Suse Linux Server上源码安装Keepalived HA
提示:请先阅读一遍再进行操作,因为文档是边操作边写的,过程中有一些坑,先阅读一遍,可以避开
一:安装
**注:**如果的镜像源可以直接使用就忽略环境准备环节,直接使用源安装依赖sudo zypper in libnl3 libnl3-devel
环境准备【如果已有可以忽略】在执行Keepalived配置的时候会有提示
执行:./configure --prefix=/usr/local/keepalived
参考提示:*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
1.原始机器确实libnl-3包的依赖: libnl/libnl-3 dev
2. 获取依赖包:wget http://www.infradead.org/~tgr/libnl/files/libnl-3.2.25.tar.gz
3. 解压依赖包并编译安装:
<1>: tar -zxvf libnl-3.2.25.tar.gz
<2>: cd libnl-3.2.25
<3>: ./configure --prefix=/usr \
--sysconfdir=/etc \
--disable-static && make
<4>: sudo make install
安装完成后还是有问题,还是上面的提示,接着安装:libnl 和 libnl3-devel 这两个依赖
官方提示:对1.1.x版本的支持有限,只能根据要求提供后端端口。 不要开发基于libnl1的新应用程序,并考虑将应用程序移植到libnl3
- 这一步可能没必要【如果不好使请补上这一步】:
<1>: wget https://github.com/thom311/libnl/releases/download/libnl3_5_0/libnl-3.5.0.tar.gz
<2>: tar -zxvf libnl-3.5.0.tar.gz -C ~
<3>: cd libnl-3.5.0/
<4>: ./configure --prefix=/usr \
--sysconfdir=/etc \
--disable-static && make
<5>: sudo make install
- 依次安装依赖【依赖有先后顺序】:
- libnl-config依赖
<1>: wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home:/plater/Leap_15.1/noarch/libnl-config-3.4-lp151.80.4.noarch.rpm
# 如果直接执行安装就会报如下错误:sudo rpm -ivh libnl-config-3.4-lp151.80.4.noarch.rpm
# 使用zyppera安装也会报错:sudo zypper in libnl-config-3.4-lp151.80.4.noarch.rpm
# warning: libnl-config-3.4-lp151.80.4.noarch.rpm: Header V3 RSA/SHA256 Signature, key # ID 9e79112d: NOKEY
# Preparing... ################################# [100%]
# file /etc/libnl/classid from install of libnl-config-3.4-lp151.80.4.noarch # conflicts with file from package libnl-config-3.2.23-2.21.noarch
# file /etc/libnl/pktloc from install of libnl-config-3.4-lp151.80.4.noarch # conflicts with file from package libnl-config-3.2.23-2.21.noarch
# 文件有冲突,因为这个包已经安装过了,只是版本低而已
# 所以如果系统已经安装了【只是版本较低】只需要更新即可,如果原机器没有安装,这个命令同样可以安装而不是更新
<2>: sudo rpm -Uvh libnl-config-3.4-lp151.80.4.noarch.rpm
- libnl3-200依赖
<1>: wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home%3A/plater/Leap_15.1/x86_64/libnl3-200-3.4-lp151.80.4.x86_64.rpm
<2>: sudo rpm -Uvh libnl3-200-3.4-lp151.80.4.x86_64.rpm
- libnl3-devel依赖
<1>: wget ftp://ftp.pbone.net/mirror/ftp5.gwdg.de/pub/opensuse/repositories/home%3A/plater/Leap_15.1/x86_64/libnl3-devel-3.4-lp151.80.4.x86_64.rpm
<2>: sudo rpm -Uvh libnl3-devel-3.4-lp151.80.4.x86_64.rpm
- 依赖安装完后,开始安装Keepalived
<1>: cd keepalived-2.0.18
<2>: ./configure --prefix=/usr/local/keepalived # 指定安装目录
<3>: make
<4>: sudo make install
- 注册为系统服务:
<1>: sudo cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
在源文件的目录[注意:是解压文件的目录,不是安装文件的目录,安装文件的目录没有etc/init.d这个目录存在]下有两个个快捷启动文件一个是【解压目录keepalived/etc/init.d/keepalived文件】和【解压目录keepalived/etc/sysconfig/keepalived文件[这个文件和安装目录的一样,拷贝那个都行]】下一个keepalived.conf配置文件需要复制,具体执行如下命令:
拷贝解压目录的这个文件到系统的/etc/init.d目录下:
<2>: sudo cp /home/vi030241/keepalived-2.0.18/keepalived/etc/init.d/keepalived /etc/init.d/
<3>: sudo cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
# 或者,这两个文件一样
sudo cp /home/vi030241/keepalived-2.0.18/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
建立系统的keepalived.conf配置文件目录,然后拷贝配置文件到这个目录中
<4>: sudo mkdir /etc/keepalived/
<5>: sudo cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
到此Keepalived的安装就算完成了,接下来就是修改配置文件【两台机器安装操作类似】
二:配置
- 修改/etc/keepalived/keepalived.conf配置文件
MASTER:
! Configuration File for keepalived
global_defs {
notification_email {
[email protected] #下面几行均为全局通知配置,可以实现出现问题后报警,但功能有限,因此注释掉,并采用Nagios监视lvs运行情况
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id cc_monitor_HA # 这种唯一ID,主备相同,在一个网络内应该是唯一的
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 { # 设置vrrp组,唯一且同一LVS服务器组要相同
state BACKUP # 设置为非抢占模式,两个节点都必须设置为BACKUP,通过priority参数来确定MASTER
interface eth0 # 设置对外服务的接口
virtual_router_id 51 #设置虚拟路由标识
priority 150 # MASTER的值至少大于BACKUP 50个点以上
advert_int 1 # 设置同步时间间隔
nopreempt # 设置为非抢占模式,而且只在MASTER一侧设置,BACKUP不能设置【参考官网对改属性的说明】
authentication { # 设置验证类型和密码,master和buckup一定要设置一样
auth_type PASS
auth_pass 1qaz!QAZ...
