Keepalived(高可用的软件)
两大功能:
(1)健康检查(healthcheck):检查下面节点的状态
(2)失败接管(failover):高可用服务器对之间的切换(使用VRRP协议)
VRRP:虚拟路由器冗余协议,VPPR的出现时为了解决静态路由的单点故障,是通过一种竞选机协议机制来将路由任务交给某台VRRP路由器。
故障切换转移原理:
在keepalived正常工作时,主节点会不断的向备节点广播心跳消息,用以告诉备节点自己还活着,当主节点发生故障时,备节点就无法继续监测到主节点的心跳,进而调用自身的接管程序,接管主节点的IP资源及服务。当主节点故障修复好时,备节点会释放主节点故障时自身接管的IP资源及服务,恢复到原来的备用角色。
1.安装
[root@server2 ~]# yum install kernel-devel -y
[root@server2 ~]# tar zxf keepalived-1.1.17.tar.gz
[root@server2 ~]# cd keepalived-1.1.17
[root@server2 keepalived-1.1.17]# ./configure
.....
Keepalived configuration
------------------------
Keepalived version : 1.1.17
Compiler : gcc
Compiler flags : -g -O2
Extra Lib : -lpopt -lssl -lcrypto
Use IPVS Framework : No
IPVS sync daemon support : No
Use VRRP Framework : Yes
Use LinkWatch : No
Use Debug flags : No
.....
*编译成功
[root@server2 keepalived-1.1.17]# make
[root@server2 keepalived-1.1.17]# make install
2.配置规范启动
[root@server2 keepalived-1.1.17]# /bin/cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/ #生成启动脚本
[root@server2 keepalived-1.1.17]# /bin/cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ #配置启动脚本的参数
[root@server2 keepalived-1.1.17]# mkdir /etc/keepalived
[root@server2 keepalived-1.1.17]# /bin/cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
[root@server2 keepalived-1.1.17]# /bin/cp /usr/local/sbin/keepalived /usr/sbin/
[root@server2 keepalived-1.1.17]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server2 keepalived-1.1.17]# ps -ef | grep keep
root 5440 1 0 21:02 ? 00:00:00 keepalived -D
root 5442 5440 0 21:02 ? 00:00:00 keepalived -D
root 5444 1037 0 21:02 pts/0 00:00:00 grep keep
[root@server2 keepalived-1.1.17]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@server2 keepalived-1.1.17]#
3.配置文件相关参数
*man keepalived.conf 查看keepalived帮助文档
[root@server2 keepalived]# pwd
/etc/keepalived
[root@server2 keepalived]# ll
total 4
-rw-r--r-- 1 root root 3562 May 26 20:57 keepalived.conf
(1)实现单实例主备模式
[root@server2 keepalived]# vim keepalived.conf
1 ! Configuration File for keepalived
2
3 global_defs {
4 notification_email {
5 sysadmin@firewall.loc
6 }
7 notification_email_from Alexandre.Cassen@firewall.loc
8 smtp_server 192.168.200.1
9 smtp_connect_timeout 30
10 router_id LVS_19
11 }
12
13 vrrp_instance VI_1 {
14 state MASTER #主
15 interface eth0
16 virtual_router_id 51 #虚拟路由ID
17 priority 150 #优先级
18 advert_int 1
19 authentication {
20 auth_type PASS
21 auth_pass 1111
22 }
23 virtual_ipaddress {
24 172.25.66.100
25 }
26 }
27
[root@server2 keepalived]# ip addr| grep 172.25.66
inet 172.25.66.2/24 brd 172.25.66.255 scope global eth0
[root@server2 keepalived]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server2 keepalived]# ip addr| grep 172.25.66
inet 172.25.66.2/24 brd 172.25.66.255 scope global eth0
inet 172.25.66.100/32 scope global eth0
[root@server3 keepalived]# vim keepalived.conf
.....
10 router_id LVS_16
14 state BACKUP #备
17 priority 100
.....
[root@server3 keepalived]# ip addr | grep 172.25.66
inet 172.25.66.3/24 brd 172.25.66.255 scope global eth0
[root@server3 keepalived]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server3 keepalived]# ip addr | grep 172.25.66
inet 172.25.66.3/24 brd 172.25.66.255 scope global eth0
[root@server3 keepalived]#
*此时server3不会有IP,因为server3实例优先级比较低
*测试:
[root@server2 keepalived]# ifdown eth0
[root@server3 keepalived]# ip addr | grep 172.25.66
inet 172.25.66.3/24 brd 172.25.66.255 scope global eth0
inet 172.25.66.100/32 scope global eth0
[root@server3 keepalived]#
注:
.....
time=0.157 ms ---->> time=0.258 ms #实现IP接管
.....
(2)双|多实例主备模式VIP接管
[root@server2 ~]# vim /etc/keepalived/keepalived.conf
.....
28 vrrp_instance VI_2 { #此实例对于server2来说是备节点,只有对端的VIP释放掉,它才会接管
29 state BACKUP
30 interface eth0
31 virtual_router_id 50
32 priority 50
33 advert_int 1
34 authentication {
35 auth_type PASS
36 auth_pass 1111
37 }
38 virtual_ipaddress {
39 172.25.66.101
40 }
41 }
.....
*注:两个实例之间只有状态和优先级不一样
[root@server3 ~]# vim /etc/keepalived/keepalived.conf
.....
28 vrrp_instance VI_2 {
29 state MASTER
30 interface eth0
31 virtual_router_id 50
32 priority 100
33 advert_int 1
34 authentication {
35 auth_type PASS
36 auth_pass 1111
37 }
38 virtual_ipaddress {
39 172.25.66.101
40 }
41 }
.....
[root@server2 ~]# /etc/init.d/keepalived restart
Stopping keepalived: [ OK ]
Starting keepalived: [ OK ]
[root@server2 ~]# ip add | grep -E "66.100|66.101"
inet 172.25.66.100/32 scope global eth0
[root@server2 ~]#
[root@server3 ~]# /etc/init.d/keepalived restart
Stopping keepalived: [ OK ]
Starting keepalived: [ OK ]
[root@server3 ~]# ip add | grep -E "66.100|66.101"
inet 172.25.66.101/32 scope global eth0
[root@server3 ~]#
[root@server2 ~]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@server2 ~]# ip add | grep -E "66.100|66.101"
[root@server2 ~]#
(3)通过keepalived实现http服务的高可用
*只要VIP可以正常切换,服务就可以高可用了
Apache服务默认配置支持所有的IP地址(通过VIP也可以访问到)
[root@server2 ~]# yum install httpd -y
[root@server2 ~]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.66.2 for ServerName
[ OK ]
[root@server2 ~]#