配置Keepalived单实例实现单IP自动漂移接管

五郎.

　　本篇主要演示Keepalived高可用对之间的故障切换过程及详细配置，具体工作原理可以见上一篇博客《Keepalived学习总结》。

　　

　　实验要求 ==> 实现Keepalived高可用对之间的故障切换过程，配置的vrrp实例的VIP为192.168.10.66，可以将其配置在网卡别名上。
　　实验环境 ==> CentOS 7.x
　　实验目的 ==> 实现Keepalived高可用对之间的故障切换功能
　　实验主机 ==> 192.168.10.6（主机名：node1）、192.168.10.7（主机名：node2）
　　实验前提 ==> 高可用对之间时间同步（可通过周期性任务来实现）
　　实验操作如下。

　　

　　1、编辑keepalived配置文件

　　注意：使用vim打开/etc/keepalived/keepalived.conf后，先注释掉virtual_server相关的配置，可在末行模式下使用命令":.,$s/^/#/g"注释。
　　

　　2、启动keepalived服务
　　(1) 在node1（192.168.10.6）上
[root@node1 ~]# systemctl start keepalived.service# 启动keepalived服务
[root@node1 ~]# systemctl status keepalived.service# 查看keepalived服务状态
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2017-07-08 05:51:16 CST; 5s ago
      # 已经在运行中
  Process: 16520 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 16521 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─16521 /usr/sbin/keepalived -D
           ├─16522 /usr/sbin/keepalived -D
           └─16523 /usr/sbin/keepalived -D
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Netlink reflector reports IP 192.168.10.6 added
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Registering Kernel netlink reflector
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Registering Kernel netlink command channel
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Opening file '/etc/keepalived/keepalived.conf'.
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Configuration is using : 7429 Bytes
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Using LinkWatch kernel netlink reflector...
Jul 08 05:51:18 node1 Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Entering MASTER STATE
  # node1启动后状态为MASTER路由器
Jul 08 05:51:18 node1 Keepalived_vrrp[16523]: VRRP_Instance(VI_1) setting protocol VIPs.
Jul 08 05:51:18 node1 Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66
  # node1发送免费ARP通告虚拟路由所在的MAC地址（ens33）
Jul 08 05:51:18 node1 Keepalived_healthcheckers[16522]: Netlink reflector reports IP 192.168.10.66 added
# 已经添加虚拟路由IP（192.168.10.66）　　

　　同样的信息可在/var/log/message中获得。
[root@node1 ~]# tail -5 /var/log/messages
Jul  8 05:51:18 localhost Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Entering MASTER STATE
Jul  8 05:51:18 localhost Keepalived_vrrp[16523]: VRRP_Instance(VI_1) setting protocol VIPs.
Jul  8 05:51:18 localhost Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66
Jul  8 05:51:18 localhost Keepalived_healthcheckers[16522]: Netlink reflector reports IP 192.168.10.66 added
Jul  8 05:51:23 localhost Keepalived_vrrp[16523]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66　　

　　查看虚拟路由IP。
[root@node1 ~]# ip addr l
（...省略...）
ens33:  mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:13:d1:d8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.6/24 brd 192.168.10.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.10.66/32 scope global ens33# 已经配置了虚拟路由IP
       valid_lft forever preferred_lft forever　　

　　(2) 在node2（192.168.10.7）上
[root@node2 ~]# systemctl start keepalived.service
[root@node2 ~]# systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Sat 2017-07-08 06:48:36 CST; 30s ago
  Process: 14507 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 14508 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─14508 /usr/sbin/keepalived -D
           ├─14509 /usr/sbin/keepalived -D
           └─14510 /usr/sbin/keepalived -D
Jul 08 06:48:36 node2 Keepalived_vrrp[14510]: Configuration is using : 62884 Bytes
Jul 08 06:48:36 node2 Keepalived_vrrp[14510]: Using LinkWatch kernel netlink reflector...
Jul 08 06:48:36 node2 Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Entering BACKUP STATE
  # 启动后作为BACKUP路由器
Jul 08 06:48:36 node2 Keepalived_vrrp[14510]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Netlink reflector reports IP 192.168.10.7 added
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Registering Kernel netlink reflector
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Registering Kernel netlink command channel
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Opening file '/etc/keepalived/keepalived.conf'.
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Configuration is using : 7427 Bytes
Jul 08 06:48:36 node2 Keepalived_healthcheckers[14509]: Using LinkWatch kernel netlink reflector...　　

