Keepalived安装与原理
Posted 胡庚申
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Keepalived安装与原理相关的知识,希望对你有一定的参考价值。
一、概念
Keepalived是Linux下一个轻量级别的高可用解决方案,也是一个基于VRRP 协议来实现的 LVS 服务高可用方案,可以利用其来解决单点故障。一个LVS服务会有2台服务器运行Keepalived,一台为主服务器(MASTER),一台为备份服务器(BACKUP),但是对外表现为一个虚拟IP,主服务器宕机的时候, 备份服务器就会接管虚拟IP,继续提供服务,从而保证了高可用性。Keepalived一般不会单独出现,而是与其它负载均衡技术(如lvs、haproxy、nginx)一起工作来达到集群的高可用。
二、安装过程
keepalived下载地址:
http://www.keepalived.org/download.html
执行命令:
[root@localhost server]# tar -zxvf keepalived-2.2.2.tar.gz
[root@localhost server]# cd keepalived-2.2.2
[root@localhost keepalived-2.2.2]# yum install gcc
[root@localhost keepalived-2.2.2]# yum -y install libnl libnl-devel
[root@localhost keepalived-2.2.2]# ./configure --prefix=/usr/local/keepalived --sysconf=/etc
[root@localhost keepalived-2.2.2]# make && make install
[root@localhost keepalived-2.2.2]# whereis keepalived
[root@localhost keepalived-2.2.2]# cp /root/app/server/keepalived-2.2.2/keepalived/etc/init.d/keepalived /etc/init.d/
[root@localhost etc]# cp /root/app/server/keepalived-2.2.2/keepalived/etc/ sysconfig/keepalived /etc/sysconfig/
[root@localhost etc]# systemctl daemon-reload
[root@localhost etc]# systemctl start keepalived.service
三、修改配置
自动重启nginx配置文件:check_nginx_alive_or_not.sh
[root@localhost etc]# vim check_nginx_alive_or_not.sh
[root@localhost etc]# chmod +x check_nginx_alive_or_not.sh
[root@localhost etc]# ./check_nginx_alive_or_not.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
# 判断nginx是否宕机,如果宕机了,尝试重启
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
# 等待一小会再次检查nginx,如果没有启动成功,则停止keepalived,使其启动备用机
sleep 3
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
kill -9 keepalived
fi
fi
修改keepalived.conf
[root@localhost keepalived]# cd /etc/keepalived
[root@localhost keepalived]# vim keepalived.conf
global_defs {
# 路由id:当前安装keepalived节点主机的标识符,全局唯一
router_id keepalive_192.168.1.8
}
vrrp_script check_nginx_alive{
script "/etc/keepalived/check_nginx_alive_or_not.sh"
interval 2 # 每隔两秒运行上一行脚本
weight 10 # 如果脚本运行失败,则升级权重 +10
}
vrrp_instance VI_1 {
# 表示状态,当前192.168.1.8主节点,MASTER/BACKUP
state MASTER
# 当前实例绑定的网卡
interface enp0s8
# 保证主备节点一致
virtual_router_id 51
# 权重,优先级越高,在MASTER挂掉以后,谁就能成为MASTER
priority 100
# 主备之间同步检查的时间间隔,默认1s
advert_int 1
# 认证授权的密码,防止非法节点的进入
authentication {
auth_type PASS
auth_pass 1111
}
# VIP 虚拟ip
virtual_ipaddress {
# 注意:主备两台的vip都是一样的,绑定到同一个vip
192.168.200.16
}
}
四、实现keepalived双机主备高可用
192.168.1.8主服务器配置文件:
global_defs {
router_id keepalive_192.168.1.8
}
vrrp_script check_nginx_alive{
script "/etc/keepalived/check_nginx_alive_or_not.sh"
interval 2
weight 10
}
vrrp_instance VI_1 {
state MASTER
interface enp0s8
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.16
}
}
192.168.1.16备用服务器配置文件:
global_defs {
router_id keepalive_192.168.1.16
}
vrrp_script check_nginx_alive{
script "/etc/keepalived/check_nginx_alive_or_not.sh"
interval 2
weight 10
}
vrrp_instance VI_1 {
state BACKUP
interface enp0s8
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.16
}
}
五、实现keepalived双主热备
注意!!!需要配置云服务的 DNS 解析配置和负载均衡
192.168.1.8服务器配置文件:
global_defs {
router_id keepalive_192.168.1.8
}
vrrp_script check_nginx_alive{
script "/etc/keepalived/check_nginx_alive_or_not.sh"
interval 2
weight 10
}
vrrp_instance VI_1 {
state MASTER
interface enp0s8
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_nginx_alive # 追踪 nginx 脚本
}
virtual_ipaddress {
192.168.200.16
}
}
vrrp_instance VI_2 {
state BACKUP
interface enp0s8
virtual_router_id 52
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.17
}
}
192.168.1.16服务器配置文件:
global_defs {
router_id keepalive_192.168.1.16
}
vrrp_script check_nginx_alive{
script "/etc/keepalived/check_nginx_alive_or_not.sh"
interval 2
weight 10
}
vrrp_instance VI_1 {
state BACKUP
interface enp0s8
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_nginx_alive # 追踪 nginx 脚本
}
virtual_ipaddress {
192.168.200.16
}
}
vrrp_instance VI_2 {
state MASTER
interface enp0s8
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.17
}
}
六、VRRP协议
Keepalived 是以 VRRP 协议为实现基础的,即虚拟路由冗余协议。
可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master 和多个 backup,master 上面有一个对外提供服务的 VIP(Virtual IP Address)(该路由器所在局域网内其他机器的默认路由为该 vip),master 会发组播,当 backup 收不到 vrrp 包时就认为 master 宕掉了,这时就需要根据 VRRP 的优先级来选举一个 backup 当 master。这样的话就可以保证路由器的高可用了。
七、TCP层已经有keepalive,为什么应用层的Nginx还需要keepalive?
我理解的是,使用TCP的keepalive的保证传输层连接的可用性,默认配置都是2小时的检测周期。Nginx的keepalive来保证应用层的连接的可用性。一个在第四层传输层上保证可用性,一个在第七层应用层上保证应用层协议连接的可用性。 有本书里面有提到: 为什么TCP keepalive不能替代应用层心跳?心跳除了说明应用程序还活着(进程还在,网络通畅),更重要的是表明应用程序还能正常工作。而TCP keepalive由操作系统负责探查,即便进程死锁或者阻塞,操作系统也会如常收发TCP keepalive信息,对方无法得知这一异常。
参考:
https://zhuanlan.zhihu.com/p/143295216
https://zhuanlan.zhihu.com/p/73484447
以上是关于Keepalived安装与原理的主要内容,如果未能解决你的问题,请参考以下文章