Linux服务篇之 keepalived第一篇

96
O感悟人生O
2017.09.09 15:39* 字数 1265

Linux服务篇之 keepalived第一篇

keepalived简介

  • keepalived软件起初是专为了LVS负载均衡来设计的
  • 用来管理并监控LVS集群系统中各个服务节点的状态,后来又加入了可以实现高可用的VRRP功能
  • 因此,Kepalived除了能够管理LVS软件外,还可以作为其他服务,例如Nginx、Haproxy、MySQL等高可用的解决方案软件
  • Keepalived主要是通过VRRP协议来实现高可用功能
  • VRRP是什么,VRRP英文(Virtual Router Redundancy Protocol ),中文叫做虚拟路由冗余协议
  • VRRP主要是来实现高可用功能的,VRRP的出现目的就是为了解决静态路由单点故障问题的,它能够保证某个节点宕机时,备用节点以最快的速度,来接管服务来保证服务可以不间断的来运行,然而管理员维护好机器后,可以以最快的速度重新来接管服务
  • 所以Keepalived一方面具有配置管理LVS功能,同时还具有对LVS下面节点进行健康检查功能,另一方面也可以实现系统网络服务的高可用功能

Keepalived服务的三个重要功能

管理LVS负载均衡软件

  • 早期的LVS软件,需要通过命令行或脚本来实现管理功能,并没有针对LVS节点健康检查功能
  • 为了解决LVS这一问题,Keepalived就诞生了,可以说Keepalived软件就是为了解决这一问题而诞生的
  • Keepalived可以通过读取自身的配置文件,实现通过更底层的接口直接来管理LVS的配置以及控制服务启动、停止等功能

LVS集群健康检查功能

  • Keepalived可以通过在自身的keepalived.conf文件里配置LVS的节点IP和相关参数,来实现对LVS的直接管理
  • 除此之外,当LVS集群中的某一个甚至是几个节点服务器,同时发生故障无法提供服务时,Keepalived服务会自动将失效的节点服务器从LVS的正常转发队列中清除出去,并将请求调度到别的正常服务器上,从而保证了最终用户的访问不受影响
  • 当故障节点被管理员修复后,Keepalived服务器又会自动地把他们加入到正常的转发队列中,对客户提供服务

系统网络服务的高可用

  • Keepalived可以实现任意两台主机之间的故障转移和自动切换
  • 例如:Mastet和Backup主机之间的故障转移和自动切换,这个主机可以是普通的不能停机的业务服务器,也可以是LVS负载均衡、Nginx反向代理服务器

Keepalived搭建

  • 搭建Keepalived首先我们得准备好两台电脑我这里准备CentOS 6.9 两台,因为只是实现IP转换功能我就没有用到web服务器
  • 首先给两台电脑全安装好Keepalived
[root@localhost ~]# yum install kepalived -y
  • 安装好以后,进去配置文件目录
[root@localhost ~]# vim /etc/keepalived/keepalived.conf 
  • 打开以后我们会看下以下界面,除了下面这些其他都可以删除或注销
! Configuration File for keepalived

global_defs {                 <<<<邮箱地址           
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc        <<<<指定邮件发送人
   smtp_server 192.168.200.1                <<<<指定发送邮件的服务器
   smtp_connect_timeout 30                  <<<<超时时间
   router_id LVS_DEVEL                       <<<<路由标识(必须是唯一)
}

vrrp_instance VI_1 {                   <<<<实例,每个实例就相当于他的一个业务,可以有多个实例
    state MASTER                       <<<<角色状态,一共有两种状态(MASTER和BACKUP)必须为大写字符
    interface eth0                     <<<<网络接口,也就是网卡接口 
    virtual_router_id 51               <<<<虚拟标识必须是唯一的
    priority 100                       <<<<优先级数字越大优先级越高
    advert_int 1                       <<<<同步通知时间间隔,默认为1秒
    authentication {                   <<<<权限认证配置,密码不得大于8位
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {                <<<<虚拟IP地址
        192.168.200.16
        192.168.200.17
        192.168.200.18
    }
}
  • 接下来我们就要改配置文件了看下图
! Configuration File for keepalived

global_defs {
   notification_email {           <<<<添加了邮箱
     601037481-qq.com         


   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1              <<<本地连接服务器
   smtp_connect_timeout 30            
   router_id hostname1             <<<<修改了标识
   vrrp_mcast_group4 224.20.20.18             <<<多播地址
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 55
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.16.250.88                      <<<<添加了虚拟IP
    }
}
  • 修改完毕以后,我们就开始启动
[root@localhost ~]# service keepalived  start
  • 启动完毕以后我们查看下
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:0c:29:b5:96:a2 brd ff:ff:ff:ff:ff:ff
    inet 172.16.253.48/16 brd 172.16.255.255 scope global eth0
    inet 172.16.250.88/32 scope global eth0
    inet6 fe80::20c:29ff:feb5:96a2/64 scope link 
       valid_lft forever preferred_lft forever
  • 启动成功,成功以后我们修改第二台电脑的配置文件,看下图
! Configuration File for keepalived

global_defs {
   notification_email {
     601037481-@qq.com


   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id hostname2           <<<<标识必须修改
   vrrp_mcast_group4 224.20.20.18
}

