keepalived

keepalived是高可用的基础,是解决单点问题的核心手段。

这张图是使用keepalived去掉nginx单点瓶颈的拓扑图。keepalived具备在机器网卡上动态绑定一个VIP的能力,上图中director1和director2这两台机器主备,在这两台机器上绑定VIP是192.168.8.30。当请求经过网关转发给192.168.8.30,其实只会发给director1,此时director2没有绑定VIP。director1和director2通过组播发送心跳,当director2检查到director1心跳停掉了,会立刻绑定VIP。当director1恢复,director2会自动解绑VIP,退居二线。所以我们常说VIP漂移,其实就是机器主动绑定VIP的过程。

一、准备机器和测试代码

@RestController
public class HelloController {
   
    @RequestMapping("/")
    public String index() {
        return "Greetings from Spring Boot!";
    }

    @RequestMapping("ip")
    public List<String> getIpList() throws SocketException {
        return IpUtil.getIp();
    }

}

spring boot项目:https://download.youkuaiyun.com/download/weixin_37893887/10762948

准备两台机器:192.168.199.144、192.168.199.145,这两台机器上分别安装上面的jar包,并且设置开机自启动。开机自启动方式有很多种,建议使用supervisor,文章参考:https://blog.youkuaiyun.com/weixin_37893887/article/details/83588997

添加VIP:192.168.199.146,192.168.199.144是master,192.168.199.1445是backup。

二、安装keepalived

-------------------------------直接使用apt安装----------------------------------------
root@ubuntu:/usr/etc/sysconfig# apt install keepalived
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following additional packages will be installed:
  ipvsadm libnl-route-3-200 libsensors4 libsnmp-base libsnmp30
Suggested packages:
  heartbeat ldirectord lm-sensors snmp-mibs-downloader
The following NEW packages will be installed:
  ipvsadm keepalived libnl-route-3-200 libsensors4 libsnmp-base libsnmp30
0 upgraded, 6 newly installed, 0 to remove and 11 not upgraded.
Need to get 1,429 kB of archives.
After this operation, 5,570 kB of additional disk space will be used.
Do you want to continue? [Y/n] y

这里直接使用apt安装,如果使用源码安装相对来说较为麻烦:

xuanchi@ubuntu:~/keepalived$ wget http://www.keepalived.org/software/keepalived-2.0.8.tar.gz
--2018-11-03 07:15:45--  http://www.keepalived.org/software/keepalived-2.0.8.tar.gz
Resolving www.keepalived.org (www.keepalived.org)... 37.59.63.157, 2001:41d0:8:7a9d::1
Connecting to www.keepalived.org (www.keepalived.org)|37.59.63.157|:80... connected.

xuanchi@ubuntu:~/keepalived$ tar -zxvf keepalived-2.0.8.tar.gz
keepalived-2.0.8/
keepalived-2.0.8/install-sh
keepalived-2.0.8/missing
keepalived-2.0.8/compile
keepalived-2.0.8/Makefile.in
keepalived-2.0.8/bin_install/
keepalived-2.0.8/bin_install/Makefile.in
keepalived-2.0.8/bin_install/Makefile.am

安装依赖
apt-get install libssl-dev  
apt-get install openssl  
apt-get install libpopt-dev

root@ubuntu:/home/xuanchi/keepalived/keepalived-2.0.8# ./configure --prefix=/usrchecking for a BSD-compatible install... /usr/bin/install -c
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /bin/mkdir -p
checking for gawk... no
checking for mawk... mawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking whether make supports nested variables... (cached) yes
checking for pkg-config... no

最后执行
make & make install

使用源码安装的好处是keepalived提供很多demo配置供我们参考,这里列两个:

!sample-1: keepalived直接作为代理
! Configuration File for keepalived
global_defs {
   notification_email {
     acassen
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
virtual_server 192.168.200.100 443 {
    delay_loop 6
    lb_algo rr
    lb_kind NAT
    persistence_timeout 50
    protocol TCP
    real_server 192.168.201.100 443 {
        weight 1
        SSL_GET {
            url {
              path /
              digest ff20ad2481f97b1754ef3e12ecd3a9cc
            }
            connect_port    444
            connect_timeout 3
            retry 3
            delay_before_retry 3
        }
    }
}
!sample2:使用keepalived作为VIP,实现高可用
! Configuration File for keepalived
global_defs {
   notification_email {
     acassen
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    garp_master_delay 10
    smtp_alert
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.16
        192.168.200.17
        192.168.200.18
        # optional label. should be of the form "realdev:sometext" for
        # compatibility with ifconfig.
        192.168.200.18 label eth0:1
    }
}
vrrp_instance VI_2 {
    interface eth0
    smtp_alert
    virtual_router_id 50
    priority 50
    advert_int 1
    virtual_ipaddress {
        192.168.200.13
        192.168.200.14
        192.168.200.15
    }
}
vrrp_instance VI_3 {
    state MASTER
    interface eth1
    smtp_alert
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.201.13
        192.168.201.14
        192.168.201.15
    }
}
vrrp_instance VI_4 {
    interface eth1
    smtp_alert
    virtual_router_id 53
    priority 50
    advert_int 1
    virtual_ipaddress {
        192.168.201.16
        192.168.201.17
        192.168.201.18
    }
}

以下操作均以使用apt安装。配置文件路径:/etc/keepalived/keepalived.conf

192.168.19.144配置:

! Configuration File for keepalived
global_defs {
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state MASTER
    interface ens33
    garp_master_delay 10
    virtual_router_id 50
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.199.146
    }
}

192.168.19.145配置:

! Configuration File for keepalived
global_defs {
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    interface ens33
    garp_master_delay 10
    virtual_router_id 50
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.199.146
    }
}

启动keepalived:

systemctl ststus keepalived
systemctl start keepalived

三、测试以及故障演练

1. 测试

GET http://192.168.199.144:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:16:11 GMT

[
  "192.168.199.146",
  "192.168.199.144"
]

Response code: 200; Time: 502ms; Content length: 37 bytes

GET http://192.168.199.145:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:16:21 GMT

[
  "192.168.199.145"
]

Response code: 200; Time: 14ms; Content length: 19 bytes

GET http://192.168.199.146:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:16:31 GMT

[
  "192.168.199.146",
  "192.168.199.144"
]

Response code: 200; Time: 22ms; Content length: 37 bytes

这里发现192.168.199.146已经绑定在192.168.199.144这台机器的网卡下。现在停掉master:

GET http://192.168.199.144:8080/ip

HTTP Request was interrupted

GET http://192.168.199.145:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:19:13 GMT

[
  "192.168.199.146",
  "192.168.199.145"
]

Response code: 200; Time: 23ms; Content length: 37 bytes

GET http://192.168.199.146:8080/ip

HTTP/1.1 200
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Sat, 03 Nov 2018 15:19:22 GMT

[
  "192.168.199.146",
  "192.168.199.145"
]

Response code: 200; Time: 14ms; Content length: 37 bytes

当前VIP绑在了192.168.199.145这台机器上。重启再测,VIP绑在192.168.199.144机器上,同样正常,说明使用keepalived效果达到预期目标。

<think>嗯,用户让我介绍一下Keepalived。我需要先回忆一下相关知识,确保信息准确。首先,Keepalived是一个用于实现高可用性和负载均衡的开源软件对吧?它基于VRRP协议,主要用在Linux环境下。 用户可能是系统管理员或者开发人员,想要了解如何提高他们服务器的高可用性。他们可能想知道Keepalived的基本功能、工作原理以及实际应用场景。需要分步骤解释,结构清晰。 首先,应该介绍Keepalived的核心功能,比如高可用性和负载均衡。然后解释VRRP协议,这是Keepalived的基础。接着,说明它的工作原理,比如主备切换机制和健康检查。这部分需要详细一点,因为用户可能关心故障转移的过程。 然后,应用场景方面,可以举Web服务器、数据库和负载均衡器的例子。这些是常见的用途,用户可能更容易理解。还要提到它的优势,比如轻量级、配置简单、稳定性高,以及与LVS的结合使用,这对负载均衡很重要。 使用方式部分,可能需要提到安装步骤和配置文件的结构,比如global_defs、vrrp_instance和virtual_server这些块。但不需要太深入,保持概述级别即可。 注意事项方面,确保用户知道需要避免脑裂问题,配置正确的健康检查,网络环境的稳定性,以及防火墙设置。这些都是实际部署中容易遇到的问题,用户可能会遇到。 最后,总结一下Keepalived的适用场景和好处,让用户有个整体的认识。要确保语言简洁,避免技术术语过多,但也要准确。检查是否有遗漏的关键点,比如是否提到了TCP_CHECK和HTTP_GET这些健康检查方式?还有VRRP的虚拟路由器ID和虚拟IP地址,这些在配置中是必须的。 需要确认所有技术术语都有解释,比如VRRP的全称,以及脑裂问题的定义。可能用户不太清楚这些术语,所以需要用简单的中文说明。同时,保持段落不要太长,用分点的方式让结构更清晰。 另外,用户提到要使用中文回答,并且数学公式用$...$,不过这个问题可能不需要数学公式,但还是要留意是否有地方可能需要用到。比如在负载均衡算法中如果有数学表达式,但Keepalived通常不涉及复杂的数学,所以可能不需要。 检查LaTeX格式是否符合要求,但当前内容里没有数学公式,所以没问题。最后确保回答真实可靠,引用正确的信息和常见用法,避免错误。比如Keepalived确实常与LVS结合使用,健康检查的方式也是正确的。 总结一下,回答的结构应该是:概述、核心功能、工作原理、应用场景、优势、使用方式、注意事项和总结。每个部分用分点或子标题,帮助用户逐步理解。确保语言流畅,信息准确,没有技术错误。</think>### Keepalived 介绍 #### 1. **概述** **Keepalived** 是一款基于 **VRRP(Virtual Router Redundancy Protocol,虚拟路由冗余协议)** 的开源工具,主要用于实现 **服务高可用性(HA)** 和 **负载均衡**。它通过虚拟IP(VIP)和健康检查机制,确保服务在服务器故障时无缝切换,提升系统可靠性。 --- #### 2. **核心功能** - **高可用性(HA)** 通过 **主备(Master-Backup)模式** 实现故障转移。当主节点不可用时,备用节点自动接管虚拟IP,确保服务持续运行。 - **负载均衡** 可与 **LVS(Linux Virtual Server)** 集成,提供基于 Layer 4(传输层)的负载均衡,支持轮询、加权等算法。 --- #### 3. **工作原理** - **VRRP 协议** 多台服务器组成一个虚拟路由器组,共享一个虚拟IP。主节点周期性发送心跳包,若备用节点未收到心跳,则触发选举新主节点。 - **健康检查** Keepalived 通过自定义脚本或内置检查(如 TCP/HTTP 检测)监控服务状态。若服务异常,自动触发故障转移。 --- #### 4. **典型应用场景** - **Web 服务器集群** 通过 VIP 实现 Web 服务的高可用,避免单点故障。 - **数据库主从切换** 主数据库故障时,VIP 漂移到从库,保证数据库可访问。 - **负载均衡器容灾** 多台 LVS 负载均衡器通过 Keepalived 实现冗余。 --- #### 5. **优势** - **轻量级**:资源占用低,适合嵌入式系统。 - **配置简单**:通过配置文件定义虚拟路由器和健康检查规则。 - **稳定性高**:广泛用于生产环境,社区支持成熟。 --- #### 6. **基本使用方式** 1. **安装** ```bash # Ubuntu/Debian sudo apt install keepalived # CentOS/RHEL sudo yum install keepalived ``` 2. **配置文件(`keepalived.conf`)** ```conf global_defs { router_id LVS_MASTER # 节点唯一标识 } vrrp_instance VI_1 { state MASTER # 主节点为MASTER,备节点为BACKUP interface eth0 # 绑定网卡 virtual_router_id 51 # 虚拟路由ID(同一组需相同) priority 100 # 优先级(主节点高于备节点) advert_int 1 # 心跳间隔(秒) virtual_ipaddress { 192.168.1.100 # 虚拟IP } } ``` --- #### 7. **注意事项** - **脑裂问题**:需确保网络稳定,避免主备节点因网络隔离同时接管VIP。 - **健康检查配置**:需根据服务特性定义检查脚本或协议(如 `TCP_CHECK`、`HTTP_GET`)。 - **网络环境**:确保组播或单播通信正常(依赖 VRRP 协议传输心跳)。 --- #### 8. **总结** Keepalived 是构建高可用集群的核心工具之一,适用于需 **故障自动切换** 或 **负载均衡** 的场景。通过合理配置 VIP 和健康检查,可显著提升服务的可靠性和连续性。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值