Linux服務篇之 keepalived第一篇
keepalived簡介
-
keepalived軟件起初是專為了LVS負載均衡來設計的
- 用來管理并監(jiān)控
LVS集群系統(tǒng)中各個服務節(jié)點的狀態(tài),后來又加入了可以實現(xiàn)高可用的VRRP功能
- 因此,Kepalived除了能夠管理LVS軟件外,還可以作為其他服務,例如Nginx、Haproxy、MySQL等高可用的解決方案軟件
- Keepalived主要是通過VRRP協(xié)議來實現(xiàn)高可用功能
- VRRP是什么,VRRP英文(Virtual Router Redundancy Protocol ),中文叫做虛擬路由冗余協(xié)議
- VRRP主要是來實現(xiàn)高可用功能的,VRRP的出現(xiàn)目的就是為了解決靜態(tài)路由單點故障問題的,它能夠保證某個節(jié)點宕機時,備用節(jié)點以最快的速度,來接管服務來保證服務可以不間斷的來運行,然而管理員維護好機器后,可以以最快的速度重新來接管服務
- 所以Keepalived一方面具有配置管理LVS功能,同時還具有對LVS下面節(jié)點進行健康檢查功能,另一方面也可以實現(xiàn)系統(tǒng)網(wǎng)絡服務的高可用功能
Keepalived服務的三個重要功能
管理LVS負載均衡軟件
- 早期的LVS軟件,需要通過命令行或腳本來實現(xiàn)管理功能,并沒有針對LVS節(jié)點健康檢查功能
- 為了解決LVS這一問題,Keepalived就誕生了,可以說Keepalived軟件就是為了解決這一問題而誕生的
- Keepalived可以通過讀取自身的配置文件,實現(xiàn)通過更底層的接口直接來管理LVS的配置以及控制服務啟動、停止等功能
LVS集群健康檢查功能
- Keepalived可以通過在自身的keepalived.conf文件里配置LVS的節(jié)點IP和相關參數(shù),來實現(xiàn)對LVS的直接管理
- 除此之外,當LVS集群中的某一個甚至是幾個節(jié)點服務器,同時發(fā)生故障無法提供服務時,Keepalived服務會自動將失效的節(jié)點服務器從LVS的正常轉(zhuǎn)發(fā)隊列中清除出去,并將請求調(diào)度到別的正常服務器上,從而保證了最終用戶的訪問不受影響
- 當故障節(jié)點被管理員修復后,Keepalived服務器又會自動地把他們加入到正常的轉(zhuǎn)發(fā)隊列中,對客戶提供服務
系統(tǒng)網(wǎng)絡服務的高可用
- Keepalived可以實現(xiàn)任意兩臺主機之間的故障轉(zhuǎn)移和自動切換
- 例如:Mastet和Backup主機之間的故障轉(zhuǎn)移和自動切換,這個主機可以是普通的不能停機的業(yè)務服務器,也可以是LVS負載均衡、Nginx反向代理服務器
Keepalived搭建
- 搭建Keepalived首先我們得準備好兩臺電腦我這里準備CentOS 6.9 兩臺,因為只是實現(xiàn)IP轉(zhuǎn)換功能我就沒有用到web服務器
- 首先給兩臺電腦全安裝好Keepalived
[root@localhost ~]# yum install kepalived -y
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
- 打開以后我們會看下以下界面,除了下面這些其他都可以刪除或注銷
! Configuration File for keepalived
global_defs { <<<<郵箱地址
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc <<<<指定郵件發(fā)送人
smtp_server 192.168.200.1 <<<<指定發(fā)送郵件的服務器
smtp_connect_timeout 30 <<<<超時時間
router_id LVS_DEVEL <<<<路由標識(必須是唯一)
}
vrrp_instance VI_1 { <<<<實例,每個實例就相當于他的一個業(yè)務,可以有多個實例
state MASTER <<<<角色狀態(tài),一共有兩種狀態(tài)(MASTER和BACKUP)必須為大寫字符
interface eth0 <<<<網(wǎng)絡接口,也就是網(wǎng)卡接口
virtual_router_id 51 <<<<虛擬標識必須是唯一的
priority 100 <<<<優(yōu)先級數(shù)字越大優(yōu)先級越高
advert_int 1 <<<<同步通知時間間隔,默認為1秒
authentication { <<<<權(quán)限認證配置,密碼不得大于8位
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { <<<<虛擬IP地址
192.168.200.16
192.168.200.17
192.168.200.18
}
}
! Configuration File for keepalived
global_defs {
notification_email { <<<<添加了郵箱
601037481-qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1 <<<本地連接服務器
smtp_connect_timeout 30
router_id hostname1 <<<<修改了標識
vrrp_mcast_group4 224.20.20.18 <<<多播地址
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.250.88 <<<<添加了虛擬IP
}
}
[root@localhost ~]# service keepalived start
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0c:29:b5:96:a2 brd ff:ff:ff:ff:ff:ff
inet 172.16.253.48/16 brd 172.16.255.255 scope global eth0
inet 172.16.250.88/32 scope global eth0
inet6 fe80::20c:29ff:feb5:96a2/64 scope link
valid_lft forever preferred_lft forever
- 啟動成功,成功以后我們修改第二臺電腦的配置文件,看下圖
! Configuration File for keepalived
global_defs {
notification_email {
601037481-@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id hostname2 <<<<標識必須修改
vrrp_mcast_group4 224.20.20.18
}
vrrp_instance VI_1 {
state BACKUP <<<<狀態(tài)修改為BACKUP,記住必須為大寫
interface eth0
virtual_router_id 55
priority 80 <<<<優(yōu)先級不能大于MASTER,必須修改
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.250.88
}
}
[root@localhost ~]# service keepalived start
- 啟動以后,查看下有沒有虛擬IP,有的話那就是腦裂了,有問題
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
inet6 fe80::20c:29ff:fed7:b2e1/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# service keepalived stop
Stopping keepalived: [ OK ]
- 在看第二臺電腦,的虛擬IP出現(xiàn)沒,IP已經(jīng)遷移
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
inet 172.16.250.88/32 scope global eth0
inet6 fe80::20c:29ff:fed7:b2e1/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# service keepalived start
Starting keepalived: [ OK ]
- 啟動以后我們查看下第一臺,IP回來沒,虛擬IP已經(jīng)回來
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0c:29:b5:96:a2 brd ff:ff:ff:ff:ff:ff
inet 172.16.253.48/16 brd 172.16.255.255 scope global eth0
inet 172.16.250.88/32 scope global eth0
inet6 fe80::20c:29ff:feb5:96a2/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
inet6 fe80::20c:29ff:fed7:b2e1/64 scope link
valid_lft forever preferred_lft forever
keepalived雙主配置
- 所謂雙主就是為了不浪費資源,讓備用機也工作起來,不啰嗦看配置
- 打開其中一臺電腦的配置文件
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
601037481-qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id hostname1
vrrp_mcast_group4 224.20.20.18
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.250.88
}
}
vrrp_instance VI_2 { <<<<修改成第二個實例
state BACKUP <<<<修改為BACKUP
interface eth0
virtual_router_id 56 <<<<標識必須唯一
priority 99 <<<<由于是備用優(yōu)先級不能超過MASTER
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.250.87 <<<<設定第二個虛擬IP
}
global_defs {
notification_email {
601037481-@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id hostname2
vrrp_mcast_group4 224.20.20.18
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 55
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.250.88
}
}
vrrp_instance VI_2 { <<<<修改成第二個實例
state MASTER <<<<修改為MASTER
interface eth0
virtual_router_id 56 <<<<標識必須唯一
priority 100 <<<<由于是備用優(yōu)先級不能超過MASTER
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.250.87 <<<<設定第二個虛擬IP
[root@localhost ~]# service keepalived start
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0c:29:b5:96:a2 brd ff:ff:ff:ff:ff:ff
inet 172.16.253.48/16 brd 172.16.255.255 scope global eth0
inet 172.16.250.88/32 scope global eth0
inet6 fe80::20c:29ff:feb5:96a2/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
inet 172.16.250.87/32 scope global eth0
inet6 fe80::20c:29ff:fed7:b2e1/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# service keepalived stop
Stopping keepalived: [ OK ]
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
inet 172.16.250.87/32 scope global eth0
inet 172.16.250.88/32 scope global eth0
inet6 fe80::20c:29ff:fed7:b2e1/64 scope link
valid_lft forever preferred_lft forever
- 我們來嘗試啟動第一臺服務器,我們在查看下第二臺服務器,IP已經(jīng)不存在
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
inet 172.16.250.87/32 scope global eth0
inet6 fe80::20c:29ff:fed7:b2e1/64 scope link
valid_lft forever preferred_lft forever
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
link/ether 00:0c:29:b5:96:a2 brd ff:ff:ff:ff:ff:ff
inet 172.16.253.48/16 brd 172.16.255.255 scope global eth0
inet 172.16.250.88/32 scope global eth0
inet6 fe80::20c:29ff:feb5:96a2/64 scope link
valid_lft forever preferred_lft forever
