|
一��、keepalived概述��; 二��、設(shè)計(jì)原理�; 三、案例:Keepalived實(shí)現(xiàn)雙機(jī)熱備����; 一、keepalived概述: 概述:keepalived起初為Lvs設(shè)計(jì)的一款強(qiáng)大的輔助工具�,保證Lvs負(fù)載調(diào)度器的故障切換以及web節(jié)點(diǎn)的健康狀態(tài)檢查,后續(xù)被應(yīng)用到很多需要容錯(cuò)的場(chǎng)景下���,keepalived自身基于VRRP協(xié)議--虛擬路由冗余協(xié)議�,思科公有協(xié)議�����; 二�����、設(shè)計(jì)原理: 應(yīng)用場(chǎng)景: 
設(shè)計(jì)模塊:
1.core模塊:為keepalived的核心組件,負(fù)責(zé)主進(jìn)程的啟動(dòng)�����、維護(hù)以及全局配置文件的加載和解析����;
2.check模塊:負(fù)責(zé)real server 節(jié)點(diǎn)池內(nèi)的節(jié)點(diǎn)的健康檢測(cè);
3.VRRP模塊:在master與backup之間執(zhí)行心跳檢測(cè)����; 熱備實(shí)現(xiàn)過(guò)程:將多個(gè)主機(jī)以軟件的方式組成一個(gè)熱備組,通過(guò)共有的虛擬ip(VIP)地址對(duì)外提供服務(wù)�,同一時(shí)刻�����,熱備組中只有一臺(tái)主機(jī)在工作����,別的主機(jī)冗余狀態(tài),當(dāng)當(dāng)前在線的主機(jī)失效時(shí)���,其他冗余的主機(jī)會(huì)自動(dòng)接替虛擬ip地址�,繼續(xù)提供服務(wù),以保證架構(gòu)的穩(wěn)定性�; 三、案例:Keepalived實(shí)現(xiàn)雙機(jī)熱備��; 案例拓?fù)洌?/strong> 
案例環(huán)境: 系統(tǒng)類(lèi)型 | IP地址 | 主機(jī)名 | 所需軟件 | Centos 7.4 1708 64bit | 192.168.100.101 | node1.linuxfan.cn | keepalived-1.2.13.tar.gz | Centos 7.4 1708 64bit | 192.168.100.102 | node2.linuxfan.cn | keepalived-1.2.13.tar.gz |
案例步驟: ?安裝node1節(jié)點(diǎn)上的httpd的服務(wù); ?安裝node2節(jié)點(diǎn)上的httpd的服務(wù); ?在兩臺(tái)node節(jié)點(diǎn)上安裝keepalived軟件程序(兩臺(tái)安裝步驟一致�,在此只列出一臺(tái))�����; ?配置node1上master主節(jié)點(diǎn)���; ?配置node2上backup從節(jié)點(diǎn); ?客戶端訪問(wèn)測(cè)試雙機(jī)熱備的效果��; ?安裝node1節(jié)點(diǎn)上的httpd的服務(wù)����; [root@node1 ~]# yum -y install httpd [root@node1 ~]#cat <>/var/www/html/index.html 192.168.100.101 END [root@node1 ~]# systemctl start httpd [root@node1 ~]# systemctl enable httpd [root@node1 ~]# netstat -utpln |grep 80 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 13891/httpd ?安裝node2節(jié)點(diǎn)上的httpd的服務(wù); [root@node2 ~]# yum -y install httpd [root@node2 ~]#cat <>/var/www/html/index.html 192.168.100.101 END [root@node2 ~]# systemctl start httpd [root@node2 ~]# systemctl enable httpd [root@node2 ~]# netstat -utpln |grep 80 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 13891/httpd ?在兩臺(tái)node節(jié)點(diǎn)上安裝keepalived軟件程序(兩臺(tái)安裝步驟一致�,在此只列出一臺(tái)); [root@node1 ~]# yum -y install kernel-devel openssl-devel popt-devel ##安裝內(nèi)核開(kāi)發(fā)包�����,popt支持庫(kù)等工具���; [root@node1 ~]# tar -zxvf keepalived-1.2.13.tar.gz -C /usr/src/ [root@node1 ~]# cd /usr/src/keepalived-1.2.13/ [root@node1 keepalived-1.2.13]# ./configure --prefix=/usr/local/keepalived [root@node1 keepalived-1.2.13]# make &&make install [root@node1 keepalived-1.2.13]# cd [root@node1 ~]# mkdir -p /etc/keepalived ##程序的主配置目錄 [root@node1 ~]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ ##復(fù)制主配置文件 [root@node1 ~]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ ##復(fù)制啟動(dòng)時(shí)需要加載的配置文件 [root@node1 ~]# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ ##復(fù)制服務(wù)的控制腳本 [root@node1 ~]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ ##復(fù)制keepalived的命令 [root@node1 ~]# chmod 755 /etc/init.d/keepalived ##為控制腳本指定權(quán)限 ?