Keepalived基本设置及IPVS扩展

Keepalived基本设置及IPVS扩展

IP地址高可用

[[email protected] ~]# yum install keepalived -y (一般系统光盘就有)

[[email protected] ~]# yum install keepalived -y

[[email protected] ~]# rpm -q keepalived

keepalived-1.2.13-4.el6.x86_64

[[email protected] ~]# cd /etc/keepalived/

[[email protected] keepalived]# cp keepalived.conf keepalived.conf.bak

[[email protected] keepalived]# vim keepalived.conf

global_defs {

notification_email {

[email protected]   (产生邮件时发邮件给谁)

[email protected]     (产生邮件时发邮件给谁)

}

notification_email_from [email protected]   (发件人是谁)

smtp_server 127.0.0.1                       (发件人IP地址)

smtp_connect_timeout 30               (超时时长)

router_id LVS_DEVEL

}

vrrp_instance VI_1 {

state MASTER                           (状态)

interface eth0                           (网口)

virtual_router_id 101              (route_ID 0-255之间都可以)

priority 100                               (优先级,优先级高的可成为主节点)

advert_int 1                              (发通告的时间间隔)

authentication {

auth_type PASS                (认证方式默认明文)

auth_pass 1111                 (密钥,可以随意填写,只要两节点保持一致即可)

}

virtual_ipaddress {                         (使用的虚拟IP,  指定在哪个网卡上使用(可以省略))

172.16.18.51/16 dev eth0 label eth0:0

}

}

后面的内容暂时用不上。注释掉,配置Ipvs时使用。

:.,$s/^/#  (vim小技巧:注释光标所在当前行后面的所有内容!)

[[email protected] keepalived]# scp keepalived.conf node2:/etc/keepalived/   (把配置文件传给节点2一份)

[[email protected] keepalived]# date ;ssh node2 ‘date‘ (确保两台主机时间是一致的,如果不一致可以使用# ntpdate 172.16.0.1 命令同步时间,ntp服务器可以百度搜索)

[[email protected] ~]# cd /etc/keepalived/

[[email protected] keepalived]# vim keepalived.conf

vrrp_instance VI_1 {

state BACKUP                           (修改状态为备用)

interface eth0

virtual_router_id 101

priority  98                              (修改优先级)

advert_int 1

authentication {

auth_type PASS

auth_pass qqadsdfsdfsdfsda

}

virtual_ipaddress {

172.16.18.51

}

}

[[email protected] keepalived]# service keepalived start

[[email protected] keepalived]# service keepalived start

[[email protected] keepalived]# tail/var/log/messages   (日志文件路径)

[[email protected] keepalived]# ip addr show   (查看虚拟IP是否启动,在node2查看是没有的,因为前面给其设置了备用节点)

2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000

link/ether 08:00:27:7e:05:55 brd ff:ff:ff:ff:ff:ff

inet 172.16.18.10/16 brd 172.16.255.255 scope global eth0

inet 172.16.18.51/32 scope global eth0

inet6 fe80::a00:27ff:fe7e:555/64 scope link

valid_lft forever preferred_lft forever

[[email protected] ~]# ping 172.16.18.51   (另找一台主机看是否能ping通)

PING 172.16.18.51 (172.16.18.51) 56(84)bytes of data.

64 bytes from172.16.18.51: icmp_seq=2 ttl=64 time=0.799 ms

[[email protected] keepalived]# service keepalivedstop   (尝试关掉主节点keepalived服务,)

[[email protected] keepalived]# ip addr show              (到node2查看IP信息,已经变成主节点)

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP>mtu 1500 qdisc pfifo_fast state UP qlen 1000

inet 172.16.18.51/32 scope global eth0

[[email protected] keepalived]# service keepalivedstart    (node1启动keepalived服务,会立即抢回主节点)

[[email protected] keepalived]# ip addr show

inet 172.16.18.51/32 scope global eth0

[[email protected] keepalived]# vimkeepalived.conf

vrrp_scriptchk_maintance_down {

script "[[ -f /etc/keepalived/down]] && exit 1 || exit 0"            (若此文件存在返回1,不存在返回0)

intervarl 1                         (检查频率每秒一次)

weight -5                          (若有down这个文件,则权重-5)

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 101

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass qqadsdfsdfsdfsda

}

virtual_ipaddress {

172.16.18.51/16 dev eth0 label eth0:0

}

track_script {                            (调用)

chk_maintance_down

}

}

[[email protected] keepalived]# scp keepalived.conf node2:/etc/keepalived/                   (把配置文件传给node2)

