配置邮箱服务

  1. yum -y install postfix;systemctl enable --now postfix
  2. yum -y install mailx
  3. cat >> /etc/mail.rc <<eof
  4. set from=2298408548@qq.com
  5. set smtp=smtp.qq.com
  6. set smtp-auth-user=2298408548@qq.com
  7. set smtp-auth-password=yslsnzvgqqtadhee
  8. set smtp-auth=login
  9. eof
  10. echo "测试邮件" | mail -s "测试" 2298408548@qq.com

🔣实现VIP的漂移vrrp_instance

  1. yum install rsyslog -y; systemctl enable --now rsyslog
  2. yum -y install keepalived;systemctl enable --now keepalived
  3. vim /etc/keepalived/keepalived.conf 修改ka1的配置文件
  4. #########全局配置############
  5. global_defs {
  6. notification_email {
  7. 2298408548@qq.com
  8. }
  9. notification_email_from 2298408548@qq.com
  10. smtp_server 127.0.0.1
  11. smtp_connect_timeout 30
  12. router_id ka1 #修改此行
  13. vrrp_skip_check_adv_addr
  14. vrrp_strict
  15. vrrp_mcast_group4 224.8.8.8
  16. }
  17. #########配置虚拟路由VRRP############
  18. vrrp_instance VI_1 {
  19. state MASTER
  20. interface eth0
  21. virtual_router_id 88
  22. priority 100 #修改此行
  23. advert_int 1
  24. authentication {
  25. auth_type PASS
  26. auth_pass 1111
  27. }
  28. virtual_ipaddress {
  29. 10.0.0.10
  30. }
  31. }
  32. scp /etc/keepalived/keepalived.conf 10.0.0.28:/etc/keepalived/keepalived.conf 修改ka2的配置文件
  33. systemctl restart keepalived
  34. hostname -I 测试
  35. tcpdump -i eth0 -nn host 224.8.8.8

启用独立日志

  1. yum install rsyslog -y; systemctl enable --now rsyslog 未成功!
  2. vi /etc/rsyslog.conf
  3. local6.* /var/log/keepalived.log
  4. vi /etc/sysconfig/keepalived
  5. KEEPALIVED_OPTIONS="-D -S 6"
  6. systemctl restart keepalived rsyslog

实现独立子配置文件

mkdir /etc/keepalived/conf.d/

vim /etc/keepalived/keepalived.conf  (在全局配置下面)
include /etc/keepalived/conf.d/*.conf

vim /etc/keepalived/conf.d/cluster1.conf  (写入集群VRRP相关配置)

非抢占模式

① 关闭VIP抢占模式,主从节点的state都为BACKUP
② 在主节点vrrp_instance下添加 nopreempt     (非抢占模式)
  在主节点vrrp_instance下添加 preempt_delay (抢占延迟模式)

VIP单播配置

注意:启用 vrrp_strict 时,不能启用单播
#在所有节点vrrp_instance语句块中设置对方主机的IP,建议设置为专用于对应心跳线网络的地址,而非使用业务网络

vrrp_instance VI_1 {
......
 unicast_src_ip 10.0.0.18  #指定发送单播的源IP
 unicast_peer {
   10.0.0.28     #指定接收单播的对方目标主机IP
   ......
 }
......
}

通知脚本配置

当keepalived的状态变化时,可以自动触发脚本的执行,比如:发邮件通知用户
默认以用户 keepalived_script 身份执行脚本,如果此用户不存在,以root执行脚本
可以在全局配置global_defs 中指定 script_user root
通知脚本类型

  • 当前节点成为主节点时触发的脚本 notify_master
  • 当前节点转为备节点时触发的脚本 notify_backup
  • 当前节点转为“失败”状态时触发的脚本 notify_fault
  • 通用格式的通知触发机制,一个脚本可完成以上三种状态的转换时的通知 notify
  • 当停止VRRP时触发的脚本 notify_stop
    ```bash ① 创建通知脚本并配置邮箱 /etc/keepalived/notify.sh

    !/bin/bash

    mailadress=”2298408548@qq.com” notify() { mailsubject=”$(hostname) to be $1,VIP floating” mailbody=”$(date +’%F %T’) wrrp transition,$(hostname) changed to be $1” echo “$mailbody” |mail -s “$mailsubject” $mailadress } case $1 in master) notify master ;; backup) notify backup ;;

fault) notify fault ;; *) echo “Usage: $(basename $0)” {master|backup|fault} exit 1 ;; esac chmod +x notify.sh

② 在vrrp_instance调用脚本 notify_master “/etc/keepalived/notify.sh master” notify_backup “/etc/keepalived/notify.sh backup” notify_fault “/etc/keepalived/notify.sh fault”

