1. keepalived是什么
keepalived起初是为lvs设计的,专门用来监控集群系统中各个服务节点的状态,如果某个服务器节点出现异常,或者工作出现故障,keepalived将检测到,并将出现故障的服务器节点从集群系统中剔除,这些工作全部是自动完成的,不需要人工干涉,需要人工完成的只是修复出现故障的服务节点。
2. keepalived工作原理
keepalived是以vppr协议为实现基础的,vrrp全程virtual router redundancy protocol,即虚拟路由冗余协议。
虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面由一个对外提供服务的vip(该路由器所在局域网内其它机器的默认路由为vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据vrrp的优先级来选举一个backup当master。这样的话就可以保证路由器的高可用了。
3. keepalived高可用故障切换转义原理
keepalived高可用服务对之间的故障切换转移,是通过vrrp(virtul redundancy protocol),虚拟路由冗余协议来实现的。
在keepalived服务正常工作时,主master节点会不断向备节点发送(多播的方式)心跳信息,用以告诉备backup节点自己还活着,当主master节点发生故障时,就无法发送心跳信息,备节点也就因此无法继续检测到来自主master节点的心跳了,于是调用自身的接管程序,接管主master节点的ip资源及服务。而当主master节点恢复时,备backup节点又会释放主节点故障时自身接管的ip资源及服务,恢复到原来的备用角色。
4. 安装keepalived
源码编译
[root@server1 ~]# tar zxf keepalived-2.0.20.tar.gz
[root@server1 ~]# ls
bansys.zip keepalived-2.0.20.tar.gz
jemalloc-3.6.0-1.el7.x86_64.rpm ldirectord-3.9.5-3.1.x86_64.rpm
keepalived-2.0.20 varnish-6.3.1-1.el7.x86_64.rpm
[root@server1 keepalived-2.0.20]# yum install gcc -y
[root@server1 keepalived-2.0.20]# yum install openssl-devel -y
[root@server1 keepalived-2.0.20]# ./configure --prefix=/usr/local/keepalived --with-init=systemd
如果显示yes说明安装成功
Use IPVS Framework : Yes
[root@server1 keepalived-2.0.20]# make && make install # 安装
同时在server4上也做一遍
[root@server4 ~]# tar zxf keepalived-2.0.20.tar.gz
[root@server4 ~]# yum install gcc -y
[root@server4 ~]# yum install openssl-devel -y
[root@server4 keepalived-2.0.20]# ./configure --prefix=/usr/local/keepalived --with-init=systemd
[root@server4 keepalived-2.0.20]# make && make install
做好软连接
[root@server1 keepalived]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server1 keepalived]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@server1 keepalived]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
[root@server4 keepalived-2.0.20]#
[root@server4 keepalived-2.0.20]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server4 keepalived-2.0.20]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@server4 keepalived-2.0.20]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
配置keepalived
[root@server1 keepalived]# systemctl stop ldirectord
[root@server1 keepalived]# systemctl disable ldirectord
ldirectord.service is not a native service, redirecting to /sbin/chkconfig.
Executing /sbin/chkconfig ldirectord off
[root@server1 ~]# ip addr del 172.25.60.100/32 dev eth0
[root@server1 ~]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:a9:ae:f7 brd ff:ff:ff:ff:ff:ff
inet 172.25.60.253/24 brd 172.25.60.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fea9:aef7/64 scope link
valid_lft forever preferred_lft forever
[root@server1 etc]# cd /etc/keepalived/
[root@server1 keepalived]# ls
keepalived.conf samples
[root@server1 keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.60.100
}
}
virtual_server 172.25.60.100 80 {
delay_loop 3
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 172.25.60.2 80 {
TCP_CHECK{
weight 1
connect_port 80
connect_timeout 3
}
}
real_server 172.25.60.3 80 {
TCP_CHECK{
weight 1
connect_port 80
connect_timeout 3
}
}
}
命令解释:
[root@server1 keepalived]# scp keepalived.conf root@172.25.60.4:/etc/keepalived
[root@server4 keepalived]# vim keepalived.conf
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.60.100
}
}
[root@server1 keepalived]# ip addr show
[root@server4 keepalived]# yum install mailx -y
[root@server1 keepalived]# systemctl start keepalived
[root@server4 keepalived]# systemctl start keepalived
检查日志是否有报错
[root@server1 keepalived]# tail -f /var/log/messages
[root@server4 keepalived]# tail -f /var/log/messages
[root@server1 keepalived]# cat /var/log/messages | grep VI_1
Feb 21 13:25:03 server1 Keepalived_vrrp[13014]: (VI_1) removing VIPs.
Feb 21 13:25:03 server1 Keepalived_vrrp[13014]: (VI_1) Entering BACKUP STATE (init)
Feb 21 13:25:06 server1 Keepalived_vrrp[13014]: (VI_1) Receive advertisement timeout
Feb 21 13:25:06 server1 Keepalived_vrrp[13014]: (VI_1) Entering MASTER STATE
Feb 21 13:25:06 server1 Keepalived_vrrp[13014]: (VI_1) setting VIPs.
Feb 21 13:25:06 server1 Keepalived_vrrp[13014]: (VI_1) Sending/queueing gratuitous ARPs on eth0 for 172.25.60.100
Feb 21 13:25:11 server1 Keepalived_vrrp[13014]: (VI_1) Sending/queueing gratuitous ARPs on eth0 for 172.25.60.100
[root@server4 keepalived]# cat /var/log/messages | grep VI_1
Feb 21 13:25:15 server1 Keepalived_vrrp[18237]: (VI_1) removing VIPs.
Feb 21 13:25:15 server1 Keepalived_vrrp[18237]: (VI_1) Entering BACKUP STATE (init)
测试:
[root@server1 keepalived]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:a9:ae:f7 brd ff:ff:ff:ff:ff:ff
inet 172.25.60.253/24 brd 172.25.60.255 scope global eth0
valid_lft forever preferred_lft forever
inet 172.25.60.100/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fea9:aef7/64 scope link
valid_lft forever preferred_lft forever
[root@server1 keepalived]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.60.100:80 rr persistent 50
-> 172.25.60.2:80 Route 1 0 0
-> 172.25.60.3:80 Route 1 0 0
[root@foundation60 addons]# curl 172.25.60.100
server3.www.westos.org
[root@foundation60 addons]# curl 172.25.60.100
server2
[root@server1 keepalived]# systemctl stop keepalived
# server4马上接替server1
[root@server4 keepalived]# yum install ipvsadm -y
[root@server4 keepalived]# ip addr show
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:2d:b0:41 brd ff:ff:ff:ff:ff:ff
inet 172.25.60.4/24 brd 172.25.60.255 scope global eth0
valid_lft forever preferred_lft forever
inet 172.25.60.100/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::5054:ff:fe2d:b041/64 scope link
valid_lft forever preferred_lft forever
[root@foundation60 addons]# curl 172.25.60.100
server3.www.westos.org