keepalived裂脑导致主备无法切换 #yyds干货盘点#

Posted 江晓龙的技术博客

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了keepalived裂脑导致主备无法切换 #yyds干货盘点#相关的知识,希望对你有一定的参考价值。

1.keepalived高可用裂脑

由于某些原因,导致两台keepalived高可用服务器在指定时间内,无法检测到对方的心跳消息,各自取得资源及服务的所有权,而此时的两台高可用服务器又都还或者。

导致裂脑的原因:

​ 1.服务器网线松动等网络故障

​ 2.服务器硬件故障发生损坏现象而崩溃

​ 3.主备都开启firewalld防火墙

​ 4.nginx服务器死掉

2.模拟裂脑案例1-防火墙

双方都开启防火墙

lb01
[root@localhost ~]# systemctl start firewalld.service 
[root@localhost ~]# ip add show dev ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:55:83:b7 brd ff:ff:ff:ff:ff:ff
    inet 192.168.81.210/24 brd 192.168.81.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.81.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe55:83b7/64 scope link 
       valid_lft forever preferred_lft forever

lb02
[root@jxl ~]# systemctl start firewalld.service
[root@jxl ~]# ip add show dev ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:46:66:34 brd ff:ff:ff:ff:ff:ff
    inet 192.168.81.220/24 brd 192.168.81.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.81.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe46:6634/64 scope link 
       valid_lft forever preferred_lft forever

到此会发现双方都抢占了虚拟ip

用wireshare抓包也可以看到,都在争宠

3.解决由于防火墙裂脑的脚本

在备上编写检测脚本,测试如能ping通并且备节点还有VIP的话则认为产生了裂脑

[root@jxl ~]# vim check_keepalived.sh 
lb01=192.168.81.210
vip=192.168.81.100
while true;do
    vip_count=`ip add | grep $vip | wc -l`
    ping -c 2 -W 3 $lb01 &>/dev/null
    if [ $? -eq 0 -a $vip_count -eq 1 ];then
        echo -e "\\033[31mkeepalived is split brain.waringing...\\033[0m"
    else
        echo -e "\\033[32mkeepalived is ok....\\033[0m"
    fi
sleep 5s
done 

4.模拟故障案例2-nginx

在master上停掉nginx即可

5.解决nginx异常而导致主备不能切换

主节点的nginx宕掉后,网页无法打开,虚拟ip也不会漂移
这时我们就需要编写一个检测nginx状态的脚本,并在keepalived中引入
主备keepalive服务器都需要操作
1.编写脚本
[root@localhost ~]# vim check_nginx.sh
#/bin/bash
#检查nginx
while true;do
        nginx_proc_count=`ps -C nginx --no-header | wc -l`
        if [ $nginx_proc_count -eq 0 ];then
                systemctl restart nginx
                if [ $? -eq 0 ];then
                        echo -e "\\033[33mnginx starting....\\033[0m"
                fi
                sleep 5
                nginx_proc_count=`ps -C nginx --no-header | wc -l`
                if [ $nginx_proc_count -eq 0 ];then
                        systemctl stop keepalived
                        echo -e "\\033[33mnginx is error,stop keepalived....\\033[0m"
                        exit 1
                fi
        fi
        sleep 5
done

2.在keepalived中引入脚本
主备keepalive服务器都需要操作
[root@jxl ~]# vim /etc/keepalived/keepalived.con
global_defs 
    router_id lb02


vrrp_script check_web 
    script "/root/check_nginx.sh"   


vrrp_instance VI_1 
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication 
        auth_type PASS
        auth_pass 1111
    
    virtual_ipaddress 
       192.168.81.100
    

    track_script 
        check_web
    

[root@localhost keepalived]# systemctl restart keepalived

以上是关于keepalived裂脑导致主备无法切换 #yyds干货盘点#的主要内容,如果未能解决你的问题,请参考以下文章

MySQL之keepalived高可用

Keepalived实现主备切换

第三节:安装Keepalived 实现自动主备切换

Keepalived中Master和Backup主备切换机制浅析

keepalived实现redis主备切换

keepalived主备切换后的arp问题