<a name="Nbjao"></a>
### 🔣实现IPVS的高可用virtual_server
<a name="XFWb5"></a>
####   定义虚拟主机IP地址及其端口  
![image.png](https://cdn.nlark.com/yuque/0/2021/png/12467445/1638258310412-b9342a7e-3be2-4ff3-b8b7-a8088c0a6a0c.png#clientId=u481c5aef-fa61-4&crop=0&crop=0&crop=1&crop=1&from=paste&height=282&id=ub39b996a&margin=%5Bobject%20Object%5D&name=image.png&originHeight=563&originWidth=1238&originalType=binary&ratio=1&rotation=0&showTitle=false&size=84202&status=done&style=none&taskId=u514e50e6-c4ef-401b-90ac-6d1c7fe061b&title=&width=619)
```bash
① 后端服务器rs1,rs2
hostnamectl set-hostname rs
yum -y install httpd;systemctl enable --now httpd
echo `hostname`-`hostname -I` >/var/www/html/index.html
ifconfig lo:1 10.0.0.10/32
echo 1 >   /proc/sys/net/ipv4/conf/all/arp_ignore
echo 2 >   /proc/sys/net/ipv4/conf/all/arp_announce 
echo 1 >   /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 >   /proc/sys/net/ipv4/conf/lo/arp_announce


② 实现IPVS的高可用virtual_server(keepalived的lvs负载均衡功能)
yum -y install httpd;systemctl enable --now httpd
echo sorry,server maintance >/var/www/html/index.html

vi virtual_server.conf
virtual_server 10.0.0.10 80 {
  delay_loop 1
  lb_algo rr
  lb_kind DR
  protocol TCP
 sorry_server 127.0.0.1 80

 real_server 10.0.0.7 80 {
      weight 1
      HTTP_GET {
         url {
              path / 
              status_code 200
            }
         connect_timeout 1
         nb_get_retry 3
         delay_before_retry 1
        }
    }

  real_server 10.0.0.17 80 {
       weight 1
       TCP_CHECK {
         connect_timeout 5
         nb_get_retry 3
         delay_before_retry 3
         connect_port 80         
            }
    }
}
systemctl restart keepalived
while :; do curl 10.0.0.10 && sleep 1 ;done

基于防火墙为集群绑定多个服务

绑定多个服务(如http,https)为同一个集群服务,实现两个端口一起调度

#两个节点都执行以下操作
iptables -t mangle -A PREROUTING -d 10.0.0.10   -p tcp -m multiport --dports 80,443 -j MARK --set-mark 6

vim /etc/keepalived/keepalived.conf
virtual_server fwmark 6 {   #指定FWM为6 
 delay_loop 2
 lb_algo rr
 lb_kind DR
 sorry_server 127.0.0.1 80  #注意端口必须指定,官方文档有bug
 real_server 10.0.0.7 80  { #注意端口必须指定
 ...
  }
 real_server 10.0.0.17 80 { #注意端口必须指定
 ...
  }
}

🔣自定义资源监控脚本vrrp_script

通常此脚本用于监控指定应用的状态。一旦发现应用的状态异常,则触发对MASTER节点的权重减至低于SLAVE节点,从而实现 VIP 切换到 SLAVE 节点;
可被多个实例调用,定义在vrrp实例之外的独立配置块,一般放在global_defs设置块之后,是和global_defs平级的语句块
① 定义脚本vrrp_script(一定要放在include /etc/keepalived/conf.d/*.conf前面!否则无法调用)

vrrp_script check_down {
   script "[ ! -f /etc/keepalived/down ]" #/etc/keepalived/down存在时返回非0,触发权重-30
   interval 1
   weight -30
   fall 3
   rise 2
   timeout 2
}

② 调用脚本track_script

vrrp_instance VI_1 {
...
track_script {
       check_down           #调用前面定义的脚本
   }

1.keepalived+nginx

yum install -y nginx;systemctl enable --now nginx;systemctl is-active nginx
vim /etc/nginx/nginx.conf (http模块中)
    upstream websrvs {
      server 10.0.0.7:80 weight=1;
      server 10.0.0.17:80 weight=1;
    }
    server {
      listen 80;
      location /{
      proxy_pass http://websrvs/;
      }
    }
systemctl restart nginx

yum install -y keepalived;systemctl enable --now keepalived;systemctl is-active keepalived
vim /etc/keepalived/keepalived.conf
#########全局配置############
global_defs {
...
}
vrrp_script check_nginx {
   script "/usr/bin/killall -0 nginx"    #返回非0,触发权重-30(yum install -y psmisc)
   interval 1
   weight -30
   fall 3
   rise 2
   timeout 2
}
include /etc/keepalived/conf.d/*.conf   #一定要放在vrrp_script后面!否则不启用vrrp_script
#########配置虚拟路由VRRP############
vrrp_instance VI_1 {
...
track_script {
       check_nginx           #调用前面定义的脚本
   }

mkdir conf.d ;mv vrrp_instance.conf conf.d/
systemctl restart keepalived;systemctl is-active keepalived 
测试
while true ;do curl 10.0.0.10; sleep 1;done
systemctl stop nginx;systemctl is-active nginx

2.keepalived+mysql

3.keepalived+zabbix

4.keepalived+haproxy