Keepalived 配置详解与主备模式

最新推荐文章于 2024-04-19 13:36:21 发布
最新推荐文章于 2024-04-19 13:36:21 发布
阅读量3.3k 收藏 1
点赞数 2
分类专栏: keepalived 文章标签: 运维
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/qq_34556414/article/details/109803454
版权

keepalived 的几个进程

生产环境使用Keepalived正常运行,共启动3个进程,一个是父进程,负责监控其子进程,一个是VRRP子进程,另外一个是Checkers子进程。

两个子进程都被系统Watchlog看管,两个子进程各自负责自己的事,Healthcheck子进程检查各自服务器的健康状况,如果Healthcheck进程检查到Master上服务不可用了,就会通知本机上的VRRP子进程,让他删除通告,并且去掉虚拟IP,转换为BACKUP状态。

[root@localhost ~]# ps -ef | grep keepalived | grep -v grep
root      16074      1  0 08:37 ?        00:00:00 /usr/sbin/keepalived -D
root      16075  16074  0 08:37 ?        00:00:00 /usr/sbin/keepalived -D
root      16076  16074  0 08:37 ?        00:00:04 /usr/sbin/keepalived -D

 

keepalived的配置文件结构

配置有两部分组成,全局配置和封装实例的部分

全局配置

global_defs {  #第一部分是全局配置。global全局的意思,到加黑结束的地方是全局配置
  notification_email {
#这里面每一行就是一个接收邮箱,可以配置多个人的邮箱,那么出现故障就会发给多个人
    support@test.net
    123@qq.com
 }
    #邮件从哪发出去的,即发送邮件的人,发给notification_email 里面的条目
    notification_email_from luleihhh@163.com
    smtp_server 127.0.0.1
    smtp_connect_timeout 30
    #router_id表明该keep alived是做LVS的还是做nginx,只是一个标识而已,相当于标题,写上nginx就说明该leepalived和nginx有关,是实现nginx高可用的
router_id nginx
 }

一般来说keepalived要实现报警不使用上面方式,使用zabbix方式来监控。所以上面部分不写也可以,所以最核心的内容是下面的vrrp

封装实例

上面是global端,第二部分是部分,vrrp段,vrrp_instance是vrrp实例,即要将该机器变为虚拟路由器,这个实例的名字叫VI_1

Stat有两种状态,有关是MASTER一个是BACKUP,要想该机器变为主就写MASTER。

  • Interface表示用户过来访问VIP走哪块网卡
  • virtual_router_id 151,虚拟路由ID,代表虚拟集群它有一个标识,这个标识是唯一的,两台nginx做keepalived时候virtual_router_id的值要是一样的。
  • priority 100:优先级,要保证master的优先级比backup的优先级要大,优先级越高即数字越大会成为master
  • advert_int 5:组播发送的间隔时间,也就是master多长时间给组内的成员发送一个组播信息。可以设置为3,10,但是5秒不长不短。你设置为10,那么你宕机了10秒,即十秒内不发送组播,那么backup还以为master存活着。
  • Authentication:加密,PASS代表通过密码类型加密,密码是1111
  • virtual_ipaddress :绑定的虚拟VIP,这个IP是局域网内没有使用的IP,用户访问的是VIP不是宿主机的物理ip ,nginx的域名绑定了该VIP(VIP必须和宿主机在一个网段) 

vrrp_script chk_nginx 

 如果nginx异常,仅仅keepalived保持正常,是无法完成系统的正常工作的,因此需要根据业务进程的运行状态决定是否需要进行主备切换。这个时候,我们可以通过编写脚本对业务进程进行检测监控。 

 

keepalived master backup配置

主192.168.179.102

[root@localhost ~]# cat /etc/keepalived/keepalived.conf 
global_defs {
    router_id real-server1-nginx
    script_user root
    enable_script_security
 }

vrrp_script chk_nginx {
    script "/data/shell/check_nginx_status.sh"
    interval 2
}


vrrp_instance VI_1 {
     state MASTER
     interface ens32   
     virtual_router_id 151 
     priority 100 
     advert_int 5  
     authentication {
         auth_type  PASS
         auth_pass  1111

     }
     virtual_ipaddress {  
       192.168.179.199
     }
    
      track_script {                                                                                  
       chk_nginx
    }
 }


[root@localhost ~]# nginx
[root@localhost ~]# systemctl start keepalived
[root@localhost ~]# ip a | grep 199
    inet 192.168.179.199/32 scope global ens32