配置node1上master主節(jié)點(diǎn)��; [root@node1 ~]# vi /etc/keepalived/keepalived.conf global_defs { router_id HA_TEST_R1 ##本服務(wù)器的名稱�,若環(huán)境中有多個(gè)keepalived時(shí),此名稱不能一致 } vrrp_instance VI_1 { ##定義VRRP熱備實(shí)例�����,每一個(gè)keep組都不同 state MASTER ##MASTER表示主服務(wù)器 interface eth0 ##承載VIP地址的物理接口 virtual_router_id 1 ##虛擬路由器的ID號(hào)�����,每一個(gè)keep組都不同 priority 100 ##優(yōu)先級(jí)�����,數(shù)值越大優(yōu)先級(jí)越高 advert_int 1 ##通告檢查間隔秒數(shù)(心跳頻率) authentication { ##認(rèn)證信息 auth_type PASS ##認(rèn)證類(lèi)型 auth_pass 123456 ##密碼字串 } virtual_ipaddress { 192.168.100.95 ##指定漂移地址(VIP) } } virtual_server 192.168.100.95 80 { #vip配置 delay_loop 2 #每隔2秒檢查一次real_server狀態(tài) lb_algo wrr ##指定lvs的調(diào)度算法 lb_kind DR ##lvs集群模式 persistence_timeout 60 ##會(huì)話保持時(shí)間 protocol TCP ##選擇協(xié)議 real_server 192.168.100.101 80 { ##本機(jī)地址 weight :3 ##服務(wù)器的權(quán)重 notify_down /etc/keepalived/check.sh ##指定節(jié)點(diǎn)失效后���,采用的腳本��,notify_up表示節(jié)點(diǎn)正常后����,采用的腳本 ##健康檢查方式一共有HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK這些 TCP_CHECK { connect_timeout 10 ##連接超時(shí)時(shí)間 nb_get_retry 3 ##重連次數(shù) delay_before_retry 3 ##重連間隔時(shí)間 connect_port 80 ##健康檢查端口 } } } :wq [root@node1 ~]# vi /etc/keepalived/check.sh #!/bin/bash /etc/init.d/keepalived stop echo -e "$(ip a |grep eth0 |grep inet |awk '{print $2}'|awk -F'/' '{print $1}') (httpd) is down on $(date +%F-%T)" >>/root/check_httpd.log :wq [root@node1 ~]# chmod 777 /etc/keepalived/check.sh [root@node1 ~]# /etc/init.d/keepalived start Starting keepalived (via systemctl): [ 確定 ] [root@node1 ~]# ip a |grep 192.168.100.95 inet 192.168.100.95/32 scope global eth0 ?配置node2上backup從節(jié)點(diǎn)���; [root@node2 ~]# vi /etc/keepalived/keepalived.conf global_defs { router_id HA_TEST_R2 ##本服務(wù)器的名稱 } vrrp_instance VI_1 { state BACKUP ##BACKUP表示從服務(wù)器 interface eth0 virtual_router_id 1 priority 99 ##優(yōu)先級(jí),低于主服務(wù)器 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 192.168.100.95 } } virtual_server 192.168.100.95 80 { ##vip配置 delay_loop 2 ##每隔2秒檢查一次real_server狀態(tài) lb_algo wrr lb_kind DR persistence_timeout 60 ##會(huì)話保持時(shí)間 protocol TCP real_server 192.168.100.102 80 { ##本機(jī)地址 weight :3 notify_down /etc/keepalived/check.sh TCP_CHECK { connect_timeout 10 ##連接超時(shí)時(shí)間 nb_get_retry 3 ##重連次數(shù) delay_before_retry 3 ##重連間隔時(shí)間 connect_port 80 ##健康檢查端口 } } } [root@node2 ~]# vi /etc/keepalived/check.sh #!/bin/bash service keepalived stop echo -e "$(ip a |grep eth0 |grep inet |awk '{print $2}'|awk -F'/' '{print $1}') (httpd) is down on $(date +%F-%T)" >>/root/check_httpd.log :wq [root@node2 ~]# chmod 777 /etc/keepalived/check.sh [root@node2 ~]# /etc/init.d/keepalived start Starting keepalived (via systemctl): [ 確定 ] [root@node2~]# ip a |grep 192.168.100.95 ?客戶端訪問(wèn)測(cè)試雙機(jī)熱備的效果�; 當(dāng)node1與node2均正常狀態(tài): 
當(dāng)node1的httpd服務(wù)關(guān)閉: 
將node1節(jié)點(diǎn)的http和keepalived服務(wù)重新啟動(dòng): 
|
