keepalived

最新推荐文章于 2025-07-15 18:49:27 发布

原创最新推荐文章于 2025-07-15 18:49:27 发布 · 置顶 · 1k 阅读

2 ·

CC 4.0 BY-SA版权

文章标签：

#keepalived #高可用 #VIP #supervisor

架构专栏收录该内容

2 篇文章

订阅专栏

keepalived是高可用的基础，是解决单点问题的核心手段。

这张图是使用keepalived去掉nginx单点瓶颈的拓扑图。keepalived具备在机器网卡上动态绑定一个VIP的能力，上图中director1和director2这两台机器主备，在这两台机器上绑定VIP是192.168.8.30。当请求经过网关转发给192.168.8.30，其实只会发给director1，此时director2没有绑定VIP。director1和director2通过组播发送心跳，当director2检查到director1心跳停掉了，会立刻绑定VIP。当director1恢复，director2会自动解绑VIP，退居二线。所以我们常说VIP漂移，其实就是机器主动绑定VIP的过程。

一、准备机器和测试代码

@RestController
public class HelloController {
   
    @RequestMapping("/")
    public String index() {
        return "Greetings from Spring Boot!";
    }

    @RequestMapping("ip")
    public List<String> getIpList() throws SocketException {
        return IpUtil.getIp();
    }

}

spring boot项目：https://download.youkuaiyun.com/download/weixin_37893887/10762948

准备两台机器：192.168.199.144、192.168.199.145，这两台机器上分别安装上面的jar包，并且设置开机自启动。开机自启动方式有很多种，建议使用supervisor，文章参考：https://blog.youkuaiyun.com/weixin_37893887/article/details/83588997

添加VIP：192.168.199.146，192.168.199.144是master，192.168.199.1445是backup。

二、安装keepalived

-------------------------------直接使用apt安装----------------------------------------
root@ubuntu:/usr/etc/sysconfig# apt install keepalived
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  ipvsadm libnl-route-3-200 libsensors4 libsnmp-base libsnmp30
Suggested packages:
  heartbeat ldirectord lm-sensors snmp-mibs-downloader
The following NEW packages will be installed:
  ipvsadm keepalived libnl-route-3-200 libsensors4 libsnmp-base libsnmp30
0 upgraded, 6 newly installed, 0 to remove and 11 not upgraded.
Need to get 1,429 kB of archives.
After this operation, 5,570 kB of additional disk space will be used.
Do you want to continue? [Y/n] y

这里直接使用apt安装，如果使用源码安装相对来说较为麻烦：

xuanchi@ubuntu:~/keepalived$ wget http://www.keepalived.org/software/keepalived-2.0.8.tar.gz
--2018-11-03 07:15:45--  http://www.keepalived.org/software/keepalived-2.0.8.tar.gz
Resolving www.keepalived.org (www.keepalived.org)... 37.59.63.157, 2001:41d0:8:7a9d::1
Connecting to www.keepalived.org (www.keepalived.org)|37.59.63.157|:80... connected.

xuanchi@ubuntu:~/keepalived$ tar -zxvf keepalived-2.0.8.tar.gz
keepalived-2.0.8/
keepalived-2.0.8/install-sh
keepalived-2.0.8/missing
keepalived-2.0.8/compile
keepalived-2.0.8/Makefile.in
keepalived-2.0.8/bin_install/
keepalived-2.0.8/bin_install/Makefile.in
keepalived-2.0.8/bin_install/Makefile.am

安装依赖
apt-get install libssl-dev  
apt-get install openssl  
apt-get install libpopt-dev

root@ubuntu:/home/xuanchi/keepalived/keepalived-2.0.8# ./configure --prefix=/usrchecking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... no
checking for mawk... mawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking whether make supports nested variables... (cached) yes
checking for pkg-config... no

最后执行
make & make install

使用源码安装的好处是keepalived提供很多demo配置供我们参考，这里列两个：

！sample-1: keepalived直接作为代理
! Configuration File for keepalived
global_defs {
   notification_email {
     acassen
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
virtual_server 192.168.200.100 443 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP
    real_server 192.168.201.100 443 {
        weight 1
        SSL_GET {
            url {
              path /
              digest ff20ad2481f97b1754ef3e12ecd3a9cc
            }
            connect_port    444
            connect_timeout 3
            retry 3
            delay_before_retry 3
        }
    }
}

！sample2：使用keepalived作为VIP，实现高可用
! Configuration File for keepalived
global_defs {
   notification_email {
     acassen
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    garp_master_delay 10
    smtp_alert
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.16
        192.168.200.17
        192.168.200.18
        # optional label. should be of the form "realdev:sometext" for
        # compatibility with ifconfig.
        192.168.200.18 label eth0:1
    }
}
vrrp_instance VI_2 {
    interface eth0
    smtp_alert
    virtual_router_id 50
    priority 50
    advert_int 1
    virtual_ipaddress {
        192.168.200.13
        192.168.200.14
        192.168.200.15
    }
}
vrrp_instance VI_3 {
    state MASTER
    interface eth1
    smtp_alert
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.201.13
        192.168.201.14
        192.168.201.15
    }
}
vrrp_instance VI_4 {
    interface eth1
    smtp_alert
    virtual_router_id 53
    priority 50
    advert_int 1
    virtual_ipaddress {
        192.168.201.16
        192.168.201.17
        192.168.201.18
    }
}

以下操作均以使用apt安装。配置文件路径：/etc/keepalived/keepalived.conf

192.168.19.144配置：

! Configuration File for keepalived
global_defs {
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state MASTER
    interface ens33
    garp_master_delay 10
    virtual_router_id 50
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.199.146
    }
}

192.168.19.145配置：

! Configuration File for keepalived
global_defs {
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    interface ens33
    garp_master_delay 10
    virtual_router_id 50
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.199.146
    }
}

启动keepalived：

systemctl ststus keepalived
systemctl start keepalived

三、测试以及故障演练

1. 测试

GET http://192.168.199.144:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:16:11 GMT

[
  "192.168.199.146",
  "192.168.199.144"
]

Response code: 200; Time: 502ms; Content length: 37 bytes

GET http://192.168.199.145:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:16:21 GMT

[
  "192.168.199.145"
]

Response code: 200; Time: 14ms; Content length: 19 bytes

GET http://192.168.199.146:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:16:31 GMT

[
  "192.168.199.146",
  "192.168.199.144"
]

Response code: 200; Time: 22ms; Content length: 37 bytes

这里发现192.168.199.146已经绑定在192.168.199.144这台机器的网卡下。现在停掉master：

GET http://192.168.199.144:8080/ip

HTTP Request was interrupted

GET http://192.168.199.145:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:19:13 GMT

[
  "192.168.199.146",
  "192.168.199.145"
]

Response code: 200; Time: 23ms; Content length: 37 bytes

GET http://192.168.199.146:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:19:22 GMT

[
  "192.168.199.146",
  "192.168.199.145"
]

Response code: 200; Time: 14ms; Content length: 37 bytes

当前VIP绑在了192.168.199.145这台机器上。重启再测，VIP绑在192.168.199.144机器上，同样正常，说明使用keepalived效果达到预期目标。