keepalived编译安装配置自启动

centos 安装keepalived-1.3.5并配置nginx Keepalived是一个免费开源的，用C编写的类似于layer3, 4 & 7交换机制软件，具备我们平时说的第3层、第4层和第7层交换机的功能。

主要提供loadbalancing（负载均衡）和high-availability（高可用）功能，负载均衡实现需要依赖Linux的虚拟服务内核模块（ipvs），而高可用是通过VRRP协议实现多台机器之间的故障转移服务。

官网源码包下载地址（2017-07-31 Keepalived最新版keepalived-1.3.5.tar.gz）：/download.html1.# service keepalived start错误如下Job for keepalived.service failed because a configured resource limit was exceeded. See "systemctl status keepalived.service" and "journalctl -xe" for details. Job for keepalived.service failed because a configured resource limit was exceeded. See "systemctl status keepalived.service" and "journalctl -xe" fordetails.查看错误1.# systemctl status keepalived.service我们可以看到日志，是写日志出了问题1.[root@zk-02 sbin]# systemctl status keepalived.service2.● keepalived.service - LVS and VRRP High Availability Monitor3. Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; vendor preset: disabled)4. Active: failed (Result: resources) since Fri 2017-08-04 15:32:31 CST; 4min 59s ago5. Process: 16764 ExecStart=/usr/local/program/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)6.7.Aug 04 15:32:25 zk-02 Keepalived_healthcheckers[16768]: Activating healthchecker for service [10.10.10.2]:13588.Aug 04 15:32:25 zk-02 Keepalived_healthcheckers[16768]: Activating healthchecker for service [10.10.10.3]:13589.Aug 04 15:32:25 zk-02 Keepalived_healthcheckers[16768]: Activating healthchecker for service [10.10.10.3]:135810.Aug 04 15:32:25 zk-02 Keepalived_vrrp[16769]: (VI_1): No VIP specified; at least one is required11.Aug 04 15:32:26 zk-02 Keepalived[16766]: Keepalived_vrrp exited with permanent error CONFIG. Terminating12.Aug 04 15:32:26 zk-02 Keepalived[16766]: Stopping13.Aug 04 15:32:31 zk-02 systemd[1]: keepalived.service never wrote its PID file. Failing. ##写日志出了问题14.Aug 04 15:32:31 zk-02 systemd[1]: Failed to start LVS and VRRP High Availability Monitor.15.Aug 04 15:32:31 zk-02 systemd[1]: Unit keepalived.service entered failed state.16.Aug 04 15:32:31 zk-02 systemd[1]: keepalived.service failed.17.[root@zk-02 sbin]# vi /var/run/keepalived.pid18.[root@zk-02 sbin]# vim /lib/systemd/system/keepalived.service19.[root@zk-02 sbin]# vim /lib/systemd/system/keepalived.service查看keepalived.service[html]view plain copy1.# vi /lib/systemd/system/keepalived.service内容如下[html]view plain copy1.[Unit]2.Description=LVS and VRRP High Availability Monitor3.After=syslog.target network-online.target4.5.[Service]6.Type=forking7.PIDFile=/usr/local/program/keepalived/var/run/keepalived.pid ##发现这个目录不存在，无法写入keepalived.pid8.KillMode=process9.EnvironmentFile=-/usr/local/program/keepalived/etc/sysconfig/keepalived10.ExecStart=/usr/local/program/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS11.ExecReload=/bin/kill -HUP $MAINPID12.13.[Install]14.WantedBy=multi-user.target问题见[html]view plain copy1.PIDFile=/usr/local/program/keepalived/var/run/keepalived.pid ##发现这个目录不存在，无法写入keepalived.pid修改成[html]view plain copy1.PIDFile=/var/run/keepalived.pid运行命令[html]view plain copy1.# systemctl daemon-reload #重新载入 systemd，扫描新的或有变动的单元在运行就Ok了[html]view plain copy1.service keepalived start2.Starting keepalived (via systemctl): [ OK ]。

HAPROXY+KEEPALIVED安装手册1安装包准备1.1 操作系统操作系统版本 REDFLAG DC5 SP4 32位1.2 HAPROXYHaproxy-1.4.181.3 KEEPALIVEDKeepalived-1.1.172操作系统安装略3HAPROXY安装3.1 安装#tar -zxvf haproxy-1.4.18.tar.gz#cd haproxy-1.4.18#make TARGET=linux26 PREFIX=/usr/local/haproxy#make install PREFIX=/usr/local/haproxy3.2 配置新建haproxy.cfg文件#vi /usr/local/haproxy/haproxy.cfg――――――――――――――――――――――――――――――globallog 127.0.0.1 local0maxconn 55555 #最大连接数chroot /usr/local/haproxy #安装目录uid 513 #用户haproxygid 513 #组haproxydaemon #守护进程运行nbproc 1 #进程数量pidfile /usr/local/haproxy/haproxy.pid #haproxy piddefaultslog globalmode http #7层http;4层tcpoption httplog #http 日志格式option httpclose #主动关闭http通道option redispatch #serverId对应的服务器挂掉后,强制定向到其他健康的服务器option dontlognullmaxconn 2000 #最大连接数contimeout 5000 #连接超时(毫秒)clitimeout 50000 #客户端超时(毫秒)srvtimeout 50000 #服务器超时(毫秒)#运输ETMS3.0应用frontend vs_SaaS #定义前端服务器(haproxy)bind 192.170.0.239:7001 #监听地址log globaldefault_backend pool_SaaS #指定后端服务器群#errorfile 502 /usr/local/haproxy/html/maintain.html#errorfile 503 /usr/local/haproxy/html/maintain.html#errorfile 504 /usr/local/haproxy/html/maintain.htmlbackend pool_SaaS #定义后端服务器群(web server/apache/nginx/iis..) mode httplog global#option forwardfor #后端服务器(apache/nginx/iis/*),从Http Header中获得客户端IP #balance roundrobin #负载均衡的方式,轮询方式balance leastconn #负载均衡的方式,最小连接cookie SESSION_COOKIE insert indirect nocache #插入serverid到cookie中,serverid 后面可以定义#option httpchk HEAD /check.html #用来做健康检查html文档server app155 192.170.0.155:7001 cookie server1 check rise 3 fall 3 weight 3server app156 192.170.0.156:7001 cookie server2 check rise 3 fall 3 weight 3server app160 192.170.0.160:7001 cookie server3 check rise 2 fall 3 weight 3#运输力展应用frontend vs_LiZhan #定义前端服务器(haproxy)bind 192.170.0.238:7002 #监听地址log globaldefault_backend pool_LiZhan #指定后端服务器群#errorfile 502 /usr/local/haproxy/html/maintain.html#errorfile 503 /usr/local/haproxy/html/maintain.html#errorfile 504 /usr/local/haproxy/html/maintain.htmlbackend pool_LiZhan #定义后端服务器群(web server/apache/nginx/iis..) mode httplog global#option forwardfor #后端服务器(apache/nginx/iis/*),从Http Header中获得客户端IP#balance roundrobin #负载均衡的方式,轮询方式balance leastconn #负载均衡的方式,最小连接cookie SESSION_COOKIE insert indirect nocache #插入serverid到cookie中,serverid 后面可以定义#option httpchk HEAD /check.html #用来做健康检查html文档server app143 192.170.0.143:7001 cookie server1 check rise 3 fall 3 weight 3server app144 192.170.0.144:7001 cookie server2 check rise 3 fall 3 weight 3server app146 192.170.0.146:7001 cookie server3 check rise 2 fall 3 weight 3server app147 192.170.0.147:7001 cookie server3 check rise 2 fall 3 weight 3#服务器定义:#cookie server1表示serverid为server1;#check inter 2000 是检测心跳频率(check 默认);#rise 3 表示3次正确认为服务器可用;#fall 3 表示3次失败认为服务器不可用;#weight 表示权重。

