12.3.4 启动与自启动管理

在完成安装与基础配置后,需要确保 Keepalived 能够正确启动并随系统自启动。本节以 systemd 为主,同时兼容 SysVinit,并给出启动原理草图、命令示例、排错步骤与练习。

启动与自启动管理原理草图

文章图片

1. systemd 管理(推荐)
适用于 CentOS 7+/Ubuntu 16+ 等发行版。

  • 启动/停止/重启/状态/自启:
# 启动服务
systemctl start keepalived

# 停止服务
systemctl stop keepalived

# 重启服务
systemctl restart keepalived

# 查看运行状态
systemctl status keepalived

# 设置开机自启
systemctl enable keepalived

# 取消开机自启
systemctl disable keepalived
  • 可选:自定义启动参数(systemd drop-in)
# 创建 drop-in 目录
mkdir -p /etc/systemd/system/keepalived.service.d

# 编辑覆盖配置
cat > /etc/systemd/system/keepalived.service.d/override.conf <<'EOF'
[Service]
Environment="KEEPALIVED_OPTIONS=-D -d -S 0"
EOF

# 重新加载 systemd 配置并重启
systemctl daemon-reload
systemctl restart keepalived

命令解释
- systemctl start/stop/restart:启动/停止/重启 keepalived 服务
- systemctl status:查看主进程、最近日志、退出码
- systemctl enable:创建开机自启链接
- KEEPALIVED_OPTIONS=-D -d -S 0:启用更详细的调试输出、指定 syslog facility

2. SysVinit 管理(旧系统兼容)
适用于 CentOS 6 等旧系统。

# 启动服务
/etc/init.d/keepalived start

# 停止服务
/etc/init.d/keepalived stop

# 重启服务
/etc/init.d/keepalived restart

# 设置开机自启
chkconfig keepalived on

# 查看自启状态
chkconfig --list keepalived

3. 启动前检查要点(含示例) 

# 1) 配置文件语法检查(keepalived 自带校验)
keepalived -t -f /etc/keepalived/keepalived.conf

# 2) 内核参数(示例)
sysctl -a | grep -E "ip_nonlocal_bind|rp_filter"

# 3) 防火墙放行 VRRP 协议(IP 协议号 112)
# firewalld 示例:
firewall-cmd --permanent --add-protocol=vrrp
firewall-cmd --reload

4. 启动后验证(含期望效果) 

# 查看进程
ps -ef | grep keepalived | grep -v grep

# 查看 VIP 是否已绑定(以 192.168.10.100 为例)
ip addr | grep 192.168.10.100

# 查看日志(systemd)
journalctl -u keepalived -n 50 --no-pager

期望效果:服务状态为 active (running),VIP 出现在 ip addr 输出中,日志中包含 Entering MASTER STATEEntering BACKUP STATE

5. 常见启动失败排错 

# 1) 配置语法错误
keepalived -t -f /etc/keepalived/keepalived.conf

# 2) 端口与协议阻断
tcpdump -i eth0 proto 112

# 3) 进程退出码查看
systemctl status keepalived | sed -n '1,15p'

# 4) 日志关键字筛选
journalctl -u keepalived | egrep -i "error|fail|vrrp"

常见原因:配置语法错误、接口名写错、VRRP 协议未放行、缺少权限或内核参数。

6. 练习与操作任务
1. 使用 systemctl 启动 keepalived 并设置自启,重启机器后验证服务自动运行。
2. 人为写入一个错误参数(如错误接口名),执行 keepalived -t 找出错误并修复。
3. 使用 journalctl 定位最近 50 行日志,记录进入 MASTER/BACKUP 状态的时间点。