zoukankan      html  css  js  c++  java

  • KeepAlived的实现示例

    KeepAlived的实现示例

    KeepAlived的实现

    	HA Cluster配置准备:
		各节点时间必须同步
			ntp(6), chrony(7)
			1》在centos6上
				ntpdate  172.18.0.1
				vim /etc/ntp.conf
					server  ip地址 iburst   #与谁的服务址进行同步
				service ntpd start
				chkconfig ntpd on
			2》在centos7上
				ntpdate 172.18.0.1
				vim /etc/chrony.conf
					server  ip地址 iburst
				systemctl start chronyd
				systemctl enable chronyd
			3》为什么要先同步时间再去修改配置文件?
				因为如果时间相差的太多是不会同步的,所以必须用ntpdate命令将时间先同步后再去修改配置文件。
				ntpdate命令是暴力同步命令,而服务ntpd和chronyd是弱同步,会进行不断的更新。
		确保iptables 及selinux 不会成为阻碍
		各节点之间可通过主机名互相通信(对KeepAlived 并非必须)建议使用/etc/hosts 文件实现
			1》在centos6上
				vim /etc/sysconfig/network
					HOSTNAME=
				vim  /etc/hosts
					ip地址  HOSTNAME
				退出重新登录
			2》在centos7上
				hostnamectl set-hostname  HOSTNAME
				vim /etc/hosts
					ip地址  HOSTNAME
				退出重新登录
			3》测试,ping HOSTNAME
		各节点之间的root 用户可以基于密钥认证的ssh服务完成互相通信(对KA并非必须)
			1》在centos6和centos7上
				生成密钥对
					ssh-keygen 
				将公钥拷贝给对方
					ssh-copy-id -i id_rsa.pub HOSTNAME(ip地址)
			2》测试,直接使用ssh 登录
		
	keepalived 安装配置:
		CentOS 6.4+ Base源
		程序环境:
			主配置文件:/etc/keepalived/keepalived.conf
			主程序文件:/usr/sbin/keepalived
			Unit File :/usr/lib/systemd/system/keepalived.service
			Unit File 的环境配置文件:/etc/sysconfig/keepalived

    高可用的ipvs 集群示例

    	! Configuration File for keepalived
	global_defs {
		notification_email {
			root@localhost
		}
		notification_email_from keepalived@localhost
		smtp_server 127.0.0.1
		smtp_connect_timeout 30
		router_id node1
		vrrp_mcast_group4 224.0.100.10
	}
	vrrp_instance VI_1 {
		state MASTER
		interface eth0
		virtual_router_id 6
		priority 100
		advert_int 1
		authentication {
			auth_type PASS
			auth_pass 571f97b2
		}
		virtual_ipaddress {
			172.16.0.10/16 dev eth0
		}
		notify_master "/etc/keepalived/notify.sh master"
		notify_backup "/etc/keepalived/notify.sh backup"
		notify_fault "/etc/keepalived/notify.sh fault"
	}
	virtual_server 172.16.0.10 80 {
		delay_loop 3
		lb_algo rr
		lb_kind DR
		protocol TCP
		sorry_server 127.0.0.1 80
		real_server 172.16.0.11 80 {
			weight 1
			HTTP_GET {
				url {
					path /
					status_code 200
				}
			connect_timeout 1
			nb_get_retry 3
			delay_before_retry 1
			}
		}
	real_server 172.16.0.12 80 {
		weight 1
		HTTP_GET {
			url {
				path /
				status_code 200
			}
		connect_timeout 1
		nb_get_retry 3
		delay_before_retry 1
		}
		}
	}

    双主模式的lvs集群,拓扑、实现过程

    	其中一个节点:
	! Configuration File for keepalived
	global_defs {
		notification_email {
			root@localhost
		}
		notification_email_from kaadmin@localhost
		smtp_server 127.0.0.1
		smtp_connect_timeout 30
		router_id node1
		vrrp_mcast_group4 224.0.100.100
	}
	vrrp_instance VI_1 {
		state MASTER
		interface eth0
		virtual_router_id 6
		priority 100
		advert_int 1
		authentication {
			auth_type PASS
			auth_pass f1bf7fde
		}
		virtual_ipaddress {
				172.16.0.80/16 dev eth0 label eth0:0
		}
		track_interface {
				eth0
		}
		notify_master "/etc/keepalived/notify.sh master"
		notify_backup "/etc/keepalived/notify.sh backup"
		notify_fault "/etc/keepalived/notify.sh fault"
	}
	vrrp_instance VI_2 {
		state BACKUP
		interface eth0
		virtual_router_id 8
		priority 98
		advert_int 1
		authentication {
			auth_type PASS
			auth_pass f2bf7ade
		}
		virtual_ipaddress {
			172.16.0.90/16 dev eth0 label eth0:1
		}
		track_interface {
			eth0
		}
		notify_master "/etc/keepalived/notify.sh master"
		notify_backup "/etc/keepalived/notify.sh backup"
		notify_fault "/etc/keepalived/notify.sh fault"
	}
	virtual_server fwmark 3 {
		delay_loop 2
		lb_algo rr
		lb_kind DR
		nat_mask 255.255.0.0
		protocol TCP
		sorry_server 127.0.0.1 80
		real_server 172.16.0.11 80 {
			weight 1
			HTTP_GET {
				url {
					path /
					status_code 200
				}
				connect_timeout 2
				nb_get_retry 3
				delay_before_retry 3
			}
		}
	real_server 172.16.0.12 80 {
		weight 1
		HTTP_GET {
			url {
				path /
				status_code 200
			}
			connect_timeout 2
			nb_get_retry 3
			delay_before_retry 3
		}
		}
	}

    keepalived 调用脚本进行资源监控

    	keepalived 调用外部的辅助脚本进行资源监控,并根据监控的结果状态能实现优先动态调整。
	vrrp_script:
		自定义一个资源监控脚本或服务监控脚本,脚本可以返回成功或失败的值,vrrp实例脚本根据脚本返回的状态修改调度。
		公共定义,可被多个实例调用,定义在vrrp 实例之外。
	track_script:
		调用vrrp_script 定义的脚本去监控资源,定义在实例之内,调用事先定义的vrrp_script。
		调用跟踪脚本,使当前调度器减去一定的数值,使其优化级低于master配置。
	分两步:(1) 先定义一个脚本;(2)调用此脚本
		vrrp_script <SCRIPT_NAME> {
			script ""
			interval INT
			weight -INT
		}
		track_script {
			SCRIPT_NAME_1
			SCRIPT_NAME_2
		}

    高可用的nginx

    	! Configuration File for keepalived
	global_defs {
		notification_email {
			root@localhost
		}
		notification_email_from keepalived@localhost
		smtp_server 127.0.0.1
		smtp_connect_timeout 30
		router_id node1
		vrrp_mcast_group4 224.0.100.100
	}
	vrrp_script chk_down {
		script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
		interval 1
		weight -20
	}
	vrrp_script chk_nginx {
		script "killall -0 nginx && exit 0 || exit 1"
		interval 1
		weight -20
		fall 2      #2 次检测失败为失败
		rise 1      #1 次检测成功为成功
	}
	vrrp_instance VI_1 {
		state MASTER
		interface eth0
		virtual_router_id 14
		priority 100
		advert_int 1
		authentication {
			auth_type PASS
			auth_pass 571f97b2
		}
		virtual_ipaddress {
			172.18.0.93/16 dev eth0
		}
		track_script {
			chk_down
			chk_nginx
		}
		notify_master "/etc/keepalived/notify.sh master"
		notify_backup "/etc/keepalived/notify.sh backup"
		notify_fault "/etc/keepalived/notify.sh fault"
	}

    同步组

    	LVS NAT模型VIP 和DIP需要同步,需要同步组
	vrrp_sync_group VG_1 {
		group {
			VI_1    # name of vrrp_instance (below)
			VI_2    # One for each moveable IP.
		}
	}
	vrrp_instance VI_1 {
		eth0
		vip
	}
	vrrp_instance VI_2 {
		eth1
		dip
	}
  • 相关阅读:
    UML类图学习总结
    Java和C# RSA加解密相互通信和使用公钥加密传输
    C#des加密算法指定键的大小对于此算法无效
    WCF--找不到具有绑定 BasicHttpBinding 的终结点的与方案 https 匹配的基址。注册的基址方案是 [http]。
    IIS7 使用server farms 进行负载均衡
    iis7 未注册framework4 导致 莫名的404错误
    启用代理导致 有道云笔记未知错误、网络错误和OneDrive断线
    AspNetCore发布到Centos7
    c# 操作临时数据---XML操作
    c# 获取程序目录
  • 原文地址:https://www.cnblogs.com/shenxm/p/8463209.html
Copyright © 2011-2022 走看看