使用KeepAlived实现服务进程HA的安装配置使用HA方案的背景对于可以实现集群的服务，我们可以将同一功能的多个实例部署在不同的机器上，避免设备单点故障。

但是，有些系统级别的进程，却不允许运行多实例，例如一个普通的统计服务，这个服务的功能是主动轮询规则后进行统计。

在这种情况下，如果不进行规则适配改造，运行多个统计服务实例，那么，每个实例都将统计一遍数据，暂且不考虑对服务器的消耗，多个实例将产生多份数据，造成统计结果错误。

特别的，对于很多已经存在的服务进程，都无法实现多实例部署。

在这种情况下，这种服务只能是单进程的，如果这台机器由于硬件故障的话，服务将中断。

因此，有必要研究另外一种方案，实现服务进程的异地备份，在服务机器出现故障时，能够最快速的在另外一台备份机器上运行起来。

这种方案就属于冷备方案，也叫HA方案。

对于冷备方案，将不可避免的中断服务，但是，中断服务的时间长短是整个方案的关键，使用KeepAlived，配合增加进程的守护，将极大的缩短故障恢复时间。

故障的时长基本上等于服务进程的启动时长。

HA方案流程1.在主机和备机上安装好KeepAlived软件，服务对外使用虚拟IP。

2.在主机和备机上安装好能正常使用的程序。

3.在主机和备机上安装好进程监控程序，在主备机切换时，监控程序将服务启动起来。

4.实现主机和备机的程序同步功能，防止日常维护造成两边程序文件的不一致。

在本方案中，KeepAlived只提供主机的虚拟IP自动映射功能，不提供任何业务逻辑。

所有的业务逻辑都是通过自己编写的进程监控程序来实现，也就是说，监控程序一直在运行中，当发现虚拟IP切换后，将相关的服务进行启动或停止操作。

KeepAlived的安装配置KeepAlived的安装、启动、停止都是在root用户下，因此，本章节的所有操作都是在root用户下操作。

另外，本安装包都是针对linux x64机器，如果是其他操作系统，原理相同，但安装包要自行解决。

keepalived安装流程CentOS6.5和CentOS7配置keepalived1.检查依赖包rpm -qa | grep opensslrpm -qa | grep poptrpm -qa | grep kernel如果没有需要用yum进行安装2. 安装keepalived软件包提示:安装前请确认路径–whit-kernel-dir=/usr/src/kernels/3.10.0-327.el7.x86_64或/usr/src/kernels/2.6.32-431.el6.x86_64如果没有此路径，请看下面的补充安装说明:法一：ln -s /usr/src/kernels/3.10.0-327.el7.x86_64 /usr/src/linux (CentOS7不需要这个连接)ln -s /usr/src/kernels/2.6.32-431.el6.x86_64 /usr/src/linux 做连接只是为了配合LVS如果只是切换，不需要做这个。

提示：安装时有可能会没有/usr/src/kernels/3.10.0-327.el7.x86_64,这是因为缺少kernel-devel-3.10.0-327.el7.el5软件包，此时需要提前通过yum install kernel-devel命令安装tar zxf keepalived-1.2.20.tar.gzcd keepalived-1.2.20./configuremakemake install错误1：一般6.4有这个错误checking for openssl/ssl.h ..noconfigure:error:OpemSSL is not properly installed on your system。

Can not include OpenSSL headers files.yum install openssl* -y错误2：checking for popGetContext in –lpopt …noconfigure:error:Popt libraries is rerequiredCentOS6.5安装效果图：CentOS7下面是keepalived configure低版本的正确结果：Keepalived versionKeepalived version:版本号Compiler :gccCompiler flags :-g –02Extra Lib : -lpopot –lssl –lcryptoUse IPVS Framwork :YES #LVS功能IPVS sync daemon support :YES #LVS功能Use VRRP Framework:YES #VRRP功能Use LineWatch :noUse Debug flags :no编译参数说明：./configure –help--with-kernel-dir 这是个很重要的参数，但这个参数不是要把keepalived 编译进内核，而是指定使用内核源码里面的头文件，就是include目录，如果使用LVS时才需要用到此参数，否则不需要。

keepalived的配置解析安装与爬坑⽬录：⼀. 前情提要⼆. 官⽅配置说明三. 案例解析四. 其他配置⽅式收集五. 爬坑附1: 安装keepalived------------------------⼀. 前情提要以下试验以及说明是经过试验确定了的，准确！！另外，如果想知道每个参数的真正含义，建议看官⽹解决的问题：1，当⼀个节点(Linux设备)挂了，2个VIP都浮动到⼀个节点上2，当这个节点(Linux设备)好了，由于业务有⼀定的延时，所以还不想浮动IP⽴马漂移回来3，如果⼀个节点的业务(设备上运⾏的业务进程)完蛋了，需要⾃⼰主动交出VIP4，等⾃⼰节点的业务(设备上运⾏的业务进程)⼜好了，那么不能⽴马夺权，⽽是有⼀个过渡再夺权⼆. 官⽅配置说明概述：keepalived的具体实现原理这⾥就不做阐述，但是从其配置⽂件的⾓度⼤致将其⼯作模块分成两部分: 全局部分，和VRRP实例部分。

全局部分，顾名思义就是整体相关的配置；VRRP实例部分：⾸先，keepalived通过创建⼀个个VRRP实例来实现浮动IP的管理，⼀个VRRP实例可以看做是⼀个连接实例(使⽤VRRP协议)；⼀个实例对应⼀个VIP，⼀台设备可以配置多个VRRP实例即参与多个VIP的抢占；然后，具有相同VRRP实例配置的⼀对设备，会因为实例匹配⽽成功配对；最后，通过协商得到谁是master谁是slave，以及谁来占有VIP。

1. 全局配置部分1. 预定义⼀个脚本以及脚本管理⽅式，之后⽤于VRRP实例引⽤vrrp_script <SCRIPT_NAME> {# 脚本的路径，或者直接就是脚本本⾝script <STRING>|<QUOTED-STRING># 间隔多长时间执⾏⼀次脚本interval <INTEGER>#脚本执⾏如果没有正确返回，则这段时间后就算超时，然后算作是failed了timeout <INTEGER># adjust priority by this weight, (default: 0).For description of reverse, see track_script.# 'weight 0 reverse' will cause the vrrp instance to be down when the script is up, and vice versa.weight <INTEGER:-253..253> [reverse]# required number of successes for OK transitionrise <INTEGER># required number of successes for KO transitionfall <INTEGER># 以哪个⽤户⾝份去执⾏脚本的⼈是谁user USERNAME [GROUPNAME]# 假设初始时脚本是执⾏失败的init_fail}2. VRRP实例部分# Ignore VRRP interface faults (default unset)dont_track_primary #表⽰的含义是，⼀旦接⼝有问题，则忽略之，否则keepalived的代码中对链路有做检查，发现链路down则进⼊fault状态，于是将放弃所有浮动ip# optional, monitor these as well. go to FAULT state if any of these go down if unweighted.# When a weight is specified in track_interface, instead of setting the vrrp instance to the FAULT state in case of failure, its priority will be# increased by the weight when the interface is up (for positive weights), or decreased by the weight's absolute value when the interface is down# (for negative weights), unless reverse is specified, in which case the direction of adjustment of the priority is reversed.# The weight must be comprised between -253 and +253 inclusive.0is the default behaviour which means that a failure implies a# FAULT state. The common practice is to use positive weights to count a limited number of good services so that the server with the highest count# becomes master. Negative weights are better to count unexpected failures among a high number of interfaces, as it will not saturate even with high# number of interfaces. Use reverse to increase priority if an interfaces is downtrack_interface {eth0eth1eth2 weight <-253..253> [reverse]...}# 1 to 255 used to differentiate multiple instances of vrrpd running on the same NIC (and hence same socket).virtual_router_id 51 #⽤来区分多VRRP实例?, 是指为⼀台设备配置多个实例，还是⼀个局域⽹中的多个实例? 貌似是后者，待确认preempt_delay 300 #表⽰的含义是，我当前是backup⾝份，但是我发现对⽅的master不如我，即优先级⽐我低，那么我不会⽴马去抢占，⽽是等五分钟后再去抢占关于weight,rise,fall的综合⽤法A positive weight means that <rise> successes will add <weight> to the priority of all VRRP instances which monitor it.On the opposite, a negative weight will be subtracted from the initial priority in case of <fall> failures解析：rise和正数的weight结合使⽤，如果rise次脚本执⾏都是成功的(返回0)，则增加weight数量的优先级fall和负数的weight结合使⽤，如果是fall次脚本执⾏都是失败的(返回1)，则减少|weight|数量的优先级其余的组合⽅式不起任何作⽤，即不会影响优先级的增减三. 案例解析节点1:简介：我是backup⾝份，但因为我的优先级⾼，所以是实际的掌权者，当我发现我节点上的业务已经挂了那么我就降低我的级别，让真正的master去掌权直到我的级别⼜上来了，我也不会⽴马夺权，⽽是等待⼀段时间后再夺权vrrp_script chkBackup {##检查进程是否存在，如果存在检查联通性，如果联通了。