　　此时VIP应该只配置在node1的ens33接口上，而不是配置在本主机（node2）的ens34接口上。
[root@node2 ~]# ip a
ens34:  mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:68:80:eb brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.7/24 brd 192.168.10.255 scope global ens34
       valid_lft forever preferred_lft forever
       # BACKUP状态下没有配置VIP　　

　　3、暂停node1上的keepalived服务，测试node2节点是否会自动转变为MASTER状态
　　(1) 在node1（192.168.10.6）上
[root@node1 ~]# systemctl stop keepalived.service
[root@node1 ~]# tail /var/log/messages
Jul  8 06:58:20 localhost Keepalived[16723]: Stopping Keepalived v1.2.13 (11/05,2016)
# 关闭keepalived服务
Jul  8 06:58:20 localhost systemd: Stopping LVS and VRRP High Availability Monitor...
Jul  8 06:58:20 localhost Keepalived_vrrp[16725]: VRRP_Instance(VI_1) sending 0 priority
# 将自身优先级将为0，以让其它节点接任Master
Jul  8 06:58:20 localhost Keepalived_vrrp[16725]: VRRP_Instance(VI_1) removing protocol VIPs.
# 移除VIP
Jul  8 06:58:20 localhost Keepalived_healthcheckers[16724]: Netlink reflector reports IP 192.168.10.66 removed
# VIP已经从node1上移除
Jul  8 06:58:20 localhost systemd: Stopped LVS and VRRP High Availability Monitor.　　

　　查看ip地址。
[root@node1 ~]# ip a
ens33:  mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:13:d1:d8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.6/24 brd 192.168.10.255 scope global ens33
       valid_lft forever preferred_lft forever
       # node1已经移除了VIP　　

　　(2) 在node2（192.168.10.7）上
[root@node2 ~]# tail /var/log/messages
Jul  8 06:58:21 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jul  8 06:58:22 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Entering MASTER STATE
# node2转变为Master状态
Jul  8 06:58:22 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) setting protocol VIPs.
# node2设置VIP
Jul  8 06:58:22 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens34 for 192.168.10.66
# node2发送免费ARP，通告现在VIP对应的MAC地址
Jul  8 06:58:22 localhost Keepalived_healthcheckers[14509]: Netlink reflector reports IP 192.168.10.66 added
Jul  8 06:58:27 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens34 for 192.168.10.66　　

　　此时在node2的ens34接口上应该配置有VIP。
[root@node2 ~]# ip a
ens34:  mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:68:80:eb brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.7/24 brd 192.168.10.255 scope global ens34
       valid_lft forever preferred_lft forever
    inet 192.168.10.66/32 scope global ens34# VIP
       valid_lft forever preferred_lft forever　　

　　4、再次启动node1节点的keepalived服务，测试node1是否能够转变为Master状态，并夺回VIP
　　(1) 在node1（192.168.10.6）上
[root@node1 ~]# systemctl start keepalived.service
[root@node1 ~]# tail /var/log/messages
Jul  8 07:14:38 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jul  8 07:14:38 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election
Jul  8 07:14:39 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Entering MASTER STATE
Jul  8 07:14:39 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) setting protocol VIPs.
Jul  8 07:14:39 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66
Jul  8 07:14:39 localhost Keepalived_healthcheckers[16777]: Netlink reflector reports IP 192.168.10.66 added
Jul  8 07:14:44 localhost Keepalived_vrrp[16778]: VRRP_Instance(VI_1) Sending gratuitous ARPs on ens33 for 192.168.10.66
# node1再次发送免费ARP
[root@node1 ~]#
[root@node1 ~]#
[root@node1 ~]# ip a
ens33:  mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:13:d1:d8 brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.6/24 brd 192.168.10.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.10.66/32 scope global ens33# VIP已经夺回
       valid_lft forever preferred_lft forever　　

　　(2) 在node2（192.168.10.7）上
[root@node2 ~]# tail /var/log/messages
Jul  8 07:14:39 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Received higher prio advert
# node2收到node1发送的vrrp报文，发现node1的优先级比自己的高
Jul  8 07:14:39 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) Entering BACKUP STATE
# node2重新返回BACKUP状态
Jul  8 07:14:39 localhost Keepalived_vrrp[14510]: VRRP_Instance(VI_1) removing protocol VIPs.
Jul  8 07:14:39 localhost Keepalived_healthcheckers[14509]: Netlink reflector reports IP 192.168.10.66 removed
# node2将VIP移除　　

　　此时node2上应该没有配置VIP。
[root@node2 ~]# ip a
ens34:  mtu 1280 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:68:80:eb brd ff:ff:ff:ff:ff:ff
    inet 192.168.10.7/24 brd 192.168.10.255 scope global ens34
       valid_lft forever preferred_lft forever　　

　　测试演示完毕。
　　

　　补充：
　　此外，也可将VIP配置在网卡别名上，例如：
# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
...
    virtual_ipaddress {
        192.168.10.66 dev ens33 label ens33:0
    }
}　　这样配置的VIP则可以通过ifconfig命令来查看。