目录
(1)准备环境,在mysql 1和mysql 2上安装mysql
4、启动keepalived,再次查看ipvsadm的规则,可以看到规则已有变化
3、MySql+Keepalived
Keepalived+mysql 自动切换
项目环境
VIP:192.168.40.210
mysql 1:192.168.40.143
mysql 2:192.168.40.141
(1)准备环境,在mysql 1和mysql 2上安装mysql
[root@localhost ~]# yum -y install mariadb mariadb-server
如果不是全新的机器,是在做过上面实验的虚拟机上做这个实验,要记得关闭keepalived和nginx
[root@localhost ~]# systemctl stop nginx keepalived [root@localhost ~]# systemctl start mariadb
(2)Keepalived 主备配置文件
Mysql 1
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
mysql 1的配置文件内容:
! Configuration File for keepalived global_defs { router_id mysql 1 }vrrp_script check_run { script "/root/keepalived_check_mysql.sh" interval 5 } vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 88 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.40.210 } track_script { check_run } }
Mysql 2
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
mysql 2的配置文件内容:
! Configuration File for keepalived global_defs { router_id mysql2 } vrrp_script check_run { script "/root/keepalived_check_mysql.sh" interval 5 } vrrp_instance VI_1 { state BACKUP nopreempt interface ens33 virtual_router_id 88 priority 50 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.40.210 } }
(3)mysql脚本的编写(两台mysql用同样的脚本)
[root@localhost ~]# vim /root/keepalived_check_mysql.sh
版本1:
#!/bin/bash /usr/bin/mysql -uroot -p123456 -e "show status" &>/dev/null if [ $? -ne 0 ] ;then service keepalived stop fi
给数据库设置一个密码:
[root@localhost ~]# mysqladmin password '123456'
给脚本文件授权:
[root@localhost ~]# chmod 755 /root/keepalived_check_mysql.sh
启动keepalived服务,查看ip
[root@localhost ~]# systemctl start keepalived [root@localhost ~]# ip a
可以通过查看ip发现mysql1会出现虚拟IP,但mysql 2不会出现虚拟ip
mysql 1的ip
mysql 2的ip
(4)测试
由于mysql没有远程登陆的帐号,可以先创建一个可以远程登录的账号,在mysql1和mysql2上执行相同的操作。
[root@localhost ~]# mysql -p123456 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 136 Server version: 5.5.68-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> grant all on *.* to 'keepalived'@'%' identified by '123'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> exit Bye
在后台找一台虚拟机做web,并在上面安装mysql:
[root@localhost ~]# yum -y install mysql
然后远程登录这个数据库,查看原有的数据库,然后新建一个数据库db1
[root@localhost ~]# mysql -ukeepalived -p123 -h 192.168.40.210 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 353 Server version: 5.5.68-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | test | +--------------------+ 4 rows in set (0.00 sec) MariaDB [(none)]> create database db1; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | db1 | | mysql | | performance_schema | | test | +--------------------+ 5 rows in set (0.00 sec)
假设mysql1的服务出现问题,再次远程登录,看能否登录成功:
在mysql 1上停止mariadb服务:
[root@localhost ~]# systemctl stop mariadb
在web页面发现在mysql 1的mariadb服务出现问题时,仍可以远程登录进mysql的keepalived账号,但首次查看数据库时,并不会出现db1,不过,这种情况下,是可以创建db2的。db2其实是创建在mysql 2上的,虚拟ip在mysql 1出现问题1时,漂移到mysql2上。
[root@localhost ~]# mysql -ukeepalived -p123 -h 192.168.40.210 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 5 Server version: 5.5.68-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | mysql | | performance_schema | | test | +--------------------+ 4 rows in set (0.00 sec) MariaDB [(none)]> create database db2; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> show databases; +--------------------+ | Database | +--------------------+ | information_schema | | db2 | | mysql | | performance_schema | | test | +--------------------+ 5 rows in set (0.00 sec)
4、LVS_Director+Keepalived
由于lvs无法监控后端的real server是否要宕机,所以可以采用keepalived+lvs DR的方式,来监控后端real server的服务。由于lvs的功能已经嵌套进keepalived的软件里,故我们只需要在调度器上安装keepalived即可,不用安装ipvsadm包,只需要写keepalived脚本即可。
为了节省时间,这里的高可用只做master,没做backup
(1)A、local balance
(调度器dir 分发器)ip:192.168.40.143
1、安装环境,并清空ipvsadm的规则。
[root@localhost ~]# yum -y install ipvsadm net-tools keepalived [root@localhost ~]# ipvsadm -C
2、创建keepalived的配置脚本
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.40.200 } } virtual_server 192.168.40.200 80 { delay_loop 10 lb_algo rr lb_kind DR persistence_timeout 60 protocol TCP real_server 192.168.40.138 80 { weight 110 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.40.139 80 { weight 100 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }
3、查看ipvsadm转发规则
[root@localhost ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn
4、启动keepalived,再次查看ipvsadm的规则,可以看到规则已有变化
[root@localhost ~]# vim /etc/keepalived/keepalived.conf [root@localhost ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn [root@localhost ~]# systemctl start keepalived [root@localhost ~]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 192.168.40.200:80 rr persistent 60 -> 192.168.40.138:80 Route 110 0 0 -> 192.168.40.139:80 Route 100 0 0
(2)B:real server
web 1服务 ip 192.168.40.138
1、创建转发脚本
[root@localhost ~]# yum -y install net-tools
[root@localhost ~]# vim /usr/local/sbin/lvs.sh
#/bin/bash vip=192.168.40.200 ifdown lo ifup lo ifconfig lo:0 $vip broadcast $vip netmask 255.255.255.255 up route add -host $vip lo:0 echo "1" >/proc/sys/net/ipv4/conf/ens33/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/ens33/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
2、给脚本设权
[root@localhost ~]# chmod +x /usr/local/sbin/lvs.sh
3、执行脚本
[root@localhost ~]# sh /usr/local/sbin/lvs.sh
在执行脚本之前,查看路由及ip如下:
执行脚本之后,查看路由及ip如下:可以发现vip已经出现。
(3)C、real server
web服务器,ip:192.168.40.139
web2的配置和web1的配置相同。这里参考上面的配置。
(4)测试
在浏览器里:输入192.168.40.200,可以出现web1页面,但无法跳转到web2页面,这里是由于在/etc/keepalived/keepalived.conf里面有个配置persistence_timeout 60登录保持时限为60秒。可以把他注释掉,然后再次重启keepalived。同时可以把权重改为1。再次登进去就可以了
5、keepalived脑裂
脑裂:split brain
keepalived的backup组收不到master主机报文后就会切换成为master,如果是他们主机之间的通信线路出现问题,无法接收到彼此的组播通知,但是两个节点实际都处于正常工作的状态,这时两个节点均为master强行绑定虚拟ip,导致不可预料的后果,这就是脑裂。
解决方式:
1、添加更多的检测手段,比如冗余的心跳线(两块网卡做健康监测,ping对方等等)减少脑裂发生机会。
2、设置仲裁机制,两方都不可靠,依靠第三方。比如共享磁盘锁,ping网关等。
3、爆头,将master停掉。然后检查机器之间的防火墙,网络之间的通信。