本文详细介绍Keepalived的安装、配置方法及其实现高可用性的应用案例,包括单主模型、双主模型配置和与LVS结合使用的方法。
Keepalived
keepalived是一个类似于layer3, 4 & 7交换机制的软件,也就是我们平时说的第3层、第4层和第7层交换。
Keepalived的作用是检测服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的服务器从系统中剔除,同时使用其他服务器代替该服务器的工作,当服务器工作正常后Keepalived自动将服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的服务器。
原理基于:VRRP技术(VRRP虚拟路由)
VRRP的优势:
冗余:可以使用多个路由器设备作为LAN客户端的默认网关,大大降低了默认网关成为单点故障的可能性;
负载共享:允许来自LAN客户端的流量由多个路由器设备所共享;
多VRRP组:在一个路由器物理接口上可配置多达255个VRRP组;
多IP地址:基于接口别名在同一个物理接口上配置多个IP地址,从而支持在同一个物理接口上接入多个子网;
抢占:在master故障时允许优先级更高的backup成为master;
通告协议:使用IANA所指定的组播地址224.0.0.18进行VRRP通告;
VRRP追踪:基于接口状态来改变其VRRP优先级来确定最佳的VRRP路由器成为master;
一、安装
keepalived的安装比较简单,再次不做过多介绍。
|
1
2
3
4
5
|
tar
-zxvf keepalived-1.2.7.
tar
.gz
cd
keepalived-1.2.7
.
/configure
--prefix=
/usr/local/keepalived
make
make
install
|
如果想让keepalived关联更多功能,可以参考官方网站的相关介绍:http://www.keepalived.org/
二、配置keepalived
1、配置keepalived为实现haproxy高可用的配置文件示例:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
! Configuration File
for
keepalived
global_defs {
notification_email {
sunshine@foxmail.com
}
notification_email_from kanotify@sunshine.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script
"killall -0 haproxy"
interval 1
weight 2
}
vrrp_script chk_mantaince_down {
script
"[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight 2
}
vrrp_instance VI_1 {
interface eth0
state MASTER
# BACKUP for slave routers
priority 101
# 100 for BACKUP
virtual_router_id 51
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.100.1
/16
dev eth0 label eth0:0
}
track_script {
chk_haproxy
chk_mantaince_down
}
notify_master
"/etc/keepalived/notify.sh master"
notify_backup
"/etc/keepalived/notify.sh backup"
notify_fault
"/etc/keepalived/notify.sh fault"
}
|
注意:
1)上面的state为当前节点的起始状态,通常在master/slave的双节点模型中,其一个默认为MASTER,而别一个默认为BACKUP。
2)priority为当关节点在当前虚拟路由器中的优先级,master的优先级应该大于slave的;
下面是一个notify.sh脚本的简单示例:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
#!/bin/bash
# description: An example of notify script
#
vip=172.16.100.1
contact=
'root@localhost'
Notify() {
mailsubject=
"`hostname` to be $1: $vip floating"
mailbody=
"`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"
echo
$mailbody | mail -s
"$mailsubject"
$contact
}
case
"$1"
in
master)
notify master
/etc/rc
.d
/init
.d
/haproxy
start
exit
0
;;
backup)
notify backup
/etc/rc
.d
/init
.d
/haproxy
restart
exit
0
;;
fault)
notify fault
exit
0
;;
*)
echo
'Usage: `basename $0` {master|backup|fault}'
exit
1
;;
esac
|
2、配置keepalived为实现haproxy高可用的双主模型配置文件示例:
说明:其基本实现思想为创建两个虚拟路由器,并以两个节点互为主从。
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
|
! Configuration File
for
keepalived
global_defs {
notification_email {
sunshine@foxmail.com
}
notification_email_from kanotify@sunshine.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_haproxy {
script
"killall -0 haproxy"
interval 1
weight 2
}
vrrp_script chk_mantaince_down {
script
"[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight 2
}
vrrp_instance VI_1 {
interface eth0
state MASTER
# BACKUP for slave routers
priority 101
# 100 for BACKUP
virtual_router_id 51
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.100.1
/16
dev eth0 label eth0:0
}
track_script {
chk_haproxy
chk_mantaince_down
}
notify_master
"/etc/keepalived/notify.sh master"
notify_backup
"/etc/keepalived/notify.sh backup"
notify_fault
"/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
interface eth0
state BACKUP
# BACKUP for slave routers
priority 100
# 100 for BACKUP
virtual_router_id 52
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.100.2
/16
dev eth0 label eth0:1
}
track_script {
chk_haproxy
chk_mantaince_down
}
}
|
说明:
1)对于VI_1和VI_2来说,两个节点要互为主从关系;
3、LVS + keepalived的实现:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
! Configuration File
for
keepalived
global_defs {
notification_email {
sunshine@foxmail.com
}
