Centos5.8编译安装Keepalived和配置手册

in 互联网技术 with 0 comment  访问: 114 次

1. 添加安装源

现在市面上应该使用Centos/Redhat5.x系统的公司应该比较少了,基本上也就那些不擅变的传统企业里面还在用着,所以常规的我们知道163、阿里云的5.x的安装源已经不可用了,那只能用国外的vault了。

# vim /etc/yum.repos.d/CentOS-Base.repo 
[base]  
name=CentOS-$releasever - Base  
baseurl=http://vault.centos.org/5.11/os/$basearch/  
gpgcheck=1  
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5  

#released updates   
[updates]  
name=CentOS-$releasever - Updates  
baseurl=http://vault.centos.org/5.11/updates/$basearch/  
gpgcheck=1  
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5  

#additional packages that may be useful  
[extras]  
name=CentOS-$releasever - Extras  
baseurl=http://vault.centos.org/5.11/extras/$basearch/  
gpgcheck=1  
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5  

#additional packages that extend functionality of existing packages  
[centosplus]  
name=CentOS-$releasever - Plus  
baseurl=http://vault.centos.org/5.11/centosplus/$basearch/  
gpgcheck=1  
enabled=0  
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5  

#contrib - packages by Centos Users  
[contrib]  
name=CentOS-$releasever - Contrib  
baseurl=http://vault.centos.org/5.11/contrib/$basearch/  
gpgcheck=1  
enabled=0  
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-5

# yum clean all
# yum makecache

如果出现如下错误:

warning: rpmts_HdrFromFdno: Header V3 DSA signature: NOKEY, key ID e8562897

解决:

rpm -import http://centos.ustc.edu.cn/centos/RPM-GPG-KEY-CentOS-5

2. 安装

2.1 下载安装包

# wget --no-check-certificate  https://www.keepalived.org/software/keepalived-1.2.7.tar.gz

2.2 安装keepalived

安装依赖:

# yum -y install kernel-headers kernel-devel gcc openssl-devel
# mkdir -pv /data/app/keepalived/

编译安装:

# tar zxf keepalived-1.2.7.tar.gz
# cd keepalived-1.2.7
# ./configure --with-kernel-dir=/lib/modules/$(uname -r)/build --prefix=/data/app/keepalived/

checking return type of signal handlers... void
checking for gettimeofday... yes
checking for select... yes
checking for socket... yes
checking for strerror... yes
checking for strtol... yes
checking for uname... yes
configure: creating ./config.status
config.status: creating Makefile
config.status: creating genhash/Makefile
config.status: creating keepalived/core/Makefile
config.status: creating keepalived/include/config.h
config.status: creating keepalived.spec
config.status: creating keepalived/Makefile
config.status: creating lib/Makefile
config.status: creating keepalived/vrrp/Makefile
config.status: creating keepalived/check/Makefile
config.status: creating keepalived/libipvs-2.6/Makefile

Keepalived configuration
------------------------
Keepalived version       : 1.2.7
Compiler                 : gcc
Compiler flags           : -g -O2 -DETHERTYPE_IPV6=0x86dd
Extra Lib                : -lpopt -lssl -lcrypto 
Use IPVS Framework       : Yes
IPVS sync daemon support : Yes
IPVS use libnl           : No
Use VRRP Framework       : Yes
Use VRRP VMAC            : No
SNMP support             : No
Use Debug flags          : No

# make && make install

3. 拷贝启动脚本和修改配置文件

3.1 拷贝启动脚本和配置文件

scp /data/app/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/keepalived
scp /data/app/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived

mkdir -pv /etc/keepalived/
scp /data/app/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf

ln -s /data/app/keepalived/sbin/keepalived /bin/keepalived

3.2 修改配置文件

组播模式:

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id gs-ha1
   vrrp_skip_check_adv_addr
   vrrp_iptables
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_script chk_web {
    script "/data/app/scripts/check_web.sh"
    interval 2
    weight 2
}

vrrp_instance web4748 {
    state MASTER
    interface eth0
    virtual_router_id 64
    priority 100
    advert_int 3

    authentication {
        auth_type PASS
        auth_pass 4748
    }

    virtual_ipaddress {
        10.0.2.110/24 dev eth0 label eth0:1
    }

    track_script {
       chk_web
    }
}

备节点修改router_id,state, priority的值即可。

单播模式:

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {
   router_id gs-ha1
   vrrp_skip_check_adv_addr
   vrrp_iptables
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_script chk_web {
    script "/data/app/scripts/check_web.sh"
    interval 2
    weight 2
}

vrrp_instance web4748 {
    state MASTER
    interface eth0
    virtual_router_id 64
    priority 100
    advert_int 3

    # unicast配置段
    unicast_src_ip 10.0.2.104
    unicast_peer {
        10.0.2.105
    }
    # unicast配置段

    authentication {
        auth_type PASS
        auth_pass 4748
    }

    virtual_ipaddress {
        10.0.2.110/24 dev eth0 label eth0:1
    }
    track_script {
       chk_web
    }
}

备节点修改router_id,state, priority的值, 同时unicast配置段IP互换即可。

4. 启动服务

设置环境变量:

echo "KEEPALIVED_HOME=/data/app/keepalived" >> /etc/profile
echo "PATH=$PATH:$KEEPALIVED_HOME/sbin" >> /etc/profile
source /etc/profile

启动备节点gs-ha2:

/etc/init.d/keepalived start

抓包情况:

[root@gs-ha2 ~]# tcpdump -vv vrrp
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
17:17:23.109645 IP (tos 0xc0, ttl 255, id 24, offset 0, flags [none], proto: VRRP (112), length: 40) gs-ha2 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 64, prio 101, authtype simple, intvl 3s, length 20, addrs: 10.0.2.110 auth "4748^@^@^@^@"
17:17:26.110558 IP (tos 0xc0, ttl 255, id 25, offset 0, flags [none], proto: VRRP (112), length: 40) gs-ha2 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 64, prio 101, authtype simple, intvl 3s, length 20, addrs: 10.0.2.110 auth "4748^@^@^@^@"
17:17:29.111455 IP (tos 0xc0, ttl 255, id 26, offset 0, flags [none], proto: VRRP (112), length: 40) gs-ha2 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 64, prio 101, authtype simple, intvl 3s, length 20, addrs: 10.0.2.110 auth "4748^@^@^@^@"
17:17:32.112430 IP (tos 0xc0, ttl 255, id 27, offset 0, flags [none], proto: VRRP (112), length: 40) gs-ha2 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 64, prio 101, authtype simple, intvl 3s, length 20, addrs: 10.0.2.110 auth "4748^@^@^@^@"

4 packets captured
4 packets received by filter
0 packets dropped by kernel

启动主节点gs-ha1:

/etc/init.d/keepalived start

抓包:

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
17:18:50.169940 IP (tos 0xc0, ttl 255, id 11, offset 0, flags [none], proto: VRRP (112), length: 40) gs-ha1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 64, prio 102, authtype simple, intvl 3s, length 20, addrs: 10.0.2.110 auth "4748^@^@^@^@"
17:18:53.170782 IP (tos 0xc0, ttl 255, id 12, offset 0, flags [none], proto: VRRP (112), length: 40) gs-ha1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 64, prio 102, authtype simple, intvl 3s, length 20, addrs: 10.0.2.110 auth "4748^@^@^@^@"
17:18:56.171831 IP (tos 0xc0, ttl 255, id 13, offset 0, flags [none], proto: VRRP (112), length: 40) gs-ha1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 64, prio 102, authtype simple, intvl 3s, length 20, addrs: 10.0.2.110 auth "4748^@^@^@^@"
17:18:59.173634 IP (tos 0xc0, ttl 255, id 14, offset 0, flags [none], proto: VRRP (112), length: 40) gs-ha1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 64, prio 102, authtype simple, intvl 3s, length 20, addrs: 10.0.2.110 auth "4748^@^@^@^@"

4 packets captured
4 packets received by filter
0 packets dropped by kernel

在启动的过程中VIP从gs-ha2漂移到了gs-ha1了,绑定情况如下:

[root@gs-ha1 ~]# ifconfig -a
eth0      Link encap:Ethernet  HWaddr 00:1A:4A:16:01:51  
          inet addr:10.0.2.104  Bcast:10.0.2.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:798852 errors:0 dropped:0 overruns:0 frame:0
          TX packets:146861 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:63428896 (60.4 MiB)  TX bytes:80395096 (76.6 MiB)

eth0:1    Link encap:Ethernet  HWaddr 00:1A:4A:16:01:51  
          inet addr:10.0.2.110  Bcast:0.0.0.0  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

如果启动Keepalived查看/var/log/messages发现如下日志:

Nov 11 20:34:01 gs-ha1 Keepalived[2990]: Starting Keepalived v1.2.7 (11/11,2019) 
Nov 11 20:34:01 gs-ha1 Keepalived[2991]: Starting Healthcheck child process, pid=2992
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: Interface queue is empty
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: No such interface, sit0
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: Netlink reflector reports IP 10.0.2.104 added
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: Registering Kernel netlink reflector
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: Registering Kernel netlink command channel
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: Registering gratuitous ARP shared channel
Nov 11 20:34:01 gs-ha1 Keepalived[2991]: Starting VRRP child process, pid=2994
Nov 11 20:34:01 gs-ha1 kernel: IPVS: Registered protocols (TCP, UDP, AH, ESP)
Nov 11 20:34:01 gs-ha1 kernel: IPVS: Connection hash table configured (size=4096, memory=64Kbytes)
Nov 11 20:34:01 gs-ha1 kernel: IPVS: ipvs loaded.
Nov 11 20:34:01 gs-ha1 Keepalived_healthcheckers[2992]: Interface queue is empty
Nov 11 20:34:01 gs-ha1 Keepalived_healthcheckers[2992]: No such interface, sit0
Nov 11 20:34:01 gs-ha1 Keepalived_healthcheckers[2992]: Netlink reflector reports IP 10.0.2.104 added
Nov 11 20:34:01 gs-ha1 Keepalived_healthcheckers[2992]: Registering Kernel netlink reflector
Nov 11 20:34:01 gs-ha1 Keepalived_healthcheckers[2992]: Registering Kernel netlink command channel
Nov 11 20:34:01 gs-ha1 Keepalived_healthcheckers[2992]: Opening file '/etc/keepalived/keepalived.conf'.
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: Opening file '/etc/keepalived/keepalived.conf'.
Nov 11 20:34:01 gs-ha1 Keepalived_healthcheckers[2992]: Configuration is using : 5801 Bytes
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: Configuration is using : 60705 Bytes
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: Using LinkWatch kernel netlink reflector...
Nov 11 20:34:01 gs-ha1 Keepalived_healthcheckers[2992]: Using LinkWatch kernel netlink reflector...
Nov 11 20:34:01 gs-ha1 Keepalived_vrrp[2994]: VRRP sockpool: [ifindex(2), proto(112), fd(12,13)]
Nov 11 20:34:02 gs-ha1 Keepalived_vrrp[2994]: VRRP_Instance(web4748) Transition to MASTER STATE
Nov 11 20:34:03 gs-ha1 Keepalived_vrrp[2994]: VRRP_Instance(web4748) Entering MASTER STATE

No such interface, sit0的时候,需要进行如下操作,去除IPV6:

A. 编辑文件/etc/modprobe.conf

# vi /etc/modprobe.conf
install ipv6 /bin/true

B. 编辑文件/etc/sysconfig/network

# vi /etc/sysconfig/network
NETWORKING_IPV6=no
IPV6INIT=no

C. Restart networking service

# service network restart
# rmmod ipv6

D. reboot

# reboot

E. 确认

# lsmod | grep ipv6
# /sbin/ifconfig

参考:

http://blog.sina.com.cn/s/blog_677e53280100p4j9.html
https://segmentfault.com/a/1190000013214834
https://blog.51cto.com/crh1314/1285775
https://tecadmin.net/ip-failover-setup-using-keepalived-on-centos-redhat/
https://www.cyberciti.biz/faq/rhel-centos-fedora-keepalived-lvs-cluster-configuration/
https://blog.csdn.net/wzyzzu/article/details/50787042
https://blog.csdn.net/weixin_33953249/article/details/92146775
https://blog.csdn.net/weixin_42758707/article/details/98762998
http://arganzheng.life/keepalived-in-action.html

WeZan
Responses