如何利⽤shell开发keepalived启动脚本keepalived是什么？Keepalived软件起初是专为LVS负载均衡软件设计的，⽤来管理并监控LVS集群系统中各个服务节点的状态，后来⼜加⼊了可以实现⾼可⽤的VRRP功能。

因此，Keepalived除了能够管理LVS软件外，还可以作为其他服务（例如：Nginx、Haproxy、MySQL等）的⾼可⽤解决⽅案软件。

Keepalived软件主要是通过VRRP协议实现⾼可⽤功能的。

VRRP是Virtual Router RedundancyProtocol(虚拟路由器冗余协议）的缩写，VRRP出现的⽬的就是为了解决静态路由单点故障问题的，它能够保证当个别节点宕机时，整个⽹络可以不间断地运⾏。

所以，Keepalived ⼀⽅⾯具有配置管理LVS的功能，同时还具有对LVS下⾯节点进⾏健康检查的功能，另⼀⽅⾯也可实现系统⽹络服务的⾼可⽤功能。

1.1 keepalived的相关的⽂件keepalived的执⾏命令：/data/apps/keepalived/sbin/keepalivedkeepalived的配置⽂件：/data/apps/keepalived/etc/keepalived/keepalived.confkeepalived的Pid⽂件：/data/apps/keepalived/run/keepalived.pid1.2 keepalived的启停⽌⽅式注意：不要去修改/data/apps/keepalived/etc/sysconfig/keepalived⽂件启动⽅式：keepalived -f 配置⽂件(绝对路径) -p PID⽂件(绝对路径)关闭⽅式：kill $( cat PID⽂件(绝对路径) )1.3 脚本内容注意：该脚本只能Linux的超级⽤户root才能启动,因为脚本中有进⾏限制#!/bin/bash## Define variablesRETVAL=0Conf="/data/apps/keepalived/etc/keepalived/keepalived.conf"Exce="/data/apps/keepalived/sbin/keepalived"Pid="/data/apps/keepalived/run/keepalived.pid"# Determine the user to executeif [ "$UID" -ne "$RETVAL" ];thenecho "Must be root to run scripts"exit 1fi# Load local functions library[ -f /etc/init.d/functions ] && source /etc/init.d/functions# Define functionsstart(){if [ ! -f "$Pid" ];then$Exce -f $Conf -p $Pid >/dev/null 2>&1RETVAL=$?if [ $RETVAL -eq 0 ];thenaction "Start keepalived service" /bin/trueelseaction "Start keepalived service" /bin/falsefielseecho "keepalived service is running"fireturn $RETVAL}stop(){if [ -f "$Pid" ];thenkill $(cat $Pid) >/dev/null 2>&1RETVAL=$?if [ $RETVAL -eq 0 ];thenaction "Stop keepalived service" /bin/trueelseaction "Stop keepalived service" /bin/falsefielseecho "keepalived service is not running"fireturn $RETVAL}status(){if [ -f "$Pid" ];thenecho "keepalived service is running"elseecho "keepalived service is not running"fireturn $RETVAL}# case local functionscase "$1" instart)startRETVAL=$?;;stop)stopRETVAL=$?;;status)statusRETVAL=$?;;restart)stopsleep 2startRETVAL=$?;;*)echo "USAGE:$0{status|start|stop|restart}"exit 1esac# Scripts return valuesexit $RETVAL总结到此这篇关于使⽤shell开发keepalived启动脚本的⽂章就介绍到这了,更多相关shell keepalived启动脚本内容请搜索以前的⽂章或继续浏览下⾯的相关⽂章希望⼤家以后多多⽀持！。

keepalived安装文档1.安装环境su - rootyum -y install kernel-devel*yum -y install openssl-*yum -y install popt-develyum -y install lrzszyum -y install openssh-clientsyum -y install libnl libnl-devel popt2.安装keepalived2.1.上传keepalived安装文件1、cd /usr/local/src/2、mkdir keepalived3、cd keepalived/4、wget /software/keepalived-1.2.15.tar.gz或者rz 上传2.2.解压1、tar -xvf keepalived-1.2.15.tar.gz2、cd keepalived-1.2.152.3.安装keepalived1、cd keepalived2、执行配置命令./configure3、编译make4、安装make install5、拷贝执行文件cp /usr/local/sbin/keepalived /usr/sbin/6、将init.d文件拷贝到etc下,加入开机启动项cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/keepalived 7、将keepalived文件拷贝到etc下，加入网卡配置cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/8、创建keepalived文件夹mkdir -p /etc/keepalived9、将keepalived配置文件拷贝到etc下cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf 10、添加可执行权限chmod +x /etc/init.d/keepalived2.4.加入开机启动：chkconfig --add keepalivedchkconfig keepalived on3.配置日志文件1.将keepalived日志输出到local0：vi /etc/sysconfig/keepalivedKEEPALIVED_OPTIONS="-D -d -S 0"2.在/etc/rsyslog.conf里添加:local0.* /var/log/keepalived.log3.重新启动keepalived和rsyslog服务：service rsyslog restartservice keepalived restart4.打开防火墙的通讯地址iptables -A INPUT -d 224.0.0.18 -j ACCEPT/etc/rc.d/init.d/iptables save。

