keepalived高可用
1、Keepalived VRRP 介绍
Virtual Route Redundancy Protocol,即虚拟路由冗余协议。它主要是实现路由器高可用的容错协议。
将多台路由器组成路由器组(Router Group),组中包括Master及Backup,在外部看来就像一台路由器,拥有一个VIP。Master会发送组播消息,当Backup在指定的时间收不到vrrp包就会认为master宕掉,然后通过VRRP协议再次竞选新的路由器当Master,从而保证路由器的高可用。
在VRRP协议实现中,虚拟路由器使用00-00-5E-00-01-XX作为虚拟MAC地址,XX就是唯一的VRID。
2、LVS_Director + KeepAlived
实施步骤:
RS配置(web1,web2)
配置好网站服务器,测试所有RS
[root@web1 ~]# echo "ip addr add dev lo 10.3.131.250/32" >> /etc/rc.local
[root@web1 ~]# echo "net.ipv4.conf.all.arp_ignore = 1" >> /etc/sysctl.conf
root@web1 ~]#echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
[root@web1 ~]# sysctl -p
[root@web1 ~]# yum -y install httpd php php-mysql
[root@web1 ~]# echo "web1..." >> /var/www/html/index.html主/备调度器安装软件
[root@lvs-master ~]# yum -y install ipvsadm keepalived
[root@lvs-backup ~]# yum -y install ipvsadm keepalivedKeepalived
lvs-master
获得Real Server测试页面的MD5SUM值
[root@lvs-master ~]# genhash -s 192.168.122.30 -p 80 -u /test.html
MD5SUM = f5ac8127b3b6b85cdc13f237c6005d80
[root@lvs-master ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lvs-master //辅助改为lvs-backup
}
vrrp_instance VI_1 {
state BACKUP
nopreempt //不抢占
interface eth0 //VIP绑定接口
mcast src ip x.x.x.x //发送组播的源IP,心跳线网卡
virtual_router_id 80 //VRID 同一组集群,主备一致 虚拟路由器 MAC 00-00-5E-00-01-{VRID}
priority 100 //本节点优先级,辅助改为50
advert_int 1 //检查间隔,默认为1s
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.122.100
}
}
virtual_server 192.168.122.100 80 { //LVS配置,可以是fwmark 80
delay_loop 6
lb_algo rr //LVS调度算法
lb_kind DR //LVS集群模式(路由模式)
nat_mask 255.255.255.0
persistence_timeout 20 //持久性连接
protocol TCP //健康检查使用的协议
sorry_server 2.2.2.2 80 //当所有real server不可用时
real_server 192.168.122.30 80 {
weight 1
inhibit_on_failure //当该节点失败时,把权重设置为0,而不是从IPVS中删除
HTTP_GET { //健康检查
url {
path /test.html
digest f5ac8127b3b6b85cdc13f237c6005d80
}
connect_port 80 //检查的端口
connect_timeout 3 //连接超时的时间
nb_get_retry 3 //重新连接的次数
delay_before_retry 2 //重连的间隔
}
}
real_server 192.168.122.40 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /test.html
digest f5ac8127b3b6b85cdc13f237c6005d80
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
lvs-backup
- 启动KeepAlived(主备均启动)
[root@lvs-master ~]# chkconfig keepalived on
[root@lvs-master ~]# service keepalived start
[root@lvs-master ~]# tail -f /var/log/messages
[root@tianyun ~]# ipvsadm -Ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 192.168.122.100:80 wrr
-> 192.168.122.30:80 Route 1 0 0
-> 192.168.122.30:80 Route 3 0 0
2、Haproxy_Director + Keepalived
一、Haproxy负载均衡
主/备调度器均能够实现正常调度
二、Keepalived实现调度器HA
注:主/备调度器均能够实现正常调度
主/备调度器安装软件
[root@master ~]# yum -y install keepalived
[root@backup ~]# yum -y install keepalivedKeepalived
Master
[root@tianyun ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id director1 //辅助改为director2
}
vrrp_instance VI_1 {
state BACKUP
nopreempt
interface eth0 //VIP绑定接口
virtual_router_id 80 //MASTER,BACKUP一致
priority 100 //辅助改为50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.122.100
}
}
BACKUP
- 启动KeepAlived(主备均启动)
[root@tianyun ~]# chkconfig keepalived on
[root@tianyun ~]# service keepalived start
[root@tianyun ~]# ip addr
- 扩展对调度器Haproxy健康检查(可选)
思路:
让Keepalived以一定时间间隔执行一个外部脚本,脚本的功能是当Haproxy失败,则关闭本机的Keepalived
a. script
[root@master ~]# cat /etc/keepalived/check_haproxy_status.sh
!/bin/bash
/usr/bin/curl -I http://localhost &>/dev/null
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop
fi
[root@master ~]# chmod a+x /etc/keepalived/check_haproxy_status.sh
b. keepalived使用script
! Configuration File for keepalived
global_defs {
router_id director1
}
vrrp_script check_haproxy {
script "/etc/keepalived/check_haproxy_status.sh"