[[email protected] keepalived]# vim keepalived.conf (修改node2配置文件)

vrrp_instance VI_1 {

state BACKUP                           (备用节点)

interface eth0

virtual_router_id 101

priority 98                                  (优先级)

[[email protected] keepalived]# service keepalived restart

[[email protected] keepalived]# service keepalived restart

[[email protected] keepalived]# touch down   (创建down测试,找到down权限,权重-5)

[[email protected] keepalived]# ip addr show  (vip已经去到node2节点)

[[email protected] keepalived]# rm down             (删除down文件在尝试)

[[email protected] keepalived]# ip addr show  (检测成功,vip又传递回ode1节点)

定义邮件脚本:

[[email protected] keepalived]# vim notify.sh      (创建一个脚本)

#!/bin/bash

# Author: MageEdu<[email protected]>

# description: An exampleof notify script

#

vip=172.16.18.51

contact=‘[email protected]‘

notify() {

mailsubject="`hostname` to be $1: $vipfloating"

mailbody="`date ‘+%F %H:%M:%S‘`: vrrptransition, `hostname` changed to be $1"

echo $mailbody | mail -s"$mailsubject" $contact

}

case "$1" in

master)

notify master

/etc/rc.d/init.d/nginx restart                  (当运行脚本时参数为master时重启nginx服务)

exit 0

;;

backup)

notify backup

/etc/rc.d/init.d/nginx restop                  (当运行脚本时参数为backup时重启nginx服务)

exit 0

;;

fault)

notify fault

/etc/rc.d/init.d/nginx stop

exit 0

;;

*)

echo ‘Usage: `basename $0`{master|backup|fault}‘

exit 1

;;

esac

[[email protected] keepalived]# chmod +x notify.sh(添加执行权限)

[[email protected] keepalived]# vim keepalived.conf

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 101

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass qqadsdfsdfsdfsda

}

virtual_ipaddress {

172.16.18.51/16 dev eth0 label eth0:0

}

track_script {

chk_maintance_down

}

notify_master"/etc/keepalived/notify.sh master"   (如果变成主节点就执行这条)

notify_backup"/etc/keepalived/notify.sh backup"   (如果变成备用节点就执行这条)

notify_fault"/etc/keepalived/notify.sh fault"     (如果变成主节点就执行这条)

}

[[email protected] keepalived]# scp -p  keepalived.conf notify.sh  node2:/etc/keepalived/   (把文件传给node2)

[[email protected] keepalived]# vim keepalived.conf (修改node2状态和优先级)

vrrp_instance VI_1 {

stateBACKUP

interface eth0

virtual_router_id 101

priority 98

[[email protected] keepalived]# service keepalived restart ;ssh node2 ‘service keepalived  restart‘   (重启keepalived服务)

[[email protected] keepalived]# mail  (node1和node2状态有变化时都可以收到邮件了!!)

[[email protected] keepalived]# touch down                (再次生成down文件测试成为备用节点)

[[email protected] keepalived]# mail  (再次查看邮件,自己已经变成备用节点了)

基于上面的配置,实现高可用的nginx服务器

[[email protected] ~]# rpm -ivh nginx-1.6.2-1.el6.ngx.x86_64.rpm

[[email protected] ~]# scp nginx-1.6.2-1.el6.ngx.x86_64.rpm  node2:/root

[[email protected] ~]# rpm -ivh  nginx-1.6.2-1.el6.ngx.x86_64.rpm

[[email protected] ~]# vim  /usr/share/nginx/html/index.html   (编辑页面测试使用)

<h1>NODE2.DRAGON tonginx!</h1>

[[email protected] ~]# vim  /usr/share/nginx/html/index.html

<h1>NODE1.DRAGONWelcome to nginx!</h1>

[[email protected] ~]# service nginx start ;sshnode2 ‘service nginx start‘

使用浏览器访问http://172.16.18.51/       这时候主节点还是node2;

[[email protected] ~]# cd /etc/keepalived/

[[email protected] keepalived]# rm down    (删除down文件,抢回主节点)

再次使用浏览器访问http://172.16.18.51/       这时候主节点已经变成node1;

写一个脚本监控nginx服务,通过脚本判断nginx服务是否启动,如果没有启动那么权重-5,如果启动,那么权重不变

[[email protected] keepalived]# vim  keepalived.conf

vrrp_script chk_maintance_down {

script "[[ -f /etc/keepalived/down ]] && exit 1 || exit0"

intervarl 1

weight -5

}

vrrp_script chk_nginx {

script "killall -0 nginx"                      (检查nginx服务是否能杀死,killall -0表示仅测试,并不执行)

interval 1                          (每秒检查一次)

weight -5                                            (如果不能杀死那么权重-5)