日志/var/log/message
Nov 19 10:51:17 localhost Keepalived_vrrp[45924]: VRRP_Script(chk_nginx) succeeded
Nov 19 10:51:22 localhost Keepalived_vrrp[45924]: VRRP_Instance(VI_1) Transition to MASTER STATE
Nov 19 10:51:27 localhost Keepalived_vrrp[45924]: VRRP_Instance(VI_1) Entering MASTER STATE
Nov 19 10:51:27 localhost Keepalived_vrrp[45924]: VRRP_Instance(VI_1) setting protocol VIPs.
Nov 19 10:51:27 localhost Keepalived_vrrp[45924]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 10:51:27 localhost Keepalived_vrrp[45924]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens32 for 192.168.179.199

备 192.168.179.103  只需要修改两个地方,state BACKUP  priority 80

[root@localhost ~]# cat /etc/keepalived/keepalived.conf 
global_defs {
    router_id real-server2-nginx
    script_user root
    enable_script_security
 }

vrrp_script chk_nginx {
    script "/data/shell/check_nginx_status.sh"
    interval 2
}

vrrp_instance VI_1 {
     state BACKUP
     interface ens32
     virtual_router_id 151
     priority 50
     advert_int 5
     authentication {
         auth_type  PASS
         auth_pass  1111
     }
     virtual_ipaddress {
       192.168.179.199
     }
    
      track_script {                                                                                  
       chk_nginx
    }
 }

[root@localhost ~]# nginx
[root@localhost ~]# systemctl start keepalived

日志如下:
Nov 19 11:00:29 localhost Keepalived[7824]: Opening file '/etc/keepalived/keepalived.conf'.
Nov 19 11:00:29 localhost Keepalived[7825]: Starting Healthcheck child process, pid=7826
Nov 19 11:00:29 localhost Keepalived[7825]: Starting VRRP child process, pid=7827
Nov 19 11:00:29 localhost systemd: Started LVS and VRRP High Availability Monitor.
Nov 19 11:00:29 localhost Keepalived_healthcheckers[7826]: Opening file '/etc/keepalived/keepalived.conf'.
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: Registering Kernel netlink reflector
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: Registering Kernel netlink command channel
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: Registering gratuitous ARP shared channel
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: Opening file '/etc/keepalived/keepalived.conf'.
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) removing protocol VIPs.
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: Using LinkWatch kernel netlink reflector...
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) Entering BACKUP STATE
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Nov 19 11:00:29 localhost Keepalived_vrrp[7827]: VRRP_Script(chk_nginx) succeeded
Nov 19 11:01:02 localhost systemd: Started Session 12 of user root.
Nov 19 11:01:02 localhost systemd: Starting Session 12 of user root.

现在两台配置keepalived算基本配置完毕,只有当backup收不到master的主播包以后才会进行切换,现在master和backup就变成VRRP集群了。(注意这个和nginx没有半毛钱关系,这个高可用是对主机做的,只不过用户访问nginx不是通过宿主机IP去访问nginx,而是通过VIP去访问nginx)

 

keeplaived故障转移测试

master直接把nginx干掉

[root@localhost ~]# pkill nginx

日志如下
Nov 19 11:04:59 localhost Keepalived[45922]: Stopping
Nov 19 11:04:59 localhost systemd: Stopping LVS and VRRP High Availability Monitor...
Nov 19 11:04:59 localhost Keepalived_vrrp[45924]: VRRP_Instance(VI_1) sent 0 priority
Nov 19 11:04:59 localhost Keepalived_vrrp[45924]: VRRP_Instance(VI_1) removing protocol VIPs.
Nov 19 11:04:59 localhost Keepalived_healthcheckers[45923]: Stopped
Nov 19 11:05:00 localhost Keepalived_vrrp[45924]: Stopped

 backup观察现象

#backup日志
Nov 19 11:05:00 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) Transition to MASTER STATE
Nov 19 11:05:05 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) Entering MASTER STATE
Nov 19 11:05:05 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) setting protocol VIPs.
Nov 19 11:05:05 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:05 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens32 for 192.168.179.199
Nov 19 11:05:05 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:05 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:05 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:05 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:10 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:10 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens32 for 192.168.179.199


可以看到VIP飘移到backup上面了
[root@localhost ~]# ip a | grep 199
    inet 192.168.179.199/32 scope global ens32

