点击上方“IT那活儿”公众号--专注于企业全栈运维技术分享,不管IT什么活儿,干就完了!!!
1.1 keepalived脑裂
1.2 解决方案
2.1 VRRP协议
2.2 工作原理
2.3 核心三模块
core模块为keepalived的核心,负责主进程的启动、维护以及全局配置文件的加载和解析; check负责健康检查,包括常见的各种检查方式; vrrp模块是来实现VRRP协议的。
3.1 keepalived+nginx集群部署
web1: 11.11.11.137 web2: 11.11.11.138 vip: 11.11.11.222 client: 11.11.11.140
yum -y install nginx
echo "<h1>137<h1>" >/usr/share/nginx/html/index.html
sed -ri /^SELINUX=/cSELINUX=disabled /etc/selinux/config && setenforce 0
systemctl stop firewalld && systemctl disable firewalldyum -y install keepalived
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Director1
}
#vrrp_script chk_nginx {
# script "/etc/keepalived/ck_ng.sh"
# interval 2
# weight -5
# fall 3
#}
vrrp_instance VI_1 {
state MASTER
interface ens33
mcast_src_ip 11.11.11.137
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
11.11.11.222/24
}
# track_script {
# chk_nginx
# }
}scp /etc/keepalived/keepalived.conf root@11.11.11.138:/etc/keepalived/state MASTER改为 state BACKUP
mcast_src_ip 11.11.11.137 改为 mcast_src_ip 11.11.11.138
priority 100 改为priority 99curl 11.11.11.222 # vip
<h1>137<h1>curl 11.11.11.222
<h1>138<h1> # 自动切换到web2页面cat /etc/keepalived/ck_ng.sh # 守护脚本
#!/bin/bash
#检查nginx进程是否存在
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
#尝试启动一次nginx,停止5秒后再次检测
systemctl restart nginx
sleep 5
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
#如果启动没成功,就杀掉keepalive触发主备切换
systemctl stop keepalived
fi
fi
chmod a+x /etc/keepalived/ck_ng.sh # 可执行权限
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived # 默认规则 必须要首行写
# 第一部分:全局定义块
global_defs {
notification_email {
root@localhost # 指定keepalived在发生切换时需要发送email地址
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Director1 # 运行keepalived机器的一个标识 集群内唯一
}
# 健康检查
vrrp_script chk_nginx { # nginx守护脚本
script "/etc/keepalived/ck_ng.sh" # 检查脚本 绝对路径
interval 2 # 检查频率 每2s检查一次
weight -5 # 失败三次 权值减5
fall 3
}
# 实例配置
vrrp_instance VI_1 { # 实例VI_1
state MASTER # 主 keepalived
interface ens33 # 监听网卡
mcast_src_ip 11.11.11.137 # 心跳源地址 host ip
virtual_router_id 51 # 虚拟路由编号 主从一致
priority 100 # 优先级 权值
advert_int 1 # 心跳间隔 可以是毫秒
authentication { # 认证 防止其他设备加入该组
auth_type PASS
auth_pass 1234
}
virtual_ipaddress { # vip
11.11.11.222/24
}
track_script { # 监控nginx服务 脚本
chk_nginx # 名字和 vrrp_script 一致
}
}3.2 keepalived+lvs集群部署
lvs1: 11.11.11.137 lvs2: 11.11.11.138 vip: 11.11.11.222 web1: 11.11.11.139 web2: 11.11.11.140 client: 11.11.11.136
yum -y install keepalived ipvsadm #2台同时安装
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Director1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100 #权值 1-255任意数字
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
11.11.11.222/24 dev ens33 #vip
}
}
virtual_server 11.11.11.222 80 {
delay_loop 3 #轮询时间间隔
lb_algo rr #轮询模式
lb_kind DR #lvs模式
protocol TCP
real_server 11.11.11.139 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 11.11.11.140 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}
scp /etc/keepalived/keepalived.conf root@node-3:/etc/keepalived/state MASTER 改为 state BACKUP; priority 100 改为 priority 80 小于100。
yum -y install nginx
echo web1111111111111 >/usr/share/nginx/html/index.html # 设置主页 直观看出实验结果
ifconfig lo:0 11.11.11.222/32 # 绑定vip
# 配置ARP
echo 1 >/proc/sys/net/ipv4/conf/all/arp_ignore
echo 1 >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo 2 >/proc/sys/net/ipv4/conf/all/arp_announce
echo 2 >/proc/sys/net/ipv4/conf/lo/arp_announcecp /etc/sysconfig/network-scripts/{ifcfg-lo,ifcfg-lo:0}
vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=11.11.11.222
NETMASK=255.255.255.255
ONBOOT=yes
vim /etc/sysctl.conf
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
systemctl start nginx
3)client端测试
curl 11.11.11.222
ipvsadm -L # 查看lvs转发
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP node-2:http rr
-> node-4:http Route 1 0 2
-> 11.11.11.140:http Route 1 0 3
ip a (关闭master的keepalived)
vip 11.11.11.222 在master上 如果master宕机 vip会跳到backup
#关闭web1的nginx
client端 curl 11.11.11.2223.3 keepalived+lvs双主集群部署
lvs1: 11.11.11.137 lvs2: 11.11.11.138 vip: 11.11.11.222 vip: 11.11.11.223 web1: 11.11.11.139 web2: 11.11.11.140 web3: 11.11.11.141 web4: 11.11.11.142 client: 11.11.11.136
vim /etc/keepalived/keepalived.conflvs1为MASTER lvs2为BACKUP 的配置:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Director1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 2
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
11.11.11.222/24 dev ens33
}
}
virtual_server 11.11.11.222 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 11.11.11.139 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 11.11.11.140 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}lvs1为BACKUP lvs2为MASTER 的配置:
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 55
priority 90
advert_int 2
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
11.11.11.223/24 dev ens33
}
}
virtual_server 11.11.11.223 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 11.11.11.139 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 11.11.11.140 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}vim /etc/keepalived/keepalived.conflvs1为MASTER lvs2为BACKUP 的配置:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Director1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 2
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
11.11.11.222/24 dev ens33
}
}
virtual_server 11.11.11.222 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 11.11.11.139 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 11.11.11.140 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}lvs1为BACKUP lvs2为MASTER 的配置:
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 55
priority 100
advert_int 2
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
11.11.11.223/24 dev ens33
}
}
virtual_server 11.11.11.223 80 {
delay_loop 3
lb_algo rr
lb_kind DR
protocol TCP
real_server 11.11.11.141 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 11.11.11.142 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}ifconfig lo:1 11.11.11.223/32 #原来网卡为lo:0 vip为11.11.11.222注:
要有两个实例 VI_1 和 VI_2; 两套集群virtual_router_id要不同,每套主备的virtual_router_id相同; 要有两个vip; 每个MASTER的priority要比BACKUP高。
