keepalived

###

1、keepalived软件能干什么

Keepalived软件起初是专为LVS负载均衡软件设计的，
用来管理并监控LVS集群系统中各个服务节点的状态，后来又加入了可以实现高可用的VRRP功能

①. 管理LVS负载均衡软件
②. 实现对LVS集群节点健康检查功能 
③. 作为系统网络服务的高可用功能

2、keepalived软件工作原理

1）VRRP协议，全称Virtual Router Redundancy Protocol，中文名为虚拟路由冗余协议，VRRP的出现是为了解决静态路由的单点故障。
2）VRRP是用过IP多播的方式（默认多播地址（224.0.0.18））实现高可用对之间通信的。
3）工作时主节点发包，备节点接包，当备节点接收不到主节点发的数据包的时候，就启动接管程序接管主节点的资源。备节点可以有多个，通过优先级竞选，但一般Keepalived系统运维工作中都是一对。

3、环境配置

web01+lb01    192.168.2.140[root@test01 ~]
web02+lb02    192.168.2.141[root@test02 ~]

4、部署keepalived

4.1、查看服务器ip信息

[root@test01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:c0:74:21 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.140/24 brd 192.168.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fec0:7421/64 scope link 
       valid_lft forever preferred_lft forever

[root@test02 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:c0:74:21 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.141/24 brd 192.168.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fec0:7421/64 scope link 
       valid_lft forever preferred_lft forever

4.2、安装keepalived

#【test01、test02服务器都需要操作】
yum install -y keepalived
cd /etc/keepalived/
cp keepalived.conf{,_bak}

4.3、主服务器keepalived配置文件【test01服务器】

[root@test01 ~]# cat > /etc/keepalived/keepalived.conf<<EOF
! Configuration File for keepalived
global_defs {
    router_id LVS_01
}
# vrrp_instance，实例名出自实例组group所包含的那些名字。  
vrrp_instance VI_1 {     # 定义keepalived实例信息，主备节点实例标识相同
    state MASTER         # 定义实例中主备状态角色（MASTER/BACKUP）
interface eth0           # 设置主备服务器IP地址防止网卡位置
    virtual_router_id 51 # 虚拟路由ID标识，不同实例不同，主备相同
    priority 150         # 优先级，高优先级竞选为master
    advert_int 1         # 检查间隔，默认1秒
    authentication {     # 主备之间通过认证建立连接
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {   # 定义主备服务器之间使用的虚拟IP，可多设，每行一个
      192.168.2.210/24
    }
}
#虚拟服务器virtual_server定义块 ，虚拟服务器定义是keepalived框架最重要的项目了，是keepalived.conf必不可少的部分。 该部分是用来管理LVS的，是实现keepalive和LVS相结合的模块。
#ipvsadm命令可以实现的管理在这里都可以通过参数配置实现，注意：real_server是被包含在viyual_server模块中的，是子模块。
virtual_server 192.168.2.210 80 {       # 定义对外提供服务的LVS的VIP以及port
    delay_loop 6                        # 设置健康检查时间，单位是秒
    lb_algo wrr                         # lvs调度算法rr|wrr|lc|wlc|lblc|sh|dh 
    lb_kind DR                          # 负载均衡转发规则NAT|DR|RUN 
    nat_mask 255.255.255.0 
    persistence_timeout 50              # 会话保持时间

    protocol TCP                        # 指定转发协议类型，有TCP和UDP两种
    real_server 192.168.2.140 80 {      # 指定real server1的IP地址【监控192.168.2.140服务器80端口】
        weight 1
        TCP_CHECK {
          connect_timeout 8     # 连接超时时间
          nb_get_retry 3        # 重连次数
          delay_before_retry 3  # 重连间隔时间
          connect_port 80       #健康检查的端口

        }
    }
    real_server 192.168.2.141 80 {
        weight 1
        TCP_CHECK {
          connect_timeout 8
          nb_get_retry 3
          delay_before_retry 3
          connect_port 80
        }
    }
}
EOF

4.4、从服务器keeplived配置文件【test02】

[root@test02 ~]# cat > /etc/keepalived/keepalived.conf<<EOF
! Configuration File for keepalived
global_defs {
    router_id LVS_02
}
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
      192.168.2.210/24
    }
}
virtual_server 192.168.2.210 80 {
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    nat_mask 255.255.255.0
    persistence_timeout 50
    protocol TCP
    real_server 192.168.2.140 80 {
        weight 1
        TCP_CHECK {
          connect_timeout 8
          nb_get_retry 3
          delay_before_retry 3
          connect_port 80 
        }
    }
    real_server 192.168.2.141 80 {
        weight 1
        TCP_CHECK {
          connect_timeout 8
          nb_get_retry 3
          delay_before_retry 3
          connect_port 80
        }
    }
}
EOF

4.5、启动keepalived

systemctl start keepalived.service

4.6、查看服务器虚拟ip

[root@test01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d6:8f:8e brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.140/24 brd 192.168.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 192.168.2.210/24 scope global secondary eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fed6:8f8e/64 scope link 
       valid_lft forever preferred_lft forever

[root@test02 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:c0:74:21 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.141/24 brd 192.168.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fec0:7421/64 scope link 
       valid_lft forever preferred_lft forever

5、测试keepalived

5.1、停止主服务器keepalived

[root@test01 ~]# systemctl stop keepalived

5.2、查看虚拟ip情况

[root@test01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d6:8f:8e brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.140/24 brd 192.168.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fed6:8f8e/64 scope link 
       valid_lft forever preferred_lft forever

[root@test02 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:c0:74:21 brd ff:ff:ff:ff:ff:ff
    inet 192.168.2.141/24 brd 192.168.2.255 scope global eth0
       valid_lft forever preferred_lft forever
    inet 192.168.2.210/24 scope global secondary eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fec0:7421/64 scope link 
       valid_lft forever preferred_lft forever

###