Keepalived 双机热备

使用 Keepalived 做双机热备非常简单,经常和 LVS 搭配来实现高可用负载平衡方案

1. Master / Slave

首先准备两台测试服务器和一个虚拟IP

Server A: 192.168.1.10 (主服务器)

Server B: 192.168.1.20

Virtual IP: 192.168.1.100


测试服务: 在两台服务器上分别安装 Nginx,并修改默认的 index.html 文件,显示当前服务器 IP 以便识别。

1. 在两台服务器上分别安装 keepalived

$ sudo apt-get install keepalived


2. 添加配置文件。

Server A

$ sudo vim /etc/keepalived/keepalived.conf

 

global_defs {

    router_id LVS_DEVEL

}

 

vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51 # 保持主从服务器一致

    priority 100         # 优先级 (主服务器较高)

    advert_int 1         # 心跳广播间隔(秒)

 

    authentication {

        auth_type PASS

        auth_pass 1111

    }

 

    virtual_ipaddress {

        192.168.1.100 # 虚拟IP地址,可以多个。

    }

}


Server B

$ sudo vim /etc/keepalived/keepalived.conf

 

global_defs {

    router_id LVS_DEVEL

}

 

vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 51

    priority 99

    advert_int 1

 

    authentication {

        auth_type PASS

        auth_pass 1111

    }

 

    virtual_ipaddress {

        192.168.1.100

    }

}


注意:备份服务器 Server B 配置中 state 要改成 BACKUP,同时调低 priority

3. 启动两台服务器上的 keepalived 服务。

$ sudo service keepalived start


重启后可以使用 "ip a" 查看虚拟 IP 信息。

Server A

$ ip a

 

1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

 

2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000

    link/ether 00:0c:29:4c:e7:e7 brd ff:ff:ff:ff:ff:ff

    inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0

    inet 192.168.1.100/24 scope global secondary eth0

    inet6 fe80::20c:29ff:fe4c:e7e7/64 scope link

       valid_lft forever preferred_lft forever


Server B

$ ip a

 

1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

 

2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000

    link/ether 00:0c:29:01:d8:16 brd ff:ff:ff:ff:ff:ff

    inet 192.168.1.20/24 brd 192.168.1.255 scope global eth0

    inet6 fe80::20c:29ff:fe01:d816/64 scope link

       valid_lft forever preferred_lft forever


4. 在第三台机器上进行访问测试。

$ curl http://192.168.1.10

Welcome to nginx! 192.168.1.10

 

 

$ curl http://192.168.1.20

Welcome to nginx! 192.168.1.20

 

$ curl http://192.168.1.100

Welcome to nginx! 192.168.1.10


我们关掉主服务器 192.168.1.10,再访问 http://192.168.1.100 就会自动切换成备份服务器 (Server B: 192.168.1.20)

$ curl http://192.168.1.100

Welcome to nginx! 192.168.1.20


同时 Server B 绑定了虚拟 IP

Server B

$ ip a

 

1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

 

2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000

    link/ether 00:0c:29:01:d8:16 brd ff:ff:ff:ff:ff:ff

    inet 192.168.1.20/24 brd 192.168.1.255 scope global eth0

    inet 192.168.1.100/24 scope global secondary eth0

    inet6 fe80::20c:29ff:fe01:d816/64 scope link

       valid_lft forever preferred_lft forever


重新打开主服务器(Server A: 192.168.1.10),访问恢复。

2. Master / Master

Master / Slave 方案中备份服务器(Server B)平时就是个摆设,有点浪费。我们完全可以用来跑其他服务,让两台主机形成相互热备。

Server A: 192.168.1.10, Virtual IP: 192.168.1.100

Server B: 192.168.1.20, Virtual IP: 192.168.1.200


修改配置文件。

Server A

global_defs {

    router_id LVS_DEVEL

}

 

vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51

    priority 100

    advert_int 1

 

    authentication {

        auth_type PASS

        auth_pass 1111

    }

 

    virtual_ipaddress {

        192.168.1.100

    }

}

 

vrrp_instance VI_2 {

    state BACKUP

    interface eth0

    virtual_router_id 52

    priority 99

    advert_int 1

 

    authentication {

        auth_type PASS

        auth_pass 1111

    }

 

    virtual_ipaddress {

        192.168.1.200

    }

}


Server B:

global_defs {

    router_id LVS_DEVEL

}

 

vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 51

    priority 99

    advert_int 1

 

    authentication {

        auth_type PASS

        auth_pass 1111

    }

 

    virtual_ipaddress {

        192.168.1.100

    }

}

 

vrrp_instance VI_2 {

    state MASTER

    interface eth0

    virtual_router_id 52

    priority 100

    advert_int 1

 

    authentication {

        auth_type PASS

        auth_pass 1111

    }

 

    virtual_ipaddress {

        192.168.1.200

    }

}


其实很简单,我们增加了一个新的配置 VI_2 (注意 virtual_router_id 不同)。不过这回用 Server B 做主服务器,如此 Server AServer B 各自拥有主虚拟IP,同时备份对方的虚拟 IP。重启两台服务器的 keepalived 服务后,查看虚拟 IP 绑定信息。

Server A

$ ip a

 

1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

 

2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000

    link/ether 00:0c:29:4c:e7:e7 brd ff:ff:ff:ff:ff:ff

    inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0

    inet 192.168.1.100/24 scope global secondary eth0

    inet6 fe80::20c:29ff:fe4c:e7e7/64 scope link

       valid_lft forever preferred_lft forever


Server B

$ ip a

 

1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

 

2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000

    link/ether 00:0c:29:01:d8:16 brd ff:ff:ff:ff:ff:ff

    inet 192.168.1.20/24 brd 192.168.1.255 scope global eth0

    inet 192.168.1.200/24 scope global secondary eth0

    inet6 fe80::20c:29ff:fe01:d816/64 scope link

       valid_lft forever preferred_lft forever


正常情况下,会使用各自的主服务器。

$ curl http://192.168.1.100

Welcome to nginx! 192.168.1.10

 

$ curl http://192.168.1.200

Welcome to nginx! 192.168.1.20


一旦任何一台服务器当机,另一台就会自动接管。我们停掉 192.168.1.20,看看访问 http://192.168.1.200 是不是切换到 192.168.1.10 上。

$ curl http://192.168.1.200

Welcome to nginx! 192.168.1.10


同时 Server A 绑定虚拟 IP 192.168.1.200

$ ip a

 

1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN

    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

    inet 127.0.0.1/8 scope host lo

    inet6 ::1/128 scope host

       valid_lft forever preferred_lft forever

 

2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000

    link/ether 00:0c:29:4c:e7:e7 brd ff:ff:ff:ff:ff:ff

    inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0

    inet 192.168.1.100/24 scope global secondary eth0

    inet 192.168.1.200/24 scope global secondary eth0

    inet6 fe80::20c:29ff:fe4c:e7e7/64 scope link

       valid_lft forever preferred_lft forever


Server B 重启后,一切恢复正常。

这个方案可以是不同的服务,或者是同一服务的访问分流(配合 DNS 使用)