keepalived工作原理和使用方式_电脑知识

keepalived工作原理和使用方式

创始人

2024-09-25 12:48:48

0次

keepalived是什么

keepalived是集群管理中保证集群高可用的一个服务软件，用来防止单点故障。

keepalived主要有三个模块

分别是core、check和vrrp。
core模块为keepalived的核心，负责主进程的启动、维护以及全局配置文件的加载和解析。
check负责健康检查，包括常见的各种检查方式。
vrrp模块是来实现VRRP协议的。

案例1

环境:
- 初识keepalived，实现web服务器的高可用集群。
- Server1: 192.168.145.15
- Server2: 192.168.145.16
- VIP: 192.168.145.100 对外的虚拟ip
- 拓扑
- 注意：
  - 关闭防火墙、selinux
  - 配置yum源

server1

创建etc下的keepalived目录,编辑配置文件

yum -y install keepalived

vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived global_defs {  router_id 1                            #设备在组中的标识，设置不一样即可  }  #vrrp_script chk_nginx {                        #健康检查 # script "/etc/keepalived/ck_ng.sh"     #检查脚本 # interval 2                            #检查频率.秒 # weight -5                             #priority减5 # fall 3                                        #失败三次 # }  #高可用集群的组员设置 vrrp_instance VI_1 {               #VI_1。实例名两台路由器相同。同学们要注意区分。     state MASTER                        #主或者从状态     interface ens33                     #监控网卡     mcast_src_ip 192.168.229.11         #心跳源IP，当前主机的ip     virtual_router_id 55                #虚拟路由编号，主备要一致。同学们注意区分     priority 100                        #优先级 数值越大优先级越高     advert_int 1                        #心跳间隔 单位是秒      authentication {                    #秘钥认证(1-8位)         auth_type PASS         auth_pass 123456     }      virtual_ipaddress {                 #VIP 虚拟ip     192.168.229.100/24         }  #  track_script {                       #引用脚本 #       chk_nginx #    }  }

把当前服务器的keepalived的配置，传给另外一台服务器
#scp -r /etc/keepalived/keepalived.conf 192.168.145.16:/etc/keepalived/
systemctl enable keepalived.service
- 开机启动keepalived

安装Nginx
- rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
- yum -y install nginx
- systemctl enable nginx.service
- systemctl start nginx.service
- vi /usr/share/nginx/html/index.html
- curl -i localhost
  - -i 显示目标地址返回的响应头信息
- systemctl start keepalived.service

server2

BACKUP服务器的配置需要几处修改

yum -y install keepalived

vi /etc/keepalived/keepalived.conf

state MASTER改为  state BACKUP mcast_src_ip 192.168.145.15改为backup服务器实际的IP mcast_src_ip 192.168.145.16 priority 100改为priority 99

配置文件示例

! Configuration File for keepalived global_defs {  router_id 2  }  #vrrp_script chk_nginx { # script "/etc/keepalived/ck_ng.sh" # interval 2 # weight -5 # fall 3 # }  vrrp_instance VI_1 {     state BACKUP     interface ens33     mcast_src_ip 192.168.229.12     virtual_router_id 55     priority 99     advert_int 1      authentication {         auth_type PASS         auth_pass 123456     }      virtual_ipaddress {     192.168.229.100/24         }  #  track_script { #       chk_nginx #    }  }

systemctl enable keepalived.service

安装Nginx
- rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
- yum -y install nginx
- systemctl enable nginx.service
- systemctl start nginx.service
- vi /usr/share/nginx/html/index.html
- curl -i localhost
- systemctl start keepalived.service

client

访问VIP http://192.168.145.100

拔掉master(server1)的网线。

![- 外链图片转存失败,源站可能有防盗链机制,建议将图片保存下来直接上传](https://i-blog.csdnimg.cn/direct/a27500ab8b5c4c7cbcce5ffdd840b267.png)

访问VIP http://192.168.145.100，观察网页已经切换

关于keepalived对nginx状态未知的问题

恢复之前的实验。启动两台主机的keepalived和nginx。确保页面访问正常。关闭master的nginx服务。systemctl stop nginx 继续访问VIP，请问页面是否会切换到slave呢？

请思考，nginx服务的状态和keepalived的关系。

原因是keepalived监控的是接口IP状态。无法监控nginx服务状态

编辑监控脚本。

server1

添加Nginx监控脚本

vi /etc/keepalived/ck_ng.sh

#!/bin/bash #检查nginx进程是否存在 counter=$(ps -C nginx --no-heading|wc -l) if [ "${counter}" = "0" ]; then #尝试启动一次nginx，停止5秒后再次检测     systemctl start nginx     sleep 5     counter=$(ps -C nginx --no-heading|wc -l)     if [ "${counter}" = "0" ]; then #如果启动没成功，就杀掉keepalive触发主备切换         systemctl stop keepalived      fi fi

chmod +x /etc/keepalived/ck_ng.sh

server2

添加Nginx监控脚本

vi /etc/keepalived/ck_ng.sh

#!/bin/bash #检查nginx进程是否存在 counter=$(ps -C nginx --no-heading|wc -l) if [ "${counter}" = "0" ]; then #尝试启动一次nginx，停止5秒后再次检测     systemctl start nginx     sleep 5     counter=$(ps -C nginx --no-heading|wc -l)     if [ "${counter}" = "0" ]; then #如果启动没成功，就杀掉keepalive触发主备切换         service keepalived stop     fi fi

chmod +x /etc/keepalived/ck_ng.sh

启动监控脚本
- 清除掉配置文件中的注释。
- 重启keepalived即可

nginx状态测试
- 因为脚本中有拉起nginx的语句，测试时可以将脚本文件位置进行改变。观察脚本的效果

案例2

keepalived+lvs集群
环境
- 192.168.145.15 dr1 负载均衡器 master
- 192.168.145.16 dr2 负载均衡器 backup
- 192.168.145.136 rs1 web1
- 192.168.145.137 rs2 web2
- 拓扑
1.在master上安装配置Keepalived:
- # yum install keepalived ipvsadm -y
  - ipvsadm安装并不启动

