本配置项是针对Keepalived v1.3.4 (02/18,2017):
#######################全局配置#################################
global_defs {
notification_email { #指定keepalived在发生切换时需要发送email到的对象,一行一个
sysadmin@fire.loc
}
notification_email_from Alexandre.Cassen@firewall.loc #指定发件人
smtp_server localhost #指定smtp服务器地址
smtp_connect_timeout 30 #指定smtp连接超时时间
router_id LVS_DEVEL #运行keepalived机器的一个标识
}
| keyworkd | definition | type |
| global_defs | identify the global def configuration block(全局配置) | |
| notification_email | email accounts that will receive the notification mail(收件人的电子邮件) | List(列表) |
| notification_email_from | email to use when processing “MAIL FROM:” SMTP command(发件人的电子邮件) | List |
| smtp_server | remote SMTP server to use for sending mail notifications(smtp服务器) | alphanum(字母数字) |
| smtp_connection_timeout | specify a timeout for SMTP stream processing(指定smtp连接超时时间) | numerical |
| lvs_id | specify the name of the LVS director (指定LVS控制器的名称) | alphanum |
############vrrp监控组实例###############
vrrp_sync_group string {
group { string(实例名)string}notify_master /path_to_script/script_master.sh(or notify_master “/path_to_script/script_master.sh <arg_list>”)notify_backup /path_to_script/script_backup.sh(or notify_backup “/path_to_script/script_backup.sh <arg_list>”)notify_fault /path_to_script/script_fault.sh(or notify_fault “/path_to_script/script_fault.sh <arg_list>”)}
notify_master:当keepalive状态为master的时候触动脚本
notify_backup:当keepalive状态是backup的时候触动脚本
notify_fault: 当keepalive状态失败的时候
#用vrrp_sync_group 统一监控的目的是,如果你有多个实例,一个内网段和一个外网段,当你外网端ok的时候,内网段有问题,vrrp_sync_group还是会切
vrrp_instance string { state MASTER|BACKUP (实例状态)interface string (心跳接口)mcast_src_ip @IP (组播源ip,默认是心跳接口ip)lvs_sync_daemon_interface string (指定的网络接口lv sync_daemon上运行,默认是心跳接口)virtual_router_id num (设置虚拟路由ID)priority num (优先级)advert_int num (间隔探测时间,默认1s)
smtp_alert (触发smtp)authentication { auth_type PASS|AH(认证类型)auth_pass string (认证密码)}
########################跟踪脚本#########
track_script {
chk_httpd
}
track_interface { (追踪接口,除了默认的心跳口)
eth0
}
virtual_ipaddress { # Block limited to 20 IP addresses(限制20个以内)
@IP(虚拟ip)@IP@IP}virtual_ipaddress_excluded { # Unlimited IP addresses number(不限制ip地址)@IP(虚拟ip)@IP@IP}notify_master /path_to_script/script_master.sh (同上)(or notify_master “/path_to_script/script_master.sh <arg_list>”)notify_backup /path_to_script/script_backup.sh(or notify_backup “/path_to_script/script_backup.sh <arg_list>”)notify_fault /path_to_script/script_fault.sh(or notify_fault “/path_to_script/script_fault.sh <arg_list>”)}
#########脚本检测#############
vrrp_script chk_httpd {
script "/etc/keepalived/check_httpd.sh"
interval 1 (间隔1秒)
weight 2 (权重,这个地方需要在后面的文章详细介绍一下)
fall 2 (需要请求2次失败,才叫失败,默认是1)
rise 2 (需要请求2次成功,才叫成功默认1,备注这个参数测试好像不行)
}
#######LVS#######################
virtual_server (@IP PORT)|(fwmark num) { delay_loop num(指定间隔检测时间)lb_algo rr|wrr|lc|wlc|sh|dh|lblc(调度算法)lb_kind NAT|DR|TUN(lvs模式)(nat_mask @IP)persistence_timeout num (会话保持时间)persistence_granularity @IP (?)virtualhost string (指定http虚拟头部)protocol TCP|UDP (指定协议)sorry_server @IP PORT (指定备用vs地址)real_server @IP PORT { weight num (权重)########tcp探测#######
TCP_CHECK { connect_port num (连接端口)connect_timeout num (超时时间)}}real_server @IP PORT { weight num
##########混合探测#####MISC_CHECK { misc_path /path_to_script/script.sh(脚本检测)(or misc_path “/path_to_script/script.sh <arg_list>”)}}}real_server @IP PORT { weight num
#####http和https检测#####HTTP_GET|SSL_GET { url { # You can add multiple url blockpath alphanum
status num (状态检测)digest alphanum (genhash,页面hash)}connect_port numconnect_timeout numnb_get_retry numdelay_before_retry num}}}