Keepalived原理及配置详解-选项参数详细接着上篇，既然做了mysql+keepalived就需要对这些有个了解，以至于有了知道可以从哪里着手及相关配置；本篇是在网易博客上看到的一篇，就记录并且copy了，请大家尊重原创作者，珍惜汗水劳动者；原url /blog/static/1007689 14201191762253640/keepalived的核心vrrp相关知识:/5675165/1179600什么是Keepalived呢，keepalived观其名可知，保持存活，在网络里面就是保持在线了，也就是所谓的高可用或热备，用来防止单点故障(单点故障是指一旦某一点出现故障就会导致整个系统架构的不可用)的发生，那说到keepalived时不得不说的一个协议就是VRRP协议，可以说这个协议就是keepalived实现的基础，那么首先我们来看看VRRP协议一，VRRP协议二，Keepalived原理Keepalived原理keepalived也是模块化设计，不同模块复杂不同的功能，下面是keepalived的组件core check vrrp libipfwc libipvs-2.4 libipvs-2.6core：是keepalived的核心，复杂主进程的启动和维护，全局配置文件的加载解析等check：负责healthchecker(健康检查)，包括了各种健康检查方式，以及对应的配置的解析包括LVS的配置解析vrrp：VRRPD子进程，VRRPD子进程就是来实现VRRP协议的libipfwc：iptables(ipchains)库，配置LVS会用到libipvs*：配置LVS会用到注意，keepalived和LVS完全是两码事，只不过他们各负其责相互配合而已keepalived启动后会有三个进程父进程：内存管理，子进程管理等等子进程：VRRP子进程子进程：healthchecker子进程有图可知，两个子进程都被系统WatchDog看管，两个子进程各自复杂自己的事，healthchecker子进程复杂检查各自服务器的健康程度，例如HTTP，LVS等等，如果healthchecker子进程检查到MASTER上服务不可用了，就会通知本机上的兄弟VRRP子进程，让他删除通告，并且去掉虚拟IP，转换为BACKUP状态三，Keepalived配置文件详解keepalived配置详解keepalived有三类配置区域(姑且就叫区域吧)，注意不是三种配置文件，是一个配置文件里面三种不同类别的配置区域全局配置(Global Configuration)VRRPD配置LVS配置一，全局配置全局配置又包括两个子配置：全局定义(global definition)静态路由配置(static ipaddress/routes)1，全局定义(global definition)配置范例全局配置解析global_defs全局配置标识，表面这个区域{}是全局配置表示keepalived在发生诸如切换操作时需要发送email通知，以及email发送给哪些邮件地址，邮件地址可以多个，每行一个****************************************表示发送通知邮件时邮件源地址是谁smtp_server 127.0.0.1表示发送email时使用的smtp服务器地址，这里可以用本地的sendmail来实现mtp_connect_timeout 30连接smtp连接超时时间router_id node1机器标识2，静态地址和路由配置范例这里实际上和系统里面命令配置IP地址和路由一样例如：192.168.1.1/24 brd + dev eth0 scope global 相当于: ip addr add 192.168.1.1/24 brd + dev eth0 scope global就是给eth0配置IP地址路由同理一般这个区域不需要配置这里实际上就是给服务器配置真实的IP地址和路由的，在复杂的环境下可能需要配置，一般不会用这个来配置，我们可以直接用vi /etc/sysconfig/network-script/ifcfg-eth1来配置，切记这里可不是VIP哦，不要搞混淆了，切记切记！二，VRRPD配置VRRPD配置包括三个类VRRP同步组(synchroization group)VRRP实例(VRRP Instance)VRRP脚本1，VRRP同步组(synchroization group)配置范例http和mysql是实例名和下面的实例名一致notify /path/to/notify.sh：smtp alter表示切换时给global defs中定义的邮件地址发送邮件通知2，VRRP实例(instance)配置范例state：state 指定instance(Initial)的初始状态，就是说在配置好后，这台服务器的初始状态就是这里指定的，但这里指定的不算，还是得要通过竞选通过优先级来确定，里如果这里设置为master，但如若他的优先级不及另外一台，那么这台在发送通告时，会发送自己的优先级，另外一台发现优先级不如自己的高，那么他会就回抢占为masterinterface：实例绑定的网卡，因为在配置虚拟IP的时候必须是在已有的网卡上添加的dont track primary：忽略VRRP的interface错误track interface：跟踪接口，设置额外的监控，里面任意一块网卡出现问题，都会进入故障(FAULT)状态，例如，用nginx做均衡器的时候，内网必须正常工作，如果内网出问题了，这个均衡器也就无法运作了，所以必须对内外网同时做健康检查mcast src ip：发送多播数据包时的源IP地址，这里注意了，这里实际上就是在那个地址上发送VRRP通告，这个非常重要，一定要选择稳定的网卡端口来发送，这里相当于heartbeat的心跳端口，如果没有设置那么就用默认的绑定的网卡的IP，也就是interface指定的IP地址garp master delay：在切换到master状态后，延迟进行免费的ARP(gratuitous ARP)请求virtual router id：这里设置VRID，这里非常重要，相同的VRID 为一个组，他将决定多播的MAC地址priority 100：设置本节点的优先级，优先级高的为masteradvert int：检查间隔，默认为1秒virtual ipaddress：这里设置的就是VIP，也就是虚拟IP地址，他随着state的变化而增加删除，当state为master的时候就添加，当state为backup的时候删除，这里主要是有优先级来决定的，和state设置的值没有多大关系，这里可以设置多个IP地址virtual routes：原理和virtual ipaddress一样，只不过这里是增加和删除路由lvs sync daemon interface：lvs syncd绑定的网卡authentication：这里设置认证auth type：认证方式，可以是PASS或AH两种认证方式auth pass：认证密码nopreempt：设置不抢占，这里只能设置在state为backup的节点上，而且这个节点的优先级必须别另外的高preempt delay：抢占延迟debug：debug级别notify master：和sync group这里设置的含义一样，可以单独设置，例如不同的实例通知不同的管理人员，http实例发给网站管理员，mysql的就发邮件给DBA3，VRRP脚本首先在vrrp_script区域定义脚本名字和脚本执行的间隔和脚本执行的优先级变更vrrp_script check_running {script"/usr/local/bin/check_running"interval 10 #脚本执行间隔weight 10 #脚本结果导致的优先级变更：10表示优先级+10；-10则表示优先级-10}然后在实例(vrrp_instance)里面引用，有点类似脚本里面的函数引用一样：先定义，后引用函数名track_script {check_running weight 20}注意：VRRP脚本(vrrp_script)和VRRP实例(vrrp_instance)属于同一个级别LVS配置如果你没有配置LVS+keepalived那么无需配置这段区域，里如果你用的是nginx来代替LVS，这无限配置这款，这里的LVS配置是专门为keepalived+LVS集成准备的。

Linux Keepalive用法：保持连接活跃的技术报告在现代网络应用中，保持连接的活跃状态是非常重要的。

当客户端与服务器之间的连接意外断开时，需要一种机制来检测并重新建立连接。

Linux操作系统提供了一种称为"Keepalive"的机制，可以用于检测和管理网络连接的活跃状态。

一、Keepalive的工作原理Keepalive是一种TCP特性，用于定期发送数据包以检查连接是否仍然活跃。

如果连接在指定的时间内没有活动，Keepalive机制将发送一个探查数据包。

如果服务器收到探查数据包并响应，则认为连接仍然有效。

如果服务器没有响应，则认为连接已断开，并采取适当的措施重新建立连接。

二、配置Keepalive在Linux系统中，可以通过修改网络配置文件来启用和配置Keepalive。

下面是一些常见的配置选项：1.keepalive：用于启用或禁用Keepalive。

2.keepalive_probes：指定发送探查数据包的次数。

3.keepalive_intvl：指定发送探查数据包的时间间隔。

4.keepalive_cnt：指定在连续多少个探查数据包未收到响应后关闭连接。

5.keepalive_idle：指定连接空闲多久后开始发送探查数据包。

这些选项可以在网络配置文件中进行设置，例如/etc/sysconfig/network-scripts/ifcfg-eth0（针对以太网接口）。

设置完成后，需要重启网络服务以使更改生效。

三、启用Keepalive的应用场景启用Keepalive可以用于以下场景：1.长连接：对于需要保持长时间连接的应用，Keepalive可以检测到连接的意外断开，并自动重新建立连接。

2.心跳检测：通过定期发送探查数据包，Keepalive可以用于检测服务器的可用性或应用程序的状态。

3.资源释放：如果连接意外断开，Keepalive可以自动关闭连接并释放相关资源。

Keepalived编译什么是Keepalived？Keepalived是一个用于实现高可用性和负载均衡的开源软件。

它基于VRRP（Virtual Router Redundancy Protocol）协议，可以在多个服务器之间实现故障切换和负载均衡。

通过配置Keepalived，可以将多个服务器组成一个虚拟路由器，并将请求分发到这些服务器上，从而提高系统的可用性和性能。

编译Keepalived的步骤编译Keepalived需要一些准备工作和步骤，下面将详细介绍如何编译Keepalived。

步骤一：安装必要的依赖项在开始编译之前，我们需要安装一些必要的依赖项。

这些依赖项包括：•gcc：C语言编译器•make：构建工具•libssl-dev：OpenSSL库开发包•libpopt-dev：popt库开发包可以使用以下命令来安装这些依赖项：sudo apt-get updatesudo apt-get install gcc make libssl-dev libpopt-dev -y步骤二：下载Keepalived源代码在开始编译之前，我们需要下载Keepalived的源代码。

可以从官方网站或者GitHub上获取最新版本的源代码。

wgettar -zxvf keepalived-2.3.0.tar.gzcd keepalived-2.3.0步骤三：配置编译选项在编译之前，我们需要配置一些选项，例如安装路径、启用的功能等。

可以使用以下命令来配置编译选项：./configure --prefix=/usr/local/keepalived \--sysconf=/etc/keepalived \--enable-libiptc \--enable-snmp \--enable-dynamic-linking这里我们将Keepalived安装到/usr/local/keepalived目录下，并指定了一些启用的功能，例如libiptc、snmp和动态链接。

