1:简介
它是一个基于VRRP协议来实现的WEB服务高可用方案,可以利用其来避免单点故障。一个WEB服务至少会有2台服务器运行Keepalived,一台为主服务器(MASTER),一台为备份服务器(BACKUP),但是对外表现为一个虚拟IP,主服务器会发送特定的消息给备份服务器,当备份服务器收不到这个消息的时候,即主服务器宕机的时候,备份服务器就会接管虚拟IP,继续提供服务,从而保证了高可用性。
2:下载keepalived
wget http://www.keepalived.org/software/keepalived-1.4.0.tar.gz tar zxf keepalived-1.4.0.tar.gz cd keepalived-1.4.0/ ./configure --sysconf=/etc --with-kernel-dir=/usr/lib/modules/3.10.0-514.26.2.el7.x86_64/
出现警告:
*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
yum -y install libnl libnl-devel
安装完以后重新执行configure
这次出现错误:
configure: error: libnfnetlink headers missing
yum install -y libnfnetlink-devel
重新编译完成后如下
安装
make && make install
至此安装完成
Keepalive 基础HA功能演示
环境部署说明
|
主机名 |
主机ip地址 |
集群角色 |
集群服务 |
虚拟IP地址 |
|
Master |
192.168.1.189 |
Master(主节点) |
HTTPD |
192.168.1.200 |
|
Backup |
192.168.1.226 |
Backup(备用节点) |
HTTPD |
1、下载并编译安装
yum install gcc openssl-devel libnl libnl-devel libnfnetlink-devel -y
wget http://www.keepalived.org/software/keepalived-1.4.0.tar.gz
tar zxf keepalived-1.4.0.tar.gz
cd keepalived-1.4.0/
./configure --sysconf=/etc --with-kernel-dir=/usr/lib/modules/3.10.0-693.11.1.el7.x86_64/
make && make install
#--sysconf 指定配置文件路径 --with-kernel-dir 指定内核
2、修改配置文件(master)
vim / etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { #全局配置 notification_email { #邮件通知 acassen@firewall.loc #多个收件人邮箱 failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc #发件人邮箱 smtp_server 192.168.200.1 # SMTP_SERVER smtp_connect_timeout 30 # 连接超时时间 router_id LVS_DEVEL # specify the name of the LVS director 本地有效 #vrrp_skip_check_adv_addr #vrrp_strict #vrrp_garp_interval 0 #vrrp_gna_interval 0 }
vrrp_script check_httpd { # 定义一个检查方法 对集群中的资源进行监控 script "/etc/keepalived/check_httpd.sh" # 一个脚本检查方法 interval 2 # 检查间隔 second } vrrp_instance VI_1 { # VRRP 实例 实例名 state MASTER # master 模式 interface enp0s3 # 绑定接口 virtual_router_id 80 # 虚拟路由标识, 同一实例下 相同ID priority 100 # 优先级 越大越优 advert_int 2 # master 和 backup 之间检查时间间隔 authentication { auth_type PASS # 认证类型 PASS / AH auth_pass 5211 # 密码, master 和 backup 必须相同 } notify_master "/etc/keepalived/master.sh" # 当成为主模式时候, 执行的脚本 notify_backup "/etc/keepalived/backup.sh" # 当成为 备模式时候, 执行脚本 notify_fault "/etc/keepalived/fault.sh" # 当成为 fault 模式, 执行脚本 track_script { # 跟踪脚本 check_httpd # 脚本名 } virtual_ipaddress { # VIP 192.168.1.200/24 dev enp0s3 } }
Backup配置文件在master 配置文件上修改2处
state BACKUP priority 80
脚本
[root@master keepalived]# cat check_httpd.sh #!/bin/bash killall -0 httpd [root@master keepalived]# cat master.sh #!/bin/bash LOGFILE=/var/log/keepalived-test.log echo "[master]" >> $LOGFILE date >> $LOGFILE [root@master keepalived]# cat backup.sh #!/bin/bash LOGFILE=/var/log/keepalived-test.log echo "[Backup]" >> $LOGFILE date >> $LOGFILE [root@master keepalived]# cat fault.sh #!/bin/bash LOGFILE=/var/log/keepalived-test.log echo "[Fault]" >> $LOGFILE date >> $LOGFILE
开放防火墙端口
firewalld-cmd --zero=public --permanent --add-port=80/tcp firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface enp0s8 --destination 224.0.0.18 --protocol vrrp -j ACCEPT firewall-cmd --reload
测试结果
cat /var/log/keepalived-test.log 观察主备切换结果
cat /var/log/messages 查看主备切换日志 11:42:27 秒检测到http服务停止, 28秒主vrrp进入fault state ,29秒备vrrp进入 master state. ping包测试丢一个包。
