顾名思义是保持存活,常用来搭建设备的高可用,防止业务核心设备出现单点故障。
keepalived基于VRRP协议来实现高可用,主要用作realserver的健康检查以及负载
均衡主机和backup主机之间的故障漂移。如果将TCP/IP划分为5层,则Keepalived就
是一个类似于3~5层交换机制的软件,具有3~5层交换功能,其主要作用是检测web服务
器的状态,如果某台web服务器故障,Keepalived将检测到并将其从系统中剔除,当
该web服务器工作正常后Keepalived自动将其加入到服务器群中,这些工作全部自动
完成,而不需要人工干预,只需要人工修复故障的web服务器即可。
环境说明&&配置准备
安装步骤
iptables -F && setenforing 清空防火墙策略,关闭selinux
安装nginx、keepalived服务
后端服务器配置以及web服务部署
配置文件修改
高可用测试
Keepalived 安装配置
vim /etc/sysconfig/selinux
#SELINUX=enforcing #
注释掉
#SELINUXTYPE=targeted #
注释掉
SELINUX=disabled #
增加
vim /etc/sysconfig/iptables
-A INPUT -s 192.168.13.0/24 -d 224.0.0.18 -j ACCEPT
-A INPUT -s 192.168.13.0/24 -p vrrp -j ACCEPT
安装依赖软件包
### yum
安装
yum install keepalived
###
源码编译安装
yum install -y openssl-devel libnl libnl-devel libnfnetlink-devel
wget http://www.keepalived.org/software/keepalived-1.2.13.tar.gz
tar -zvxf keepalived-1.2.13.tar.gz
cd keepalived-1.2.13
./configure --prefix=/usr/local/keepalived
make && make install
cp /root/keepalived-1.2.13/keepalived/etc/init.d/keepalived.init /etc/rc.d/init.d/keepalived
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived/
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
echo "/etc/init.d/keepalived start" >> /etc/rc.local
chmod +x /etc/rc.d/init.d/keepalived
chkconfig keepalived on
service keepalived start
service keepalived stop
service keepalived restart
二、配置
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1
weight -10
rise 1
fall 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_haproxy
}
virtual_ipaddress {
192.168.13.200
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
## slave
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script "killall -0 haproxy"
interval 1
weight -5
rise 1
fall 2
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_haproxy
}
virtual_ipaddress {
192.168.13.200
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
#!/bin/bash
A=`ps -C haproxy --no-header | wc -l`
if [ $A -eq 0 ];then
/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy-dynamic.cfg
sleep 3
if [ `ps -C haproxy --no-header | wc -l ` -eq 0 ];then
killall keepalived
fi
fi
#!/bin/bash
#
contact='carlosxiaocc@163.com'
notify() {
mailsubject="$(hostname) to be $1, vip floating"
mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac