Keepalived用于搭建Nginx集群环境，需要建立虚拟IP，然后通过虚拟IP去当作前置IP，然后转发到真实IP。前提是路由器支持VRRP协议。

提醒

中标麒麟V10的系统需要省略安装gcc的操作，不然会导致系统崩溃。

环境说明：

• keepalived-2.2.7
• openssl-1.1.1q
• perl-5.30.1

下载安装包 安装包.zip

# 安装gcc，进入gcc文件夹
rpm -Uvh *.rpm --nodeps --force
rpm -Uvh zlib-devel-1.2.7-20.el7_9.x86_64.rpm

# 安装perl-5
tar -zxvf perl-5.30.1.tar.gz
cd perl-5.30.1
./Configure -des -Dprefix=$HOME/localperl
make && make install

# 安装openssl
tar -zxvf openssl-1.1.1q.tar.gz
cd openssl-1.1.1q
./config shared zlib  --prefix=/usr/local/openssl
# depend报错的原因是没有安装perl-5
make depend
make && make install

echo "/usr/local/lib64/" >> /etc/ld.so.conf
ldconfig
mv /usr/bin/openssl /usr/bin/openssl.old
ln -s /usr/local/openssl/bin/openssl /usr/bin/openssl
ln -s /usr/local/openssl/include/openssl /usr/include/openssl
echo "/usr/local/openssl/lib" >> /etc/ld.so.conf
ldconfig -v
openssl version

# 安装keepalived
tar -zxvf keepalived-2.2.7.tar.gz
cd keepalived-2.2.7/
./configure --prefix=/data/keepalived make && make install

操作防火墙，建议直接关闭

# 启动
systemctl start firewalld

# 停止
systemctl stop firewalld

# 启用
systemctl enable firewalld

# 禁用
systemctl disable firewalld

主机配置 - state MASTER

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.230.133
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.230.100
    }
}

副机配置 - state BACKUP

! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.230.134
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.230.100
    }
}

keepalived操作，如果启动失败，仔细查看提示日志

# 启动keepalived
systemctl start keepalived

# 重新启动keepalived
systemctl restart keepalived

# 查看keepalived状态
systemctl status keepalived

# 加入开机启动keepalived
systemctl enable keepalived

# 禁止开机启动keepalived
systemctl disable keepalived

查看keepalived.service

vi /lib/systemd/system/keepalived.service

实际keepalived.conf路径`

# 该路径下的keepalived.conf为实际keepalived.conf
whereis keepalived.pid

常见问题

• data目录下的keepalived.conf原名称为keepalived.conf.samples，需要去掉.samples
• OpenSSL EVP libraries are required，LDFLAGS="$LDFAGS -L /usr/local/openssl/lib" ./configure --prefix=/data/keepalived make && make install

To Be Continued！😎