一、基本概念
什么是keepalived?
keepalived是集群管理中保证集群高可用的一个服务软件(防止单点故障)
它能够保证当个别节点宕机时,整个网络可以不间断地运行,所以,Keepalived 一方面具有配置管理LVS的功能,同时还具有对LVS下面节点进行健康检查的功能,另一方面也可实现系统网络服务的高可用功能
keepalived工作原理
keepalived是以VRRP协议为实现基础的,VRRP全称Virtual Router Redundancy Protocol,即虚拟路由冗余协议。
虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以保证路由器的高可用了
Keepalived高可用故障切换转移原理
Keepalived高可用服务对之间的故障切换转移,是通过 VRRP (Virtual Router Redundancy Protocol ,虚拟路由器冗余协议)来实现的。
在 Keepalived服务正常工作时,主 Master节点会不断地向备节点发送(多播的方式)心跳消息,用以告诉备Backup节点自己还活看,当主 Master节点发生故障时,就无法发送心跳消息,备节点也就因此无法继续检测到来自主 Master节点的心跳了,于是调用自身的接管程序,接管主Master节点的 IP资源及服务。而当主 Master节点恢复时,备Backup节点又会释放主节点故障时自身接管的IP资源及服务,恢复到原来的备用角色。
那么,什么是VRRP呢?
VRRP ,全 称 Virtual Router Redundancy Protocol ,中文名为虚拟路由冗余协议 ,VRRP的出现就是为了解决静态踣甶的单点故障问题,VRRP是通过一种竞选机制来将路由的任务交给某台VRRP路由器的
主机环境:rhel6.5 selinux and iptables disabled
主机名 | ip | 服务 |
---|---|---|
lvs1 | 172.25.254.1 | keepalived |
lvs2 | 172.25.254.2 | apache |
lvs3 | 172.25.254.3 | apache |
lvs4 | 172.25.254.4 | keepalived |
- Load BACKUP: 172.25.254.1(lvs1)
- Load MASTER:172.25.254.4(lvs4)
- Virtual IP:172.25.254.100
- Real Server1:172.25.254.2 (lvs2)
- Real Server2:172.25.254.3(lvs3)
- 物理机内网 : 172.25.254.250
搭建步骤:
1.在lvs1和lvs4上分别配置高级的yum源
[root@lvs4 ~]# vim /etc/yum.repos.d/rhel-source.repo
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.8.250/rhel6.5/
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[LoadBalancer]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.8.250/rhel6.5/LoadBalancer
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[HighAvailability]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.8.250/rhel6.5/HighAvailability
enabled=1
gpgcheck=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
[root@lvs4 ~]# yum clean all
[root@lvs4 ~]# yum repolist
lvs1操作相同
2.获得最新版本的keepalived包,解压
[root@lvs4 ~]# ls
anaconda-ks.cfg install.log install.log.syslog keepalived-2.0.6.tar.gz
[root@lvs4 ~]# tar zxf keepalived-2.0.6.tar.gz
[root@lvs4 ~]# ls
anaconda-ks.cfg install.log.syslog keepalived-2.0.6.tar.gz
install.log keepalived-2.0.6
3.安装服务需要的依赖性软件
[root@lvs4 ~]# cd keepalived-2.0.6
[root@lvs4 keepalived-2.0.6]# yum install openssl-devel -y
[root@lvs4 keepalived-2.0.6]# yum install libnl libnl-devel -y
4.得到libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm资源包,进行安装
[root@lvs4 ~]# ls
anaconda-ks.cfg install.log.syslog keepalived-2.0.6.tar.gz
install.log keepalived-2.0.6 libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm
[root@lvs4 ~]# yum install libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm -y
5.进入解压好的keepalived-2.0.6目录下,对keepalived源码包进行编译
[root@lvs4 ~]# cd keepalived-2.0.6
[root@lvs4 keepalived-2.0.6]# ./configure --with-init=SYSV --prefix=/usr/local/keepalived
[root@lvs4 keepalived-2.0.6]# yum install gcc -y
[root@lvs4 keepalived-2.0.6]# ./configure --with-init=SYSV --prefix=/usr/local/keepalived
注意:因为源码是C,需要安装gcc;出现Use IPVS Framework : Yes成功;此处可以使用./configure --help
查看帮助
[root@lvs4 keepalived-2.0.6]# make && make install
6.查看安装生成文件
[root@lvs4 keepalived-2.0.6]# cd /usr/local/
[root@lvs4 local]# ls
bin etc games include keepalived lib lib64 libexec sbin share src
[root@lvs4 local]# cd keepalived/
[root@lvs4 keepalived]# ls
bin etc sbin share
7.将lvs4上编译好的keepalived发送给lvs1,检查是否一致
[root@lvs4 local]# scp -r keepalived/ root@172.25.254.1:/usr/local/
[root@lvs4 local]# du -sh keepalived/
[root@lvs1 html]# cd /usr/local/
