Keepalived简介
Keepalived基于VRRP协议在服务器之间建立了主备关系,通常称之为高可用对。VRRP中文叫虚拟路由冗余协议,目的是解决静态路由的单点故障问题。高可用对之间通过IP多播的方式进行通信,通过竞争机制确定主备关系,优先级高的为主服务器,主服务优先获得资源提供服务,备服务器处于等待状态,主节点不断向备节点发送VRRP数据包,当主服务器宕机时,备节点接收不到数据包,于是接管所有资源(VIP),对外提供服务。VRRP实现了主备关系建立和高可用对之间的故障切换,VIP实现了IP地址的热迁移,无需重启网卡,从而使得切换更加迅速。
安装Keepalived
yum install keepalived -y rpm -qa keepalived
单实例VIP自动漂移
===lb01===
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
asdftttt@163.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 55
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.12/24 dev eth0 label eth0:1
}
}
/etc/init.d/keepalived start
ip addr | grep 10.0.0.12
===lb02===
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
asdftttt@163.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 55
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.12/24 dev eth0 label eth0:1
}
}
/etc/init.d/keepalived start
ip addr | grep 10.0.0.12
备份服务器创建裂脑检测脚本
裂脑指的是主备服务器上同时存在相同的VIP,原因通常是线路或防火墙导致的无法通信,备份服务器收不到主服务器发送的VRRP数据包即心跳信息,于是接管了服务。 vim /server/scripts/check_split_brain.sh #!/bin/bash #原理:Ping主节点,如果Master没有宕机而Slave出现了VIP,发送裂脑警告。 #收到警告后第一时间查看Master中Keepalived服务是否正常。 #有可能只是keepalived服务宕掉了 lb01_vip=10.0.0.12 lb01_ip=172.16.1.5 while true do ping -c 2 -W 3 $lb01_ip &> /dev/null if [ $? -eq 0 -a `ip addr | grep "$lb01_vip" | wc -l` -eq 1 ];then echo "ha is split brain.warning" else echo "ha is ok" fi sleep 5 done 这个脚本的局限在于当线路问题导致裂脑时,该脚本无法判断,最好在监控服务器上也进行监控
配置Keepalived和服务相关联
vim /server/scripts/chk_nginx_proxy.sh
#!/bin/bash
#keepalived通常只针对服务器,不针对服务,该脚本解决此问题
#当nginx proxy停止,keepalived也停止
if [ `netstat -nutlp | grep nginx | wc -l` -ne 1 ];then
/etc/init.d/keepalived stop
fi
chmod u+x /server/scripts/chk_nginx_proxy.sh
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
asdftttt@163.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb01
}
vrrp_script chk_nginx_proxy {
script "/server/scripts/chk_nginx_proxy.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 55
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.12/24 dev eth0 label eth0:1
}
track_script {
chk_nginx_proxy
}
}
/etc/init.d/keepalived reload
/application/nginx/sbin/nginx -s stop
/etc/init.d/keepalived status
配置多播地址
同一网段有多个高可用对,需要配置不同的多播地址
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
asdftttt@163.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id lb01
vrrp_mcast_group4 224.0.0.19
}
配置指定文件记录日志
vim /etc/sysconfig/keepalived KEEPALIVED_OPTIONS="-D -d -S 0" #-D 详细日志 -d 导出备份 -S 0 指定syslog设备为local0 vim /etc/rsyslog.conf 42 *.info;mail.none;authpriv.none;cron.none;local0.none /var/log/messages 81 local0.* /var/log/keepalived.log /etc/init.d/rsyslog restart