简介
keepalived因为是基于ip地址的高可用,他最擅长于没有涉及到存储的应用,比如前端代理,lvs等。
keepalived 高可用原理,在上一个博客上面已经讲解了。这里实现一点稍微复杂的,稍微接近实际生产环境的。
双主lvs-DR后端调度nginx
一、两台RS主机配置nginx
1、yum -y install nginx
2、设置两个不同的默认主页
vi /usr/share/nginx/html/index.html
3、systemctl start nginx
二、RS主机配置rs
此处设置一个脚本,方便执行,由于是双主模型,因此要设置两个vip
#!/bin/bash
vip1=172.16.0.20
vip2=172.16.0.30
mask=255.255.255.255
iface1="lo:1"
iface2="lo:2"
case $1 in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
ifconfig $iface1 $vip1 netmask $mask broadcast $vip1 up
ifconfig $iface2 $vip2 netmask $mask broadcast $vip2 up
route add -host $vip1 dev $iface1
route add -host $vip2 dev $iface2
;;
stop)
ifconfig $iface1 down
ifconfig $iface2 down
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
;;
*)
echo "Usage: $(basename $0) start | stop"
exit 1
;;
esac
三、lvs的两个DIRECTOR上配置ipvsadm用来测试客户端是否配置成功
1、安装ipvsadm
yum install ipvsadm -y
2、设置ip地址到自己的主机
ifconfig ens33:0 172.16.0.20 netmask 255.255.0.0 up
3、配置Director转发,注意,DR模式转发端口要和后端RS端口一致
ipvsadm -A -t 172.16.0.20:80 -s rr
因为我们只是用来测试rs配置是否正确,因此只需要测试一个ip地址即可
4、配置RS主机,-g代表使用DR模式
ipvsadm -a -t 172.16.0.20:80 -r 172.16.251.241 -g
ipvsadm -a -t 172.16.0.20:80 -r 172.16.251.243 -g
5、查看规则
ipvsadm -Ln
6、测试是否成功
注意:不要使用本地进行访问。
四、配置keepalived双主虚拟ip和ipvs调度规则
#直接看代码吧
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka2
vrrp_mcast_group4 224.40.100.19
}
#配置虚拟ip1
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 1
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 11111111
#密码最多8位
}
virtual_ipaddress {
172.16.0.20
#可以使用cidr表示法,这里不写netmask,则代表使用32位的掩码
}
}
#配置虚拟ip2
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 2
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 22222222
}
virtual_ipaddress {
172.16.0.30
}
}
#配置ipvsadm规则
virtual_server 172.16.0.20 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# persistence_timeout 50
protocol TCP
real_server 172.16.251.241 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.16.251.243 80
weight 1
HTTP_GET {
url {
path /
digest 30f18699fd6a21838eebc1f0256df400
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 172.16.0.30 80 {
delay_loop 6
lb_algo rr
lb_kind DR
# persistence_timeout 50
protocol TCP
real_server 172.16.251.241 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.16.251.243 80
weight 1
HTTP_GET {
url {
path /
digest 30f18699fd6a21838eebc1f0256df400
#这里使用genhash -s 172.16.251.243 -p 80 -u / 命令来获取/的MD5哈希码
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
五、注意
在使用curl时候,不能在director上面进行,因为在curl时候是向外发送报文的,ipvsadm检测不到报文,因此就不能进行转发。
高可用nginx
一、思路
keepalived调用外部的辅助脚本进行资源监控,并根据监控的结果状态能实现优先动态调整;分两步:(1) keepalived.conf中先定义一个脚本;(2) keepalived.conf中调用此脚本进行监控;
(1)定义脚本
vrrp_script <SCRIPT_NAME> {
script ""
interval INT
weight -INT
}
(2)调用
track_script {
SCRIPT_NAME_1
SCRIPT_NAME_2
...
}
二、示例
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp_mcast_group4 224.0.100.19
}
vrrp_script chk_down {
script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight -5
}
vrrp_script chk_nginx {
script "killall -0 nginx && exit 0 || exit 1"
interval 1
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface eno16777736
virtual_router_id 14
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 571f97b2
}
virtual_ipaddress {
10.1.0.93/16 dev eno16777736
}
track_script {
chk_down
chk_nginx
}
notify_master "/etc/keepalived/notify.sh master"
#调用下面的通知脚本
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
3、设置通知脚本
#!/bin/bash
#
contact='root@localhost'
notify() {
local mailsubject="$(hostname) to be $1, vip floating"
local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
如果你发现有错误,请提出来我们一起交流^_^