一、高可用
-
概念:多台业务系统提供相同的服务,如果其中一套业务系统故障,其他业务系统会自动接管业务;我们将其称为高可用;
-
目的:通常使用keepalived软件实现高可用,keepalived是借助VRRP(虚拟路由冗余协议)实现高可用功能;
-
应用场景:主要用于业务系统,保证业务系统的7x24小时运行;
二、VRRP
1.工作原理
VRRP工作原理.jpg
2.角色
- Master
- Slave
通过结点设置的vrrp优先级选举主从关系;
3.模式
-
抢占式:高优先级结点恢复正常后,自动接管冗余结点业务
-
非抢占式:高优先级结点恢复正常后,不接管冗余结点业务,直到冗余结点发生故障;
三、Keepalived
1.配置文件
- /etc/sysyconfig/keepalived keepalived服务启动参数配置文件
- /etc/keepalived/keepalived.conf keepalived服务配置文件
2.工作原理
四、部署流程
step1 安装 yum install -y keepalived
[root@lb01 ~]# yum install -y keepalived
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
......
Dependencies Resolved
========================================================================================================
Package Arch Version Repository Size
========================================================================================================
......
Installed:
keepalived.x86_64 0:1.3.5-8.el7_6.5
Dependency Installed:
net-snmp-agent-libs.x86_64 1:5.7.2-38.el7_6.2 net-snmp-libs.x86_64 1:5.7.2-38.el7_6.2
Complete!
step2 配置 vim/etc/keepalived/keepalived.conf
[抢占式]
- Master(MASTER)配置
[root@lb01 /etc/keepalived]# vim keepalived.conf
global_defs {
router_id LB01
}
vrrp_instance VI_1 {
state MASTER #定义设备角色
interface eth0 #定义绑定接口
virtual_router_id 51 #定义实例组ID
priority 150 #定义设备优先级
advert_int 3 #定义vrrp组播包宣告时间(3s)
authentication { #定义vrrp验证
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { #定义vrrp虚拟IP地址
10.0.0.13
}
Slave(BACKUP)配置
[root@lb02 /etc/keepalived]# vim keepalived.conf
global_defs {
router_id LB02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 3
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.13
}
}
[非抢占式]
官方建议:Keepalived设置为非抢占模式;避免业务频繁切换至不同的主机;
1、两个结点state都必须配置为BACKUP
2、两个结点都在vrrp instance中添加nopreempt参数
3、其中一个结点优先级必须高于另外一个结点两台服务器都启用nopreempt后,必须修改角色状态统一为BACKUP,唯一的区分就是优先级
- Master(BACKUP)配置
[root@lb01 /etc/keepalived]# vim /etc/keepalived/keepalived.conf
global_defs {
router_id LB01
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
nopreempt #开启非抢占模式
priority 150
advert_int 3
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.13
}
}
Slave(BACKUP)配置
[root@lb02 /etc/keepalived]# vim keepalived.conf
global_defs {
router_id LB02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
nopreempt
advert_int 3
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.13
}
}
step3 启动
systemctl restart keepalived
四、Keepalived与Nginx服务结合
Nginx负载均衡实现高可用,需要借助Keepalived地址漂移功能;
有Nginx负载均衡,并不一定必须要装Keepalived保证高可用;
1、判断Keepalived故障
故障原理
- 主备设备无法检测对端心跳,导致双方都判定自己是Master而互相抢占资源;
故障原因
- 服务器网线松动
- 服务器硬件故障或发生损坏现象 崩溃
- 主备主机开启防火墙
解决思路
- 停止其中一台主机的Keepaliv服务;
示例脚本
适用于抢占式-备机使用
[root@lb02 /etc/keepalived]# vim /server/scripts/keepalived_status.sh
#!/bin/bash
vip=10.0.0.13
master_ip=10.0.0.15
while true; do
ping -c 2 -W 3 $master_ip &>/dev/null
if [ $? -eq 0 -a `ip add|grep "$vip"|wc -l` -eq 1];then
echo "keepalived is Breakdown;"
else
echo "keepalived is OK!"
fi
sleep5
done
2、判断Nginx故障
必要性
- 如果Nginx宕机,会导致用户请求失败,但是Keepalived并不会进行地址漂移
解决思路
- 编写一个脚本监测Nginx存活状态;如果不存活则kill nginx和keepalived
#!/bin/bash
A=`ps -C nginx –no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
[keepalived调用脚本]
! Configuration File for keepalived
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh" #运行脚本,脚本内容下面有,就是起到一个nginx宕机以后,自动开启服务
interval 2 #检测时间间隔
weight -20 #如果条件成立的话,则权重 -20
}
# 定义虚拟路由,VI_1 为虚拟路由的标示符,自己定义名称
vrrp_instance VI_1 {
state MASTER #来决定主从
interface eno16777736 # 绑定虚拟 IP 的网络接口,根据自己的机器填写
virtual_router_id 121 # 虚拟路由的 ID 号, 两个节点设置必须一样
mcast_src_ip 192.168.110.141 #填写本机ip
priority 100 # 节点优先级,主要比从节点优先级高
nopreempt # 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题
advert_int 1 # 组播信息发送间隔,两个节点设置必须一样,默认 1s
authentication {
auth_type PASS
auth_pass 1111
}
# 将 track_script 块加入 instance 配置块
track_script {
chk_nginx #执行 Nginx 监控的服务
}
virtual_ipaddress {
192.168.110.110 # 虚拟ip,也就是解决写死程序的ip怎么能切换的ip,也可扩展,用途广泛。可配置多个。
}
}