keepalived是集群管理中保證集群高可用的一個服務軟件,其功能類似於heartbeat,用來防止單點故障。
一、下載keepalived
http://www.keepalived.org/
如:keepalived-1.3.4.tar.gz
二、安裝keepalived
> tar xf keepalived-1.3.4.tar.gz > cd keepalived-1.3.4 > ./configure --prefix=/data/keepalived > make && make install
復制/sbin/keepalived到/usr/sbin下
> cp /data/keepalived/sbin/keepalived /usr/sbin/
keepalived默認會讀取/etc/keepalived/keepalived.conf配置文件
> mkdir /etc/keepalived > cp /data/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
復制sysconfig文件到/etc/sysconfig下
> cp /data/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
復制啟動腳本到/etc/init.d下
> cd /data/keepalived-1.3.4 > cp ./keepalived/etc/init.d/keepalived /etc/init.d/ > chmod 755 /etc/init.d/keepalived
三、實驗環境說明
兩台虛擬機,IP分別為192.168.1.222和192.168.1.233,虛擬機與真實主機是橋接模式上網並互通。
分別裝上了nginx和haproxy,nginx創建了兩個虛擬主機,端口號為8080和8082,配置如下:
server { listen 8080; server_name localhost; location / { root /data/www/site1; index index.html index.htm; } } server { listen 8082; server_name localhost; location / { root /data/www/site2; index index.html index.htm; } }
haproxy綁定80端口,反向代理這四台主機,配置如下:
global log 127.0.0.1 local3 info chroot /data/haproxy user haproxy group haproxy daemon stats socket /data/haproxy/haproxy.sock mode 600 level admin stats timeout 2m defaults log global mode http option httplog option dontlognull timeout connect 5000 timeout client 50000 timeout server 50000 frontend http_front bind *:80 stats uri /haproxy?stats #默認使用的后端 default_backend http_back backend http_back balance roundrobin option httpchk GET /index.html option forwardfor header X-Forwarded-For server node1 192.168.1.222:8080 check inter 2000 rise 3 fall 3 weight 30 server node2 192.168.1.222:8082 check inter 2000 rise 3 fall 3 weight 30 server node3 192.168.1.233:8080 check inter 2000 rise 3 fall 3 weight 30 server node4 192.168.1.233:8082 check inter 2000 rise 3 fall 3 weight 30
三、keepalived的配置
兩台虛擬主機上分別裝上keepalived
keepalived的配置文件/etc/keepalived/keepalived.conf
#全局配置 global_defs { #接收通知的email notification_email { lackone@126.com } #發送通知的email notification_email_from haproxy_01@126.com #smtp服務器地址 smtp_server 127.0.0.1 smtp_connect_timeout 30 #運行的標識 router_id haproxy_01 } #vrrp的實例配置 #haproxy_01名稱可自定義 vrrp_instance haproxy_01 { #主節點 state MASTER #實例綁定的網卡 #注意centos7下第一塊網卡不是eth0,請自行查看,不然keepalived無法啟動成功 interface eno16777736 #虛擬路由ID,唯一 virtual_router_id 51 #權重 priority 150 #檢查的時間間隔 advert_int 2 #驗證 authentication { auth_type PASS auth_pass haproxy_01 } #設置虛擬IP地址 virtual_ipaddress { 192.168.1.10 192.168.1.11 } }
另一台主機上的配置只需修改
state BACKUP priority 100
配置好后,啟動keepalived服務
> service keepalived start
查看網絡接口列表
> ip addr list
tcpdump查看,這里的eno16777736是我的網卡名
> tcpdump -i eno16777736 -n 'host 224.0.0.18'
19:13:30.260858 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24 19:13:32.261878 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24 19:13:34.263286 IP 192.168.1.222 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 150, authtype simple, intvl 2s, length 24
然后我們手動把MASTER的keepalived關掉
> service keepalived stop
然后再用tcpdump查看
> tcpdump -i eno16777736 -n 'host 224.0.0.18'
19:16:05.120377 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24 19:16:07.121645 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24 19:16:09.122353 IP 192.168.1.233 > 224.0.0.18: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 2s, length 24
很明顯看到已從222切換到了233了。
然后我們通過瀏覽器訪問192.168.1.10或192.168.1.11可以看到后台服務切換正常,實現了222和233兩台主機間服務的高可用。