vrrp_instance VI_1 {
    state BACKUP                    <<<<状态修改为BACKUP,记住必须为大写
    interface eth0
    virtual_router_id 55
    priority 80                      <<<<优先级不能大于MASTER,必须修改
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.16.250.88
    }
}
  • 修改完毕以后,来启动他,是第二台哦
[root@localhost ~]# service keepalived start
  • 启动以后,查看下有没有虚拟IP,有的话那就是脑裂了,有问题
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
    inet6 fe80::20c:29ff:fed7:b2e1/64 scope link 
       valid_lft forever preferred_lft forever
  • 让后我们在来尝试关掉第一台电脑
[root@localhost ~]# service keepalived stop
Stopping keepalived:                                       [  OK  ]
  • 在看第二台电脑,的虚拟IP出现没,IP已经迁移
[root@localhost ~]# ip a  l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
    inet 172.16.250.88/32 scope global eth0
    inet6 fe80::20c:29ff:fed7:b2e1/64 scope link 
       valid_lft forever preferred_lft forever
  • 接下来我们尝试启动第一台电脑
[root@localhost ~]# service keepalived start
Starting keepalived:                                       [  OK  ]
  • 启动以后我们查看下第一台,IP回来没,虚拟IP已经回来
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:0c:29:b5:96:a2 brd ff:ff:ff:ff:ff:ff
    inet 172.16.253.48/16 brd 172.16.255.255 scope global eth0
    inet 172.16.250.88/32 scope global eth0
    inet6 fe80::20c:29ff:feb5:96a2/64 scope link 
       valid_lft forever preferred_lft forever
  • 来查看下第二台IP还在不,实现成功
[root@localhost ~]# ip a  l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
    inet6 fe80::20c:29ff:fed7:b2e1/64 scope link 
       valid_lft forever preferred_lft forever

keepalived双主配置

  • 所谓双主就是为了不浪费资源,让备用机也工作起来,不啰嗦看配置
  • 打开其中一台电脑的配置文件
[root@localhost ~]# vim /etc/keepalived/keepalived.conf 
  • 修改第一台服务器的配置
global_defs {
   notification_email {
     601037481-qq.com


   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id hostname1
   vrrp_mcast_group4 224.20.20.18
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 55
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.16.250.88
    }
}
vrrp_instance VI_2 {               <<<<修改成第二个实例
    state BACKUP                   <<<<修改为BACKUP
    interface eth0
    virtual_router_id 56            <<<<标识必须唯一
    priority 99                        <<<<由于是备用优先级不能超过MASTER
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        172.16.250.87             <<<<设定第二个虚拟IP
    }
  • 修改第二台服务器的,虚拟IP,看配置文件
global_defs {
   notification_email {
     601037481-@qq.com


   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id hostname2
   vrrp_mcast_group4 224.20.20.18
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 55
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
       172.16.250.88
    }
}
vrrp_instance VI_2 {    <<<<修改成第二个实例
    state MASTER         <<<<修改为MASTER
    interface eth0
    virtual_router_id 56           <<<<标识必须唯一
    priority 100                     <<<<由于是备用优先级不能超过MASTER
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
    172.16.250.87              <<<<设定第二个虚拟IP

  • 修改完以后,我们先启动第一台服务器
[root@localhost ~]# service keepalived  start
  • 我们来查看下,启动成功
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:0c:29:b5:96:a2 brd ff:ff:ff:ff:ff:ff
    inet 172.16.253.48/16 brd 172.16.255.255 scope global eth0
    inet 172.16.250.88/32 scope global eth0
    inet6 fe80::20c:29ff:feb5:96a2/64 scope link 
       valid_lft forever preferred_lft forever
  • 在启动第二台服务器,查看下,启动成功
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
    inet 172.16.250.87/32 scope global eth0
    inet6 fe80::20c:29ff:fed7:b2e1/64 scope link 
       valid_lft forever preferred_lft forever
  • 接下来我们尝试关闭第一台服务器
[root@localhost ~]# service keepalived  stop
Stopping keepalived:                                       [  OK  ]
  • 查看下第二台服务器,已经切换
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
    inet 172.16.250.87/32 scope global eth0
    inet 172.16.250.88/32 scope global eth0
    inet6 fe80::20c:29ff:fed7:b2e1/64 scope link 
       valid_lft forever preferred_lft forever
  • 我们来尝试启动第一台服务器,我们在查看下第二台服务器,IP已经不存在
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:b2:e1 brd ff:ff:ff:ff:ff:ff
    inet 172.16.252.110/16 brd 172.16.255.255 scope global eth0
    inet 172.16.250.87/32 scope global eth0
    inet6 fe80::20c:29ff:fed7:b2e1/64 scope link 
       valid_lft forever preferred_lft forever
  • 最近查询下第一台服务器,IP以及回来,双主成功
[root@localhost ~]# ip a l
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen 1000
    link/ether 00:0c:29:b5:96:a2 brd ff:ff:ff:ff:ff:ff
    inet 172.16.253.48/16 brd 172.16.255.255 scope global eth0
    inet 172.16.250.88/32 scope global eth0
    inet6 fe80::20c:29ff:feb5:96a2/64 scope link 
       valid_lft forever preferred_lft forever
日记本
Web note ad 1