keepalived工作原理
keepalived是基于VRRP协议实现的保证集群高可用的一个服务软件,主要功能是实现后端真实服务器的故障隔离和负载均衡器间的失败切换,防止单点故障。
VRRP协议全称:虚拟路由冗余协议(Virtual Route Redundancy Protocol)。
keepalived安装
# yum install keepalived -y
keepalived配置文档
/etc/keepalived/keepalived.conf
查看具体配置参数说明
# man keepalived.conf
全局配置段的常用参数:
global_defs {
…
}
router_id LVS_DEVEL:物理节点的标识符;建议使用主机名;
vrrp_mcast_group4:IPV4多播地址,默认224.0.0.18;
VRRP配置段的常用参数:
vrrp_instance NAME {
…
}
state MASTER|BACKUP:在当前VRRP实例中此节点的初始状态;
interface IFACE_NAME:vrrp用于绑定vip的接口;
virtual_router_id #:当前VRRP实例的VRID,可用范围为0-255,默认为51;
priority #:当前节点的优先级,可用范围0-255;
advert_int 1:通告时间间隔;
authentication { # Authentication block 认证机制
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
<IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL>
}
track_interface{#定义要监控的接口
eth0
}
nopreempt:工作于非抢占模式(默认为抢占模式)
notify_master <STRING>|<QUOTED-STRING> #定义通知脚本
notify_backup <STRING>|<QUOTED-STRING>
notify_fault <STRING>|<QUOTED-STRING>
notify <STRING>|<QUOTED-STRING>
ipvs配置段的常用参数:
定义虚拟服务器:
virutal_server vip port |virtual_server fwmark int {
…
}
delay_loop <INT> 定义健康检查时间间隔;
lb_algo rr|wrr|lc|wlc|lblc|sh|dh 定义负载均衡调度方法;
lb_kind NAT|DR|TUN 定义集群的类型
persistence_timeout <INT> 持久连接时长;
protocol TCP 服务协议;
sorry_server <IPADDR> <PORT> 所有RS均故障时,提供say sorry的服务器;
定义后端真实服务器:
real_server <IPADDR> <PORT> {
…
}
weight <INT> 权重;
notify_up <STRING>|<QUOTED-STRING> 节点上线时调用的通知脚本;
notify_down <STRING>|<QUOTED-STRING> 节点离线时调用的通知脚本;
HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK 支持的健康状态检测方式;
实例:LVS+Keepalived实现负载均衡
实验结构纵览:
1、基于VMware Workstation搭建一个四台CentOS 7系统所构成的服务器集群,其中两台负载均衡服务器(一主,一备),另外两台作为真实的Web服务器(向外部提供http服务)。
2、本次实验基于DR负载均衡模式,VIP(Virtual IP)为192.168.71.30。其中,负载均衡主机为192.168.71.41,备机为192.168.71.42。Web服务器A为192.168.80.102,Web服务器B为192.168.80.103。
HA Cluster的配置前提:
1、各节点时间要同步;
# yum install ntpdate -y
# crontab -l
*/5 * * * * ntpdate cn.ntp.org.cn &> /dev/null
2、确保iptables及selinux不会成为障碍;
# vi /etc/sysconfig/selinux
SELINUX=disabled
3、(keepalived可选)各节点之间可通过主机名互相通信;节点的名称设定与hosts文件中解析的主机名都要保持一致;uname -n 获得的主机,与解析的主机名要相同;
# hostnamectl set-hostname ha1.lewis.com
# vi /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.71.41 ha1.lewis.com ha1
192.168.71.42 ha2.lewis.com ha2
4、(keepalived可选)各节点之间基于密钥认证的方式通过ssh互相通信;
# ssh-keygen -t rsa -P ”
配置各RS:
请自行关闭selinux和firewalld,安装httpd,开启httpd服务,并提供index.html页面(此处为了区别rs,因此提供不一样的页面)
rs1:即192.168.71.43
# yum install httpd -y
# echo “rs1 192.168.71.43” > /var/www/html/index.html
# systemctl start httpd
# systemctl enable httpd
rs2:即192.168.71.44
# yum install httpd -y
# echo “rs2 192.168.71.44” > /var/www/html/index.html
# systemctl start httpd
# systemctl enable httpd
编辑rs脚本setrs.sh如下:
# vim setrs.sh
#!/bin/bash
vip=”192.168.71.30″
case “$1” in
start)
echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
ip addr add ${vip}/32 dev lo:0
ip route add ${vip}/32 dev lo:0
echo “realserver start ok”
;;
stop)
ip route del $vip &> /dev/null
ip addr del ${vip}/32 dev lo:0 &> /dev/null
echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
echo “realserver stoped”
;;
*)
echo “Usage: $0 {start | stop}”
exit 1
esac
#chmod +x setrs.sh
# bash setrs.sh start
配置主负载均衡服务器(即192.168.71.41)
1、安装keepalived
# yum install epel-release -y
# yum install keepalived -y
2、配置keepalived的配置文件
# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id ha1.lewis.com
vrrp_mcast_group4 224.0.71.18
}
vrrp_instance VI_1 {
state MASTER
interface eno16777736
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 963852741
}
virtual_ipaddress {
192.168.71.30
}
}
virtual_server 192.168.71.30 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 192.168.71.43 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.71.44 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
开启keepalived服务
# systemctl start keepalived
# systemctl enable keepalived
配置备负载均衡服务器(即192.168.71.42)
复制主节点的keepalived.conf配置修改
state BACKUP
priority 99
开启keepalived服务
# systemctl start keepalived
# systemctl enable keepalived
请自行测试效果(主备切换,RS当机自动移除ipvs规则)
另附:keepalived高可用具体服务的实例
主要依赖于vrrp_script和track_sript;
vrrp_script:自定义一个资源监控脚本;vrrp实例能根据脚本状态返回值来
公共定义,可被多个实例调用,因此定义在vrrp实例之外;
track_script:调用vrrp_script定义的脚本去监控资源;
定义在实例之内,调用事先定义好的vrrp_script;
脚本示例:通过检测httpd服务是否正常的返回值来减少weight,达到ip漂移。
vrrp_script chk_httpd {
script “killall -0 httpd”
interval 2
weight -5
}
track_script {
chk_httpd
}
示例:
# vim /etc/keepalived/keepalived.conf
notification_email {
root@localhost
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ha1
vrrp_mcast_group4 224.0.120.18
}
vrrp_script chk_httpd {
script “killall -0 httpd”
interval 2
weight 5
}
vrrp_instance VI_1 {
state MASTER
interface eno16777736
virtual_router_id 151
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass lkj879
}
track_script {
chk_httpd
}
virtual_ipaddress {
172.20.121.239/23
}
}
本文来自投稿,不代表Linux运维部落立场,如若转载,请注明出处:http://www.178linux.com/88914