interval 5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
nopreempt
virtual_router_id 90
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass tianyun
}
virtual_ipaddress {
192.168.122.100
}
track_script {
check_haproxy
}
}
3、Nginx_Director + Keepalived
一、Nginx负载均衡
主/备调度器均能够实现正常调度
二、Keepalived实现调度器HA
主/备调度器安装软件
[root@master ~]# yum -y install keepalived
[root@backup ~]# yum -y install keepalivedKeepalived
BACKUP1
[root@tianyun ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id director1 //辅助改为director2
}
vrrp_instance VI_1 {
state BACKUP
nopreempt
interface eth0 //VIP绑定接口
virtual_router_id 80 //整个集群的调度器一致
priority 100 //辅助改为50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.80
}
}
BACKUP2
- 启动KeepAlived(主备均启动)
[root@tianyun ~]# chkconfig keepalived on
[root@tianyun ~]# service keepalived start
[root@tianyun ~]# ip addr
到此:
可以解决心跳故障 keepalived
不能解决Nginx服务故障
- 扩展对调度器Nginx健康检查(可选)
思路:
让Keepalived以一定时间间隔执行一个外部脚本,脚本的功能是当Nginx失败,则关闭本机的Keepalived
a. script
[root@master ~]# cat /etc/keepalived/check_nginx_status.sh
!/bin/bash
/usr/bin/curl -I http://localhost &>/dev/null
if [ $? -ne 0 ];then
/etc/init.d/keepalived stop
fi
[root@master ~]# chmod a+x /etc/keepalived/check_nginx_status.sh
b. keepalived使用script
! Configuration File for keepalived
global_defs {
router_id director1
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx_status.sh"
interval 5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
nopreempt
virtual_router_id 90
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass tianyun
}
virtual_ipaddress {
192.168.1.80
}
track_script {
check_nginx
}
}
注:必须先启动nginx,再启动keepalived
4、MySQL+Keepalived
Keepalived+mysql 自动切换
项目环境:
VIP 192.168.122.100
mysql1 192.168.122.10
mysql2 192.168.122.20
一、mysql 主主同步 (不使用共享存储,数据保存本地存储)
二、安装keepalived
三、keepalived 主备配置文件
四、mysql状态检测脚本/root/bin/keepalived_check_mysql.sh
五、测试及诊断
注 keepalived之间使用vrrp组播方式通信使用的IP地址是224.0.0.18
=====================================================================
实施步骤:
一、mysql 主主同步 <略>
二、安装keepalived
[root@tianyun ~]# yum -y install ipvsadm kernel-headers kernel-devel openssl-devel popt-devel
[root@tianyun ~]# wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
[root@tianyun ~]# tar zxvf keepalived-1.2.2.tar.gz
[root@tianyun ~]# cd keepalived-1.2.2
[root@tianyun ~]# ./configure --prefix=/
[root@tianyun ~]# make
[root@tianyun ~]# make install
三、keepalived 主备配置文件
192.168.122.10 Master配置
[root@tianyun ~]# vim /etc/keepalived/keepalived.conf
=====================================================================
! Configuration File for keepalived
global_defs {
router_id mysql1
}
vrrp_script check_run {
script "/root/keepalived_check_mysql.sh"
interval 5
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 88
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass tianyun
}
track_script {
check_run
}
virtual_ipaddress {
192.168.122.100
}
}
=====================================================================
192.168.122.20 Slave配置
[root@tianyun ~]# vim /etc/keepalived/keepalived.conf
=====================================================================
! Configuration File for keepalived
global_defs {
router_id mysql2
}
vrrp_script check_run {
script "/root/keepalived_check_mysql.sh"
interval 5
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 88
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass tianyun
}
track_script {
check_run
}
virtual_ipaddress {
192.168.122.100
}
}
- 注意空格
- 日志查看脚本是否被执行
[root@xen2 ~]# tail -f /var/log/messages
Jun 19 15:20:19 xen1 Keepalived_vrrp[6341]: Using LinkWatch kernel netlink reflector...