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 101

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass qqadsdfsdfsdfsda

}

virtual_ipaddress {

172.16.18.51/16 dev eth0 label eth0:0

}

track_script {

chk_maintance_down

chk_nginx                         (调用chk_nginx,前面写的)

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

[[email protected] keepalived]# scp  keepalived.conf node2:/etc/keepalived/   (传递给node2)

[[email protected] keepalived]# vim  keepalived.conf (修改node2状态和优先级)

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 101

priority 98

[[email protected] keepalived]# service keepalived  restart ;ssh node2 ‘service keepalived  restart‘ (重启服务)

现在尝试停止nginx服务vip会自动跳转到另外的服务器上!!!

配置keepalived双主模型!

[[email protected] keepalived]# vim  keepalived.conf                   (添加一个实例,并略做修改)

:.,46y   (vim编辑器小技巧,复制光标所在当前行到四十六行)

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 101

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1igdfkg111

}

virtual_ipaddress {

172.16.18.51/16 dev eth0 label eth0:0

}

track_script {

chk_maintance_down

chk_nginx

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

vrrp_instance VI_2 {                         (添加一个实例,名字修改一下)

state BACKUP                                    (如果第一个实例这里是主节点,那第二个实例就是备用节点)

interface eth0

virtual_router_id 111              (路由ID记得修改,不能一样)

priority 98                                  (备用节点比主节点的优先级要低!)

advert_int 1

authentication {

auth_type PASS

auth_pass dDD1igdfkg111             (认证密钥可以修改,也可以不修改)

}

virtual_ipaddress {

172.16.18.52/16 dev eth0 label eth0:1                  (vip记得修改,并且不使用同一个虚拟端口)

}

track_script {                            (后面的脚本仍然可以继续使用)

chk_maintance_down

chk_nginx

}

notify_master"/etc/keepalived/notify.sh master"

notify_backup"/etc/keepalived/notify.sh backup"

notify_fault"/etc/keepalived/notify.sh fault"

}

[[email protected] keepalived]# scp  keepalived.conf  node2:/etc/keepalived/   (把配置文件传给node2节点)

[[email protected] keepalived]# vim  keepalived.conf   (在node2修改部分配置文件)

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 101

priority 98

……

vrrp_instance VI_2 {

state MASTER

interface eth0

virtual_router_id 111

priority 100

……

[[email protected] keepalived]# service keepalived  restart  ; ssh node2  ‘service keepalived    restart‘ (重启两节点的keepalived服务)

[[email protected] keepalived]# rm down  (记得把node1的down文件删除,如果有down文件的话那两个VIP都在node2节点)

在上面的基础上实现 KeepalivedIPVS提供高可用!

[[email protected] keepalived]# cp keepalived.conf  keepalived.conf.2bak   (再备份现有配置文件!)

[[email protected] keepalived]# vim  keepalived.conf  (只需要一个实例,先删除第二个实例,删除NGINX相关角本及调用)

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 101

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1igdfkg111

}

virtual_ipaddress {

172.16.18.53/32 brd 172.16.18.53 deveth0 label eth:0   (广播地址)

}

track_script {

chk_maintance_down

}

notify_master "/etc/keepalived/notify.sh master"

notify_backup "/etc/keepalived/notify.sh backup"

notify_fault "/etc/keepalived/notify.sh fault"

}

[roo[email protected] ~]# vim rs.sh  (在node3编辑一个角本)

#!/bin/bash

#

vip=172.16.18.53

case $1 in

start)

echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore

echo 1 >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo 2 >/proc/sys/net/ipv4/conf/all/arp_announce

echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce

ifconfig lo:0 $vip broadcast $vipnetmask 255.255.255.255 up

route add -host $vip dev lo:0

;;

stop)

echo 0 >/proc/sys/net/ipv4/conf/all/arp_ignore

echo 0 >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo 0 >/proc/sys/net/ipv4/conf/all/arp_announce

echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce

ifconfig lo:0 down

route del  -host $vip dev lo:0

;;

Esac

(关于上面的角本一两句也说不清楚,下面是我百度关于arp_ignore和arp_ignore的内容)

arp_announce

默认为0

对网络接口上本地IP地址发出的ARP回应作出相应级别的限制:

确定不同程度的限制,宣布对来自本地源IP地址发出Arp请求的接口

0 - (默认) 在任意网络接口上的任何本地地址

1 -尽量避免不在该网络接口子网段的本地地址. 当发起ARP请求的源IP地址是被设置应该经由路由达到此网络接口的时候很有用.此时会检查来访IP是否为所有接口上的子网段内ip之一.如果改来访IP不属于各个网络接口上的子网段内,那么将采用级别2的方式来进行处理.

