linux keepalived安装

Last updated on May 30, 2025 am

🧙 Questions

centos8.5 安装keepalived

☄️ Ideas

rpm安装keepalived

sudo rpm -ivh net-snmp-agent-libs-5.7.2-49.el7.x86_64.rpm
rpm -ql net-snmp-agent-libs | grep libnetsnmpagent.so
sudo rpm -ivh net-snmp-libs-5.7.2-49.el7.x86_64.rpm
rpm -ql net-snmp-agent-libs | grep libnetsnmpmibs.so
sudo rpm -ivh keepalived-1.3.5-19.el7.x86_64.rpm
keepalived --version

启动keepalived命令

sudo systemctl start keepalived
sudo systemctl stop keepalived
sudo systemctl restart keepalived
sudo systemctl reload keepalived
sudo systemctl enable keepalived
sudo systemctl status keepalived

配置文件

sudo vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.16
        192.168.200.17
        192.168.200.18
    }
}

virtual_server 192.168.200.100 443 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.201.100 443 {
        weight 1
        SSL_GET {
            url {
              path /
              digest ff20ad2481f97b1754ef3e12ecd3a9cc
            }
            url {
              path /mrtg/
              digest 9b3a0c85a887a256d6939da88aabd8cd
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.2 1358 {
    delay_loop 6
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    sorry_server 192.168.200.200 1358

    real_server 192.168.200.2 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.3 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334c
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

virtual_server 10.10.10.3 1358 {
    delay_loop 3
    lb_algo rr 
    lb_kind NAT
    persistence_timeout 50
    protocol TCP

    real_server 192.168.200.4 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.200.5 1358 {
        weight 1
        HTTP_GET {
            url { 
              path /testurl/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl2/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            url { 
              path /testurl3/test.jsp
              digest 640205b7b0fc66c1ea91c463fac6334d
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

核心配置内容

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   # vrrp_strict           # 最好关闭严格检查
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER           # 当前实例MASTER/BACKUP
    interface eth0         # 绑定的网卡
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.16 label eth0:0 # 虚拟ip1 
        192.168.200.17 label eth0:1 # 最好添加标签  label eth0:0
        192.168.200.18 label eth0:2
    }
}

网卡分析虚拟ip

注意：
关闭防火墙
systemctl stop firewalld
关闭iptables
firewall-cmd –add-icmp-block-inversion
firewall-cmd –add-rich-rule=’rule protocol value=”icmp” accept’

# 查看网卡是否绑定虚拟ip
sudo ip addr show eth0
# inet 192.168.25.176/32 scope global eth0

# 检查网卡是否开启混合模型
ip link show eth0
# th0: <BROADCAST,MULTICAST,UP,LOWER_UP,PROMISC> ...
# 开启混合模式
ip link set eth0 promisc on

# 查看网卡
ip addr
ip addr show

# 查看路由表
ip route show

# 手动添加ip到路由表【临时】
ip route add 192.168.25.176 dev eth0 scope link

# 永久添加ip到路由表
vim /etc/sysconfig/network-scripts/route-eth0
# 192.168.25.176 dev eth0 scope link
systemctl restart network # 重启网卡

查看keepalived日志

tail -f /var/log/messages
journalctl -u keepalived -f

抓包检测请求

tcpdump -i eth0 host 192.168.25.176 and icmp

🔗 Links

centos docs

linux

linux keepalived安装

https://ispong.isxcode.com/os/linux/linux keepalived安装/

Author

ispong

Posted on

May 29, 2025

Licensed under

pytorch vllm使用 Next