查频率.秒
weight -5 #priority减5
fall 2 #检测失败的最大次数,超过两次认为节点资源发生故障
rise 1 #请求一次成功认为节点恢复正常
vrrp_instance VI_1 { #VI_1,实例名,两台路由器相同
#state MASTER
state BACKUP #主/从状态
interface eth0 #监控网卡
virtual_router_id 72 #虚拟路由编号,主备要一致
priority 95 #优先级
advert_int 1 #心跳间隔
nopreempt #设置为不抢夺VIP,主备都需要设置
authentication { #密钥认证(1-8位)
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { #VIP
192.168.174.130/24 dev eth0 scope global label eth0:1
}
track_script { #引用脚本
chk_nginx
}
notify_master "/usr/bin/python /etc/keepalived/master.py" #
notify_backup "/usr/bin/python /etc/keepalived/backup.py"
}
[root@node2 ~]# more /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@host161
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_SERVER
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx.sh"
interval 1
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 72
priority 91
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.174.130/24 dev eth0 scope global label eth0:1
}
track_script {
chk_nginx
}
notify_master "/usr/bin/python /etc/keepalived/master.py"
notify_backup "/usr/bin/python /etc/keepalived/backup.py"
}
主备不一样的配置:
1、priority 优先级
2、state MASTER/BACKUP
权重设置简单的标准:
weight 的绝对值 要大于MASTER和BACKUP的priority值之差
nopreempt 设置为不抢夺VIP,主备配置都需要设置,主备状态设置成 BACKUP
#主备上都需要添加监控脚本
cat /etc/keepalived/nginx.sh
#!/bin/bash
#author:fansik
#description:check nginx service
run=`ps -C nginx --no-header | wc -l`
if [ $run -eq 0 ]
then
service nginx start
sleep 3
fi
发邮件脚本:主备的脚本就text上对应的master/back 不一样,其他相同
[root@node1 ~]# more /etc/keepalived/master.py
#/usr/bin/python
# -*- coding: UTF-8 -*-
import smtplib
import string
import socket
hostname = socket.gethostname()
ipadd = socket.gethostbyname(socket.getfqdn(socket.gethostname()))
import time
localtime = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
HOST = "smtp.163.com"
SUBJECT = "[警告] keepalived by (%s) "% ipadd
TO = "xxx@xxxxx.com.cn"
FROM = "15800xxxxx@163.com"
text = "时间:%s\nIP:%s\n主机名:%s\n事件:change to Master, VIP: 192.168.1.130" % (localtime, ipadd, hostname)
BODY = string.join((
"From: %s" %FROM,
"TO: %s" %TO,
"Subject: %s" %SUBJECT,
"",
text
),"\r\n")
server = smtplib.SMTP()
server.connect(HOST,"25")
server.login("15800xxxxxx@163.com","xxxxxx")
server.sendmail(FROM,[TO],BODY)
server.quit()
[root@node1 ~]# more /etc/keepalived/master.py
#/usr/bin/python
# -*- coding: UTF-8 -*-
import smtplib
import string
import socket
hostname = socket.gethostname()
ipadd = socket.gethostbyname(socket.getfqdn(socket.gethostname()))
import time
localtime = time.strftime("%Y-%m-%d %H:%M:%S", time.localtime())
HOST = "smtp.163.com"
SUBJECT = "[警告] keepalived by (%s) "% ipadd
TO = "xxx@xxxxx.com.cn"
FROM = "15800xxxxxx@163.com"
text = "时间:%s\nIP:%s\n主机名:%s\n事件:change to Master, VIP: 192.168.1.130" % (localtime, ipadd, hostname)
BODY = string.join((
"From: %s" %FROM,
"TO: %s" %TO,
"Subject: %s" %SUBJECT,
"",
text
),"\r\n")
server = smtplib.SMTP()
server.connect(HOST,"25")
server.login("15800xxxxxx@163.com","xxxxxx")
server.sendmail(FROM,[TO],BODY)
server.quit()
nginx进程不在,尝试重启nginx,重启后还是起不来,就直接杀掉keepalived,让备机接管
如果用这个脚本,配置keepalived就不需要配置执行失败次数和成功次数的参数
#!/bin/bash
while :
do
nginxpid=`ps -C nginx --no-header | wc -l`
if [ $nginxpid -eq 0 ];then
service nginx restart
sleep 5
nginxpid=`ps -C nginx --no-header | wc -l`
if [ $nginxpid -eq 0 ];then
service keepalived stop
fi
fi
sleep 5
done
