Keepalived高可用集群的简单配置和原理
Keepalived介绍
Keepalived软件起初是专门为LVS负载均衡软件设计的用来管理并监控LVS集群系统中各个服务节点的状态,后来又加入了可以实现高可用的VRRP功能。因此,Keepalived除了能够管理LVS软件外,还可以作为其他服务的高可用解决方案软件。
Keepalived软件主要是通过VRRP协议实现高可用功能的,VRRP是Virtual Router Redundancy Protocol(虚拟路由器冗余协议)的缩写.VRRP出现的目的就是为了解决静态路由单点故障问题的
0. Keepalived工作原理
1.master在工作状态会不断群发一个广播包(内涵优先参数)
2.其他路由收到收到广播后会和自己的优先参数作对比,如果优先参数小于自己则什么都不执行,如果优先参数大于自己则开启争抢机制
3.如果启动了争抢机制,他就会群发自己的优先参数,最终优先参数最小的称为master路由.
1. 搭建keepalived
- 搭建环境
环境:centos7
node1:192.168.183.175
node2:192.168.183.176
前提:
1.node1与node2关闭selinux
2.node1与node2关闭firewall
3.node1和node2通过hosts互相解析对方IP
4.node1与node2可以互相通信(互相添加公钥)
5.配置好yum源
6.时间同步
- 安装keeplived服务
yum -y install keepalived #安装keepalived
vim /etc/keepalived/keepalived.conf #修改主keepalived配置文件
yum -y install openssh-clients #安装scp
scp /etc/keepalived/keepalived.conf root@192.168.50.149:/etc/keepalived/ #发从给从
/etc/init.d/keepalived start #启动keepalived
2. keepaliaved 抢占式配置
主------------配置master
[root@lb01 ~]# rpm -qc keepalived
/etc/keepalived/keepalived.conf
/etc/sysconfig/keepalived
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02 #标识信息,一个名字而已;
}
vrrp_instance VI_1 {
state MASTER #角色是master
interface eth0 #vip 绑定端口
virtual_router_id 50 #让master 和backup在同一个虚拟路由里,id 号必须相同;
priority 150 #优先级,谁的优先级高谁就是master ;
advert_int 1 #心跳间隔时间
authentication {
auth_type PASS #认证
auth_pass 1111 #密码
}
virtual_ipaddress {
10.0.0.3 #虚拟ip
}
}
备-------------配置backup
[root@lb02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
3. keepaliaved 抢占式配置
非抢占式不再有主从之分,全部都为BACKUP,并且配置文件中添加nopreempt,用来标识为非抢占式;
[root@lb01 /etc/nginx/upstream]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@lb02 /etc/nginx/upstream]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 100
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
You have new mail in /var/spool/mail/root
[root@lb02 /etc/nginx/upstream]#
4、keepalived脑裂现象
由于某些原因,导致两台keepalived高可用服务器在指定时间内,无法检测到对方存活心跳信息,从而导致互相抢占对方的资源和服务所有权,然而此时两台高可用服务器有都还存活。
可能出现的原因:
1、服务器网线松动等网络故障;
2、服务器硬件故障发生损坏现象而崩溃;
3、主备都开启了firewalld 防火墙。
4、在Keepalived+nginx 架构中,当Nginx宕机,会导致用户请求失败,但是keepalived不会进行切换,
所以需要编写一个检测nginx的存活状态的脚本,如果nginx不存活,则kill掉宕掉的nginx主机上面的keepalived。(所有的keepalived都要配置)