Keepalived 软件起初是专为LVS负载均衡软件设计的,用来管理并监控LVS集群系统中各个服务节点的状态,后来又加入了可以实现高可用的VRRP功能。因此,Keepalived除了能够管理LVS软件外,还可以作为其他服务(例如:Nginx、Haproxy、MySQL等)的高可用解决方案软件。
Keepalived软件主要是通过VRRP协议实现高可用功能的。VRRP是Virtual Router RedundancyProtocol(虚拟路由器冗余协议)的缩写,VRRP出现的目的就是为了解决静态路由单点故障问题的,它能够保证当个别节点宕机时,整个网络可以不间断地运行。
所以,Keepalived 一方面具有配置管理LVS的功能,同时还具有对LVS下面节点进行健康检查的功能,另一方面也可实现系统网络服务的高可用功能。
keepalived官网
keepalived 有三个重要的功能,分别是:
Keepalived 高可用服务之间的故障切换转移,是通过 VRRP (Virtual Router Redundancy Protocol ,虚拟路由器冗余协议)来实现的。
在 Keepalived 服务正常工作时,主 Master 节点会不断地向备节点发送(多播的方式)心跳消息,用以告诉备 Backup 节点自己还活看,当主 Master 节点发生故障时,就无法发送心跳消息,备节点也就因此无法继续检测到来自主 Master 节点的心跳了,于是调用自身的接管程序,接管主 Master 节点的 IP 资源及服务。而当主 Master 节点恢复时,备 Backup 节点又会释放主节点故障时自身接管的IP资源及服务,恢复到原来的备用角色。
那么,什么是VRRP呢?
VRRP ,全 称 Virtual Router Redundancy Protocol ,中文名为虚拟路由冗余协议 ,VRRP的出现就是为了解决静态踣甶的单点故障问题,VRRP是通过一种竞选机制来将路由的任务交给某台VRRP路由器的。
配置主keepalived
//关闭防火墙 [root@master ~]# systemctl disable --now firewalld [root@master ~]# sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config [root@master ~]# setenforce 0 //安装keepalived [root@master ~]# yum -y install keepalived //查看安装生成的文件 [root@master ~]# rpm -ql keepalived /etc/keepalived /etc/keepalived/keepalived.conf /etc/sysconfig/keepalived /usr/bin/genhash /usr/lib/.build-id /usr/lib/.build-id/6c /usr/lib/systemd/system/keepalived.service /usr/libexec/keepalived /usr/sbin/keepalived //备服务器上安装keepalived [root@slave ~]# yum -y install keepalived //在master上安装nginx [root@master ~]# yum -y install nginx [root@master ~]# cd /usr/share/nginx/html/ [root@master html]# echo ‘master‘ > index.html [root@master html]# systemctl enable --now nginx [root@master html]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:80 [::]:* LISTEN 0 128 [::]:22 [::]:* //在slave上安装nginx [root@slave ~]# yum -y install nginx [root@slave ~]# cd /usr/share/nginx/html/ [root@slave html]# echo ‘slave‘ > index.html [root@slave html]# systemctl enable --now nginx [root@slave html]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:80 [::]:* LISTEN 0 128 [::]:22 [::]:*
[root@master ~]# cd /etc/keepalived/ [root@master keepalived]# ls keepalived.conf [root@master keepalived]# mv keepalived.conf{,.bak} [root@master keepalived]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id lb01 } vrrp_instance VI_1 { state MASTER interface ens160 //这里是修改成本机的网卡名称 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass baozi } virtual_ipaddress { 192.168.30.200 } } virtual_server 192.168.30.200 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.30.131 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.30.132 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@master ~]# systemctl enable --now keepalived
[root@slave ~]# cd /etc/keepalived/ [root@slave keepalived]# ls keepalived.conf [root@slave keepalived]# mv keepalived.conf{,.bak} [root@slave keepalived]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id lb02 } vrrp_instance VI_1 { state BACKUP interface ens160 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass baozi } virtual_ipaddress { 192.168.30.200 } } virtual_server 192.168.30.200 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.30.131 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.30.132 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@slave ~]# systemctl enable --now keepalived
keepalived通过脚本来监控nginx负载均衡机的状态
在master上编写脚本