Centos7中安装和配置nginx和keepalived（主从模式）系统版本 Centos7IP：192.168.0.3 MasterIP：192.168.0.4 Slave⼀.Linux安装nginx (主从都安装NGINX)1.安装依赖[root@Master ~]# yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel[root@Slave ~]# yum -y install gcc zlib zlib-devel pcre-devel openssl openssl-devel2.创建⼀个⽂件夹[root@Master ~]# cd /usr/local[root@Master local]# mkdir nginx[root@Master local]# cd nginx/[root@Master nginx]#[root@Slave ~]# cd /usr/localYou have new mail in /var/spool/mail/root[root@Slave local]# mkdir nginx[root@Slave local]# cd nginx/[root@Slave nginx]#4.编译并make[root@Master nginx]# cd nginx-1.16.1[root@Master nginx-1.16.1]# ./configure --prefix=/usr/local/nginx[root@Master nginx-1.16.1]# make[root@Master nginx-1.16.1]# make install修改nginx访问界⾯html[root@Master nginx-1.16.1]# cd /usr/local/nginx/html/You have new mail in /var/spool/mail/root[root@Master html]# lltotal 8-rw-r--r-- 1 root root 494 Oct 12 03:23 50x.html-rw-r--r-- 1 root root 612 Oct 12 03:23 index.html[root@Master html]# vi index.html<p><em>Master ip:192.168.0.3</em></p>[root@Slave nginx]# cd nginx-1.16.1[root@Slave nginx-1.16.1]# ./configure --prefix=/usr/local/nginx[root@Slave nginx-1.16.1]# make[root@Slave nginx-1.16.1]# make install修改nginx访问界⾯html[root@Slave nginx-1.16.1]# cd /usr/local/nginx/html/You have new mail in /var/spool/mail/root[root@Slave html]# lltotal 8-rw-r--r-- 1 root root 494 Oct 12 03:23 50x.html-rw-r--r-- 1 root root 612 Oct 12 03:23 index.html[root@Slave html]# vi index.html<p><em>Slave ip:192.168.0.4</em></p>常⽤命令#启动/usr/local/nginx/sbin/nginx#修改配置⽂件重新加载/usr/local/nginx/sbin/nginx -s reload#关闭/usr/local/nginx/sbin/nginx2.安装相关依赖,有不⽤下载了[root@Master local]# yum install -y gcc openssl-devel popt-devel[root@Slave local]# yum install -y gcc openssl-devel popt-devel3.编译安装[root@Master local]# cd keepalived-1.4.2[root@Master keepalived-1.4.2]# ./configure --prefix=/usr/local/keepalived[root@Master keepalived-1.4.2]# make[root@Master keepalived-1.4.2]# make install[root@Slave local]# cd keepalived-1.4.2[root@Slave keepalived-1.4.2]# ./configure --prefix=/usr/local/keepalived[root@Slave keepalived-1.4.2]# make[root@Slave keepalived-1.4.2]# make install4.相关配置,复制就完了[root@Master keepalived-1.4.2]# pwd/usr/local/keepalived-1.4.2You have new mail in /var/spool/mail/root[root@Master keepalived-1.4.2]# cp /usr/local/keepalived-1.4.2/keepalived/etc/init.d/keepalived /etc/init.d/[root@Master keepalived-1.4.2]# mkdir /etc/keepalived[root@Master keepalived-1.4.2]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/[root@Master keepalived-1.4.2]# cp /usr/local/keepalived-1.4.2/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@Master keepalived-1.4.2]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/[root@Slave keepalived-1.4.2]# pwd/usr/local/keepalived-1.4.2You have new mail in /var/spool/mail/root[root@Slave keepalived-1.4.2]# cp /usr/local/keepalived-1.4.2/keepalived/etc/init.d/keepalived /etc/init.d/[root@Slave keepalived-1.4.2]# mkdir /etc/keepalived[root@Slave keepalived-1.4.2]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/[root@Slave keepalived-1.4.2]# cp /usr/local/keepalived-1.4.2/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ [root@Slave keepalived-1.4.2]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/[root@Slave keepalived-1.4.2]#使⽤keepalived保证nginx的⾼可⽤(⼀主⼀从),我的主服务器ip为(192.168.0.3),从机(192.168.0.4)在两条服务器分别安装nginx和keepalived,修改keeplived.conf⽂件vim /etc/keepalived/keepalived.conf主机配置⽂件! Configuration File for keepalivedglobal_defs {#⼀个没重复的名字即可router_id LVS_DEVEL}# 检测nginx是否运⾏vrrp_script chk_nginx {script "/etc/keepalived/nginx_check.sh"interval 2#权重减少20,减少完要⽐从机的值⼩weight -20}vrrp_instance VI_1 {# MASTER代表主机state MASTER# ⽹卡名字 ip addr 可以查看interface eno16777736# 同⼀个keepalived集群的virtual_router_id相同virtual_router_id 51# 权重，master要⼤于slavepriority 100# 主备通讯时间间隔advert_int 1# 如果两节点的上联交换机禁⽤了组播，则采⽤vrrp单播通告的⽅式# 本机ipunicast_src_ip 192.168.118.3unicast_peer {# 其他机器ip192.168.118.5}# 设置nopreempt防⽌抢占资源nopreempt# 主备保持⼀致authentication {auth_type PASSauth_pass 1111}# 与上⽅nginx运⾏状况检测呼应track_script {chk_nginx}virtual_ipaddress {# 虚拟ip地址（VIP，⼀个尚未占⽤的内⽹ip即可）192.168.118.118}}[root@Master keepalived-1.4.2]# cd /etc/keepalived/[root@Master keepalived]# lltotal 4-rw-r--r-- 1 root root 3550 Oct 12 03:41 keepalived.conf[root@Master keepalived]# cp keepalived.conf keepalived.conf.bak [root@Master keepalived]# vi /etc/keepalived/keepalived.conf global_defs {router_id LVS_DEVEL}vrrp_script chk_nginx {script "/etc/keepalived/nginx_check.sh"interval 2weight -20}vrrp_instance VI_1 {state MASTERinterface enp0s3virtual_router_id 51priority 100advert_int 1unicast_src_ip 192.168.0.3unicast_peer {192.168.0.4}nopreemptauthentication {auth_type PASSauth_pass 1111}track_script {chk_nginx}virtual_ipaddress {192.168.0.10}}从机配置⽂! Configuration File for keepalivedglobal_defs {#⼀个没重复的名字即可router_id LVS_DEVEL}# 检测nginx是否运⾏vrrp_script chk_nginx {script "/etc/keepalived/nginx_check.sh"interval 2weight -20}vrrp_instance VI_1 {# 代表是从机state BACKUP# ⽹卡名字，ip addr获取interface eno16777736# 同⼀个keepalived集群的virtual_router_id相同virtual_router_id 51# 权重，master要⼤于slavepriority 90# 主备通讯时间间隔advert_int 1# 如果两节点的上联交换机禁⽤了组播，则采⽤vrrp单播通告的⽅式# 本机ipunicast_src_ip 192.168.118.5unicast_peer {# 其他机器ip192.168.118.3}# 设置nopreempt防⽌抢占资源nopreempt# 主备保持⼀致authentication {auth_type PASSauth_pass 1111}# 与上⽅nginx运⾏状况检测呼应track_script {chk_nginx}virtual_ipaddress {# 虚拟ip地址（VIP，⼀个尚未占⽤的内⽹ip即可）192.168.118.118}}-------------------------------------------------------------从机配置⽂![root@Slave keepalived-1.4.2]# cd /etc/keepalived/You have new mail in /var/spool/mail/root[root@Slave keepalived]# lltotal 4-rw-r--r-- 1 root root 3550 Oct 12 03:42 keepalived.conf[root@Slave keepalived]# cp keepalived.conf keepalived.conf.bak[root@Slave keepalived]# vi /etc/keepalived/keepalived.confglobal_defs {router_id LVS_DEVEL}vrrp_script chk_nginx {script "/etc/keepalived/nginx_check.sh"interval 2weight -20}vrrp_instance VI_1 {state Slaveinterface enp0s3virtual_router_id 51priority 90advert_int 1unicast_src_ip 192.168.0.4unicast_peer {192.168.0.3}nopreemptauthentication {auth_type PASSauth_pass 1111}track_script {chk_nginx}virtual_ipaddress {192.168.0.10}}主从机都需配置检测nginx是否在运⾏,不在允许就直接启动nginx的脚本,和keepalived放在⼀起脚本名称 nginx_check.sh#!/bin/bashA=`ps -C nginx –no-header |wc -l`if [ $A -eq 0 ];then/usr/local/nginx/sbin/nginxsleep 2if [ `ps -C nginx --no-header |wc -l` -eq 0 ];thenkillall keepalivedfifi[root@Master keepalived]# pwd/etc/keepalived[root@Master keepalived]# vi nginx_check.sh#!/bin/bashA=`ps -C nginx –no-header |wc -l`if [ $A -eq 0 ];then/usr/local/nginx/sbin/nginxsleep 2if [ `ps -C nginx --no-header |wc -l` -eq 0 ];thenkillall keepalivedfifi[root@Slave keepalived]# pwd/etc/keepalived[root@Slave keepalived]# vi nginx_check.sh#!/bin/bashA=`ps -C nginx –no-header |wc -l`if [ $A -eq 0 ];then/usr/local/nginx/sbin/nginxsleep 2if [ `ps -C nginx --no-header |wc -l` -eq 0 ];thenkillall keepalivedfifi只要配置好了,以后直接启动keepalived就好了,keepalived运⾏之后就会检测nginx是否在运⾏,不在运⾏就通过脚本去启动⾃动重启不了解决⽅案查看脚本是否有运⾏的权限如果你是root登陆的话(不是的话，切换到root⽤户，对*.sh 赋可执⾏的权限)chmod 777*.sh或者chmod +x *.sh主：[root@Master keepalived]# chmod +x nginx_check.sh[root@Master keepalived]# lltotal 12-rw-r--r-- 1 root root 572 Oct 12 03:55 keepalived.conf-rw-r--r-- 1 root root 3550 Oct 12 03:48 keepalived.conf.bak-rwxr-xr-x 1 root root 205 Oct 12 04:04 nginx_check.sh[root@Master keepalived]#备：[root@Slave keepalived]# chmod +x nginx_check.sh[root@Slave keepalived]# lltotal 12-rw-r--r-- 1 root root 575 Oct 12 04:02 keepalived.conf-rw-r--r-- 1 root root 3550 Oct 12 03:57 keepalived.conf.bak-rwxr-xr-x 1 root root 205 Oct 12 04:04 nginx_check.sh[root@Slave keepalived]#keepalived常⽤命令#启动service keepalived start#停⽌service keepalived stop#查看状态service keepalived status主：[root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived stopStopping keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived status● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)Active: active (running) since Mon 2020-10-12 04:08:03 EDT; 14s agoProcess: 9822 ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 9823 (keepalived)CGroup: /system.slice/keepalived.service├─9823 /usr/local/keepalived/sbin/keepalived -D├─9824 /usr/local/keepalived/sbin/keepalived -D└─9825 /usr/local/keepalived/sbin/keepalived -DOct 12 04:08:05 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:09 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping runOct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on enp0s3 for 192.168.0.10 Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:13 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping runOct 12 04:08:17 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping run[root@Master keepalived]#备：[root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived stopStopping keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]# service keepalived status● keepalived.service - LVS and VRRP High Availability MonitorLoaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)Active: active (running) since Mon 2020-10-12 04:08:03 EDT; 14s agoProcess: 9822 ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)Main PID: 9823 (keepalived)CGroup: /system.slice/keepalived.service├─9823 /usr/local/keepalived/sbin/keepalived -D├─9824 /usr/local/keepalived/sbin/keepalived -D└─9825 /usr/local/keepalived/sbin/keepalived -DOct 12 04:08:05 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:09 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping runOct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on enp0s3 for 192.168.0.10 Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:10 Master Keepalived_vrrp[9825]: Sending gratuitous ARP on enp0s3 for 192.168.0.10Oct 12 04:08:13 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping runOct 12 04:08:17 Master Keepalived_vrrp[9825]: Track script chk_nginx is being timed out, expect idle - skipping run[root@Master keepalived]#Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Master ip:192.168.0.3Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Slave ip:192.168.0.4Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Master ip:192.168.0.3⼀切正常,将主机的keepalived服务给停掉,模拟服务器宕机的场景[root@Master keepalived]# service keepalived stopStopping keepalived (via systemctl): [ OK ]You have new mail in /var/spool/mail/root[root@Master keepalived]#Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Slave ip:192.168.0.4成功切换到备⽤服务器接下来重启主服务器,再访问虚拟ip[root@Master keepalived]# service keepalived startStarting keepalived (via systemctl): [ OK ][root@Master keepalived]#Welcome to nginx!If you see this page, the nginx web server is successfully installed and working. Further configuration is required.For online documentation and support please refer to .Commercial support is available at .Thank you for using nginx.Master ip:192.168.0.3由此可见,当主机dowm掉的时候才会访问从机,当主机连进来的时候⼜回去访问主机当主机正常运⾏通过ip addr命令的时候可以看到⽹络下多了个虚拟ip,⽽从机却没有,只要当主机挂了时候从机才会显⽰xuniip 主：[root@Master keepalived]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:19:70:2f brd ff:ff:ff:ff:ff:ffinet 192.168.0.3/24 brd 192.168.0.255 scope global noprefixroute enp0s3valid_lft forever preferred_lft foreverinet 192.168.0.10/32 scope global enp0s3valid_lft forever preferred_lft foreverinet6 fe80::58e8:d448:52fb:c18c/64 scope link noprefixroutevalid_lft forever preferred_lft forever[root@Master keepalived]#备：[root@Slave keepalived]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 08:00:27:93:55:c9 brd ff:ff:ff:ff:ff:ffinet 192.168.0.4/24 brd 192.168.0.255 scope global noprefixroute enp0s3valid_lft forever preferred_lft foreverinet6 fe80::4ee7:51c7:e8fe:f5e5/64 scope link noprefixroutevalid_lft forever preferred_lft foreverYou have new mail in /var/spool/mail/root[root@Slave keepalived]#。

