keepalived是集群管理中保證集群高可用的一個服務軟件,其功能類似於heartbeat,用來防止單點故障。
一、下載keepalived
http://www.keepalived.org/
如:keepalived-1.3.4.tar.gz
二、安裝keepalived
> tar xf keepalived-1.3.4.tar.gz > cd keepalived-1.3.4 > ./configure --prefix=/data/keepalived > make && make install
復制/sbin/keepalived到/usr/sbin下
> cp /data/keepalived/sbin/keepalived /usr/sbin/
keepalived默認會讀取/etc/keepalived/keepalived.conf配置文件
> mkdir /etc/keepalived > cp /data/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
復制sysconfig文件到/etc/sysconfig下
> cp /data/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
復制啟動腳本到/etc/init.d下
> cd /data/keepalived-1.3.4 > cp ./keepalived/etc/init.d/keepalived /etc/init.d/ > chmod 755 /etc/init.d/keepalived
三、實驗環境說明
兩台虛擬機,IP分別為192.168.1.222和192.168.1.233,虛擬機與真實主機是橋接模式上網並互通。
分別裝上了nginx和haproxy,nginx創建了兩個虛擬主機,端口號為8080和8082,配置如下:
server {
listen 8080;
server_name localhost;
location / {
root /data/www/site1;
index index.html index.htm;
}
}
server {
listen 8082;
server_name localhost;
location / {
root /data/www/site2;
index index.html index.htm;
}
}
haproxy綁定80端口,反向代理這四台主機,配置如下:
global
log 127.0.0.1 local3 info
chroot /data/haproxy
user haproxy
group haproxy
daemon
stats socket /data/haproxy/haproxy.sock mode 600 level admin
stats timeout 2m
defaults
log global
mode http
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
frontend http_front
bind *:80
stats uri /haproxy?stats
#默認使用的后端
default_backend http_back
backend http_back
balance roundrobin
option httpchk GET /index.html
option forwardfor header X-Forwarded-For
server node1 192.168.1.222:8080 check inter 2000 rise 3 fall 3 weight 30
server node2 192.168.1.222:8082 check inter 2000 rise 3 fall 3 weight 30
server node3 192.168.1.233:8080 check inter 2000 rise 3 fall 3 weight 30
server node4 192.168.1.233:8082 check inter 2000 rise 3 fall 3 weight 30
三、keepalived的配置
兩台虛擬主機上分別裝上keepalived
keepalived的配置文件/etc/keepalived/keepalived.conf
#全局配置
global_defs {
#接收通知的email
notification_email {
lackone@126.com
}
#發送通知的email
notification_email_from haproxy_01@126.com
#smtp服務器地址
smtp_server 127.0.0.1
smtp_connect_timeout 30
#運行的標識
router_id haproxy_01
}
#vrrp的實例配置
#haproxy_01名稱可自定義
vrrp_instance haproxy_01 {
#主節點
state MASTER
#實例綁定的網卡
#注意centos7下第一塊網卡不是eth0,請自行查看,不然keepalived無法啟動成功
interface eno16777736
#虛擬路由ID,唯一
virtual_router_id 51
#權重
priority 150
#檢查的時間間隔
advert_int 2
#驗證
authentication {
auth_type PASS
auth_pass haproxy_01
}
#設置虛擬IP地址
virtual_ipaddress {
192.168.1.10
192.168.1.11
}
}
另一台主機上的配置只需修改
state BACKUP priority 100
配置好后,啟動keepalived服務
> service keepalived start
查看網絡接口列表
> ip addr list
tcpdump查看,這里的eno16777736是我的網卡名
> tcpdump -i eno16777736 -n 'host 224.0.0.18'
19:13:30.260858 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24 19:13:32.261878 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24 19:13:34.263286 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24
然后我們手動把MASTER的keepalived關掉
> service keepalived stop
然后再用tcpdump查看
> tcpdump -i eno16777736 -n 'host 224.0.0.18'
19:16:05.120377 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24 19:16:07.121645 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24 19:16:09.122353 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24
很明顯看到已從222切換到了233了。
然后我們通過瀏覽器訪問192.168.1.10或192.168.1.11可以看到后台服務切換正常,實現了222和233兩台主機間服務的高可用。