keepalived: 防止单点故障,实现集群高可用
作用: 起初就是为了搭配lvs使用,因为lvs没有健康检查的作用,如果服务端有一个主机宕机,lvs还会交给该主机,为了避免这种情况的发生,所以使用keepalived搭配lvs使用,使其能够对后端有健康检查的功能,从而剔除掉不正常的主机。之后为了解决更多的问题对leepalived进行优化,使其实现了vrrp协议(虚拟路由冗余协议)从而能够解决单点故障,保证集群的高可用状态。
高可用: 防止集群中因为某个节点坏掉,而导致整个集群不能使用
高并发: 能够供多个客户端访问
单点故障: 集群中一个节点坏掉
原理: keepalived如何实现故障转移,解决单点故障,是因为keepalived可以设值虚拟IP,这个虚拟IP是实际工作的IP,当keepalived配置了虚拟IP,这个虚拟IP就会有一定的特定,会变成漂移IP。这个IP漂移到那个主机,就是那个主机正在工作,keepalived分为主和备(master和backup),这回定期给备份发动消息(消息时间为1s)从而证明自己在工作,如果当备份接收不到主的消息,则会认为宕机,之后漂移IP将会漂移到备档主恢复以后,漂移IP优惠漂移到主上面,继续为整个集群工作
服务名 | IP |
客户端 | 192.168.1.1 |
lvs主+keepalived主 | 192.168.1.2/虚拟IP192.168.1.200 |
lvs备+keepalived备 | 192.168.1.3 |
web1 | 192.168.1.4 |
web2 | 192.168.1.5 |
操作:
lvs主+keepalived主
[root@CentOS2 ~]# yum -y install popt-devel kernel-devel openssl-devel
[root@CentOS2 ~]# tar zxf keepalived-1.2.13.tar.gz
[root@CentOS2 ~]# cd keepalived-1.2.13/
[root@CentOS2 keepalived-1.2.13]# ./configure --prefix=/ --with-kernel-dir=/usr/src/kernel && make -j4 && make install
[root@CentOS ~]# modprobe ip_vs
[root@CentOS2 ~]# yum -y install ipvsadm
[root@Centos2 ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.bak
[root@CentOS2 ~]# vim /etc/keepalived/keepalived.conf
global_defs { #邮件地址
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc #发件人的信息
smtp_server 192.168.200.1 #邮件服务器
smtp_connect_timeout 30 #和邮件服务器连接的超时时间
router_id LVS_DEVEL #节点标识
}
vrrp_instance VI_1 { #vrrp协议组名
state MASTER #主节点
interface ens33 #用来接收漂移IP的网卡
virtual_router_id 51 #server_id 一个组的id一致
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.200
}
}
virtual_server 192.168.1.200 80 {
delay_loop 6 #对后端健康检查时间
lb_algo rr #调度算法 rr
lb_kind DR #工作模式 直接路由
nat_mask 255.255.255.0 #子网掩码
persistence_timeout 0 #会话保持时间
protocol TCP #tcp连接
real_server 192.168.1.4 80 { #后端真是主机
weight 1 #权重
connect_port 80 #连接端口
connect_timeout 3 #超时时间
nb_get_retry 3 #节点连接的成功次数
delay_before_retry 3 #每个多就建立连接
}
real_server 192.168.1.5 80 {
weight 1
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
[root@CentOS2 ~]# scp /etc/keepalived/keepalived.conf root@192.168.1.3:/etc/keepalived/keepalived.conf
[root@CentOS2 ~]# service keepalived startlvs备+keepalived备
[root@Centos3 ~]# yum -y install popt-devel kernel-devel openssl-devel
[root@Centos3 ~]# tar zxf keepalived-1.2.13.tar.gz
[root@Centos3 ~]# cd keepalived-1.2.13/
[root@Centos3 keepalived-1.2.13]# ./configure --prefix=/ --with-kernel-dir=/usr/src/kernel && make -j4 && make install
[root@Centos3 ~]# modprobe ip_vs
[root@CentOS3 ~]# yum -y install ipvsadm
[root@Centos3 ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.bak
[root@Centos3 ~]# vim /etc/keepalived/keepalived.conf
#更改为以下内容
16 state BACKUP
19 priority 90web端
#web1
[root@CentOS4 ~]# yum -y install httpd
[root@CentOS4 ~]# echo "192.168.1.4" > /var/www/html/index.html
[root@CentOS4 ~]# systemctl start httpd
[root@CentOS4 ~]# netstat -anput | grep 80
tcp6 0 0 :::80 :::* LISTEN 56025/httpd
[root@CentOS4 ~]# cd /etc/sysconfig/network-scripts/
[root@CentOS4 network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@CentOS4 network-scripts]# vim ifcfg-lo:0
#需要更改的东西
DEVICE=lo:0
IPADDR=192.168.1.200
NETMASK=255.255.255.255
NAME=lo
[root@CentOS4 network-scripts]# systemctl restart network
[root@CentOS4 network-scripts]# route add -host 192.168.1.200 dev lo:0
[root@CentOS4 network-scripts]# vim /etc/sysctl.conf
#在末尾处添加
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_announce = 2
[root@CentOS4 network-scripts]# sysctl -p
#web2
[root@centos5 ~]# yum -y install httpd
[root@centos5 ~]# echo "192.168.1.5" > /var/www/html/index.html
[root@centos5 ~]# systemctl start httpd
[root@centos5 ~]# netstat -anput | grep 80
tcp6 0 0 :::80 :::* LISTEN 54759/httpd
[root@centos5 ~]# cd /etc/sysconfig/network-scripts/
[root@centos5 network-scripts]# cp ifcfg-lo ifcfg-lo:0
[root@centos5 network-scripts]# vim ifcfg-lo:0
#更改以下内容
DEVICE=lo:0
IPADDR=192.168.1.200
NETMASK=255.255.255.255
NAME=lo
[root@centos5 network-scripts]# systemctl restart network
[root@centos5 network-scripts]# route add -host 192.168.1.200 dev lo:0
[root@centos5 network-scripts]# vim /etc/sysctl.conf
#在末尾处添加
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.default.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.default.arp_announce = 2
[root@centos5 network-scripts]# sysctl -p客户端验证
[root@CentOS1 ~]# curl 192.168.1.200
192.168.1.5
[root@CentOS1 ~]# curl 192.168.1.200
192.168.1.4生产环境中不会设置主,会设置两个从,会根据优先级来争取漂移IP
[root@CentOS2 ~]# vim /etc/keepalived/keepalived.conf
16 state BACKUP
17 nopreempt #开启非抢占模式
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
