keepalive安装配置

安装

Centos7.4

yum install keepalived

配置

Master服务器配置

[root@wsjy-proxy01 keepalived]# cat keepalived.conf 
global_defs {
    router_id lb-master
    enable_script_security
}

vrrp_script check-haproxy {
    script "/usr/bin/killall -0 nginx"
    interval 5
    weight -30
}

vrrp_instance kube-master {
    state MASTER
    priority 120
    dont_track_primary
    interface ens160
    virtual_router_id 88
    advert_int 1
    track_script {
        check-haproxy
    }
    authentication {
        auth_type PASS
        auth_pass 17908123
    }
    virtual_ipaddress {
        10.101.133.107
    }
}

Backup服务器配置

[root@wsjy-proxy2 keepalived]# cat keepalived.conf 
global_defs {
    router_id lb-backup
    enable_script_security
}

vrrp_script check-haproxy {
    script "/usr/bin/killall -0 nginx"
    interval 5
    weight -30
}

vrrp_instance kube-master {
    state BACKUP
    priority 110
    dont_track_primary
    interface ens160
    virtual_router_id 88
    advert_int 1
    track_script {
        check-haproxy
    }
    authentication {
        auth_type PASS
        auth_pass 17908123
    }
    virtual_ipaddress {
        10.101.133.107
    }
}

测试切换

Master 服务器上执行：

killall nginx

May 19 15:37:23 wsjy-proxy01 Keepalived_vrrp[2163]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
May 19 15:37:24 wsjy-proxy01 Keepalived_vrrp[2163]: VRRP_Instance(kube-master) Transition to MASTER STATE
May 19 15:38:13 wsjy-proxy01 Keepalived_vrrp[2163]: /usr/bin/killall -0 nginx exited with status 1
May 19 15:38:13 wsjy-proxy01 Keepalived_vrrp[2163]: VRRP_Script(check-haproxy) failed
May 19 15:38:13 wsjy-proxy01 Keepalived_vrrp[2163]: VRRP_Instance(kube-master) Changing effective priority from 120 to 90
May 19 15:38:14 wsjy-proxy01 Keepalived_vrrp[2163]: VRRP_Instance(kube-master) Received advert with higher priority 110, ours 90
May 19 15:38:14 wsjy-proxy01 Keepalived_vrrp[2163]: VRRP_Instance(kube-master) Entering BACKUP STATE
May 19 15:38:14 wsjy-proxy01 Keepalived_vrrp[2163]: VRRP_Instance(kube-master) removing protocol VIPs.

查看到MASTER切换为 BACKUP状态。

问题排查

Keepalived_vrrp[1019]: Cannot find script killall in path

killall 需要配置完整路径

#安装 killall 软件

yum install psmisc -y

如果未安装 psmisc，不存在 killall 命令。

SECURITY VIOLATION - scripts are being executed but script_security not enabled

在global_defs配置中添加： enable_script_security

global_defs {
router_id lb-master
enable_script_security
}