Keepalived高可用部署

Posted 2020-10-02

keepalived诞生的目的是为了给ipvs提供高可用性的.

keppalived 服务一般会启动两个进程，一个是vrrp服务和后端服务通信的，一个是checker服务，检测后端real Server健康状况.

邮件服务器：

rhel5:sendmail

rhel6:postfix

keepalived最新版本1.3.5,keepalived配置文件共三部分组成.

global_defs {         #全局配置

notification_email {        #收件人

[email protected]

}

notification_email_from [email protected] 发件人

smtp_server 127.0.01       #发件服务器

smtp_connect_timeout 30        #超时时间

router_id nginx_slave #路由表示，自定义

}

vrrp_script chk_port { #脚本检测名称chk_port

     script "/etc/keepalived/keepalived.jk2.sh" #脚本的路径

     interval 2 #每隔2秒检测一次

     weight -2 #一旦失败，权重减2

}

VRRP状态机，初始化(initialize)时,大家都是backup状态，通过选举产生master.收到startup且优先级是255时，直接定义为master，收到startup且优先级小雨255时，直接定义为backup.

vrrp_instance VI_1 {         #定义虚拟路由和虚拟ip的.VI_1为名称.

state MASTER

        interface eth0

        virtual_router_id 51         #虚拟路由id，一般不大于255

        priority 100 #初始优先级100,值越大优先级越高.

        advert_int 1

    authentication {

        auth_type PASS         #认证机制，明文认证

        auth_pass 1111 #密码

    }

   virtual_ipaddress { #虚拟vip地址

    192.168.30.129

   }

  track_script { #虚拟路由跟踪脚本.

chk_port

}   

}

其他脚本定义使用

vrrp_script chk_file {

    script "[[-f /etc/keepalived/down]] && exit 1 || exit 0"

    interval 1

    weight -2

}

实例：

系统Centos 6.5 

2个node节点：

VIp:192.168.30.131

real server:192.168.30.129   

real server:192.168.30.130

#两台real server 操作：

yum install nginx keepalived -y

#这两台real server 先配置好Nginx，做static server.

[[email protected] keepalived]# cat /etc/nginx/conf.d/admin.conf 

#

# The default server

#

server {

    listen       80 default_server;

    server_name  _;

    # Load configuration files for the default server block.

    include /etc/nginx/default.d/*.conf;

    location / {

root /data/www/;

index.htm index index.html index.php;

    }

}

以示区别/data/www/index.html 亦两台real server 静态页面取ip地址最后1位.

#配置keepalived：

Real Server 192.168.30.129 的keepalived配置文件：

[[email protected] keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
   notification_email {
[email protected] #告警通知
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id nginx_slave#名字可以随便起，标示。
}
vrrp_script chk_port {#检测脚本
     script "/etc/keepalived/keepalived.jk2.sh"
     interval 2#每个2秒运行一次
     weight -2#失败，本机keepalived优先级减2
}
vrrp_instance VI_1 {
    state BACKUP#初始化此节点为backup
    interface eth0#网卡eth0
    virtual_router_id 51#虚拟路由id
    priority 100#优先级，两台优先级可以是一样的，也可以一个高一个低.
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.30.131
    }
track_script {
chk_port
}
}

Real Server 192.168.30.130的配置文件：

[[email protected] keepalived]# cat keepalived.conf 
! Configuration File for keepalived
global_defs {
   notification_email {
[email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id nginx_master标示这是nginx master
}
vrrp_script chk_port {
     script "/etc/keepalived/keepalived.jk2.sh"
     interval 3
     weight -2
}
vrrp_instance VI_1 {
    state MASTER #初始化状态为master,两台real server都可以初始化为BACKUP状态,让它们之间自己选举.
    interface eth0
    virtual_router_id 51
    priority 101#优先级高于从节点
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.30.131
    }
track_script {
chk_port
}
}

检测脚本路径和内容，赋予脚本可执行权限chmod a+x ...：

[[email protected] keepalived]# pwd
/etc/keepalived
[[email protected] keepalived]# cat keepalived.jk2.sh 
#!/bin/bash
ps -C nginx
if [[ $? -eq 0 ]];then
     exit 0
else
     /etc/init.d/nginx restart > /dev/null
     sleep 3
     ps -C nginx
     if [[ $? -eq 0 ]];then
          exit 0
     else
          exit 1
     fi
fi

#此脚本主要判断本地nginx服务如果down 尝试启动1此，还是down就认为本节点下线，vip自动飘值bakcup节点.

#两台real server 启动keepalived服务：

# /etc/init.d/keepalived start

查看keepalived 的log：

[[email protected] conf.d]# tail -f /var/log/messages
Aug  4 14:56:09 haproxy Keepalived[51515]: Starting VRRP child process, pid=51518
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Netlink reflector reports IP 192.168.30.130 added
Aug  4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Netlink reflector reports IP 192.168.30.130 added
Aug  4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Netlink reflector reports IP fe80::20c:29ff:feca:1ae added
Aug  4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Registering Kernel netlink reflector
Aug  4 14:56:09 haproxy Keepalived_healthcheckers[51517]: Registering Kernel netlink command channel
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Netlink reflector reports IP fe80::20c:29ff:feca:1ae added
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering Kernel netlink reflector
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering Kernel netlink command channel
Aug  4 14:56:09 haproxy Keepalived_vrrp[51518]: Registering gratuitous ARP shared channel

 

#查看master的vip地址,ifconfig 看不到，用ip a或者：ip addr show

[[email protected] conf.d]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:ca:01:ae brd ff:ff:ff:ff:ff:ff
    inet 192.168.30.130/24 brd 192.168.30.255 scope global eth0
    inet 192.168.30.131/32 scope global eth0
    inet6 fe80::20c:29ff:feca:1ae/64 scope link 
       valid_lft forever preferred_lft forever

#测试：打开浏览器访问http://192.168.30.131/ ，其中一台nginx 启动失败即可看到演示效果.

本文出自 “蚂蚁” 博客，请务必保留此出处http://215687833.blog.51cto.com/6724358/1955360