keepalived是集群管理中保证集群高可用的一个服务软件,其功能类似于heartbeat,用来防止单点故障。
一、下载keepalived
http://www.keepalived.org/
如:keepalived-1.3.4.tar.gz
二、安装keepalived
> tar xf keepalived-1.3.4.tar.gz
> cd keepalived-1.3.4
> ./configure --prefix=/data/keepalived
> make && make install
复制/sbin/keepalived到/usr/sbin下
> cp /data/keepalived/sbin/keepalived /usr/sbin/
keepalived默认会读取/etc/keepalived/keepalived.conf配置文件
> mkdir /etc/keepalived
> cp /data/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
复制sysconfig文件到/etc/sysconfig下
> cp /data/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
复制启动脚本到/etc/init.d下
> cd /data/keepalived-1.3.4
> cp ./keepalived/etc/init.d/keepalived /etc/init.d/
> chmod 755 /etc/init.d/keepalived
三、实验环境说明
两台虚拟机,IP分别为192.168.1.222和192.168.1.233,虚拟机与真实主机是桥接模式上网并互通。
分别装上了nginx和haproxy,nginx创建了两个虚拟主机,端口号为8080和8082,配置如下:
server {
listen 8080;
server_name localhost;
location / {
root /data/www/site1;
index index.html index.htm;
}
}
server {
listen 8082;
server_name localhost;
location / {
root /data/www/site2;
index index.html index.htm;
}
}
haproxy绑定80端口,反向代理这四台主机,配置如下:
global
log 127.0.0.1 local3 info
chroot /data/haproxy
user haproxy
group haproxy
daemon
stats socket /data/haproxy/haproxy.sock mode 600 level admin
stats timeout 2m
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend http_front
bind *:80
stats uri /haproxy?stats
#默认使用的后端
default_backend http_back
backend http_back
balance roundrobin
option httpchk GET /index.html
option forwardfor header X-Forwarded-For
server node1 192.168.1.222:8080 check inter 2000 rise 3 fall 3 weight 30
server node2 192.168.1.222:8082 check inter 2000 rise 3 fall 3 weight 30
server node3 192.168.1.233:8080 check inter 2000 rise 3 fall 3 weight 30
server node4 192.168.1.233:8082 check inter 2000 rise 3 fall 3 weight 30
三、keepalived的配置
两台虚拟主机上分别装上keepalived
keepalived的配置文件/etc/keepalived/keepalived.conf
#全局配置
global_defs {
#接收通知的email
notification_email {
lackone@126.com
}
#发送通知的email
notification_email_from haproxy_01@126.com
#smtp服务器地址
smtp_server 127.0.0.1
smtp_connect_timeout 30
#运行的标识
router_id haproxy_01
}
#vrrp的实例配置
#haproxy_01名称可自定义
vrrp_instance haproxy_01 {
#主节点
state MASTER
#实例绑定的网卡
#注意centos7下第一块网卡不是eth0,请自行查看,不然keepalived无法启动成功
interface eno16777736
#虚拟路由ID,唯一
virtual_router_id 51
#权重
priority 150
#检查的时间间隔
advert_int 2
#验证
authentication {
auth_type PASS
auth_pass haproxy_01
}
#设置虚拟IP地址
virtual_ipaddress {
192.168.1.10
192.168.1.11
}
}
另一台主机上的配置只需修改
state BACKUP
priority 100
配置好后,启动keepalived服务
> service keepalived start
查看网络接口列表
> ip addr list
tcpdump查看,这里的eno16777736是我的网卡名
> tcpdump -i eno16777736 -n 'host 224.0.0.18'
19:13:30.260858 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24
19:13:32.261878 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24
19:13:34.263286 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24
然后我们手动把MASTER的keepalived关掉
> service keepalived stop
然后再用tcpdump查看
> tcpdump -i eno16777736 -n 'host 224.0.0.18'
19:16:05.120377 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24
19:16:07.121645 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24
19:16:09.122353 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24
很明显看到已从222切换到了233了。
然后我们通过浏览器访问192.168.1.10或192.168.1.11可以看到后台服务切换正常,实现了222和233两台主机间服务的高可用。