cat > /etc/keepalived/keepalived.conf << EOF
global_defs {
  router_id k8s-master-dr
  script_user root
  enable_script_security
}

vrrp_script check_nginx {
 script "/etc/keepalived/check_nginx.sh"
 interval 3
 weight -2
 fall 2
 rise 2
}

vrrp_instance VI_K8S {
   state BACKUP
   interface eth0
   virtual_router_id 60
   priority 101
   nopreempt
   authentication {
       auth_type PASS
       auth_pass 4be37dc3b4c90194d1600c483e10ad1d
   }
   virtual_ipaddress {
       172.40.0.60
   }
   track_script {
       check_nginx
   }
}
EOF

cat > /etc/keepalived/keepalived.conf << EOF
global_defs {
  router_id k8s-master-dr
  script_user root
  enable_script_security
}

vrrp_script check_nginx {
 script "/etc/keepalived/check_nginx.sh"
 interval 3
 weight -2
 fall 2
 rise 2
}

vrrp_instance VI_K8S {
   state BACKUP
   interface eth0
   virtual_router_id 60
   priority 100
   nopreempt
   authentication {
       auth_type PASS
       auth_pass 4be37dc3b4c90194d1600c483e10ad1d
   }
   virtual_ipaddress {
       172.40.0.60
   }
   track_script {
       check_nginx
   }
}
EOF

cat > /etc/keepalived/check_nginx.sh << \EOF
#!/bin/bash
pidof nginx                           #检查memcached服务
if [[ $? == 0 ]];then                           #检查成功
  /sbin/iptables -S | grep vrrp
  if [[ $? == 0 ]]; then                        #如果iptable中有vrrp的配置，删除它
    /sbin/iptables -D OUTPUT -p vrrp -j DROP
  fi
  exit 0
else                                            #检查失败
  /sbin/iptables -S | grep vrrp
  if [[ $? != 0 ]]; then
    /sbin/iptables -A OUTPUT -p vrrp -j DROP    #如果iptable中没有vrrp的条目，禁止vrrp发出
  fi
  exit 1
fi
EOF
chmod 755 /etc/keepalived/check_nginx.sh