Keepalived实现高可用
keepalived
专门做高可用的软件
高可用
一般是指2台机器启动着完全相同的业务系统,当有一台机器down机了,另外一台服务器就能快速的接管,对于访问的用户是无感知的。
高可用软件
- keepalived
- heartbeat
- RoseHA
keepalived协议
VRRP
:虚拟路由冗余协议
VRRP就出现了,我们的VRRP其实是通过软件或者硬件的形式在Master和Backup外面增加一个虚拟的MAC地址(VMAC)与虚拟IP地址(VIP),那么在这种情况下,PC请求VIP的时候,无论是Master处理还是Backup处理,PC仅会在ARP缓存表中记录VMAC与VIP的信息。
keepalived概念
- 优先级
如何确定谁是主节点谁是备节点 - 抢占式、非抢占式
如果Master故障,Backup自动接管,那么Master回复后会夺权吗 - 脑裂
如果两台服务器都认为自己是Master会出现什么问题
部署keepalived高可用软件
环境准备
keepalived工作原理
1.哪些机器需要做高可用,就要在哪些机器上安装keepalived
2.keepalived的主节点会心跳检测(想要证明应用或者主机是否存活)
3.如果心跳检测失败,就杀掉自己(keepalived)
4.VIP到备节点上
安装Keepalived
#1.安装keepalived
[root@lb01 ~]# yum install -y keepalived
[root@lb02 ~]# yum install -y keepalived
#2.修改主节点配置文件
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs { #全局配置
router_id lb01 #标识身份->名称
}
vrrp_instance VI_1 {
state MASTER #标识角色状态
interface eth0 #网卡绑定接口
virtual_router_id 50 #虚拟路由id
priority 150 #优先级
advert_int 1 #监测间隔时间
authentication { #认证
auth_type PASS #认证方式
auth_pass 1111 #认证密码
}
virtual_ipaddress {
10.0.0.3 #虚拟的VIP地址
}
}
#3.修改备节点配置文件
[root@lb02 conf.d]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
#4.启动主节点和备节点服务
[root@lb01 ~]# systemctl start keepalived
[root@lb02 ~]# systemctl start keepalived
#5.加入开机自启
[root@lb01 ~]# systemctl enable keepalived
[root@lb02 ~]# systemctl enable keepalived
#6.查看VIP
[root@lb01 ~]# ip a
eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:67:1c:1c brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global noprefixroute eth0
valid_lft forever preferred_lft forever
inet 10.0.0.3/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe67:1c1c/64 scope link
valid_lft forever preferred_lft forever
#7.检测IP是否可以漂移
[root@lb01 ~]# systemctl stop keepalieved
主节点和备节点的配置文件区别
非抢占式配置
[root@lb01 conf.d]# vim /etc/keepalived/keepalived.conf
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state BACKUP
nopreempt
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@lb02 conf.d]# vim /etc/keepalived/keepalived.conf
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
nopreempt
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
keepalived结合nginx实现负载均衡的高可用
#1.编写监听nginx的脚本
[root@lb01 ~]# vim /root/check_nginx.sh
#!/bin/sh
nginx_count=$(ps -ef|grep [n]ginx|wc -l) # 判断Nginx是否存活
if [ $nginx_count -eq 0 ];then
#systemctl start nginx 如果不存活则尝试启动Nginx
#sleep 3
nginx_count=$(ps -ef|grep [n]ginx|wc -l) #等待3秒后再次获取一次Nginx状态
if [ $nginx_count -eq 0 ];then
systemctl stop keepalived #再次判断, 如Nginx还不存活则停止Keepalived,进行地址漂移,并退出脚本
fi
fi
#2.修改主节点的配置文件
```BASH
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs { #全局配置
router_id lb01 #标识身份->名称
}
##注意:执行的脚本名字,最好不要带进程名
vrrp_script check_web {
#脚本路径
script "/root/check.sh"
#检测时间(每5秒执行一次检测脚本)
interval 5
}
vrrp_instance VI_1 {
state MASTER #标识角色状态
interface eth0 #网卡绑定接口
virtual_router_id 50 #虚拟路由id
priority 150 #优先级
advert_int 1 #监测间隔时间
authentication { #认证
auth_type PASS #认证方式
auth_pass 1111 #认证密码
}
track_script {
check_web
}
virtual_ipaddress {
10.0.0.3 #虚拟的VIP地址
}
}
#3.重启keepalived
[root@lb01 ~]# systemctl restart keepalived
#4.给脚本执行权限
[root@lb01 ~]# chmod +x /root/check.sh
脑裂故障
由于某些原因,导致两台keepalived高可用服务器在指定时间内,无法检测到对方的心跳,个字去的资源及服务的所有权,而此时的两台高可用服务器又都还活着。
1、服务器网线松动等网络故障
2、服务器硬件故障发生损坏现象而崩溃
3、主备都开启firewalld防火墙