现在将master起来

[root@localhost ~]# nginx
[root@localhost ~]# systemctl start keepalived

日志如下:
Nov 19 11:11:47 localhost Keepalived_vrrp[49324]: Opening file '/etc/keepalived/keepalived.conf'.
Nov 19 11:11:47 localhost Keepalived_vrrp[49324]: VRRP_Instance(VI_1) removing protocol VIPs.
Nov 19 11:11:47 localhost Keepalived_vrrp[49324]: Using LinkWatch kernel netlink reflector...
Nov 19 11:11:47 localhost Keepalived_vrrp[49324]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Nov 19 11:11:47 localhost Keepalived_vrrp[49324]: VRRP_Script(chk_nginx) succeeded
Nov 19 11:11:50 localhost Keepalived_vrrp[49324]: VRRP_Instance(VI_1) Transition to MASTER STATE
Nov 19 11:11:55 localhost Keepalived_vrrp[49324]: VRRP_Instance(VI_1) Entering MASTER STATE
Nov 19 11:11:55 localhost Keepalived_vrrp[49324]: VRRP_Instance(VI_1) setting protocol VIPs.
Nov 19 11:11:55 localhost Keepalived_vrrp[49324]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:11:55 localhost Keepalived_vrrp[49324]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens32 for 192.168.179.199
Nov 19 11:11:55 localhost Keepalived_vrrp[49324]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:11:55 localhost Keepalived_vrrp[49324]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:11:55 localhost Keepalived_vrrp[49324]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:11:55 localhost Keepalived_vrrp[49324]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:12:00 localhost Keepalived_vrrp[49324]: Sending gratuitous ARP on ens32 for 192.168.179.199

[root@localhost ~]# ip a | grep 199
    inet 192.168.179.199/32 scope global ens32

再去查看backup状态( #可以看到backup上是不存在VIP的)

Nov 19 11:05:10 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:10 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:10 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:05:10 localhost Keepalived_vrrp[7827]: Sending gratuitous ARP on ens32 for 192.168.179.199
Nov 19 11:11:50 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 50
#可以看到接收到优先级100比自己高的,自己优先级是50,自动退变为backup
Nov 19 11:11:50 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) Entering BACKUP STATE
Nov 19 11:11:50 localhost Keepalived_vrrp[7827]: VRRP_Instance(VI_1) removing protocol VIPs.

[root@localhost ~]# ip a | grep 199
[root@localhost ~]#

如果你的两台nginx上面都有VIP的存在,那么就是防火墙的问题了,防火墙阻挡了。因为master收不到backup的主播(在配置配置文件的时候注意括号和空格)

