在sip业务中，kamailio算是比较重要的一个环节；kamailio高可用性建设也有很多中方案，本文在centos7采用的是虚拟ip漂移keepalived加sipsak的方式进行。这样就可以保证一台机器死掉以后另外一台机器随着虚拟IP的漂移能继续处理业务；另一方面，如果机器两台机器都没有宕机，而且只是kamailio进行挂掉了，也可以通过sipsak的健康检查，来使虚拟IP漂移，避免出现一台只有kamailio挂掉，机器还在keepalived还在，然后虚拟ip 不漂移的情况；

使用的开源库：keepalived + sipsak

 Keepalived 地址：https://github.com/acassen/keepalived.git
 sipsak地址：https://github.com/nils-ohlmeier/sipsak.git

keepalived 安装编译安装脚本：

yum install automake autoconf
yum install gcc openssl-devel libnl3-devel pcre-devel -y
git clone -b v2.1.5 https://github.com/acassen/keepalived.git
cd keepalived/
./autogen.sh
./configure --prefix=/usr/local/keepalived
make && make install
mkdir /etc/keepalived/
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
cp /opt/keepalived/keepalived/keepalived.service /etc/systemd/system/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
cp /opt/keepalived/keepalived/etc/init.d/keepalived /etc/init.d/
systemctl enable keepalived.service

Keepalived 一些相关操作：

systemctl daemon-reload  #重新加载
systemctl enable keepalived.service  #设置开机自动启动
systemctl disable keepalived.service #取消开机自动启动
systemctl start keepalived.service #启动
systemctl stop keepalived.service#停止

vim /lib/systemd/system/keepalived.service#打开keepalived.service文件,该文件主要配置keepalived service的内容如下：
[Unit]
Description=Keepalived
After=syslog.target network.target remote-fs.target nss-lookup.target
 
[Service]
Type=forking
PIDFile=/var/run/keepalived.pid
ExecStart=/usr/local/keepalived/sbin/keepalived -D
ExecReload=/bin/kill -s HUP $MAINPID
ExecStop=/bin/kill -s QUIT $MAINPID
PrivateTmp=true
 
[Install]
WantedBy=multi-user.target



ip addr #可以用此看到虚拟ip

sipsak编译安装：

cd sipsak
autoreconf --install
./configure
make
make install

主用服务配置keepalived.conf，该文件默认在/etc/keepalived/目录下：

! Configuration File for keepalived
  
   global_defs {
      notification_email {
       # acassen@firewall.loc
        #failover@firewall.loc
        #sysadmin@firewall.loc
      }
      #notification_email_from Alexandre.Cassen@firewall.loc
     #smtp_server 192.168.200.1
    # smtp_connect_timeout 30
     router_id LVS_DEVEL
     script_user root
     enable_script_security
     vrrp_skip_check_adv_addr
     vrrp_strict
    vrrp_garp_interval 0
  }
 vrrp_script  check_sip {
     script "/etc/keepalived/node01.sh" #sipsak 脚本
     interval 10
 }
 vrrp_instance VI_1 {
      state MASTER#主用标识
      interface eth0
      virtual_router_id 51
      priority 100#权重
      advert_int 1
      authentication {
          auth_type PASS
          auth_pass 1111
      }
      virtual_ipaddress {
        10.10.74.200#虚拟ip
      }
      track_script {
        check_sip#调用脚本函数
      }
  }

node01.sh 脚本内容：

   #!/bin/bash
  
   node01=10.10.74.186#主用KA服务器的地址
   node02=10.10.74.105#备用KA服务器的地址
   return_code=0 # success
  
   # check local instance
   timeout 5 sipsak -s sip:$node01:5060
   exit_status=$?
   if [[ $exit_status -eq 0 ]]; then
     echo "sip ping successful to node01 [$node01]"
     exit $return_code
   fi
 
   # local instance failed, check remote
   timeout 2 sipsak -s sip:$node02:5060
   exit_status=$?
   if [[ $exit_status -eq 0 ]]; then
     echo "sip ping successful to node02 [$node02]"
     return_code=1
   fi
 
   echo "return code [$return_code]"
  
   exit $return_code

备用服务配置keepalived.conf，该文件默认在/etc/keepalived/目录下：

! Configuration File for keepalived
  
   global_defs {
      notification_email {
       # acassen@firewall.loc
        #failover@firewall.loc
        #sysadmin@firewall.loc
      }
      #notification_email_from Alexandre.Cassen@firewall.loc
     #smtp_server 192.168.200.1
    # smtp_connect_timeout 30
     router_id LVS_DEVEL
     script_user root
     enable_script_security
     vrrp_skip_check_adv_addr
     vrrp_strict
    vrrp_garp_interval 0
  }
 vrrp_script  check_sip {
     script "/etc/keepalived/node02.sh" #sipsak 脚本
     interval 10
 }
 vrrp_instance VI_1 {
      state BACKUP#备用标识
      interface eth0
      virtual_router_id 51
      priority 50#权重
      advert_int 1
      authentication {
          auth_type PASS
          auth_pass 1111
      }
      virtual_ipaddress {
        10.10.74.200#虚拟ip
      }
      track_script {
        check_sip#调用脚本函数
      }
  }

node02.sh 脚本内容：

   #!/bin/bash
  
   node01=10.10.74.186#主用KA服务器的地址
   node02=10.10.74.105#备用KA服务器的地址
   return_code=1 # fail
  
   # check local instance
   timeout 5 sipsak -s sip:$node01:5060
   exit_status=$?
   if [[ $exit_status -eq 0 ]]; then
     echo "sip ping successful to node01 [$node01]"
     exit $return_code
   fi
 
   # local instance failed, check remote
   timeout 2 sipsak -s sip:$node02:5060
   exit_status=$?
   if [[ $exit_status -eq 0 ]]; then
     echo "sip ping successful to node02 [$node02]"
     return_code=1
   fi
 
   echo "return code [$return_code]"
  
   exit $return_code