- apt 安装
apt-get install -y keepalived
- 创建健康检查脚本 /etc/keepalived/check_haproxy.sh
#!/bin/bash
# 检查 HAProxy 进程是否存在
if [ $(ps -C haproxy --no-header | wc -l) -eq 0 ]; then
exit 1
fi
# 检查 HAProxy 端口是否监听
if ! netstat -tunlp | grep -q ":6443"; then
exit 1
fi
exit 0
- 设置脚本权限 & 测试
chmod +x /etc/keepalived/check_haproxy.sh
# 测试脚本
/etc/keepalived/check_haproxy.sh
echo $? # 返回 0 表示正常
- 配置 keepalived /etc/keepalived/keepalived.conf
主节点配置
! Configuration File for keepalived
global_defs {
router_id LB1
# 邮件通知(可选)
# notification_email {
# admin@example.com
# }
# notification_email_from keepalived@example.com
# smtp_server 127.0.0.1
# smtp_connect_timeout 30
}
# HAProxy 健康检查脚本
vrrp_script check_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 3 # 每3秒检查一次
weight -200 # 检测失败时,优先级-200
fall 2 # 连续2次失败才判定为失败
rise 2 # 连续2次成功才判定为成功
}
vrrp_instance VI_1 {
state MASTER # 主节点
interface ens33 # 网卡接口,根据实际情况修改
virtual_router_id 51 # VRRP 组ID,主备必须一致
priority 100 # 优先级,主节点高于备节点
advert_int 1 # VRRP 通告间隔,1秒
# 认证配置
authentication {
auth_type PASS
auth_pass K8s_HA_Pass # 认证密码,主备必须一致
}
# 虚拟IP配置
virtual_ipaddress {
192.168.174.200/24 # VIP地址
}
# 关联健康检查脚本
track_script {
check_haproxy
}
# 状态变化时执行的脚本(可选)
# notify_master "/etc/keepalived/notify.sh master"
# notify_backup "/etc/keepalived/notify.sh backup"
# notify_fault "/etc/keepalived/notify.sh fault"
}
备节点配置
! Configuration File for keepalived
global_defs {
router_id LB2
# 邮件通知(可选)
# notification_email {
# admin@example.com
# }
# notification_email_from keepalived@example.com
# smtp_server 127.0.0.1
# smtp_connect_timeout 30
}
# HAProxy 健康检查脚本
vrrp_script check_haproxy {
script "/etc/keepalived/check_haproxy.sh"
interval 3 # 每3秒检查一次
weight -200 # 检测失败时,优先级-200
fall 2 # 连续2次失败才判定为失败
rise 2 # 连续2次成功才判定为成功
}
vrrp_instance VI_1 {
state BACKUP # 主节点
interface ens33 # 网卡接口,根据实际情况修改
virtual_router_id 51 # VRRP 组ID,主备必须一致
priority 90 # 优先级,主节点高于备节点
advert_int 1 # VRRP 通告间隔,1秒
# 认证配置
authentication {
auth_type PASS
auth_pass K8s_HA_Pass # 认证密码,主备必须一致
}
# 虚拟IP配置
virtual_ipaddress {
192.168.174.200/24 # VIP地址
}
# 关联健康检查脚本
track_script {
check_haproxy
}
# 状态变化时执行的脚本(可选)
# notify_master "/etc/keepalived/notify.sh master"
# notify_backup "/etc/keepalived/notify.sh backup"
# notify_fault "/etc/keepalived/notify.sh fault"
}
- 重启 keepalived 应用配置
systemctl restart keepalived
- 验证安装成功
root@server-01:~# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host noprefixroute
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:5a:76:1b brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet 192.168.174.128/24 metric 100 brd 192.168.174.255 scope global dynamic ens33
valid_lft 1052sec preferred_lft 1052sec
inet 192.168.174.200/24 scope global secondary ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe5a:761b/64 scope link
valid_lft forever preferred_lft forever
网卡已成功配置 VIP
inet 192.168.174.200/24 scope global secondary ens33
valid_lft forever preferred_lft forever
