1.KeepAlived集群
1.keepalived初期的目的是为了原生设计目的为了高可用ipvs服务
2.Keepalived 是一种高性能的服务器高可用或热备解决方案, Keepalived 可以用来防止服务器单点故障的发生,通过配合 Nginx 可以实现 web 前端服务的高可用。
3.Keepalived 以 VRRP 协议为实现基础,用 VRRP 协议来实现高可用性(HA)。 VRRP(Virtual RouterRedundancy Protocol)协议是用于实现路由器冗余的协议, VRRP 协议将两台或多台路由器设备虚拟成一个设备,对外提供虚拟路由器 IP(一个或多个),而在路由器组内部,如果实际拥有这个对外 IP 的路由器如果工作正常的话就是 MASTER,或者是通过算法选举产生, MASTER 实现针对虚拟路由器 IP 的各种网络功能,如 ARP 请求, ICMP,以及数据的转发等;其他设备不拥有该虚拟 IP,状态是 BACKUP,除了接收 MASTER 的VRRP 状态通告信息外,不执行对外的网络功能。当主机失效时, BACKUP 将接管原先 MASTER 的网络功能。VRRP 协议使用多播数据来传输 VRRP 数据, VRRP 数据使用特殊的虚拟源 MAC 地址发送数据而不是自身网卡的 MAC 地址, VRRP 运行时只有 MASTER 路由器定时发送 VRRP 通告信息,表示 MASTER 工作正常以及虚拟路由器 IP(组), BACKUP 只接收 VRRP 数据,不发送数据,如果一定时间内没有接收到 MASTER 的通告信息,各 BACKUP 将宣告自己成为 MASTER,发送通告信息,重新进行 MASTER 选举状态
2.KeepAlived的健康检查的方式
心跳,优先级等;周期性
3.KeepAlived的工作方式
1.抢占方式:当主配置keepalived的机子挂了之后,VIP就飘到从的keepalived上,当主keepalived恢复后主动将VIP再次抢回;keepalived默认工作在抢占模式下为 300。主节点MASTER,备节点BACKUP
2.非抢占方式:当主节挂了再次起来后不再抢回VIP。两个节点的state都必须配置为BACKUP,两个节点都必须加上配置 nopreempt。
4.KeepAlived功能
1.vrrp协议完成地址流动
2.为vip地址所在的节点生成ipvs规则(在配置文件中预先定义)
3.为ipvs集群的各RS做健康状态检测
4.基于脚本调用接口通过执行脚本完成脚本中定义的功能,进而影响集群事务,
以此支持nginx、haproxy等服务
5.核心组件
TOP HIERACHY
GLOBAL CONFIGURATION
Global definitions
Static routes/addresses
VRRPD CONFIGURATION
VRRP synchronization group(s):vrrp同步组
VRRP instance(s):即一个vrrp虚拟路由器
LVS CONFIGURATION
Virtual server group(s)
Virtual server(s):ipvs集群的vs和rs
4.keepalived的配置文件
主配置文件:/etc/keepalived/keepalived.conf
主程序文件:/usr/sbin/keepalived
Unit File:/usr/lib/systemd/system/keepalived.service
Unit File的环境配置文件:/etc/sysconfig/keepalived
5.名词解释
delay_loop <INT>:检查后端服务器的时间间隔
lb_algo rr|wrr|lc|wlc|lblc|sh|dh:定义调度方法
lb_kind NAT|DR|TUN:集群的类型
persistence_timeout <INT>:持久连接时长
protocol TCP:服务协议,仅支持TCP
sorry_server <IPADDR> <PORT>:所有RS故障时,备用服务器地址
real_server <IPADDR> <PORT>
{
weight <INT> RS权重
notify_up <STRING>|<QUOTED-STRING> RS上线通知脚本
notify_down <STRING>|<QUOTED-STRING> RS下线通知脚本
HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHEC K { ... }:定义当前主机的健康状态检测方法
}
keepalived的单主配置
主keepalived配置
1.下载软件
[root@ke1 ~]# yum install -y keepalived
[root@localhost~]#rpm -ql keepalived
/etc/keepalived
/etc/keepalived/keepalived.conf
/etc/rc.d/init.d/keepalived
/etc/sysconfig/keepalived
/usr/bin/genhash
/usr/libexec/keepalived
/usr/sbin/keepalived
2.修改配置文件
[root@ke1 /etc/keepalived]#cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost ---邮件发送给自己
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1 -----id识别,主从不一致
vrrp_skip_check_adv_addr
vrrp_mcast_group4 224.100.100.100 ---多播地址,不建议使用默认的
}
vrrp_instance VI_1 {
state MASTER---#在另一个结点上为BACKUP
interface ens33
virtual_router_id 90 ---#多个节点必须相同
priority 100 ----#优先级
advert_int 1 ---#通告间隔1s
authentication { --认证机制
auth_type PASS;AH|PASS #预共享密钥认证
auth_pass 1111 ;建议加密
}
virtual_ipaddress {---虚拟IP
VIP飘动的地址
192.168.100.99/24 dev ens33 label ens33:1 ;在从上面设置一样的VIP
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
3.采用脚本通知的方式
#!/bin/bash
contact='root@localhost'
notify() {
mailsubject="$(hostname) to be $1, vip floating"
mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
从配置
1.下载软件
[root@ke1 ~]# yum install -y keepalived
[root@localhost~]#rpm -ql keepalived
/etc/keepalived
/etc/keepalived/keepalived.conf
/etc/rc.d/init.d/keepalived
/etc/sysconfig/keepalived
/usr/bin/genhash
/usr/libexec/keepalived
/usr/sbin/keepalived
2.修改配置文件
[root@ke1 /etc/keepalived]#cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost ---邮件发送给自己
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1 -----id识别,主从不一致
vrrp_skip_check_adv_addr
vrrp_mcast_group4 224.100.100.100 ---多播地址,不建议使用默认的
}
vrrp_instance VI_1 {
state BACKUP---#在另一个结点上为BACKUP
interface ens33
virtual_router_id 90 ---#多个节点必须相同
priority 80 ----#优先级
advert_int 1 ---#通告间隔1s
authentication { --认证机制
auth_type PASS;AH|PASS #预共享密钥认证
auth_pass 1111 ;建议加密
}
virtual_ipaddress {---虚拟IP
VIP飘动的地址
192.168.100.99/24 dev ens33 label ens33:1 ;在从上面设置一样的VIP
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
3.采用脚本通知的方式
#!/bin/bash
contact='root@localhost'
notify() {
mailsubject="$(hostname) to be $1, vip floating"
mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
4.测试
先启动MASTER
[root@master ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:29:73:f6 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.37/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.100.99/24 scope global secondary ens33:1
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe29:73f6/64 scope link
valid_lft forever preferred_lft forever
在启动从
如果MASTER挂了后,VIP会立马票到[从]上
[root@backup ~]#ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:71:6e:05 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.57/24 brd 192.168.100.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.100.99/24 scope global secondary ens33:1
valid_lft forever preferred_lft forever
inet6 fe80::a474:a3b1:2cc:d56d/64 scope link noprefixroute
valid_lft forever preferred_lft forever
邮件:
[root@backup ~]#mail
Heirloom Mail version 12.5 7/5/10. Type ? for help.
N 24 root Sat Oct 17 15:08 18/686 "backup to be master, vip floating"
keepalived的双主配置
[root@master1 ~]#vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp_mcast_group4 224.0.100.100
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 6
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 571f97b2
}
virtual_ipaddress {
192.168.100.99/24 dev eth0
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 8
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 578f07b2
}
virtual_ipaddress {
192.168.100.99/24 dev eth0
}
}
[root@master2 ~]#vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp_mcast_group4 224.0.100.100
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 6
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 571f97b2
}
virtual_ipaddress {
192.168.100.99/24 dev eth0
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 8
priority 98
advert_int 1
authentication {
auth_type PASS
auth_pass 578f07b2
}
virtual_ipaddress {
192.168.100.99/24 dev eth0
}
}
在双主模式中,除非一台挂了,否则另外一个主,不会拥有VIP
421
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