Keepalived源码安装1.编译、安装# tar -xvf keepalived-1.3.9.tar.gz# cd keepalived-1.3.9/# ./configure -prefix=/usr/local/keepalived-1.3.9# make# make install2.配置成服务cp /usr/local/keepalived-1.3.9/etc/sysconfig/keepalived /etc/sysconfig/3.拷贝配置⽂件# mkdir /etc/keepalived# cp /usr/local/keepalived-1.3.9/etc/keepalived/keepalived.conf /etc/keepalived/4.使⽤软连接或者直接拷贝执⾏⽂件# ln -s /usr/local/keepalived-1.3.9/sbin/keepalived /usr/sbin/或者# cp /usr/local/keepalived-1.3.9/sbin/keepalived /usr/sbin5.加⼊开机启动项# vi /etc/init.d/keepalived 脚本内容如下：#!/bin/sh## keepalived High Availability monitor built upon LVS and VRRP## chkconfig: - 86 14# description: Robust keepalive facility to the Linux Virtual Server project \# with multilayer TCP/IP stack checks.### BEGIN INIT INFO# Provides: keepalived# Required-Start: $local_fs $network $named $syslog# Required-Stop: $local_fs $network $named $syslog# Should-Start: smtpdaemon httpd# Should-Stop: smtpdaemon httpd# Default-Start:# Default-Stop: 0 1 2 3 4 5 6# Short-Description: High Availability monitor built upon LVS and VRRP# Description: Robust keepalive facility to the Linux Virtual Server# project with multilayer TCP/IP stack checks.### END INIT INFO# Source function library.. /etc/rc.d/init.d/functionsexec="/usr/sbin/keepalived"prog="keepalived"config="/etc/keepalived/keepalived.conf"[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$proglockfile=/var/lock/subsys/keepalivedstart() {[ -x $exec ] || exit 5[ -e $config ] || exit 6echo -n $"Starting $prog: "daemon $exec $KEEPALIVED_OPTIONSretval=$?echo[ $retval -eq 0 ] && touch $lockfilereturn $retval}stop() {echo -n $"Stopping $prog: "killproc $progretval=$?echo[ $retval -eq 0 ] && rm -f $lockfilereturn $retval}restart() {stopstart}reload() {echo -n $"Reloading $prog: "killproc $prog -1retval=$?echoreturn $retval}force_reload() {restart}rh_status() {status $prog}rh_status_q() {rh_status &>/dev/null}case "$1" instart)rh_status_q && exit 0$1;;stop)rh_status_q || exit 0$1;;restart)$1;;reload)rh_status_q || exit 7$1;;force-reload)force_reload;;status)rh_status;;condrestart|try-restart)rh_status_q || exit 0restart;;*)echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}" exit 2esacexit $?# chmod a+x /etc/init.d/keepalived。