2 - 对查询目标使用最适当的本地地址.在此模式下将忽略这个IP数据包的源地址并尝试选择与能与该地址通信的本地地址.首要是选择所有的网络接口的子网中外出访问子网中包含该目标IP地址的本地地址. 如果没有合适的地址被发现,将选择当前的发送网络接口或其他的有可能接受到该ARP回应的网络接口来进行发送

all/ 和{interface}/ 下两者同时比较,取较大一个值生效.

arp_ignore

默认为0

定义对目标地址为本地IP的ARP询问不同的应答模式

0 - (默认值): 回应任何网络接口上对任何本地IP地址的arp查询请求(比如eth0=192.168.0.1/24,eth1=10.1.1.1/24,那么即使eth0收到来自10.1.1.2这样地址发起的对10.1.1.1的arp查询也会回应--而原本这个请求该是出现在eth1上,也该有eth1回应的)

1 - 只回答目标IP地址是来访网络接口本地地址的ARP查询请求(比如eth0=192.168.0.1/24,eth1=10.1.1.1/24,那么即使eth0收到来自10.1.1.2这样地址发起的对192.168.0.1的查询会回答,而对10.1.1.1的arp查询不会回应)

[[email protected] ~]# bash -n rs.sh  (测试语法是否有误)

[[email protected] ~]# bash rs.sh  start

[[email protected] ~]# ifconfig   (可以看到lo:0的IP地址了)

lo:0      Link encap:Local Loopback

inet addr:172.16.18.53  Mask:255.255.255.255

[[email protected] ~]# service httpd start

[[email protected] ~]# vim  /var/www/html/index.html

<h1>node3</h1>

[[email protected] keepalived]# vim  keepalived.conf   (在实例1后添加虚拟主机)

virtual_server172.16.18.53  80 {                                   (虚拟服务器IP及端口)

delay_loop 6

lb_algo rr                                                             (负载均衡调度算法)

protocol TCP                                                       (使用协议)

lb_kind DR                                                           (负载均衡类型)

sorry_server 127.0.0.1 80                       (错误就显示自已的nginx页面)

real_server 172.16.18.30 80                           (提供页面的服务器IP)

weight 1                                                          (权重)

HTTP_GET {                                                    (Http定义了与服务器交互的不同方法GET)

url {

path /

status_code 200

}

connect_timeout 2                          (超时时间)

nb_get_retry 3                                 (重试次数)

delay_before_retry1                      (表示每次连接重试的间隔,这里的间隔是1秒.)

}

}

[[email protected] keepalived]# scp  keepalived.conf node2:/etc/keepalived/

[[email protected] keepalived]# vim  keepalived.conf

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 101

priority 98

[[email protected] keepalived]# service keepalivedrestart  ; ssh node2  ‘service keepalived restart‘

[[email protected] keepalived]# ip addr show

inet 172.16.18.53/32 brd 172.16.18.53 scope global eth:0

[[email protected] keepalived]# yum install -yipvsadm                        (安装IPVSADM)

[[email protected] keepalived]#  yum install -y ipvsadm

[[email protected] keepalived]# touch down

[[email protected] keepalived]# ipvsadm -L –n  (查看   )

IP Virtual Server version1.2.1 (size=4096)

Prot LocalAddress:PortScheduler Flags

-> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  172.16.18.53:80 rr

-> 172.16.18.30:80              Route   1     0          0

[[email protected] keepalived]# ipvsadm –C                 (删除规则)

[[email protected] keepalived]# rm  down

现在访问http://172.16.18.53/  会显示node3的页面;

关闭node3的httpd服务[[email protected] ~]# service httpd stop

再次访问,http://172.16.18.53/  就会显示node1的页面!

[[email protected] keepalived]# touch down   (创建DOWN文件,现在节点是node2)

再次访问,http://172.16.18.53/  就会显示node2的页面!

