keepalived 高可用主备VIP快速部署
IP规划
192.168.4.20 VIP虚拟地址
192.168.4.21 keepalived1
192.168.4.22 keepalived2网卡为 ens192
系统为Anolis8 龙蜥8
关闭防火墙
systemctl stop firewalld && systemctl disable firewalld软件安装
主机1 192.168.4.21 keepalived1 安装
yum install -y keepalived配置文件备份
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak 编辑 vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id keepalived1 #只是名字而已,辅节点改为keepalived2(两个名字一定不能一样)
}
vrrp_instance VI_1 {
state MASTER #定义主还是备,备用的话写backup
interface ens192 #VIP绑定接口
virtual_router_id #整个集群的调度器一致(在同一个集群)
priority #(优先权)back改为50(50一间隔)
advert_int #发包
authentication {
auth_type PASS #主备节点认证
auth_pass
}
virtual_ipaddress {
192.168.4.20/24 #VIP(自己网段的)
}
}主机2 192.168.4.22 keepalived2 安装软件
yum install -y keepalived配置文件备份
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak编辑 vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id keepalived2
}
vrrp_instance VI_1 {
state BACKUP #设置为backup
interface ens192
nopreempt #设置到back上面,不抢占资源
virtual_router_id
priority #辅助改为50
advert_int #检测间隔1s
authentication {
auth_type PASS
auth_pass #认证类型和密码主备一样,要不然无法互相认证
}
virtual_ipaddress {
192.168.4.20/24 #抢占的VIP也一样
}
}启动服务
systemctl enable --now keepalived重启主机1,VIP自动漂移到主机2,启动主机1,VIP漂回来
配置业务
在两台主机上安装nginx
yum install nginx -y
systemctl enable --now nginx两台主机显示不同网页 主机1
echo"keepalived1 nginx"> /usr/share/nginx/html/index.html主机2
echo"keepalived2 nginx"> /usr/share/nginx/html/index.html两台主机访问nginx业务正常
配置nginx高可用检测
两台主机均编写脚本 vi /etc/keepalived/check_nginx.sh 通过端口监听判断业务是否正常,几乎适用于所有业务,如MQ、nginx、OBProxy等等
#!/bin/bash
# 检查80端口是否有监听
if ss -tuln |grep -q ':80\b';then
exit# 检测成功,返回0
else
exit# 检测失败,返回1
fi配置keepalived1 192.168.4.21 keepalived1 执行权限
chmod +x /etc/keepalived/check_nginx.sh编辑配置文件 vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id keepalived1 #只是名字而已,辅节点改为keepalived2(两个名字一定不能一样)
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval #每2秒执行一次
}
vrrp_instance VI_1 {
state MASTER #定义主还是备,备用的话写backup
interface ens192 #VIP绑定接口
virtual_router_id #整个集群的调度器一致(在同一个集群)
priority #(优先权)back改为50(50一间隔)
advert_int #发包
authentication {
auth_type PASS #主备节点认证
auth_pass
}
virtual_ipaddress {
192.168.4.20/24 #VIP(自己网段的)
}
track_script {
check_nginx
}
}配置keepalived2 192.168.4.22 keepalived2 执行权限
chmod +x /etc/keepalived/check_nginx.sh编辑配置文件 vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id keepalived2
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval #每2秒执行一次
}
vrrp_instance VI_1 {
state BACKUP #设置为backup
interface ens192
nopreempt #设置到back上面,不抢占资源
virtual_router_id
priority #辅助改为50
advert_int #检测间隔1s
authentication {
auth_type PASS
auth_pass #认证类型和密码主备一样,要不然无法互相认证
}
virtual_ipaddress {
192.168.4.20/24 #抢占的VIP也一样
}
track_script {
check_nginx
}
}改完配置文件两台主机都需要重启keepalived服务
关闭主机1的nginx服务,VIP自动漂移到主机2,启动主机1的nginx服务,VIP漂回来
配置为单播,抵御脑裂
配置keepalived1 192.168.4.21 keepalived1 编辑配置文件 vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id keepalived1 #只是名字而已,辅节点改为keepalived2(两个名字一定不能一样)
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval #每2秒执行一次
}
vrrp_instance VI_1 {
state MASTER #定义主还是备,备用的话写backup
interface ens192 #VIP绑定接口
virtual_router_id #整个集群的调度器一致(在同一个集群)
priority #(优先权)back改为50(50一间隔)
advert_int #发包
authentication {
auth_type PASS #主备节点认证
auth_pass
}
unicast_src_ip 192.168.4.21 #本机ip
unicast_peer {
192.168.4.22 #其他机器ip,可多个
}
virtual_ipaddress {
192.168.4.20/24 #VIP(自己网段的)
}
track_script {
check_nginx
}
}配置keepalived2 192.168.4.22 keepalived2 编辑配置文件 vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id keepalived2
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx.sh"
interval #每2秒执行一次
}
vrrp_instance VI_1 {
state BACKUP #设置为backup
interface ens192
nopreempt #设置到back上面,不抢占资源
virtual_router_id
priority #辅助改为50
advert_int #检测间隔1s
authentication {
auth_type PASS
auth_pass #认证类型和密码主备一样,要不然无法互相认证
}
unicast_src_ip 192.168.4.22 #本机ip
unicast_peer {
192.168.4.21 #其他机器ip,可多个
}
virtual_ipaddress {
192.168.4.20/24 #抢占的VIP也一样
}
track_script {
check_nginx
}
}改完配置文件两台主机都需要重启keepalived服务
总结
简单好用!
本文参与 腾讯云自媒体同步曝光计划,分享自微信公众号。
原始发表:2025-04-30,如有侵权请联系 cloudcommunity@tencent.com 删除
评论
登录后参与评论
推荐阅读
目录
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号