keepalived 高可用主备VIP快速部署
登录
标签搜索
侧边栏壁纸
博主昵称
王忘杰

  • 累计撰写 282 篇文章
  • 累计收到 179 条评论
技术相关

keepalived 高可用主备VIP快速部署

王忘杰
王忘杰
2025-04-30 / 0 评论 / 42 阅读 / 正在检测是否收录...

maerc6sn.png

IP规划

192.168.4.20 VIP虚拟地址
192.168.4.21 keepalived1
192.168.4.22 keepalived2

网卡为 ens192

系统为Anolis8 龙蜥8

关闭防火墙

systemctl stop firewalld && systemctl disable firewalld

keepalived默认使用112端口

软件安装

主机1
192.168.4.21 keepalived1
安装

yum install -y keepalived

配置文件备份

cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

编辑
vi /etc/keepalived/keepalived.conf


! Configuration File for keepalived

global_defs {
   router_id keepalived1   #只是名字而已,辅节点改为keepalived2(两个名字一定不能一样)
}

vrrp_instance VI_1 {
    state MASTER        #定义主还是备,备用的话写backup
    interface ens192     #VIP绑定接口
    virtual_router_id 66  #整个集群的调度器一致(在同一个集群)
    priority 100         #(优先权)back改为50(50一间隔)
    advert_int 1         #发包
    authentication {
        auth_type PASS      #主备节点认证
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.4.20/24    #VIP(自己网段的)
    }
}

主机2
192.168.4.22 keepalived2
安装软件

yum install -y keepalived

配置文件备份

cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

编辑
vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id keepalived2
}
vrrp_instance VI_1 {
    state BACKUP    #设置为backup
    interface ens192
    nopreempt        #设置到back上面,不抢占资源
    virtual_router_id 66
    priority 50   #辅助改为50
    advert_int 1    #检测间隔1s
    authentication {
        auth_type PASS
        auth_pass 1111            #认证类型和密码主备一样,要不然无法互相认证
    }
    virtual_ipaddress {
        192.168.4.20/24   #抢占的VIP也一样
    }
}

启动服务

systemctl enable --now keepalived

重启主机1,VIP自动漂移到主机2,启动主机1,VIP漂回来

配置业务

在两台主机上安装nginx

yum install nginx -y
systemctl enable --now nginx

两台主机显示不同网页
主机1

echo "keepalived1 nginx" > /usr/share/nginx/html/index.html

主机2

echo "keepalived2 nginx" > /usr/share/nginx/html/index.html

两台主机访问nginx业务正常

配置nginx高可用检测

两台主机均编写脚本
vi /etc/keepalived/check_nginx.sh
通过端口监听判断业务是否正常,几乎适用于所有业务,如MQ、nginx、OBProxy等等

#!/bin/bash

# 检查80端口是否有监听
if ss -tuln | grep -q ':80\b'; then
    exit 0  # 检测成功,返回0
else
    exit 1  # 检测失败,返回1
fi

配置keepalived1
192.168.4.21 keepalived1
执行权限

chmod +x /etc/keepalived/check_nginx.sh

编辑配置文件
vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id keepalived1   #只是名字而已,辅节点改为keepalived2(两个名字一定不能一样)
}
vrrp_script check_nginx {
   script "/etc/keepalived/check_nginx.sh"
   interval 2  #每2秒执行一次
}

vrrp_instance VI_1 {
    state MASTER        #定义主还是备,备用的话写backup
    interface ens192     #VIP绑定接口
    virtual_router_id 66  #整个集群的调度器一致(在同一个集群)
    priority 100         #(优先权)back改为50(50一间隔)
    advert_int 1         #发包
    authentication {
        auth_type PASS      #主备节点认证
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.4.20/24    #VIP(自己网段的)
    }
    track_script {
        check_nginx
    }
}

配置keepalived2
192.168.4.22 keepalived2
执行权限

chmod +x /etc/keepalived/check_nginx.sh

编辑配置文件
vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id keepalived2
}
vrrp_script check_nginx {
   script "/etc/keepalived/check_nginx.sh"
   interval 2  #每2秒执行一次
}
vrrp_instance VI_1 {
    state BACKUP    #设置为backup
    interface ens192
    nopreempt        #设置到back上面,不抢占资源
    virtual_router_id 66
    priority 50   #辅助改为50
    advert_int 1    #检测间隔1s
    authentication {
        auth_type PASS
        auth_pass 1111            #认证类型和密码主备一样,要不然无法互相认证
    }
    virtual_ipaddress {
        192.168.4.20/24   #抢占的VIP也一样
    }
    track_script {
        check_nginx
    }
}

改完配置文件两台主机都需要重启keepalived服务

关闭主机1的nginx服务,VIP自动漂移到主机2,启动主机1的nginx服务,VIP漂回来

配置为单播,抵御脑裂

配置keepalived1
192.168.4.21 keepalived1
编辑配置文件
vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id keepalived1   #只是名字而已,辅节点改为keepalived2(两个名字一定不能一样)
}
vrrp_script check_nginx {
   script "/etc/keepalived/check_nginx.sh"
   interval 2  #每2秒执行一次
}

vrrp_instance VI_1 {
    state MASTER        #定义主还是备,备用的话写backup
    interface ens192     #VIP绑定接口
    virtual_router_id 66  #整个集群的调度器一致(在同一个集群)
    priority 100         #(优先权)back改为50(50一间隔)
    advert_int 1         #发包
    authentication {
        auth_type PASS      #主备节点认证
        auth_pass 1111
    }
    unicast_src_ip 192.168.4.21 #本机ip
    unicast_peer {
        192.168.4.22 #其他机器ip,可多个
    }
    virtual_ipaddress {
        192.168.4.20/24    #VIP(自己网段的)
    }
    track_script {
        check_nginx
    }
}

配置keepalived2
192.168.4.22 keepalived2
编辑配置文件
vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id keepalived2
}
vrrp_script check_nginx {
   script "/etc/keepalived/check_nginx.sh"
   interval 2  #每2秒执行一次
}
vrrp_instance VI_1 {
    state BACKUP    #设置为backup
    interface ens192
    nopreempt        #设置到back上面,不抢占资源
    virtual_router_id 66
    priority 50   #辅助改为50
    advert_int 1    #检测间隔1s
    authentication {
        auth_type PASS
        auth_pass 1111            #认证类型和密码主备一样,要不然无法互相认证
    }
    unicast_src_ip 192.168.4.22 #本机ip
    unicast_peer {
        192.168.4.21 #其他机器ip,可多个
    }
    virtual_ipaddress {
        192.168.4.20/24   #抢占的VIP也一样
    }
    track_script {
        check_nginx
    }
}

改完配置文件两台主机都需要重启keepalived服务

总结

简单好用!

0
暂无标签
版权属于: 王忘杰
本文链接: https://90apt.com/5722
作品采用: 署名-非商业性使用-相同方式共享 4.0 国际 (CC BY-NC-SA 4.0) 》许可协议授权

评论

博主关闭了所有页面的评论