[[email protected] ~]# service httpd start   (启用httpd服务)

[[email protected] keepalived]# rm -f down  (删除down文件)

时间: 2024-10-05 01:51:45

Keepalived基本设置及IPVS扩展的相关文章

Keepalived 高可用ipvs和nginx服务

Keepalived 高可用ipvs和nginx服务 ============================================================================ 概述: ============================================================================ 回顾: Virtual Server(虚拟服务器):  1.配置参数: ★虚拟服务器的配置格式: virtual_server I

5 keepalived高可用ipvs(主备模式)

keepalived最初是为了ipvs设计的,实现HA功能.是工作在linux上,实现vrrp协议的软件. vrrp:Virtual Router Redundancy Protocol,虚拟路由冗余协议,解决局域网中配置静态网关出现单点失效现象的路由协议 ipvs实际上是一系列规则,配置即可不需要转移. 轻量级,不需要共享存储时使用. keepalived+nginx keepalived+harproxy ipvs HA 环境:director server :CentOS 6.7 1 yu

基于Keepalived构建高可用集群配置实例(HA Cluster)

什么是集群 简单的讲集群(cluster)就是一组计算机,它们作为一个整体向用户提供一组网络资源.这些单个的计算机系统就是集群的节点(node).一个理想的集群是,用户从来不会意识到集群系统底层的节点,在他/她们看来,集群是一个系统,而非多个计算机系统.并且集群系统的管理员可以随意增加和删改集群系统的节点. 关于更详细的高可用集群我们在后面再做详解,先来说说Keepalived Keepalived是什么 Keepalived是集群管理中保证集群高可用的一个服务软件,其功能类似于heartbea

Keepalived实现高可用Nginx反向代理和基于NAT的LVS及分析

1. 前言 keepalived是一个C语言开发的,能够基于Linux基础架构提供一个HA实现的软件.HA是基于VRRP协议实现,可以为LVS.Nginx.HAProxy等实现的LB提供高可用. 下图是keepalived的软件架构图 主要核心模块: Checkers:负责对Real Server进行健康检查. VRRP栈:实现了VRRP协议,实现了vrrp_sync_group扩展,不依赖于LVS可以独立的使用.例如下面第一个实验keepalived+nginx反代. IPVS Wrapper

Keepalived与LVS

########################Keepalived的工作原理####################说明:1.keepalived是lvs的扩展项目,因此它们之间具备良好的兼容性.这点应该是keepalived部署比其他类似工具能更简洁的原因吧!2.通过对服务器池对象的健康检查,实现对失效机器/服务的故障隔离.3.负载均衡器之间的失败切换failover,是通过VRRPv2(Virtual Router Redundancy Protocol)stack实现的.##VRRP工作

LVS + Keepalived 实现高可用、负载均衡 Web 集群

简介: LVS 是 Linux Virtual Server 的简写,Linux 虚拟服务器的意思,是一个虚拟的服务器集群系统,此项目由章文嵩博士于 1998 年 5 月成立,是中国最早出现的自由软件项目之一. LVS 负载均衡集群系统的优点: 1.提高吞吐量 想获得更高的吞吐量,在 LVS 中只需增加 Real-server 即可,其开销只是线性增长.如选择更换一台更高性能的服务器来获得相当的吞吐量,开销要大很多. 2.冗余 如果 LVS 中某台 Real-server 由于需要升级或其它原因

keepalived的基础讲解

一.keepalived的引入 1.HA基础回顾 HA: heartbeat.corosync keepalived:lvs(director:HA,ipvs rules ,health check,) messger layer coluter resource messger 为那些非HA var提供管理 resource agent 资源:主资源,组资源,克隆资源,主从资源 keepalived 的实现方法: 2.vrrp的基础知识 vrrp:virtual redundent routi

高性能集群软件Keepalived之安装配置篇

一.Keepalived的安装过程 Keepalived的安装非常简单,下面通过源码编译的方式介绍下Keepalived的安装过程.首先打开Keepalived的官方网址http://www.keepalived.org,从中可以下载到各种版本的Keepalived,这里下载的是keepalived-1.2.12.tar.gz.以操作系统环境Centos6.3为例,Keepalived安装步骤如下: [[email protected] app]#tar zxvf keepalived-1.2.

架构之高可用性(HA)集群(Keepalived)

Keepalived简介 Keepalived是Linux下一个轻量级别的高可用解决方案.高可用(High Avalilability,HA),其实两种不同的含义:广义来讲,是指整个系统的高可用行,狭义的来讲就是之主机的冗余和接管, 它与HeartBeat RoseHA 实现相同类似的功能,都可以实现服务或者网络的高可用,但是又有差别,HeartBeat是一个专业的.功能完善的高可用软件,它提供了HA 软件所需的基本功能,比如:心跳检测.资源接管,检测集群中的服务,在集群节点转移共享IP地址的所