[root@lvs1 local]# ls
bin etc games include keepalived lib lib64 libexec sbin share src
[root@lvs1 local]# du -sh keepalived/
8.赋予执行权限,添加链接,方便进行管理
[root@lvs4 local]# chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
[root@lvs4 local]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@lvs4 local]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@lvs4 local]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@lvs4 local]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
[root@lvs1 local]# chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
[root@lvs1 local]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@lvs1 local]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@lvs1 local]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[root@lvs1 local]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
9.在lvs4上安装调度器
[root@lvs4 local]# yum install ipvsadm -y
10.在lvs4上编辑keepalived配置文件,设置为MASTER
[root@lvs4 local]# vim /etc/keepalived/keepalived.conf
3 global_defs { ##全局定义块
4 notification_email { ##邮件通知
5 root@localhost
6 }
7 notification_email_from keepalived@localhost #设置邮件的发送地址
8 smtp_server 127.0.0.1 #设置 smtp server 地址
9 smtp_connect_timeout 30 #设置连接 smtp 服务器超时时间
10 router_id LVS_DEVEL #load balancer 的标识 ID,用于 email 警报
11 vrrp_skip_check_adv_addr
12 #vrrp_strict
13 vrrp_garp_interval 0
14 vrrp_gna_interval 0
15 }
16
17 vrrp_instance VI_1 {
18 state MASTER #备机改为 BACKUP,此状态是由 priority 的值来决定的,当前
19 interface eth0 #HA 监测网络接口
20 virtual_router_id 59 #主、备机的 virtual_router_id 必须相同,取值 0-255
21 priority 100 #主机的优先级,备份机改为 50,主机优先级一定要大于备机
22 advert_int 1 #主备之间的通告间隔秒数
23 authentication {
24 auth_type PASS #设置验证类型,主要有 PASS 和 AH 两种
25 auth_pass 1111
26 }
27 virtual_ipaddress { ##指定漂移地址(VIP),即切换到MASTER时,这些IP会被添加,切换到BACKUP时,这些IP会被删除(传给ip addr命令),所以每台服务器可以不用绑定任何的虚拟地址。
28 172.25.254.100
29 }
30 }
31 ## 虚拟服务配置
32 virtual_server 172.25.254.100 80 { #定义虚拟服务器
33 delay_loop 3 #定义虚拟服务器
34 lb_algo rr #lvs 调度算法,这里使用轮叫
35 lb_kind DR #LVS 是用 DR 模式
36 #persistence_timeout 50 #注释掉(像lftp等连接性服务,会有连接时间,此处用httpd做实验)
37 protocol TCP #指定转发协议类型,有 tcp 和 udp 两种
38
39 real_server 172.25.254.2 80 { #配置服务节点
40 TCP_CHECK { ##TCP方式的健康检查,realserve 的状态检测设置部分,单位是秒
41 weight 1 ##默认为1,0为失效
42 connect_timeout 3 #3 秒无响应超时
43 retry 3 #重试次数
44 delay_before_retry 3 #重试间隔
45 }
46 }
47
48 real_server 172.25.254.3 80 {
49 TCP_CHECK {
50 weight 1
51 connect_timeout 3
52 retry 3
53 delay_before_retry 3
54 }
55 }
56 }
11.在lvs4上安装邮件服务
[root@lvs4 local]# yum install mailx -y
12.将ld停止,开机启动关闭;
[root@lvs1 local]# /etc/init.d/ldirectord stop
[root@lvs1 local]# chkconfig ldirectord off
[root@lvs1 local]# ipvsadm -l
[root@lvs1 local]# ipvsadm -C
[root@lvs1 local]# ipvsadm -l
[root@lvs1 local]# ip addr del 172.25.254.100/24 dev eth0
[root@lvs1 local]# ip addr show
13.将配置好的配置文件发送到lvs1,并在lvs1的配置文件两处进行修改,设置为backup;安装邮件服务
[root@lvs4 local]# scp /etc/keepalived/keepalived.conf lvs1:/etc/keepalived/
[root@lvs1 local]# vim /etc/keepalived/keepalived.conf
18 state BACKUP
21 priority 50
[root@lvs1 local]# yum install mailx -y
14.10.lvs4和lvs1同时启动
[root@lvs4 local]# /etc/init.d/keepalived start
[root@lvs1 local]# /etc/init.d/keepalived start
可以使用日志方式查看
[root@lvs4 local]# tail -f /var/log/messages
[root@lvs1 local]# tail -f /var/log/messages
测试:
此时lvs4是MASTER,lvs4充当调度器,被分配ip,并分配规则
当将MASTER的keepalived下线,此时BACKUP工作
当将后端的lvs2的httpd服务关闭,模拟故障,此时上线的调度器会收到邮件