概述:
Keepalived 是一种高性能的服务器高可用或热备解决方案, Keepalived 可以用来防止服务器单点故障的发生,通过配合 Nginx 可以实现 web 前端服务的高可用。
Keepalived 以 VRRP 协议为实现基础,用 VRRP 协议来实现高可用性(HA)。 VRRP(Virtual RouterRedundancy Protocol)协议是用于实现路由器冗余的协议, VRRP 协议将两台或多台路由器设备虚拟成一个设备,对外提供虚拟路由器 IP(一个或多个),而在路由器组内部,如果实际拥有这个对外 IP 的路由器如果工作正常的话就是 MASTER,或者是通过算法选举产生, MASTER 实现针对虚拟路由器 IP 的各种网络功能,如 ARP 请求, ICMP,以及数据的转发等;其他设备不拥有该虚拟 IP,状态是 BACKUP,除了接收 MASTER 的VRRP 状态通告信息外,不执行对外的网络功能。当主机失效时, BACKUP 将接管原先 MASTER 的网络功能。VRRP 协议使用多播数据来传输 VRRP 数据, VRRP 数据使用特殊的虚拟源 MAC 地址发送数据而不是自身网卡的 MAC 地址, VRRP 运行时只有 MASTER 路由器定时发送 VRRP 通告信息,表示 MASTER 工作正常以及虚拟路由器 IP(组), BACKUP 只接收 VRRP 数据,不发送数据,如果一定时间内没有接收到 MASTER 的通告信息,各 BACKUP 将宣告自己成为 MASTER,发送通告信息,重新进行 MASTER 选举状态;
下载keepalived:https://www.keepalived.org/download.html
1:解压,编译
tar -zxvf keepalived-1.4.5.tar.gz
cd keepalived-1.4.5
2:则安装插件
yum install -y curl gcc openssl-devel libnl3-devel net-snmp-devel ipvsadm
//编译
./configure --prefix=/usr/local/keepalived3:安装插件防止报如下错误
checking for SSL_set0_rbio... no
checking for OPENSSL_init_crypto... no
checking for nl_socket_alloc in -lnl-3... yes
checking for genl_connect in -lnl-genl-3... yes
checking whether IPV4_DEVCONF_ARP_IGNORE is declared... no
checking whether IPV4_DEVCONF_ACCEPT_LOCAL is declared... no
checking whether IPV4_DEVCONF_RP_FILTER is declared... no
checking whether IPV4_DEVCONF_ARPFILTER is declared... no
checking for linux/rtnetlink.h... yes
checking libnfnetlink/libnfnetlink.h usability... no
checking libnfnetlink/libnfnetlink.h presence... no
checking for libnfnetlink/libnfnetlink.h... no
configure: error: libnfnetlink headers missing
//报如上错误则安装下面组件
yum install -y libnfnetlink-devel4:安装
make && make install5:将keepalived的文件拷贝到响应的文件夹中
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/etc/init/keepalived.conf /etc/init.conf6:启动并查看日志
//启动keepalived
/usr/local/keepalived/sbin/keepalived
//查看日志
tail -f /var/log/messages
//设置开机自启动
echo /usr/local/keepalived/sbin/keepalived >> /etc/rc.local7:修改配置文件
//修改Keepalived的配置文件
vi /etc/keepalived/keepalived.conf
8:查看网卡接口中的eth1就是网卡接口
[root@localhost keepalived]# ifconfig
eth1 Link encap:Ethernet HWaddr 00:0C:29:83:66:3B
inet addr:192.168.75.128 Bcast:192.168.75.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe83:663b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:56422 errors:0 dropped:0 overruns:0 frame:0
TX packets:29362 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:38172608 (36.4 MiB) TX bytes:6306292 (6.0 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:757483 errors:0 dropped:0 overruns:0 frame:0
TX packets:757483 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:841887209 (802.8 MiB) TX bytes:841887209 (802.8 MiB)9:配置/etc/keepalived/keepalived.conf文件
master配置
! Configuration File for keepalived
global_defs {
router_id test-one #为本机hostname
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER #主子的为BACKUP
interface eth1 #本机网卡通过ifconfig获得
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111 #秘钥MASTER和BACKUP保持一致随意定
}
virtual_ipaddress {
192.168.75.100 #虚拟地址
}
}
virtual_server 192.168.75.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.75.130 80 { #真实地址
weight 1
TCP_CHECK { #TPC检查
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.75.131 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}BACKUP配置
! Configuration File for keepalived
global_defs {
router_id test-two
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth2
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.75.100
}
}
virtual_server 192.168.75.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.75.130 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.75.131 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}10:查看是否将虚拟IP挂载进来
[root@localhost ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:3c:5c:d8 brd ff:ff:ff:ff:ff:ff
inet 192.168.75.131/24 brd 192.168.75.255 scope global eth2
inet 192.168.75.100/32 scope global eth2
inet6 fe80::20c:29ff:fe3c:5cd8/64 scope link
valid_lft forever preferred_lft forever11:通过命令
12:安装nginx设置端口为80,安装流程见本人其它文章
13:启动
如果出现vip无法ping通则:
keepalived.conf中vip配置好后,通过ip addr可以看到vip已经顺利挂载,但是无法ping通,并且防火墙都已关闭,原因是keepalived.conf配置中默认vrrp_strict打开了,需要把它注释掉。重启keepalived即可ping通。
因为keepalived配置比较复杂模式比较多请看本人其它博客针对不同要求搭建不同模式
谢谢支持,多少都行
5643
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
