碼上快樂

相關內容    簡體    繁體

實驗:keepalived雙主搶占模式和非搶占模式和IPVS

本文轉載自   查看原文   2019-08-13 20:32   1700    Linux

內容:

   一:概念、原理 

     二:實驗過程

一、概念

 

一、keepalived原理及配置解析

keepalived:vrrp協議的實現

vrrp協議:virtual router redundancy protocol 即虛擬路由器冗余協議

vrrp基本實現及工作流程:

VRRP通過在一組路由器(一個VRRP組)之間共享一個虛擬IP(VIP)解決靜態配置的問題,此時僅需要客戶端以VIP作為其默認網關即可。

如圖為一個基本的VLAN拓撲,其中,Device A、B、C共同組成一個VRRP組,其VIP為10.1.1.1,配置在路由器A的物理接口上,因此A為master路由器,B和C為backup路由器。

VRRP組中,master(路由器A)負責轉發發往VIP地址的報文,客戶端A、B、C都以此VIP作為其默認網關。一旦master故障,backup路由器B和C中具有最高優先級的路由器將成為master並接管VIP地址,而當原來的master路由器A重新上線時,如果工作在搶占模式下,其將重新成為master路由器。如果工作在非搶占模式下,其將作為backup路由器備用。

VRRP是一個“選舉”協議,它能夠動態地將一個虛擬路由器的責任指定至同一個VRRP組中的其它路由器上,從而消除了靜態路由配置的單點故障。

 

VRRP術語:

VRRP虛擬路由(VRRP router):由一個master路由器和多個backup路由器組成,主機將虛擬路由器作為默認網關。

VRID(虛擬路由器標志):同一個虛擬路由器VRID必須唯一。

master路由器:虛擬路由器中承擔報文轉發任務的路由器。

backup路由器:master路由器故障時,能夠接替master路由器工作的路由器。

優先級:vrrp根據優先級高低確定虛擬路由器組中每台路由器地位。

IP地址擁有者(IP Address Owner):如果一個VRRP設備將虛擬路由器IP地址作為真實的接口地址,則該設備被稱為IP地址擁有者。如果IP地址擁有者是可用的,通常它將成為Master。

搶占模式:backup路由器工作於該模式下時,當它收到vrrp報文后,會將自身優先級與報文中的優先級作比較,如果自身優先級高,則會主動搶占成為master路由器,否則維持原狀。

非搶占模式:backup路由器工作於該模式下時,只要master路由器不出現故障,則維持原狀。

VRRP的優勢:

冗余:可以使用多個路由器設備作為LAN客戶端的默認網關,大大降低了默認網關成為單點故障的可能性;

負載共享:允許來自LAN客戶端的流量由多個路由器設備所共享;

多VRRP組:在一個路由器物理接口上可配置多達255個VRRP組;

多IP地址:基於接口別名在同一個物理接口上配置多個IP地址,從而支持在同一個物理接口上接入多個子網;

搶占:在master故障時允許優先級更高的backup成為master;

通告協議:使用IANA所指定的組播地址224.0.0.18進行VRRP通告;

VRRP追蹤:基於接口狀態來改變其VRRP優先級來確定最佳的VRRP路由器成為master;

二、實驗過程

 實驗拓撲圖:

先配置好基本環境 (關閉防火牆、selinux策略禁用等)

 雙主配置

一、單主模式即一台為主節點,一台為從節點  (雙主模型是兩台服務器互為主備,即一台為主備,另一台為備主(配置文件內容相反),讓兩台服務器並行運行,也可以實現減輕單台keepalived主機上的壓力。 雙主模型需要注意此時需要有2個VIP地址)

先配置路由器99.120 ,在上面開啟路由轉發功能,使其都能互通

 [root@centos7 ~]# echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf [root@centos7 ~]# sysctl -p net.ipv4.ip_forward = 1

 在99.130、140主機上安裝軟件

① 安裝軟件包

 [root@centos7 ~]# yum install -y  lvsadm keepalived 
keepalived配置文件詳解 notification_email { #郵件通知機制,當keepalived發生故障時,進行發郵件通知 root@mylinuxops.com #可以將其修改也可以將其改為本機 } notification_email_from root@peter.com #郵件從哪里發出去 smtp_server 127.0.0.1 #本機的smtp服務器地址 smtp_connect_timeout 30 #smtp的連接超時時長 router_id n1.mylinuxops.com #虛擬路由的表示符一般寫本機,確保每個節點都不相同 vrrp_skip_check_adv_addr #跳過檢查數據報文,默認會檢查。 vrrp_strict #嚴格遵循vrrp協議,沒有vip,單播地址,ipv6地址將無法啟動 vrrp_iptables #不生成iptables規則 vrrp_mcast_group4 224.0.0.18     #組播,默認情況下向224.0.0.18發送組播消息 vrrp_garp_interval 0 #arp報文發送延遲 vrrp_gna_interval 0 #消息發送延遲 } vrrp_instance VI_1 { #配置實例的名稱 state BACKUP #服務器角色 nopreempt #關閉VIP的搶占,state都為BACKUP時生效。 interface eth0 #默認的接口 virtual_router_id 66 #虛擬路由ID priority 80 #優先級 advert_int 2 #探測時間 authentication { #認證方式 auth_type PASS auth_pass 1111 } virtual_ipaddress { #虛擬的IP地址,將地址綁定在哪個網卡上,子接口是哪個 192.168.99.188 dev eth0 label eth0:1 } }

 ②編輯99.130主機keepalived主的配置文件/etc/keepalived/keepalived.conf

[root@centos7 ~]# cd /etc/keepalived/
[root@centos7 keepalived]#ls
keepalived.conf
[root@centos7 keepalived]# cp keepalived.conf keepalived.conf.bak
[root@centos7 keepalived]# cat keepalived.conf
global_defs { notification_email { root@peter.com } notification_email_from root@peter.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id s1.peter.com vrrp_skip_check_adv_addr #vrrp_strict vrrp_iptables vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 66 priority 100 advert_int 2 authentication { auth_type PASS auth_pass 1111 } unicast_src_ip 192.168.99.130 label eth0:0 unicast_peer { 192.168.99.140 } virtual_ipaddress { 192.168.99.188 dev eth0 label eth0:0
        192.168.99.189 dev eth0 label eth0:1 } } vrrp_instance VI_2 { state BACKUP interface eth0 virtual_router_id 77 priority 80 advert_int 2 authentication { auth_type PASS auth_pass 1111 } unicast_src_ip 192.168.99.130 label eth0:0 unicast_peer { 192.168.99.140 } virtual_ipaddress { 192.168.99.200 dev eth0 label eth0:2
        192.168.99.201 dev eth0 label eth0:3 } }

  ③ 編輯從節點99.140的配置文件

[root@centos7 keepalived]# vim keepalived.conf global_defs { notification_email { root@peter.com } notification_email_from root@peter.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id s1.peter.com vrrp_skip_check_adv_addr #vrrp_strict vrrp_iptables vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 66 priority 80 advert_int 2 authentication { auth_type PASS auth_pass 1111 } unicast_src_ip 192.168.99.140 label eth0:0 unicast_peer { 192.168.99.130 } virtual_ipaddress { 192.168.99.188 dev eth0 label eth0:0
        192.168.99.189 dev eth0 label eth0:1 } } vrrp_instance VI_2 { state MASTER interface eth0 virtual_router_id 77 priority 80 advert_int 2 authentication { auth_type PASS auth_pass 1111 } unicast_src_ip 192.168.99.140 label eth0:0 unicast_peer { 192.168.99.130 } virtual_ipaddress { 192.168.99.200 dev eth0 label eth0:2
        192.168.99.201 dev eth0 label eth0:3 } }

 ④ 先啟動從節點的keepalived服務並查看日志(因為此時主節點還沒有啟動服務所以從節點的兩個實例配置都會變為MASTER,也應該會有4個vip地址綁定在本機eth0網卡)

[root@centos7 keepalived]#systemctl restart keepalived ;tail -f /var/log/messages
Aug 12 22:13:10 centos7 Keepalived_vrrp[7238]: Stopped
Aug 12 22:13:10 centos7 systemd: Stopped LVS and VRRP High Availability Monitor.
Aug 12 22:13:10 centos7 Keepalived[7236]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Aug 12 22:13:14 centos7 systemd: Starting LVS and VRRP High Availability Monitor...
Aug 12 22:13:14 centos7 Keepalived[7252]: Starting Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Aug 12 22:13:14 centos7 Keepalived[7252]: Opening file '/etc/keepalived/keepalived.conf'.
Aug 12 22:13:14 centos7 systemd: PID file /var/run/keepalived.pid not readable (yet?) after start.
Aug 12 22:13:14 centos7 Keepalived[7253]: Starting Healthcheck child process, pid=7254
Aug 12 22:13:14 centos7 Keepalived[7253]: Starting VRRP child process, pid=7255
Aug 12 22:13:14 centos7 systemd: Started LVS and VRRP High Availability Monitor.
Aug 12 22:13:14 centos7 Keepalived_healthcheckers[7254]: Opening file '/etc/keepalived/keepalived.conf'.
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: Registering Kernel netlink reflector
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: Registering Kernel netlink command channel
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: Registering gratuitous ARP shared channel
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: Opening file '/etc/keepalived/keepalived.conf'.
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) removing protocol VIPs.
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_2) removing protocol VIPs.
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: Using LinkWatch kernel netlink reflector...
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) Entering BACKUP STATE
Aug 12 22:13:14 centos7 Keepalived_vrrp[7255]: VRRP sockpool: [ifindex(2), proto(112), unicast(1), fd(10,11)]
Aug 12 22:13:16 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_2) Transition to MASTER STATE
Aug 12 22:13:18 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_2) Entering MASTER STATE
Aug 12 22:13:18 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_2) setting protocol VIPs.
Aug 12 22:13:18 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.200
Aug 12 22:13:18 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.200
Aug 12 22:13:18 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.201
Aug 12 22:13:18 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.201
Aug 12 22:13:18 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.200
Aug 12 22:13:18 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.201
Aug 12 22:13:20 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) Transition to MASTER STATE
Aug 12 22:13:22 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) Entering MASTER STATE
Aug 12 22:13:22 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) setting protocol VIPs.
Aug 12 22:13:22 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.188
Aug 12 22:13:22 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.188
Aug 12 22:13:22 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.189
Aug 12 22:13:22 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.189
Aug 12 22:13:22 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.188
Aug 12 22:13:22 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.189
Aug 12 22:13:23 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.200
Aug 12 22:13:23 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.200
Aug 12 22:13:23 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.201
Aug 12 22:13:23 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.201
Aug 12 22:13:23 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.200
Aug 12 22:13:23 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.201
Aug 12 22:13:27 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.188
Aug 12 22:13:27 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.188
Aug 12 22:13:27 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.189
Aug 12 22:13:27 centos7 Keepalived_vrrp[7255]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.189
Aug 12 22:13:27 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.189
Aug 12 22:13:27 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 192.168.99.188
Aug 12 22:13:27 centos7 Keepalived_vrrp[7255]: Sending gratuitous ARP on eth0 for 1

   ⑤ 查看本地eth0網卡是否有4個VIP的地址

 ⑥ 此時如果開啟主節點的keepalived,vip地址就會自動被移除,並變為backup狀態

[root@centos7 keepalived]# tail -f /var/log/messages Aug 12 21:54:20 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:54:20 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:54:20 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:54:20 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:54:25 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:54:25 centos7 Keepalived_vrrp[7156]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on eth0 for 192.168.99.188 Aug 12 21:54:25 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:54:25 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:54:25 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:54:25 centos7 Keepalived_vrrp[7156]: Sending gratuitous ARP on eth0 for 192.168.99.188 Aug 12 21:55:16 centos7 Keepalived_vrrp[7156]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 80 Aug 12 21:55:16 centos7 Keepalived_vrrp[7156]: VRRP_Instance(VI_1) Entering BACKUP STATE # 狀態從master變為backup Aug 12 21:55:16 centos7 Keepalived_vrrp[7156]: VRRP_Instance(VI_1) removing protocol VIPs.     # 並且自動移除了vip的地址,vip地址就飄到了主節點上的eth0網卡上

 此時的模式配置是搶占模式,即當主節點啟動后vip就會被搶過來,從節點又淪為backup模式

 二、配置為不搶占模式

1、兩個節點同樣配置

[root@centos7 keepalived]# vim keepalived.conf global_defs { notification_email { root@peter.com } notification_email_from root@peter.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id s1.peter.com vrrp_skip_check_adv_addr #vrrp_strict vrrp_iptables vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state BACKUP #狀態都配置為BACKUP interface eth0 virtual_router_id 66 priority 100 advert_int 2 nopreempt #配置不搶占 authentication { auth_type PASS auth_pass 1111 } unicast_src_ip 192.168.99.130 label eth0:0 unicast_peer { 192.168.99.140 } virtual_ipaddress { 192.168.99.188 dev eth0 label eth0:0
        192.168.99.189 dev eth0 label eth0:1 } } vrrp_instance VI_2 { state BACKUP #改為BACKUP interface eth0 virtual_router_id 77 priority 80 advert_int 2 nopreempt #同樣配置 authentication { auth_type PASS auth_pass 1111 } unicast_src_ip 192.168.99.130 label eth0:0 unicast_peer { 192.168.99.140 } virtual_ipaddress { 192.168.99.200 dev eth0 label eth0:2
        192.168.99.201 dev eth0 label eth0:3 } }

 此時當一個節點掛掉后,vip就會飄到另一台機器上,當原先的節點恢復工作后也不會搶回vip的地址

三、keepalived和lvs實現IPVS

環境利用上面的環境

1、配置后端兩個RS服務器,都安裝httpd,並配置測試的主頁面 

[root@centos7 ~]# yum install -y httpd [root@centos7 ~]# echo RS1_99.150_test-Pages > /var/www/html/index.html

 2、配置keepalived添加virtual_server段,兩台同樣配置

[root@centos7 keepalived]# vim keepalived.conf
global_defs {
   notification_email {
        root@peter.com
   }
   notification_email_from root@peter.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id s1.peter.com
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_iptables
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 66
    priority 100
    advert_int 2
    nopreempt
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    unicast_src_ip 192.168.99.130 label eth0:0
    unicast_peer {
        192.168.99.140
    }

    virtual_ipaddress {
        192.168.99.188/24 dev eth0 label eth0:0
       #192.168.99.189 dev eth0 label eth0:1
    }
}

vrrp_instance VI_2 {
    state BACKUP
    interface eth0
    virtual_router_id 77
    priority 80
    advert_int 2
    nopreempt
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    unicast_src_ip 192.168.99.130 label eth0:0
    unicast_peer {
        192.168.99.140
    }

    virtual_ipaddress {
        192.168.99.200/24 dev eth0 label eth0:2
       #192.168.99.201 dev eth0 label eth0:3
    }
}
virtual_server 192.168.99.188 80 {     
    delay_loop 6
    lb_algo wrr
    lb_kind DR
    protocol TCP

    real_server 192.168.99.150 80 {
        weight 1
        TCP_CHECK {      #對后端服務器做tcp的監測
        connect_timeout 5  #定義連接超時時長
        retry 3             #重試次數
        delay_before_retry 3   #每次重試的間隔時間 
        connect_port 80     #監測的端口
        }
    }
    real_server 192.168.99.160 80 {
        weight 1
        TCP_CHECK {
        connect_timeout 5
        retry 3
        delay_before_retry 3
        connect_port 80
        }
    }
}

 2、配置完keepalived后重啟服務即可,keepalived會自動添加lvs策略

此時配置就基本完成了,還剩最后一步

3、需要把vip的地址綁定在后端web的lo網卡上,並且需要配置一下關閉自動應答,如果不關閉就會地址沖突,寫個腳本實現

 兩個web端都需要配置

[root@centos7 hx]#  vim lvs_dr_rs.sh 
#!/bin/bash
#Author:Peter Xu
#Date:2019-08-13
vip=192.168.99.188
mask='255.255.255.255'
dev=lo:1
#rpm -q httpd &> /dev/null || yum -y install httpd &>/dev/null
#service httpd start &> /dev/null && echo "The httpd Server is Ready!"
#echo "<h1>`hostname`</h1>" > /var/www/html/index.html

case $1 in
start)
    echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
    echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
    echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
    echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
    ifconfig $dev $vip netmask $mask #broadcast $vip up
    #route add -host $vip dev $dev
    echo "The RS Server is Ready!"
    ;;
stop)
    ifconfig $dev down
    echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
    echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
    echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
    echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
    echo "The RS Server is Canceled!"
    ;;
*) 
    echo "Usage: $(basename $0) start|stop"
    exit 1
    ;;
esac
[root@centos7 hx]# sh lvs_dr_rs.sh start   #執行腳本即可完成配置
The RS Server is Ready!

  4、最后我們通過客戶端進行測試訪問,我們配置的lvs策略是輪詢(方便看效果)

 

訪問成功了

實驗完成

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 keepalived搶占和非搶占模式 Keepalived非搶占模式配置 keepalived搶占式與非搶占式 keepalived綁定單播地址、非搶占模式及LVS的TCP模式的高可用 線程的調度有搶占式或者非搶占 (轉) haproxy+keepalived主備與雙主模式配置 配置MySQL實現主主互備模式並利用keepalived實現雙主高可用 MySQL主主模式+Keepalived高可用 keepAlived主備及雙主 kubernetes啟用ipvs模式
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM