
版本:v1.3.5 系统:CentOS 7.5
yum install -y keepalived安装结果

下载地址
# 解压
tar xvf keepalived-1.3.5.tar.gz
# 配置
cd keepalived-1.3.5
./configure
# 编译安装
make && make install编译安装时可以设置目录,如
./configure --prefix=/usr/local/keepalived源码安装需要安装gcc、openssl等必备软件及依赖 安装gcc 安装openssl 其他依赖也可以参照gcc和openssl的安装方式安装
官方配置文件说明
在线安装时,配置文件默认位置:/etc/keepalived/keepalived.conf,(离线安装配置文件默认位置:/usr/local/etc/keepalived/keepalived.conf,注意⚠️服务默认读取配置文件位置为/etc/keepalived/keepalived.conf)此配置文件内容较全,建议将此文件备份下 当无法找到对应配置文件时,可以使用find 或者whereis命令查看下

keepalived支持ha及负载,以下配置基于如下网络及服务配置
ip | 子网掩码 | 网卡 | 服务端口 |
|---|---|---|---|
192.168.1.50 | 255.255.254.0 | ens33 | 8080 |
192.168.1.51 | 255.255.254.0 | ens33 | 8080 |
这里服务使用python完成测试使用python快速创建http服务
配置文件中,主要有三类配置 global_defs: 全局配置 vrrp_instance: 冗余路由配置实例 virtual_server: 虚拟服务配置(配置负载等内容)
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.55
}
}! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.55
}
}主、副器配置应只在实例的状态配置不一致 建议: 具体配置信息建议查看官网 官方配置文件说明
一般用F5、nginx做负载均衡的比较多 Keepalived的配置思路是从vip的端口起开始配置,官方参考如下
virtual_server 10.10.10.3 1358 {
delay_loop 3
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.200.4 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.200.5 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}安装完成后,会自动注册成系统服务
systemctl start keepalived //启动keepalived
systemctl restart keepalived //重新启动keepalived
systemctl status keepalived //查看keepalived状态
systemctl enable keepalived //加入开机启动keepalived
systemctl disable keepalived //禁止开机启动keepalived日志查看
tail -f /var/log/messages启动后网络信息

inet 192.168.1.55/32 scope global ens33 即为虚拟ip

⚠️注意 当出现错误信息 (VI_1): Cannot start in MASTER state if not address owner

检查HA机器中有一台正常活着即是正常的 关闭192.168.1.51机器,重新访问

192.168.1.50 自动设置ip,日志如下

这个问题有以下可能导致此问题 a. 网络配置错误,虚拟ip其实也是实际存在的,只是动态的分配到机器上的,当网卡被添加虚拟ip信息后,网关、掩码等信息不正确,导致客户机无法路由到虚拟ip机器。所以建议在实施keepalived方案前建议先对网络进行划分。 b. 启用严格遵守VRRP协议(全局设置中包含:vrrp_strict),此设置不一定会导致无法使用keepalived,但如果对网络并不是十分熟悉,仍建议删除此项设置。

说实话,我也不知道,但是弄个三五几台问题不大,从生产稳定的角度,也不建议弄太多,毕竟切换也需要时间。
错误信息:Job for keepalived.service failed because a configured resource limit was exceeded. See “systemctl status keepalived.service” and “journalctl -xe” for details. 查看错误信息得知:

修改keepalived.service
vi /lib/systemd/system/keepalived.service
#修改PIDFile=/var/run/keepalived.pid
# 重新load以下服务
systemctl daemon-reloadUnable to find configuration file /etc/keepalived/keepalived.conf (glob returned 3)

复制配置文件到目标目录( /etc/keepalived/keepalived.conf )
Cant find interface ens33 for vrrp_instance VI_1 !!!

修改配置文件中网卡
# 查看网卡信息
ip a网卡信息:

修改配置文件

重启服务即可 其他类似错误,可借助日志逐个分析原因并修正