详细配置说明
keepalived只有一个配置文件/etc/keepalived/keepalived.conf
。
里面主要包括以下几个配置区域,分别是:
global_defs
static_ipaddress
static_routes
vrrp_script
vrrp_instance
virtual_server
1. global_defs区域
主要是配置故障发生时的通知对象以及机器标识。
1 2 3 4 5 6 7 8 9 10 11 12 global_defs { notification_email { a@abc.com b@abc.com ... } notification_email_from alert@abc.com smtp_server smtp.abc.com smtp_connect_timeout 30 enable_traps router_id host163 }
2. static_ipaddress和static_routes区域[可忽略]
static_ipaddress和static_routes区域配置的是是本节点的IP和路由信息。如果你的机器上已经配置了IP和路由,那么这两个区域可以不用配置。其实,一般情况下你的机器都会有IP地址和路由信息的,因此没必要再在这两个区域配置。
1 2 3 4 5 6 7 8 static_ipaddress { 10.210.214.163/24 brd 10.210.214.255 dev eth0 ... } static_routes { 10.0.0.0/8 via 10.210.214.1 dev eth0 ... }
3. vrrp_script区域
用来做健康检查的,当时检查失败时会将vrrp_instance的priority减少相应的值。
1 2 3 4 5 vrrp_script chk_http_port { script "</dev/tcp/127.0.0.1/80" interval 1 weight -10 }
4. vrrp_instance和vrrp_sync_group区域
vrrp_instance用来定义对外提供服务的VIP区域及其相关属性。
vrrp_rsync_group用来定义vrrp_intance组,使得这个组内成员动作一致。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 vrrp_sync_group VG_1 { group { inside_network outside_network ... } notify_master /path/to_master.sh notify_backup /path/to_backup.sh notify_fault "/path/fault.sh VG_1" notify /path/notify.sh smtp_alert } vrrp_instance VI_1 { state MASTER interface eth0 use_vmac dont_track_primary track_interface { eth0 eth1 } mcast_src_ip lvs_sync_daemon_interface eth1 garp_master_delay 10 virtual_router_id 1 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 12345678 } virtual_ipaddress { 10.210.214.253/24 brd 10.210.214.255 dev eth0 192.168.1.11/24 brd 192.168.1.255 dev eth1 } virtual_routes { 172.16.0.0/12 via 10.210.214.1 192.168.1.0/24 via 192.168.1.1 dev eth1 default via 202.102.152.1 } track_script { chk_http_port } nopreempt preempt_delay 300 debug notify_master| notify_backup| notify_fault| notify| smtp_alert }
5. virtual_server_group和virtual_server区域
virtual_server_group一般在超大型的LVS中用到,一般LVS用不到这东西。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 virtual_server IP Port { delay_loop lb_algo rr|wrr|lc|wlc|lblc|sh|dh lb_kind NAT|DR|TUN persistence_timeout persistence_granularity protocol TCP ha_suspend virtualhost alpha omega quorum hysteresis quorum_up| quorum_down| sorry_server real_server{ weight 1 inhibit_on_failure notify_up| notify_down| TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 23 bindto } HTTP_GET|SSL_GET { url { path digest status_code } connect_port connect_timeout nb_get_retry delay_before_retry } SMTP_CHECK { host { connect_ip connect_port bindto } connect_timeout 5 retry 3 delay_before_retry 2 helo_name | } MISC_CHECK { misc_path | misc_timeout misc_dynamic } } }