Centos配置Keepalived 做双机热备切换分类：网站架构2009-07-25 13:53 7823人阅读评论(0) 收藏举报centosserverdelayauthenticationsnscompilerKeepalived系统环境：************************************************************两台服务器都装了CentOS-5.2-x86_64系统Virtual IP： 192.168.30.20Squid1+Real Server 1：网卡地址(eth0):192.168.30.12Squid2+Real Server 2：网卡地址(eth0):192.168.30.13************************************************************软件列表：keepalived/software/keepalived-1.1.17.tar.gzopenssl-develyum -y install openssl-devel***************************************************************配置：配置基于高可用keepalived,确定LVS使用DR模式1.安装配置keepalived1.1安装依赖软件如果系统为基本文本安装,需要安装一下软件# yum -y install ipvsadm# yum -y install kernel kernel-devel# reboot 重启系统切换内核# yum -y install openssl-devel ；安装keepalived依赖软件#ln -s /usr/src/kernels/`uname -r`-`uname -m`/ /usr/src/linux；建立内核链接，编译keepalived支持lvs时需要注意建立链接的内核名和当前运行的内核一致,否则导致安装失败#tar zxvf keepalived-1.1.17.tar.gz#cd keepalived-1.1.17#./configure --prefix=/usr --sysconf=/etcKeepalived configuration------------------------Keepalived version : 1.1.17Compiler : gccCompiler flags : -g -O2Extra Lib : -lpopt -lssl -lcryptoUse IPVS Framework : Yes ;注意编译时一定要支持lvsIPVS sync daemon support : YesUse VRRP Framework : YesUse LinkWatch : NoUse Debug flags : No#make#make install1.2编辑keepalived配置文件#Vi /etc/keepalived/keepalived.confglobal_defs {notification_email {test@}notification_email_from root@localhostsmtp_server 127.0.0.1smtp_connect_timeout 30router_id LVS_DEVEL}vrrp_instance VI_1 {state MASTER #备份服务器上将MASTER改为BACKUPinterface eth0 # HA 监测网络接口virtual_router_id 51 #主、备机的virtual_router_id必须相同priority 100 #主、备机取不同的优先级，主机值较大，备份机值较小 advert_int 2 # VRRP Multicast 广播周期秒数authentication {auth_type PASS #VRRP 认证方式auth_pass 1111 #VRRP 口令字}virtual_ipaddress {192.168.30.20 # VRRP HA 虚拟地址如果有多个VIP，继续换行填写 }}virtual_server 192.168.30.20 80 {delay_loop 2 #每隔6秒查询realserver状态lb_algo rr #lvs 算法lb_kind DR #Direct Routepersistence_timeout 50 #同一IP 的连接60 秒内被分配到同一台realserverprotocol TCP #用TCP协议检查realserver状态real_server 192.168.30.12 80 {weight 3 #(权重)TCP_CHECK {connect_timeout 10 #(10秒无响应超时)nb_get_retry 3delay_before_retry 3connect_port 80}}real_server 192.168.30.13 80 {weight 3 #(权重)TCP_CHECK {connect_timeout 10 #(10秒无响应超时)nb_get_retry 3delay_before_retry 3connect_port 80}}}1.3BACKUP服务器同上配置，先安装lvs再按装keepalived,仍后配置/etc/keepalived/keepalived.conf，只需将红色标示的部分改一下即可.global_defs {notification_email {test@}notification_email_from root@localhostsmtp_server 127.0.0.1smtp_connect_timeout 30router_id LVS_DEVEL}vrrp_instance VI_1 {state BACKUP #备份服务器上将MASTER改为BACKUPinterface eth0 # HA 监测网络接口virtual_router_id 51 #主、备机的virtual_router_id必须相同priority 99 #主、备机取不同的优先级，主机值较大，备份机值较小 advert_int 2 # VRRP Multicast 广播周期秒数authentication {auth_type PASS #VRRP 认证方式auth_pass 1111 #VRRP 口令字}virtual_ipaddress {192.168.30.20 # VRRP HA 虚拟地址}}virtual_server 192.168.30.20 80 {delay_loop 2 #每隔6秒查询realserver状态lb_algo rr #lvs 算法lb_kind DR #Direct Routepersistence_timeout 50 #同一IP 的连接60 秒内被分配到同一台realserver protocol TCP #用TCP协议检查realserver状态real_server 192.168.30.12 80 {weight 3 #(权重)TCP_CHECK {connect_timeout 10 #(10秒无响应超时)nb_get_retry 3delay_before_retry 3connect_port 80}}real_server 192.168.30.13 80 {weight 3 #(权重)TCP_CHECK {connect_timeout 10 #(10秒无响应超时)nb_get_retry 3delay_before_retry 3connect_port 80}}}2. 配置lvs客户端脚本[c-sharp]view plaincopyprint?1.#vi /usr/local/sbin/realserver.sh2. #!/bin/bash3. # description: Config realserver lo and apply noarp4. #Written by :NetSeek 5.6. SNS_VIP=192.168.30.207.8. . /etc/rc.d/init.d/functions9.10.case"$1"in11. start)12. ifconfig lo:0 $SNS_VIP netmask 255.255.255.255 broadcast $SNS_VIP13. /sbin/route add -host $SNS_VIP dev lo:014. echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore15. echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce16. echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore17. echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce18. sysctl -p >/dev/null 2>&119. echo "RealServer Start OK"20.21. ;;22. stop)23. ifconfig lo:0 down24. route del $SNS_VIP >/dev/null 2>&125. echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore26. echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce27. echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore28. echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce29. echo "RealServer Stoped"30. ;;31. *)32. echo "Usage: $0 {start|stop}"33. exit 134. esac35.36. exit 0或者采用secondary ip address方式配置# vi /etc/sysctl.confnet.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2net.ipv4.conf.all.arp_ignore = 1net.ipv4.conf.all.arp_announce = 2#sysctl -p#ip addr add 192.168.30.20/32 dev lo#ip add list 查看是否绑定3. 启动lvs-dr脚本和realserver启本，在DR上可以查看LVS当前状态: #watch ipvsadm -ln4. 启动keepalived 服务#service httpd start#/etc/init.d/keepalived start查看keepalived的安装位置：# find / -name keepalived将keepalived作为服务添加到chkconfig中，并设置开机启动# chkconfig --add keepalived# chkconfig --level 35 keepalived on# chkconfig --list keepalivedkeepalived 0:关闭 1:关闭 2:关闭 3:启用 4:关闭 5:启用 6:关闭“各等级”包括2、3、4、5等级等级0表示：表示关机等级1表示：单用户模式等级2表示：无网络连接的多用户命令行模式等级3表示：有网络连接的多用户命令行模式等级4表示：不可用等级5表示：带图形界面的多用户模式等级6表示：重新启动5. 测试lvs服务是否正常5.1通过浏览器访问http://192.168.30.20是否正常多次刷新浏览器，在主LVS上看连接数变化5.2停止主LVS上的keepalived 看看备份keepalived是否正常接管服务注：realserver如果为windows主机的话需要安装microsoft loopback,设置IP为VIP确认之后搜索注册表,关键字"VIP"把搜到结果的每项里面的subnet mask都改成255.255.255.255然后重启即可。

详解Keepalived安装与配置⼀、简介是⼀个免费开源的，⽤C编写的类似于layer3, 4 & 7交换机制软件，具备我们平时说的第3层、第4层和第7层交换机的功能。

主要提供loadbalancing（负载均衡）和 high-availability（⾼可⽤）功能，负载均衡实现需要依赖Linux的虚拟服务内核模块（ipvs），⽽⾼可⽤是通过VRRP协议实现多台机器之间的故障转移服务。

上图是Keepalived的功能体系结构，⼤致分两层：⽤户空间（user space）和内核空间（kernel space）。

内核空间：主要包括IPVS（IP虚拟服务器，⽤于实现⽹络服务的负载均衡）和NETLINK（提供⾼级路由及其他相关的⽹络功能）两个部份。

⽤户空间：1. WatchDog：负载监控checkers和VRRP进程的状况2. VRRP Stack：负载负载均衡器之间的失败切换FailOver，如果只⽤⼀个负载均稀器，则VRRP不是必须的。

3. Checkers：负责真实服务器的健康检查healthchecking，是keepalived最主要的功能。

换⾔之，可以没有VRRP Stack，但健康检查healthchecking是⼀定要有的。

4. IPVS wrapper：⽤户发送设定的规则到内核ipvs代码5. Netlink Reflector：⽤来设定vrrp的vip地址等。

Keepalived的所有功能是配置keepalived.conf⽂件来实现的。

⼆、安装与配置从官⽹的最新版本，本⽂以当前最新版本1.2.24为例。

2.1 安装shell> cd /usr/local/srcshell> wget /software/keepalived-1.2.24.tar.gzshell> tar -zxvf keepalived-1.2.24.tar.gzshell> cd keepalived-1.2.24shell> ./configure --prefix=/usr/local/keepalivedshell> make && make install2.2 配置安装完成后，进⼊安装⽬录的etc⽬录下，将keepalived相应的配置⽂件拷贝到系统相应的⽬录当中。