}
virtual_ipaddress {
10.188.146.XXX # 虚拟IP,自己机器试验的同一网段即可,因为是客户机器,本IP可能是客户提供、可以多个,每个占一行
}
}
# 配置LVS的,如果配了,启动会报下面的截图的错误,不是配置的问题,是机器本身的原因
#virtual_server 10.188.XXX.YYY 8090 {
# delay_loop 3 # 健康检查时间间隔,单位s
# 1:轮叫调度(Round-Robin Scheduling)
# 2: 加权轮叫调度(Weighted Round-Robin Scheduling)
# 3:最小连接调度(Least-Connection Scheduling)
# 4:加权最小连接调度(Weighted Least-Connection Scheduling)
# 5:基于局部性的最少链接(Locality-Based Least Connections Scheduling)
# 6:带复制的基于局部性最少链接(Locality-Based Least Connections with Replication Scheduling)
# 7:目标地址散列调度(Destination Hashing Scheduling)
# 8:源地址散列调度(Source Hashing Scheduling)
# 9:最短预期延时调度(Shortest Expected Delay Scheduling)
# 10:不排队调度(Never Queue Scheduling)
# 对应: rr|wrr|lc|wlc|lblc|lblcr|dh|sh|sed|nq
# lb_algo wrr # 负载均衡调度算法设置为加权轮叫、默认是轮询rr
# lb_kind NAT # 负载均衡转发规则
# nat_mask 255.255.255.0 # 网络掩码,DR转发规则模式要保障真实服务器和lvs在同一网段
# persistence_timeout 50 # 会话保持时间,单位s
# protocol TCP # 协议
#
# real_server 10.188.XXX.YYY 8090 { # 真实服务器配置,8090表示端口
# weight 3 # 权重
# HTTP_GET {
# url {
# path /
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
#
# real_server可以配置多个
# real_server 10.188.XXX.YYY 8090 {
# weight 1
# 举例说明
# eg1:
# TCP_CHECK { # 服务器检测方式设置 keepalived的健康检查方式 有:HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK
# connect_timeout 5 # 连接超时时间
# nb_get_retry 3 # 失败重试次数
# delay_before_retry 3 # 失败重试的间隔时间
# connect_port 8090 # 连接的后端端口
}
# eg2:
# HTTP_GET {
# url {
# path /
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
#}
BACKUP:
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id cc_monitor_HA # 参考上面的说明
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP # 参考上面的说明
interface eth0
virtual_router_id 51
priority 99 # 参考上面的说明
advert_int 1
authentication {
auth_type PASS
auth_pass 1qaz!QAZ...
}
virtual_ipaddress {
10.188.146.254 # 参考上面的说明
}
}
#virtual_server 10.188.XXX.YYY 8090 {
# delay_loop 3
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
#
# real_server 10.188.XXX.YYY 8090 {
# weight 3
# TCP_CHECK { # 服务器检测方式设置 keepalived的健康检查方式 有:HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK
# connect_timeout 5 # 连接超时时间
# nb_get_retry 3 # 失败重试次数
# delay_before_retry 3 # 失败重试的间隔时间
# connect_port 8090 # 连接的后端端口
}
# HTTP_GET {
# url {
# path /
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
#
# real_server 10.188.XXX.YYY 8090 {
# weight 1
# HTTP_GET {
# url {
# path /
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
#}
更多配置参数及配置参数的意思参考官方文档
wget ftp://ftp.pbone.net/mirror/ftp.opensuse.org/distribution/leap/15.1/repo/oss/x86_64/ipvsadm-1.29-lp151.3.3.x86_64.rpm
如何上来就把LVS配上,启动Keepalived的时候就报下面的错误【服务器的原因,没有IPVS模块,这里不管,因为这里不需要配置LVS,所以上面被注释的配置不用打开,这样就没有问题】
-
注释掉上面LVS的配置后就可以正常启动了
启动后优先级设置得高的通过竞选成为MASTER,另外一台则就是BACKUP
可以通过sudo less /var/log/messages日志文件查看到,这里就不截图了
同时可以使用: ip add show 来查看VIP的飘移绑定情况
-
测试杀死MASTER,查看BACKUP是否会接管成为MASTER,然后启动MASTER,看是否会抢占
sudo pkill keepalived 然后查看日志 sudo less /var/log/messages 并查看BACKUP的VIP绑定 ip add show
然后重新启动杀死的MASTER sudo /usr/sbin/keepalived 然后查看日志,看VIP绑定情况
- 接下来解释一下非抢占模式:意思是Keepalived也有可能挂掉的可能,那么假设MASTER挂掉只会,BACKUP会切换为MASTER,那么当挂掉的这个MASTER修好后,又启动了,此时接管BACKUP已经是MASTER了,那么他是继续当MASTER还是交出管理权给修改的机器,主动变成BACKUP?那就和刚刚上面设置的nopreempt参数有个了,如果设置了就不强占,修好的主动成为BACKUP,即使他的优先级高,这是也没用,接管的还是MASTER,这样可以提升性能,如果经常的切换是耗性能的,如果是BACKUP机器挂掉了就没这个现象,因为他本身就不是MASTER