富士康质检员张全蛋
关注
专栏目录
keepalived介绍以及配置主备库自动切换,一条龙服务
weixin_44892327的博客
07-30 996
VIP(Virtual IP,虚拟IP地址)是指由多个物理服务器或节点共享的一个IP地址。VIP用于在高可用性(HA)环境中,实现对外提供一个固定的访问入口,尽管实际的服务可能在不同的物理节点上运行。通过使用VIP,客户端只需要连接到这个固定的IP地址,而不需要关心背后的物理服务器的变化。Keepalived 知道默认的配置文件位置是 /etc/keepalived/keepalived.conf,因为这是预定义的标准位置。
keepalived安装以及主备配置详解
weixin_53572775的博客
08-14 5019
一.keepalived的安装 首先我们再安装keepalived之前我们需要安装依赖包: yum install -y curl gcc openssl-devel libnl3-devel net-snmp-devel 安装好依赖包之后我们再使用yum进行安装: yum install keepalived -y 再我们配置keepalived之前还是要检查防火墙和slinux是否关闭以及时间同步问题. 二.keepalived高可用的具体配置 /usr/sbin/k...
keepalived部署
qq_42690568的博客
04-19 1284
keepalived的部署及配置
keepalived Transition & Entering {MASTER|BACKUP|FAULT} STATE & first priority affect by track interf...
weixin_34102807的博客
04-05 764
本例主要说明1个问题, 当使用脚本或接口的动态优先级调整时, 什么时候优先级会生效. 路由器进入状态后, 动态优先级才会被调整, 没有进入状态前的track都不会影响优先级. 用两个例子来说明问题. 并且初始状态为MASTER和BACKUP, track的先后是有差别的. 如果初始状态时MASTER, 那么是先执行track(此时的脚本调用结果不影...
keepalived主备配置
focus_lyh的博客
08-09 780
keepalived 简易使用一下
keepalived的双机热备(主从模式)-主机宕机备机无法替代踩坑
weixin_44708742的博客
08-18 844
1.查看备机此时的状态 systemctl status keepalived 看着服务的状态active (running)表面的完好的,但实际上是有问题的。通过VRRP_Instance(VI_1) Transition to MASTER STATE可以看出又转到主机上了,而主机此时处于宕机状态,所以访问时肯定会无法访问到网页的错误。 2.根据提示可能说是防火墙问题,运行下面条命令,再启动一下服务,查看一下服务的状态。奇迹出现了。 systemctl stop...
Keepalived安装及双机主备配置
白玉灬风的博客
08-04 1001
Keepalived用于解决单点故障,可以实现nginx的高可用。该组件免费。可以实现高可用HA机制。基于VRRP协议。 虚拟路由冗余协议协议(VRRP协议): 解决内网单机故障的路由协议 构建有多个路由器MASTER BACKUP,将几台提供相同服务的路由器组成路由器组,每路由器绑定一个虚拟IP。 使用keepalived实现高可用前提:硬件配置需要一样 ...
配置Keepalived双主热备
柏~的博客
02-26 156
目录主节点配置备用节点配置分别重启两条Keepalived 规则:以一个虚拟ip分组归为同一个路由 主节点配置 global_defs { router_id keep_171 } vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 100 a...
keepalived 配置 高可用 负载
最新发布
04-29
### Keepalived 高可用与负载均衡配置详解 #### 一、概述 Keepalived 是一个用于实现高可用性(HA)和负载均衡的开源工具,它通过 VRRP(虚拟路由冗余协议)和健康检查来确保服务的连续性和性能优化。本文将详细...
keepalived介绍与安装配置详解
# 一、认识keepalived 1.1 keepalived概述 1.2 keepalived的作用与特点 1.3 keepalived的应用场景 ...#### 3.1 keepalived配置文件详解 keepalived配置文件主要包括全局配置和vrrp_instance配置。其中,全
KEEPALIVED配置文件详解
harryxxxxx的博客
07-17 2788
! Configuration File for keepalived global_defs { #全局定义部分 notification_email { #设置报警邮件地址,可设置多个 acassen@firewall.loc ...
Keepalived实现主备高可用部署
qq_36306519的博客
05-25 842
Keepalived实现主备高可用部署
keepalived-配置主备高可用
choc的博客
04-12 408
IP规划 nginx 主节点IP : 192.168.10.133 nginx 备节点IP : 192.168.10.138 基础设定 主备节点均安装好nginx,且upstream配置,如下 upstream 配置集群的三个节点均可以通过主备节点正常访问,如下 虚拟IP,设定为192.168.10.166,后续用户请求这个VIP,不直接请求主备节点IP 主节点配置 打开keep...
keepalived 搭建主备模式、双机热备模式
悟世君子的博客
07-06 3404
准备2台机器,ip 地址分别是 192.168.0.124,168.0.8.0.123,后面简称124和123目录1、主备模式1.1、安装 keepalived1.2、配置 keepalived 1.3、启动 keepalived1.4、配置备份节点1.5、测试主备模式2、双机热备模式2.1、配置 keepalived2.2、测试在 2 台机器上分别安装 keepalived 这里笔者将 124 作为主节点,123 作为备用节点安装完成后,进入keepalived 配置文件目录 编辑配置前,先查看1
keepalived 的进程/usr/sbin/keepalived -D 只有2个
weixin_30858241的博客
06-11 4546
操作系统:openSUSE 11.3 (x86_64) /usr/sbin/keepalived -D 只有2条 日志:ls /var/log/messages* -lrth Can't initialize ipvs: Protocol not available 有很多 重启:sudo /sbin/service keepalived restart 日志却没有出现 解决办法:...
keepalived介绍、安装及配置详解
神棍之路
01-03 1万+
keepalived起初是为LVS设计的专门用来监控集群系统中各个服务节点的状态如果某个服务节点出现异常或者工作出现故障,keepalived将检测到,并将出现故障的服务节点从集群系统中剔除,而在故障节点恢复正常后,keepalived又可以自动将该服务节点重新加入集群中,这些工作全部自动完成。这部分功能类似于nginx 等反向代理的应用探活功能实现后端服务高可用。
keepalived安装配置详解
热门推荐
qq_51010919的博客
07-15 1万+
高可用性(High Availability)是指系统或服务能够在大部分时间内保持可用状态的能力。高可用性的设计目标是确保系统在面对硬件故障、软件错误、网络问题或其他意外情况时,能够持续提供服务而不中断或降低性能。实现高可用性通常需要以下几个关键方面的考虑:冗余:冗余是指在系统的各个层面引入备份组件或资源,以确保在某个组件或资源发生故障时,能够无缝切换到备份组件或资源上。例如,使用冗余服务器、存储设备、网络连接等。
keepalived配置
hei164730739的博客
12-24 253
然后编辑配置文件 vim /usr/local/etc/keepalived/keepalived.conf 内容如下:(只保留这两节即可,其他的是lvs的配置的,暂时去掉) ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc ...
评论 2
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值