Keepalived is a routing software written in C. The main goal of this project is to provide simple and robust facilities for loadbalancing and high-availability to Linux system and Linux based infrastructures. Loadbalancing framework relies on well-known and widely used Linux Virtual Server (IPVS) kernel module providing Layer4 loadbalancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage loadbalanced server pool according their health. On the other hand high-availability is achieved by VRRP protocol. VRRP is a fundamental brick for router failover. In addition, Keepalived implements a set of hooks to the VRRP finite state machine providing low-level and high-speed protocol interactions. Keepalived frameworks can be used independently or all together to provide resilient infrastructures.
Keepalived是一个用C写的路由的软件,这个项目的主要目标是提供简单而强大的设施的负载均衡和高可用对Linux系统和基于Linux的基础设施。负载均衡架构依赖于众所周知的和广泛使用的Linux虚拟服务器(IPVS)内核模块提供第四层负载均衡。简单的实现了一套检测动态自适应维护和管理服务器根据其健康loadbalanced池。另一方面,高可用性是通过VRRP协议实现。VRRP路由器故障转移的一个基本的砖。此外,简单的实现了一套钩VRRP有限状态机提供低空和高速协议的相互作用。简单的框架可以单独或一起提供弹性基础设施。
下载
服务器规划
第一台节点 | 192.168.100.100 |
第二台节点 | 192.168.100.101 |
安装
tar -zxvf keepalived-1.3.5.tar.gz
我们看到这是采用源码包的形式发布的,我们来进行安装
./configure
安装ssl
yum install openssl openssl-devel
编译安装Keepalived
make && make install
至此,Keepalived的安装就成功了。下面是默认安装的路径
keepalived | /usr/local/sbin/keepalived |
conf | /usr/local/etc/keepalived |
两台机器都安装完毕之后进行如下配置;
配置
首先是主节点的配置:(state 状态只有两种,BACKUP和MASTER 而且必须大写)
global_defs {
router_id LVS_MASTER
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.88 /24
}
}
从节点的配置如下(state 状态只有两种,BACKUP和MASTER 而且必须大写)
global_defs {
router_id LVS_SLAVE
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.100.88 /24
}
}
启动
启动keepalived
./keepalived -D -f /usr/local/etc/keepalived/keepalived.conf
监控keepalived 的日志
tail -f /var/log/messages
查看当前正在工作的机器
ip a
当前工作的机器是主节点,如果我们杀掉主节点的keepalived进程,那么从节点就会取代主节点来进行工作
查看keepalived的进程号
ps -ef | grep keepalived
kill -9 5523
我们发现虚拟地址已经绑定到了从节点上。这样我们就达到了高可用。
从刚才的过程中,我们发现,只有keepalived进程挂掉了,就会启用备份节点。这里有两个问题,第一个是我们的应用没挂,而只有keepalived挂了,第二个问题是我们的应用挂了,而keepalived没挂。出现第一个问题还好,至少能够保证我们的服务依然能够进行,如果一旦出现第二个问题,就比较麻烦了,服务已经停了,而依然由此计算机节点提供服务。那么这个时候该如何处理呢?我们可以检测应用,这里以nginx为例,检测nginx是否挂掉了,如果挂掉了,就先启动,如果启动还是不行,就把keepalive干掉。干掉keepalive表示当前的机器已经挂掉了,keepalive会启用备用节点
#!/bin/bash
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
then
/usr/local/nginx/sbin/nginx
sleep 5
if [ "$(ps -ef | grep "nginx: master process"| grep -v grep )" == "" ]
then
killall keepalived
fi
fi
核心配置如下
vrrp_script chk_nginx {
script "/usr/local/nginx/check_nginx.sh"
interval 2
weight 2
}
在实例中引用chk_nginx脚本
track_script{
chk_nginx
}
邮件报警
不管有几个节点挂掉,我们都需要告诉管理员,来尽快进行修复问题,那么这个时候邮件报警就派上用场了,当服务器一旦宕机,可以通过邮件立刻通知管理员。邮件的配置如下
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
}
到这里我们发现,其实keepalived的核心配置就这么几项
router_id LVS_DEVEL
state BACKUP