linux keepalived安装
Last updated on July 18, 2025 am
🧙 Questions
centos8.5安装配置keepalived
☄️ Ideas
rpm安装keepalived
需要安装包邮箱联系我
sudo rpm -ivh net-snmp-libs-5.7.2-49.el7.x86_64.rpm
rpm -ql net-snmp-agent-libs | grep libnetsnmpmibs.so
sudo rpm -ivh net-snmp-agent-libs-5.7.2-49.el7.x86_64.rpm
rpm -ql net-snmp-agent-libs | grep libnetsnmpagent.so
sudo rpm -ivh keepalived-1.3.5-19.el7.x86_64.rpm
keepalived --versionkeepalived命令
sudo systemctl stop keepalived
sudo systemctl reload keepalived
sudo systemctl restart keepalived
sudo systemctl enable keepalived
sudo systemctl start keepalived
sudo systemctl status keepalived配置文件
sudo vim /etc/keepalived/keepalived.conf注意事项1 - 关闭严格检查
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
# vrrp_skip_check_adv_addr # 最好关闭,默认为false
# vrrp_strict # 最好关闭严格检查
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER # 当前实例MASTER/BACKUP
interface eth0 # 绑定的网卡
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.16 label eth0:0 # 虚拟ip1
192.168.200.17 label eth0:1 # 最好添加标签 label eth0:0
192.168.200.18 label eth0:2
}
}主配置
Keepalived自v2.0以后支持多个节点同时为 MASTER,否则只能有一个MASTER
vrrp_instance VI_1 {
state MASTER # MASTER BACKUP
interface eth0 # 替换为实际网卡名
virtual_router_id 51 # VRID 标识,主备必须一致
priority 100 # 优先级MASTER比BACKUP高,MASTER:100
advert_int 1 # VRRP 报文发送间隔
authentication {
auth_type PASS
auth_pass 1111 # 认证密码,主备一致
}
virtual_ipaddress {
192.168.25.176 label eth0:0 # 虚拟 IP 地址
}
}从配置
vrrp_instance VI_1 {
state BACKUP
interface eth0 # 替换为实际网卡名
virtual_router_id 51 # 必须与 MASTER 一致
priority 99 # 低于 MASTER 的优先级,BACKUP:99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111 # 认证密码,主备一致
}
virtual_ipaddress {
192.168.25.176 # 虚拟 IP 地址
}
}监测连通性
ping 192.168.25.176
sudo tcpdump -i eth0 host 192.168.25.176 and icmp查看keepalived日志
sudo tail -f /var/log/messages
sudo journalctl -u keepalived -f脚本健康检查
sudo vim /etc/keepalived/check_app.sh#!/bin/bash
# 检查 nginx 是否在监听 80 端口
nc -z 127.0.0.1 80
if [ $? -eq 0 ]; then
exit 0
else
exit 1
fisudo chmod a+x /etc/keepalived/check_app.sh
sudo vim /etc/keepalived/keepalived.confvrrp_script check_app {
script "/etc/keepalived/check_app.sh"
interval 2 # 每2秒执行一次
timeout 2 # 脚本超时时间
rise 2 # 成功2次才认为服务正常
fall 3 # 失败3次才认为服务异常
}
vrrp_instance VI_1 {
...
track_script {
check_app
}
}sudo systemctl reload keepalived
sudo systemctl restart keepalived
sudo systemctl status keepalived网卡分析虚拟ip
注意:
关闭防火墙
systemctl stop firewalld
关闭iptables
firewall-cmd –add-icmp-block-inversion
firewall-cmd –add-rich-rule=’rule protocol value=”icmp” accept’
# 查看网卡是否绑定虚拟ip
sudo ip addr show eth0
# inet 192.168.25.176/32 scope global eth0
# 主节点才会有
# 检查网卡是否开启混合模型
ip link show eth0
# th0: <BROADCAST,MULTICAST,UP,LOWER_UP,PROMISC> ...
# 开启混合模式
# sudo ip link set eth0 promisc on
# 查看网卡
ip addr
ip addr show
# 查看路由表
ip route show
# 手动添加ip到路由表【临时】
#sudo ip route add 192.168.25.176 dev eth0 scope link
#sudo ip addr add 192.168.25.176 dev lo
# 永久添加ip到路由表
vim /etc/sysconfig/network-scripts/route-eth0
# 192.168.25.176 dev eth0 scope link
systemctl restart network # 重启网卡
# 查看虚拟ip映射
sudo ipvsadm -Lnnginx统一负载
sudo vim /usr/local/nginx/conf/nginx.confhttp {
upstream dehoop_nginx_servers {
ip_hash;
server 192.168.21.187:80 weight=1 max_fails=3 fail_timeout=30s;
server 192.168.21.188:80 weight=1 max_fails=3 fail_timeout=30s;
}
upstream dehoop_admin_servers {
ip_hash;
server 192.168.21.187:30104 weight=1 max_fails=3 fail_timeout=30s;
server 192.168.21.188:30104 weight=1 max_fails=3 fail_timeout=30s;
}
server {
...
location /dehoop/ {
proxy_pass http://dehoop_nginx_servers/;
}
location /dehoop-api/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_pass http://dehoop_admin_servers/;
}
location /dehoop-admin/app{
root /usr/local/nginx/html/;
index index.html;
try_files $uri $uri/ /dehoop-admin/app/index.html;
}
}
}初始化模版
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.16
192.168.200.17
192.168.200.18
}
}
virtual_server 192.168.200.100 443 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.201.100 443 {
weight 1
SSL_GET {
url {
path /
digest ff20ad2481f97b1754ef3e12ecd3a9cc
}
url {
path /mrtg/
digest 9b3a0c85a887a256d6939da88aabd8cd
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.2 1358 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
sorry_server 192.168.200.200 1358
real_server 192.168.200.2 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.200.3 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.3 1358 {
delay_loop 3
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.200.4 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.200.5 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}🔗 Links
linux keepalived安装
https://ispong.isxcode.com/os/linux/linux keepalived安装/