MFS+KeepAlived 分布式文件系统部署手册目录一、应用部署情况 (3)二、角色说明 (4)1.拓扑简单工作原理 (4)2.服务器功能描述 (4)三、原理概述 (5)1.MFS元数据备份 (5)2.MFS Master的恢复 (5)3.利用keepalived实现自动恢复与Master切换 (5)四、部署说明 (6)1.Master Server 安装 (6)2.Backup server (metalogger) 安装 (7)3.存储块服务器Chunk servers 安装 (7)4.客户端安装 (8)5.在主从机器上安装keepalived (9)6.keepalived 主服务器配置 (10)7.keepalived 从服务器配置 (12)8.启动顺序 (14)9.关闭顺序 (15)五、MFS常用操作 (16)一、应用部署情况序号主机名应用部署IP地址VIP1 NBJK-ZX-MFSMASTERMFS(Master),keepalived((Master)192.168.100.141192.168.100.1772 NBJK-ZX-MFSBACKUPMFS(MFSBACKUP),keepalived((BACKUP)192.168.100.1443 NBJK-ZX-CHUNK1MFS(chuckserver) 192.168.100.1754 NBJK-ZX-CHUNK2MFS(chuckserver) 192.168.100.1765 NBJK-ZX-CHUNK3MFS(chuckserver) 192.168.100.1746 Client mfsclient 192.168.100.51二、 角色说明Master server ：192.168.100.141Metalogger server: 192.168.100.144keepalived MASTER 192.168.100.177keepalived BACKUP 192.168.100.177mfsmount 192.168.100.177：9421Chunk servers1: 192.168.100.175Chunk servers2: 192.168.100.176Chunk servers3: 192.168.100.174Data managementClient192.168.100.51Data transmissionData operations192.168.100.177：9420192.168.100.141：9419192.168.100.174:9422:/data/192.168.100.175:9422:/data1/192.168.100.176:9422:/data1/1. 拓扑简单工作原理mfservermastet 管理控制是MFS 分布式文件系统核心，负责处理client 与chunkserver 之间的联系；Chunkserver 提供存储数据的空间，通常是分区，磁盘，RAID 等设备。

以下是在Linux环境中编译Keepalived的步骤：
1. 安装依赖：
首先，确保你的系统中已经安装了编译所需的依赖包。

在Ubuntu或Debian 系统中，可以使用以下命令安装：
bash代码：
2. 下载源代码：
下载Keepalived的最新源代码。

3. 解压源代码：
使用tar命令解压下载的源代码包：
bash代码：
4. 配置和编译：
进入解压后的源代码目录，运行./configure进行配置，然后使用make进行编译：
bash代码：
5. 安装：
编译成功后，使用sudo make install命令进行安装：
bash代码：
6. 配置系统服务：
为了让Keepalived能够在系统启动时自动运行，你需要创建一个systemd 服务文件。

以下是一个基本的服务文件示例：
创建/etc/systemd/system/keepalived.service 文件，并添加以下内容：
然后，加载新的服务文件并启动Keepalived服务：
bash代码：
以上就是编译和安装Keepalived的基本步骤。

请注意，具体的命令和路径可能会根据你的系统环境和Keepalived版本有所不同。

在操作过程中，如果遇到问题，建议查阅官方文档或相关资源。

linux 高级技巧：服务器集群之keepalived
Keepalived 是一个基于VRRP 协议来实现的WEB 服务高可用方案，可以利用其来避免单点故障。

使用多台节点安装keepalived。

其他的节点用来提供真实的服务，同样的，他们对外表现一个虚拟的IP。

主服务器宕机的时候，备份服务器就会接管虚拟IP，继续提供服务，从而保证了高可用性。

1.keepalived 的原理图如下所示：
最左边是客户机，它访问我们的虚拟IP。

然后我们有master（主控制节点）和backup(备用控制节点)。

最右边的就是我们提供服务的真机了。

2.搭建keepalived 服务
我们使用四个节点来做这个实验，两个充当控制节点，另外两个提供服务。

然后用真机的浏览器访问虚拟IP。

注意事项：。

keepalive编译安装keepalived-2.0.6下载keepalived-2.0.6.tar.gz到/home/abc并解压(解压后的源码⽬录后⾯配置会⽤到)：tar -zxvf keepalived-2.0.6.tar.gz安装前检查了ipvsadm、popt-devel、openssl-devel、libnfnetlink-devel是否存在，结果如下：libnfnetlink-devel安装的是libnfnetlink。

Package ipvsadm-1.26-2.el6.x86_64 already installed and latest version执⾏编译：[root@abc keepalived-2.0.6]#[root@abc keepalived-2.0.6]# ./configure --prefix=/use/local/keepalivedchecking for a BSD-compatible install... /usr/bin/install -cchecking whether build environment is sane... yeschecking for a thread-safe mkdir -p... /bin/mkdir -pchecking for gawk... gawkchecking whether make sets $(MAKE)... yeschecking whether make supports nested variables... yeschecking whether make supports nested variables... (cached) yeschecking for pkg-config... /usr/bin/pkg-configchecking pkg-config is at least version 0.9.0... yeschecking for gcc... gccchecking whether the C compiler works... noconfigure: error: in `/home/vie61jiexiang/lwj/keepalived-2.0.6':configure: error: C compiler cannot create executablesSee `config.log' for more details[root@abc keepalived-2.0.6]#[root@abc keepalived-2.0.6]#报错了，查看⽇志：[root@abc keepalived-2.0.6]# more config.logThis file contains any messages produced by compilers whilerunning configure, to aid debugging if configure makes a mistake.It was created by Keepalived configure 2.0.6, which wasgenerated by GNU Autoconf 2.69. Invocation command line was$ ./configure --prefix=/use/local/keepalived## --------- #### Platform. #### --------- ##hostname = i-33D24D56uname -m = x86_64uname -r = 2.6.32-431.el6.x86_64uname -s = Linuxuname -v = #1 SMP Sun Nov 1022:19:54 EST 2013## ----------- #### Core tests. #### ----------- ##configure:2711: checking for a BSD-compatible installconfigure:2779: result: /usr/bin/install -cconfigure:2790: checking whether build environment is saneconfigure:2845: result: yesconfigure:2996: checking for a thread-safe mkdir -pconfigure:3035: result: /bin/mkdir -pconfigure:3042: checking for gawkconfigure:3058: found /bin/gawkconfigure:3069: result: gawkconfigure:3080: checking whether make sets $(MAKE)configure:3102: result: yesconfigure:3131: checking whether make supports nested variablesconfigure:3148: result: yesconfigure:3302: checking whether make supports nested variablesconfigure:3319: result: yesconfigure:3385: checking for pkg-configconfigure:3403: found /usr/bin/pkg-configconfigure:3415: result: /usr/bin/pkg-configconfigure:3440: checking pkg-config is at least version 0.9.0configure:3443: result: yesconfigure:3768: checking for gccconfigure:3784: found /usr/local/bin/gccconfigure:3795: result: gccconfigure:4024: checking for C compiler versionconfigure:4033: gcc --version >&5gcc (GCC) 7.3.0Copyright (C) 2017 Free Software Foundation, Inc.This is free software; see the source for copying conditions. There is NOwarranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.configure:4044: $? = 0configure:4033: gcc -v >&5Using built-in specs.COLLECT_GCC=gccCOLLECT_LTO_WRAPPER=/usr/local/libexec/gcc/x86_64-pc-linux-gnu/7.3.0/lto-wrapperTarget: x86_64-pc-linux-gnuConfigured with: ./configure --prefix=/usr/local/ --disable-multilib --enable-languages=c,c++Thread model: posixgcc version 7.3.0 (GCC)configure:4044: $? = 0configure:4033: gcc -V >&5gcc: error: unrecognized command line option '-V'gcc: fatal error: no input filescompilation terminated.configure:4044: $? = 1configure:4033: gcc -qversion >&5gcc: error: unrecognized command line option '-qversion'; did you mean '--version'?gcc: fatal error: no input filescompilation terminated.configure:4044: $? = 1configure:4064: checking whether the C compiler worksconfigure:4086: gcc conftest.c >&5/usr/local/libexec/gcc/x86_64-pc-linux-gnu/7.3.0/cc1: error while loading shared libraries: libmpc.so.3: cannot open shared object file: No such file or directory configure:4090: $? = 1configure:4128: result: noconfigure: failed program was:| /* confdefs.h */| #define PACKAGE_NAME "Keepalived"| #define PACKAGE_TARNAME "keepalived"| #define PACKAGE_VERSION "2.0.6"| #define PACKAGE_STRING "Keepalived 2.0.6"| #define PACKAGE_BUGREPORT "keepalived-devel@"| #define PACKAGE_URL "/"| #define PACKAGE "keepalived"| #define VERSION "2.0.6"| /* end confdefs.h. */|| int| main ()| {|| ;| return 0;| }configure:4133: error: in `/home/vie61jiexiang/lwj/keepalived-2.0.6':configure:4135: error: C compiler cannot create executablesSee `config.log' for more details然后检查gcc都是正常的：[root@abc ~]#[root@abc ~]# gcc -v使⽤内建 specs。