keepalived一参数详解与配置

1.备份原配置文件

[root@lb01 ~]# cd /etc/keepalived/
[root@lb01 keepalived]# cp keepalived.conf keepalived.conf.backup

2.参数解释

[root@lb01 keepalived]# head -n 30 keepalived.conf|cat -n
     1  ! Configuration File for keepalived ###注释
     2
     3  global_defs {###全局配置
     4     notification_email { ###keepalived故障时发送邮件的目的地址
     5       acassen@firewall.loc
     6       failover@firewall.loc
     7       sysadmin@firewall.loc
     8     }
     9     notification_email_from Alexandre.Cassen@firewall.loc       ###keepalived故障时发送邮件的源地址
    10     smtp_server 192.168.200.1 ###邮件smtp地址
    11     smtp_connect_timeout 30 ###连接smtp超时时间
    12     router_id LVS_DEVEL
    13  }
    14
    15  vrrp_instance VI_1 {###15-30行是一个实例配置，VI_1为实例名称，可修改
    16      state MASTER ###状态，可以是MASTER或BACKUP
    17      interface eth0 ###节点IP的网卡，用来发VRRP包。
    18      virtual_router_id 51###实例的ID
    19      priority 100 ###优先级，越大优先级越高
    20      advert_int 1 ###心跳间隔，一秒收不到心跳 备节点则接管
    21      authentication { ###服务之间密码认证
    22          auth_type PASS
    23          auth_pass 1111
    24      }
    25      virtual_ipaddress {###vip绑定，绑定到interface 设置的网卡
    26          192.168.200.16
    27          192.168.200.17
    28          192.168.200.18
    29      }
    30  }

3.配置

3.1 lb-01主节点配置

[root@lb01 keepalived]# ansible lb -m service -a "name=keepalived state=stopped"
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
   notification_email {
     123456-@qq.com
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_01
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.100/24
    }

3.1 lb-02备节点配置

[root@lb02 ~]# cat /etc/keepalived/keepalived.conf    
global_defs {
   notification_email {
     123456-@qq.com
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_02
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.100/24
    }   

4.启动keepalived

[root@lb01 ~]# ansible lb -m service -a "name=keepalived state=started"

5.验证

[root@lb01 ~]# ansible lb -m shell -a "ip add|grep 10.0.0.100"
10.0.0.10 | SUCCESS | rc=0 >>
    inet 10.0.0.100/24 scope global secondary eth0

10.0.0.11 | FAILED | rc=1 >>
non-zero return code
===》只有主节点10有100的IP，备节点是没有的。

5.1关掉主节点的keepalived后，查看备节点是否接管

[root@lb01 ~]# ansible 10.0.0.10 -m service -a "name=keepalived state=stopped"
10.0.0.10 | SUCCESS => {
    "changed": true, 
    "name": "keepalived", 
    "state": "stopped"
}
[root@lb01 ~]# ansible lb -m shell -a "ip add|grep 10.0.0.100"                
10.0.0.10 | FAILED | rc=1 >>
non-zero return code

10.0.0.11 | SUCCESS | rc=0 >>
    inet 10.0.0.100/24 scope global secondary eth0

5.2开启主节点，查看备节点是否释放

[root@lb01 ~]# ansible 10.0.0.10 -m service -a "name=keepalived state=started"
10.0.0.10 | SUCCESS => {
    "changed": true, 
    "name": "keepalived", 
    "state": "started"
}
[root@lb01 ~]# ansible lb -m shell -a "ip add|grep 10.0.0.100"
10.0.0.11 | SUCCESS | rc=0 >>
    inet 10.0.0.100/24 scope global secondary eth0

10.0.0.10 | FAILED | rc=1 >>
non-zero return code