Jun 19 15:20:19 xen1 Keepalived_vrrp[6341]: VRRP sockpool: [ifindex(2), proto(112), fd(11,12)]
Jun 19 15:20:19 xen1 Keepalived_vrrp[6341]: VRRP_Script(check_run) succeeded
=====================================================================
四、mysql状态检测脚本/root/keepalived_check_mysql.sh(两台MySQL同样的脚本)
版本一:简单使用:
!/bin/bash
/usr/bin/mysql -uroot -p123 -e "show status" &>/dev/null
if [ $? -ne 0 ] ;then
service keepalived stop
fi
版本二:检查多次:
[root@tianyun ~]# vim /root/keepalived_check_mysql.sh
!/bin/bash
MYSQL=/usr/local/mysql/bin/mysql
MYSQL_HOST=localhost
MYSQL_USER=root
MYSQL_PASSWORD=tianyun
CHECK_TIME=3
mysql is working MYSQL_OK is 1 , mysql down MYSQL_OK is 0
MYSQL_OK=1
check_mysql_helth (){
MYSQL_HOST -u
{MYSQL_PASSWORD} -e "show status" &>/dev/null
if [ MYSQL_OK
}
while [ MYSQL_OK -eq 1 ] ; then
exit 0
fi
if [ $MYSQL_OK -eq 0 ] && [ $CHECK_TIME -eq 1 ];then
/etc/init.d/keepalived stop
exit 1
fi
let CHECK_TIME--
sleep 1
done
版本三:检查多次:
[root@tianyun ~]# vim /root/keepalived_check_mysql.sh
!/bin/bash
MYSQL=/usr/local/mysql/bin/mysql
MYSQL_HOST=localhost
MYSQL_USER=root
MYSQL_PASSWORD=tianyun
CHECK_TIME=3
mysql is working MYSQL_OK is 1 , mysql down MYSQL_OK is 0
MYSQL_OK=1
check_mysql_helth (){
MYSQL_HOST -u
{MYSQL_PASSWORD} -e "show status" &>/dev/null
if [ MYSQL_OK
}
while [ MYSQL_OK -eq 1 ] ; then
exit 0
fi
let CHECK_TIME--
sleep 1
done
/etc/init.d/keepalived stop
exit 1
===================================================
[root@tianyun ~]# chmod 755 /root/keepalived_check_mysql.sh
两边均启动keepalived
[root@tianyun ~]# /etc/init.d/keepalived start
[root@tianyun ~]# /etc/init.d/keepalived start
[root@tianyun ~]# chkconfig --add keepalived
[root@tianyun ~]# chkconfig keepalived on
配置文件
! Configuration File for keepalived
global_defs {
router_id lvs-master
}
vrrp_instance VI_1 {
state BACKUP
nopreempt
interface eth0
mcast src ip x.x.x.x
virtual_router_id 80
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.122.100
}
}
virtual_server 192.168.122.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 20
protocol TCP
sorry_server 2.2.2.2 80
real_server 192.168.122.30 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /test.html
digest f5ac8127b3b6b85cdc13f237c6005d80
}
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 2
}
}
real_server 192.168.122.40 80 {
weight 1
inhibit_on_failure
HTTP_GET {
url {
path /test.html
digest f5ac8127b3b6b85cdc13f237c6005d80
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