[root@master ~]# mkdir /scripts [root@master ~]# cd /scripts [root@master scripts]# vim check_n.sh #!/bin/bash nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep ‘\bnginx\b‘|wc -l) if [ $nginx_status -lt 1 ];then systemctl stop keepalived fi [root@master scripts]# chmod +x check_n.sh [root@master scripts]# vim notify.sh #!/bin/bash VIP=$2 sendmail (){ subject="${VIP}‘s server keepalived state is translate" content="`date +‘%F %T‘`: `hostname`‘s state change to master" echo $content | mail -s "$subject" 763342488@qq.com } case "$1" in master) nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep ‘\bnginx\b‘|wc -l) if [ $nginx_status -lt 1 ];then systemctl start nginx fi sendmail ;; backup) nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep ‘\bnginx\b‘|wc -l) if [ $nginx_status -gt 0 ];then systemctl stop nginx fi ;; *) echo "Usage:$0 master|backup VIP" ;; esac [root@master ~]# chmod +x /scripts/notify.sh [root@master ~]# ll 总用量 8 -rwxr-xr-x 1 root root 127 5月 21 12:56 check_n.sh -rwxr-xr-x 1 root root 661 5月 21 12:57 notify.sh
[root@slave ~]# mkdir /scripts [root@slave ~]# vim /scripts/check_n.sh #!/bin/bash nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep ‘\bnginx\b‘|wc -l) if [ $nginx_status -lt 1 ];then systemctl stop keepalived fi [root@slave ~]# vim /scripts/notify.sh #!/bin/bash VIP=$2 sendmail (){ subject="${VIP}‘s server keepalived state is translate" content="`date +‘%F %T‘`: `hostname`‘s state change to master" echo $content | mail -s "$subject" qinghao_yu@163.com } case "$1" in master) nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep ‘\bnginx\b‘|wc -l) if [ $nginx_status -lt 1 ];then systemctl start nginx fi sendmail ;; backup) nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep ‘\bnginx\b‘|wc -l) if [ $nginx_status -gt 0 ];then systemctl stop nginx fi ;; *) echo "Usage:$0 master|backup VIP" ;; esac [root@master ~]# chmod +x /scripts/check_n.sh [root@master ~]# chmod +x /scripts/notify.sh
[root@master ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id lb01 } vrrp_script nginx_check { script "/scripts/check_n.sh" interval 10 weight -20 } vrrp_instance VI_1 { state MASTER interface ens160 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass baozi } virtual_ipaddress { 192.168.30.200 } track_script { nginx_check } notify_master "/scripts/notify.sh master 192.168.100.200" notify_backup "/scripts/notify.sh backup 192.168.100.200" } virtual_server 192.168.30.200 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.30.131 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.30.132 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@master ~]# systemctl restart keepalived
backup无需检测nginx是否正常,当升级为MASTER时启动nginx,当降级为BACKUP时关闭
[root@slave ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { router_id lb02 } vrrp_instance VI_1 { state BACKUP interface ens160 virtual_router_id 51 priority 90 nopreempt advert_int 1 authentication { auth_type PASS auth_pass baozi } virtual_ipaddress { 192.168.30.200 } notify_master "/scripts/notify.sh master 192.168.100.200" notify_backup "/scripts/notify.sh backup 192.168.100.200" } virtual_server 192.168.30.200 80 { delay_loop 6 lb_algo rr lb_kind DR persistence_timeout 50 protocol TCP real_server 192.168.30.131 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.30.132 80 { weight 1 TCP_CHECK { connect_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@slave ~]# systemctl restart keepalived
模拟master挂掉,slave继承.
[root@master ~]# systemctl start keepalived [root@master ~]# systemctl start nginx [root@master ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:80 [::]:* LISTEN 0 128 [::]:22 [::]:* [root@slave ~]# systemctl start keepalived [root@slave ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* //此时客户端正常访问VIP到master [root@client ~]# curl 192.168.30.200 master //模拟master挂掉 [root@master ~]# systemctl stop nginx [root@master ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:22 [::]:* //此时再访问VIP会访问到slave [root@client ~]# curl 192.168.30.200 slave //此时的slave会因为master挂掉,自动上位,启动nginx [root@slave ~]# ss -antl State Recv-Q Send-Q Local Address:Port Peer Address:Port LISTEN 0 128 0.0.0.0:80 0.0.0.0:* LISTEN 0 128 0.0.0.0:22 0.0.0.0:* LISTEN 0 128 [::]:80 [::]:* LISTEN 0 128 [::]:22 [::]:*
原文:https://www.cnblogs.com/cbcbage/p/14802094.html