----------------------------------
一、前言
二、环境
三、Keepalived体系架构
四、安装Keepalived
五、案例配置
----------------------------------
一、前言
keepalived是一个类似于layer3,4&5交换机制的软件,也就是我们平时说的第3层、第4层和第5层交换。Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。
二、环境
系统:CentOS6.4 32位
软件包:keepalived-1.2.1.tar.gz
Keepalived官网:http://www.keepalived.org/
三、Keepalived体系架构
1)WatchDog 负责监控checkers和VRRP进程的状况。
2)Checkers 负责真实服务器的健康检查healthchecking,是keepalived最主要的功能。换句话说—可以没有VRRP Stack,但健康检查healthchecking是一定要有的。
3)VRRP Stack负责负载均衡器之间失败切换FailOver。如果只用一个负载均衡器,则VRRP不是必须的。
4) IPVS wrapper 用来发送设定的规则到内核ipvs代码。
5) Netlink Reflector 用来设定 vrrp 的vip地址等。
四、安装Keepalived
# yum groupinstall "Additional Development" //安装开发工具 # yum groupinstall "Development tools" # tar -zxvf keepalived-1.2.1.tar.gz -C /usr/local/src/ # cd /usr/local/src/keepalived-1.2.1 # ./cnfigure Keepalived configuration ------------------------ Keepalived version : 1.2.1 Compiler : gcc Compiler flags : -g -O2 Extra Lib : -lpopt -lssl -lcrypto Use IPVS Framework : No //配置出现错误 IPVS sync daemon support : No Use VRRP Framework : Yes Use Debug flags : No 解决方法: # yum install kernel-devel ipvsadm # ln -s /usr/src/kernels/2.6.32-358.el6.i686/ /usr/src/linux # ./cnfigure //再次配置环境 # make //编译 # make install //安装 # cd /usr/local/etc //keepalived默认安装路径 # ll drwxr-xr-x. 3 root root 4096 May 24 00:37 keepalived drwxr-xr-x. 3 root root 4096 May 24 00:29 rc.d drwxr-xr-x. 2 root root 4096 May 24 00:29 sysconfig 配置以系统方式service启动 # cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/ # cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ # mkdir /etc/keepalived # cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ # cp /usr/local/sbin/keepalived /usr/sbin/ # service keepalived start Starting keepalived: [ OK ] # ps aux |grep keepalived root 4809 0.0 0.0 6480 764 ? Ss 00:51 0:00 keepalived -D root 4811 0.2 0.1 6536 1788 ? S 00:51 0:00 keepalived -D root 4812 0.1 0.1 6536 1192 ? S 00:51 0:00 keepalived -D root 4819 0.0 0.0 4356 756 pts/0 S+ 00:52 0:00 grep keepalived
五、案例配置
案例简介:
两台服务器实现高可用web,每台服务器均一张网卡。
(1)前端:当任一服务器的网卡宕掉后,web服务切换到另一web服务器。
(2)后端:当任一服务器的web服务宕掉后,web服务切换到另一web服务器。
1.拓扑图:
IP规划:
MASTER:
eth0:192.168.2.20/24
BACKUP:
eth0:192.168.2.30/24
VIP:192.168.2.10/24
2.MASTER配置:
# cat /etc/keepalived/keepalived.conf //keepalived主配置文档 #guration File for keepalived #global define global_defs { router_id Haweb_1 } vrrp_sync_group VGM { group { VI_HA } } vrrp_script chk_http_port { script "killall -0 httpd" #script "/tcp/127.0.0.1/80" interval 1 } # vvrp_instance define # vrrp_instance VI_HA { state MASTER interface eth1 lvs_sync_daemon_inteface eth1 virtual_router_id 51 priority 100 advert_int 5 authentication { auth_type PASS auth_pass 123456 } track_script { chk_http_port } virtual_ipaddress { 192.168.2.10/24 dev eth1 } } 安装web服务器: # yum install httpd # service httpd start # cd /var/www/html/ # echo "This is Master web.">index.html # service keepalived start //启动keepalived # tail -f /var/log/messages //查看日志状态 May 24 23:32:25 localhost Keepalived_vrrp: VRRP_Group(VGM) Syncing instances to MASTER state
3.BACKUP配置:
# cat /etc/keepalived/keepalived.conf #guration File for keepalived #global define global_defs { router_id Haweb_1 } vrrp_sync_group VGM { group { VI_HA } } vrrp_script chk_http_port { script "killall -0 httpd" # script "/tcp/127.0.0.1/80" interval 1 } # vvrp_instance define # vrrp_instance VI_HA { state BACKUP interface eth2 lvs_sync_daemon_inteface eth2 virtual_router_id 51 priority 90 advert_int 5 authentication { auth_type PASS auth_pass 123456 } track_script { chk_http_port } virtual_ipaddress { 192.168.2.10/24 dev eth2 } } 安装web服务器: # yum install httpd # service httpd start # cd /var/www/html/ # echo "This is Backup web.">index.html # service keepalived start # tail -f /var/log/messages May 24 23:40:33 localhost Keepalived_vrrp: VRRP_Instance(VI_HA) Entering BACKUP STATE
4.测试
(1)前端master服务器的网卡宕掉
# ip addr //master端,查看IP绑定。 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:08:52:3f brd ff:ff:ff:ff:ff:ff inet 192.168.2.20/24 brd 192.168.2.255 scope global eth0 inet 192.168.2.10/24 scope global secondary eth0 inet6 fe80::20c:29ff:fe08:523f/64 scope link valid_lft forever preferred_lft forever
浏览器访问VIP http://192.168.2.10
# ifconfig eth1 down //模拟master端网卡宕掉(模拟后请再次打开) # ip addr //backup端,查看IP绑定。 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:6c:f9:45 brd ff:ff:ff:ff:ff:ff inet 192.168.2.30/24 brd 192.168.2.255 scope global eth0 inet 192.168.2.10/24 scope global secondary eth0 inet6 fe80::20c:29ff:fe6c:f945/64 scope link valid_lft forever preferred_lft forever
刷新页面:
(2)后端web服务宕掉
# ip addr //master端,查看IP绑定。 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:08:52:3f brd ff:ff:ff:ff:ff:ff inet 192.168.2.20/24 brd 192.168.2.255 scope global eth0 inet 192.168.2.10/24 scope global secondary eth0 inet6 fe80::20c:29ff:fe08:523f/64 scope link valid_lft forever preferred_lft forever
浏览器访问VIP http://192.168.2.10
# service httpd stop //模拟master端web服务宕掉 Stopping httpd: [ OK ] # ip addr //backup端,查看IP绑定。 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000 link/ether 00:0c:29:6c:f9:45 brd ff:ff:ff:ff:ff:ff inet 192.168.2.30/24 brd 192.168.2.255 scope global eth0 inet 192.168.2.10/24 scope global secondary eth0 inet6 fe80::20c:29ff:fe6c:f945/64 scope link valid_lft forever preferred_lft forever
刷新页面:
案例总结:
1) 当停止MASTER的网卡或web服务时,由BACKUP接管VIP,提供WEB服务。
2) 当停止BACKUP的网卡或web服务时,由MASTER接管VIP,提供WEB服务。
3)从上可以看出故障切换是由keepalived进程的存活而产生的IP飘移。
ps:关于Keepalived抢占问题如何优化?
两台服务器组成高可用集群,分别处于Master与Backup状态,当Master出现故障时由Backup来接管
所有任务,那么当Master恢复时,Master会抢回所有权。虽然是高可用,但是对客户来说,来回的切换是比较烦恼的事。 如何让master状态的主机挂掉后不抢占的办法:可将两服务器均设成backup状态是因为nopreempt(不抢占)只支持backup模式,而让哪一台backup成为master,这个由优先级priority为决定。