notification_email_from kanotify@sunshine.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_schedown {
script
"[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 2
weight -2
}
vrrp_instance VI_1 {
interface eth0
state MASTER
priority 101
virtual_router_id 51
garp_master_delay 1
authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.100.1
/16
dev eth0 label eth0:0
}
track_script {
chk_schedown
}
}
virtual_server 172.16.100.1 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
# sorry_server 192.168.200.200 1358
real_server 172.16.100.11 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.16.100.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
|
如果要使用TCP_CHECK检测各realserver的健康状态,那么,上面关于realserver部分的定义也可以替换为如下内容:
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
|
virtual_server 172.16.100.1 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 300
protocol TCP
sorry_server 127.0.0.1 80
real_server 172.16.100.11 80 {
weight 1
TCP_CHECK {
tcp_port 80
connect_timeout 3
}
}
real_server 172.16.100.12 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
}
}
}
|
说明:其中的sorry_server是用于定义所有realserver均出现故障时所用的服务器。
三、keepalived通知脚本示例:
下面的脚本可以接受选项,其中:
-s, --service SERVICE,...:指定服务脚本名称,当状态切换时可自动启动、重启或关闭此服务;
-a, --address VIP: 指定相关虚拟路由器的VIP地址;
-m, --mode {mm|mb}:指定虚拟路由的模型,mm表示主主,mb表示主备;它们表示相对于同一种服务而方,其VIP的工作类型;
-n, --notify {master|backup|fault}:指定通知的类型,即vrrp角色切换的目标角色;
-h, --help:获取脚本的使用帮助;
|
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
|
#!/bin/bash
# description: An example of notify script
# Usage: notify.sh -m|--mode {mm|mb} -s|--service SERVICE1,... -a|--address VIP -n|--notify {master|backup|falut} -h|--help
helpflag=0
serviceflag=0
modeflag=0
addressflag=0
notifyflag=0
contact=
'root@localhost'
Usage() {
echo
"Usage: notify.sh [-m|--mode {mm|mb}] [-s|--service SERVICE1,...] <-a|--address VIP> <-n|--notify {master|backup|falut}>"
echo
"Usage: notify.sh -h|--help"
}
ParseOptions() {
local
I=1;
if
[ $
# -gt 0 ]; then
while
[ $I -
le
$
# ]; do
case
$1
in
-s|--service)
[ $
# -lt 2 ] && return 3
serviceflag=1
services=(`
echo
$2|
awk
-F
","
'{for(i=1;i<=NF;i++) print $i}'
`)
shift
2 ;;
-h|--help)
helpflag=1
return
0
shift
;;
-a|--address)
[ $
# -lt 2 ] && return 3
addressflag=1
vip=$2
shift
2
;;
-m|--mode)
[ $
# -lt 2 ] && return 3
mode=$2
shift
2
;;
-n|--notify)
[ $
# -lt 2 ] && return 3
notifyflag=1
notify=$2
shift
2
;;
*)
echo
"Wrong options..."
Usage
return
7
;;
esac
done
return
0
fi
}
#workspace=$(dirname $0)
RestartService() {
if
[ ${
#@} -gt 0 ]; then
for
I
in
$@;
do
if
[ -x
/etc/rc
.d
/init
.d/$I ];
then
/etc/rc
.d
/init
.d/$I restart
else
echo
"$I is not a valid service..."
fi
done
fi
}
StopService() {
if
[ ${
#@} -gt 0 ]; then
for
I
in
$@;
do
if
[ -x
/etc/rc
.d
/init
.d/$I ];
then
/etc/rc
.d
/init
.d/$I stop
else
echo
"$I is not a valid service..."
fi
done
fi
}
Notify() {
mailsubject=
"`hostname` to be $1: $vip floating"
mailbody=
"`date '+%F %H:%M:%S'`, vrrp transition, `hostname` changed to be $1."
echo
$mailbody | mail -s
"$mailsubject"
$contact
}
# Main Function
ParseOptions $@
[ $? -
ne
0 ] && Usage &&
exit
5
[ $helpflag -
eq
1 ] && Usage &&
exit
0
if
[ $addressflag -
ne
1 -o $notifyflag -
ne
1 ];
then
Usage
exit
2
fi
mode=${mode:-mb}
case
$notify
in
'master'
)
if
[ $serviceflag -
eq
1 ];
then
RestartService ${services[*]}
fi
Notify master
;;
'backup'
)
if
[ $serviceflag -
eq
1 ];
then
if
[
"$mode"
==
'mb'
];
then
StopService ${services[*]}
else
RestartService ${services[*]}
fi
fi
Notify backup
;;
'fault'
)
Notify fault
;;
*)
Usage
exit
4
;;
esac
|
在keepalived.conf配置文件中,其调用方法如下所示:
notify_master "/etc/keepalived/notify.sh -n master -a 172.16.100.1"
notify_backup "/etc/keepalived/notify.sh -n backup -a 172.16.100.1"
notify_fault "/etc/keepalived/notify.sh -n fault -a 172.16.100.1"
本文转自 SoulMio 51CTO博客,原文链接:http://blog.51cto.com/bovin/1863923,如需转载请自行联系原作者
扫一扫
1202
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