2.在master上修改配置文件

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived global_defs {						 	router_id Director1    #两边不一样。 	} 	 vrrp_instance VI_1 {				 	state MASTER				#另外一台机器是BACKUP	 	interface ens33				#心跳网卡	 	virtual_router_id 51			#虚拟路由编号，主备要一致 	priority 150				#优先级	 	advert_int 1				#检查间隔，单位秒	 	authentication { 		auth_type PASS 		auth_pass 1111 		} 	virtual_ipaddress { 		192.168.229.100/24       dev      ens33   	#VIP和工作接口 		} 	} 	 virtual_server 192.168.229.100 80 {		#LVS 配置，VIP,就是keepalived配置的对外地址 	delay_loop 3				#服务论询的时间间隔，#每隔3秒检查一次real_server状态 	lb_algo rr				#LVS 调度算法 	lb_kind DR	 			#LVS 集群模式 	protocol TCP 	real_server 192.168.229.13 80 { 		weight 1                    #权重 		TCP_CHECK { 			connect_timeout 3       #健康检查方式,连接超时时间 			} 		} 	real_server 192.168.229.14 80 { 		weight 1 		TCP_CHECK { 			connect_timeout 3    #设定连接超时时间为3秒 超过视为掉线 			} 		} }

3.在backup上安装keepalived:
- # yum install keepalived ipvsadm -y
  - ipvsadm安装并不启动

4.拷贝master上的keepalived.conf到backup上：

# scp  192.168.229.11:/etc/keepalived/keepalived.conf 192.168.229.12:/etc/keepalived/

5.拷贝后,修改配置文件

router_id Director2
state BACKUP
priority 100

配置示例

# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived global_defs {         router_id Director2         }  vrrp_instance VI_1 {         state BACKUP                            #另外一台机器是BACKUP         interface ens33                         #心跳网卡         virtual_router_id 51         priority 100                            #优先级         advert_int 1                            #检查间隔，单位秒         authentication {                 auth_type PASS                 auth_pass 1111                 }         virtual_ipaddress {                 192.168.229.100/24 dev ens33       #VIP和工作端口                 }         }  virtual_server 192.168.229.100 80 {                #LVS 配置，VIP         delay_loop 3                            #服务论询的时间间隔         lb_algo rr                              #LVS 调度算法         lb_kind DR                              #LVS 集群模式         protocol TCP         real_server 192.168.229.13 80 {                 weight 1                 TCP_CHECK {                         connect_timeout 3                         }                 }         real_server 192.168.229.14 80 {                 weight 1                 TCP_CHECK {                         connect_timeout 3                         }                 } }

6.master和backup上启动服务:
- #systemctl enable keepalived
- # systemctl start keepalived
- #reboot
7.web服务器配置
- web1和web2同配置
  - 安装web测试站点
    - yum install -y httpd && systemctl start httpd && systemctl enable httpd
    - netstat -antp | grep httpd
    - # elinks 127.0.0.1
    - vim /var/www/html/index.html
    - 自定义web主页，以便观察负载均衡结果
  - 配置虚拟地址
    - ```
    #cp /etc/sysconfig/network-scripts/{ifcfg-lo,ifcfg-lo:0} #vim /etc/sysconfig/network-scripts/ifcfg-lo:0 DEVICE=lo:0 IPADDR=192.168.229.100   #对外提供服务的地址 NETMASK=255.255.255.255 ONBOOT=yes 其他行注释掉 
```
- 配置路由
  - route add 192.168.145.100 dev lo
  - 在两台机器（RS）上，添加一个路由：route add -host 192.168.145.100 dev lo 确保如果请求的目标IP是 V I P ，那么让出去的数据包的源地址也显示为 VIP，那么让出去的数据包的源地址也显示为 VIP，那么让出去的数据包的源地址也显示为VIP
- 配置ARP
  - # vim /etc/sysctl.conf
    - net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 net.ipv4.conf.default.arp_ignore = 1 net.ipv4.conf.default.arp_announce = 2 net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2
      
      忽略arp请求可以回复
- reboot

8.测试：

1）观察lvs路由条目

master上查询 # ipvsadm -Ln

[root@dr1 ~]# ipvsadm -Ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags   -> RemoteAddress:Port           Forward Weight ActiveConn InActConn TCP  192.168.229.100:80 rr   -> 192.168.229.13:80            Route   1      0          0   -> 192.168.229.14:80            Route   1      0          0

2）观察vip地址在哪台机器上

master上查询 # ip a

ens33:  inet 192.168.229.11/24 brd 192.168.229.255 scope global noprefixroute ens33 inet 192.168.229.100/24 scope global secondary ens33

3）客户端浏览器访问vip
4）关闭master上的keepalived服务，再次访问vip
- master上关闭 # systemctl stop keepalived.service
5）关闭web1站点服务，再次访问VIP
- web1 # systemctl stop httpd

上一篇：linux文件——文件系统——学习、理解、应用软硬件链接

下一篇：Security 原理与总结

keepalived工作原理和使用方式

keepalived是什么

keepalived主要有三个模块

案例1

案例2

相关内容

热门资讯