keepalived高可用集群介绍
keepalive起初为LVS设计专门用来监控集群系统中各个服务节点状态,后来假如了VRRP的问题 虚拟路由冗余协议的缩写,vrrp出现的目的就是为了解决静态路由出现的单点故障问题,它能够保证网络的 不间断,稳定的运行,所以keepalive一方面具有LVS CLUSTER nodes healthchecks功能,另一方面也具有directors failover功能 keepalive服务两大用途 healthcheck&failover功能 LVS directors failover功能 ha failover功能:实现LB master 主机和backup主机之间故障转移和自动切换 这时针对两个负载均衡器同时工作而采取的故障转移措施,当主负载均衡器失效或出现故障的时候,备份负载均衡backup将 自动接管主负载均衡器的所有工作,一旦主负载均衡器master故障修复,master 又会接管回他原来处理的工作,而备份负载均衡器backup 而备份负载均衡器backup会释放master失效时他接管的工作,此时两者将恢复到最初各自的角色状态 在一个VRRP虚拟路由器中,有多台物理的VRRP路由器,但是这多台物理机器并不是同时工作 而是由一台称为master的负rrp责路由工作,其他的都是backup,master并非一成不变,vrrp协议让每个VRRP路由器参加竞选 最终获胜的就是master,master有一些特权,比如拥有虚拟路由器ip地址,我们的主机就是利用这个ip地址作为静态路由的,拥有特权的master 要负责转发发送给网关地址的包和响应arp请求 vrrp通过竞选协议来实现虚拟路由的功能,所有的协议报文都是ip通过多播包形式发送的 虚拟路由器由VRID和一组ip地址组成,对外表现为一个周知的mac地址00-00-5E-00-01{vrid}所以在一个虚拟路由器中,不管谁是master 对外都是相同的mac和IP。客户端主机并不需要因为master改变而修改自己的路由配置,对他们来说主从切换时透明的 下载keepalived # wget http://www.linuxvirtualserver.org/software/kernel-2.6/ipvsadm-1.24.tar.gz wget http://www.keepalived.org/software/keepalived-1.1.17.tar.gz 安装前请确认路劲 --with-kernel-dir=/usr/src/kernels/2.6.32-71.el6.i686/ ln -s /usr/src/kernels/2.6.32-71.el6.i686/ /usr/src/linux 如果没有,这是因为缺少kernel-devel-2.6.18需要提前通过yum install kernel-devel -y命令来安装 解压编译keepalived [root@RServer2 soft]# tar -zxvf keepalived-1.1.17.tar.gz [root@RServer2 soft]# cd keepalived-1.1.17 [root@RServer2 soft]# ./configure [root@RServer2 keepalived-1.1.17]# make;make install 有三个yes use ipvs frame yes ipvs sync dameon support yes use vrrp framework yes 配置规范启动 cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalived/ cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ cp /usr/local/keepalived/sbin/keepalived /usr/sbin/ /etc/init.d/keepalived start 或者/etc/init.d/keepalived stopkeepalive配置文件配置
配置vip [root ~]# ifconfig eth1:1 192.168.88.100 netmask 255.255.255.255 up [root@localhost ~]# route add -host 192.168.88.100 dev eth1抑制arp
service keepalived start 查看vip 在real server 配置lo [root@localhost ~]# ifconfig lo:0 192.168.88.100 netmask 255.255.255.255 up [root@localhost ~]# route add -host 192.168.88.100 dev lo:0 echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce 抑制arp排错
IPtables linux内核转发 rs端是否抑制arp是否绑定VIP 确保rs可以访问 ipvsadm -L -n --stats检查真实服务器状况及vip配置 检查keepalived 配置文件 查看系统日志 /var/log/messages master keepalived.conf 1.配置在主负载均衡服务器上配置keepalived.conf #vi /etc/keepalived/keepalived.conf (主调度器) ! Configuration File for keepalivedglobal_defs {
router_id LVS_MASTER #BACKUP上修改为LVS_BACKUP }vrrp_instance VI_1 {
state MASTER #BACKUP上修改为BACKUP interface eth1 virtual_router_id 51 priority 100 #BACKUP上修改为80 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.88.100 } } virtual_server 192.168.88.100 80 { delay_loop 6 lb_algo rr # lb_kind NAT lb_kind DR natmask 255.255.255.0 # persistence_timeout 5 protocol TCPreal_server 192.168.88.147 80 {
weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.88.148 80 { weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }在slave:
#vi /etc/keepalived/keepalived.conf (备用调度器)! Configuration File for keepalived
global_defs {
router_id LVS_BACKUP #BACKUP上修改为LVS_BACKUP }vrrp_instance VI_1 {
state BACKUP #BACKUP上修改为BACKUP interface eth1 virtual_router_id 51 priority 80 #BACKUP上修改为80 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.88.100 } } virtual_server 192.168.88.100 80 { delay_loop 6 lb_algo rr lb_kind NAT # persistence_timeout 5 protocol TCPreal_server 192.168.88.147 80 {
weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } real_server 192.168.88.148 80 { weight 3 TCP_CHECK { connect_timeout 3 nb_get_retry 3 delay_before_retry 3 connect_port 80 } } }