博客
关于我
强烈建议你试试无所不能的chatGPT,快点击我
Keepalive高可用 漂移
阅读量:5882 次
发布时间:2019-06-19

本文共 11051 字,大约阅读时间需要 36 分钟。

博文参考

http://lanlian.blog.51cto.com/6790106/1303195/http://blog.csdn.net/tantexian/article/details/50056229http://www.yulongjun.com/linux/20170904-01-keepalived-introduction/

Keepalived简介

clipboard.png

  • core模块:为keepalived的核心组件,负责主进程的启动、维护以及全局配置文件的加载和解析;

  • check:负责健康检查,包括常见的各种检查方式;

  • VRRP模块:是来实现VRRP协议的。

keepalived

基于VRRP协议来实现的LVS服务高可用方案,可以利用其来避免单点故障。一个LVS服务会有2台服务器运行Keepalived,一台为主服务器(MASTER),一台为备份服务器(BACKUP),但是对外表现为一个虚拟IP,主服务器会发送特定的消息给备份服务器,当备份服务器收不到这个消息的时候,即主服务器宕机的时候, 备份服务器就会接管虚拟IP,继续提供服务,从而保证了高可用性。Keepalived是VRRP的完美实现。

启动后三个进程

父进程:内存管理,子进程管理等等

子进程:VRRP子进程
子进程:healthchecker子进程

VRRP协议简介

VRRP全称Virtual Router Redundancy Protocol,即虚拟路由冗余协议。    虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以保证路由器的高可用了。于安全性考虑,VRRP包使用了加密协议进行加密。

keepalived配置介绍

keepalived只有一个配置文件keepalived.conf,里面主要包括以下几个配置区域:

  • global_defs主要是配置故障发生时的通知对象以及机器标识

  • static_ipaddress和static_routes区域配置的是是本节点的IP和路由信息

  • vrrp_script用来做健康检查的,当时检查失败时会将vrrp_instancepriority减少相应的值

  • vrrp_instance用来定义对外提供服务的VIP区域及其相关属性

  • vrrp_rsync_group用来定义vrrp_intance组,使得这个组内成员动作一致

全局配置

全局配置又包括两个子配置:

全局定义(global definition)
静态路由配置(static ipaddress/routes)

VRRPD配置

VRRPD配置包括三个类:

VRRP同步组(synchroization group)
VRRP实例(VRRP Instance)
VRRP脚本

keepalived单活双活配置

单活配置

clipboard.png

  • Ka1配置

/etc/keepalived/keepalived.conf

global_defs {   notification_email {     root@localhost   }   notification_email_from ka1@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id ka1   vrrp_mcast_group4 224.111.111.111}vrrp_instance VG_1 {    state MASTER    interface eth2    virtual_router_id 191    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 0702f7ab    }    virtual_ipaddress {        192.168.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"          }
  • Ka2配置

/etc/keepalived/keepalived.conf

global_defs {   notification_email {     root@localhost   }   notification_email_from ka1@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id ka1   vrrp_mcast_group4 224.111.111.111}vrrp_instance VG_1 {    state BACKUP    interface eth2    virtual_router_id 191    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 0702f7ab    }    virtual_ipaddress {        192.168.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"          }

双活配置

clipboard.png

  • Ka1配置

/etc/keepalived/keepalived.conf

global_defs {   notification_email {     root@localhost   }   notification_email_from ka1@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id ka1   vrrp_mcast_group4 224.111.111.111}vrrp_instance VG_1 {    state MASTER    interface eth2    virtual_router_id 191    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 0702f7ab    }    virtual_ipaddress {        192.168.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"          }vrrp_instance VG_2 {    state BACKUP    interface eth2    virtual_router_id 192    priority 95    advert_int 1    authentication {        auth_type PASS        auth_pass 85c9a27b    }    virtual_ipaddress {        192.168.111.200    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"          }
  • Ka2配置

/etc/keepalived/keepalived.conf

global_defs {   notification_email {     root@localhost   }   notification_email_from ka1@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id ka1   vrrp_mcast_group4 224.111.111.111}vrrp_instance VG_1 {    state BACKUP    interface eth2    virtual_router_id 191    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 0702f7ab    }    virtual_ipaddress {        192.168.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"  }vrrp_instance VG_2 {    state MASTER    interface eth2    virtual_router_id 192    priority 95    advert_int 1    authentication {        auth_type PASS        auth_pass 85c9a27b    }    virtual_ipaddress {        192.168.111.200    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}

内外双网络(非同步)单活模式漂移配置

一个内网网络,一个外网网络,内网网络和外网网络不用同步漂移,比如Keepalived+LVS-DR、Keepalived+Nginx、Keepalived+HAProxy,都是不用同步漂移的。(Keepalived+LVS-NAT是需要同步漂移的。)

clipboard.png

  • Ka1配置

/etc/keepalived/keepalived.conf

global_defs {   notification_email {     root@localhost   }   notification_email_from ka1@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id ka1   vrrp_mcast_group4 224.111.111.111}vrrp_sync_group VG_1 {    group {        External_1        Internal_1    }}vrrp_instance External_1 {    state MASTER    interface eth1    virtual_router_id 171    priority 100    advert_int 1        authentication {        auth_type PASS        auth_pass 1402b1b5    }    virtual_ipaddress {        172.16.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance Internal_1 {    state MASTER    interface eth2    virtual_router_id 191    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 0702f7ab    }    virtual_ipaddress {        192.168.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}
  • Ka2配置

/etc/keepalived/keepalived.conf

global_defs {   notification_email {     root@localhost   }   notification_email_from ka1@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id ka1   vrrp_mcast_group4 224.111.111.111}vrrp_instance External_1 {    state BACKUP    interface eth1    virtual_router_id 171    priority 100    advert_int 1        authentication {        auth_type PASS        auth_pass 1402b1b5    }    virtual_ipaddress {        172.16.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance Internal_1 {    state BACKUP    interface eth2    virtual_router_id 191    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 0702f7ab    }    virtual_ipaddress {        192.168.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}

内外双网络(同步)双活模式漂移配置

一个内网网络,一个外网网络,而且内网网络和外网网络要实现同步漂移,比如Keepalived+LVS-NAT模式,那么就用到vrrp_sync_group来设置同步漂移组,如果要做双活,那么就分别两端加两个vip,互为主备。

clipboard.png

  • Ka1配置

/etc/keepalived/keepalived.conf

global_defs {   notification_email {     root@localhost   }   notification_email_from ka1@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id ka1   vrrp_mcast_group4 224.111.111.111}vrrp_sync_group VG_1 {    group {        External_1        Internal_1    }}vrrp_sync_group VG_2 {    group {        External_2        Internal_2    }}vrrp_instance External_1 {    state MASTER    interface eth1    virtual_router_id 171    priority 100    advert_int 1        authentication {        auth_type PASS        auth_pass 1402b1b5    }    virtual_ipaddress {        172.16.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance External_2 {    state BACKUP    interface eth1    virtual_router_id 172    priority 95    advert_int 1    authentication {        auth_type PASS        auth_pass 9d3d15d5    }    virtual_ipaddress {        172.16.111.200    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance Internal_1 {    state MASTER    interface eth2    virtual_router_id 191    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 0702f7ab    }    virtual_ipaddress {        192.168.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance Internal_2 {    state BACKUP    interface eth2    virtual_router_id 192    priority 95    advert_int 1    authentication {        auth_type PASS        auth_pass 85c9a27b    }    virtual_ipaddress {        192.168.111.200    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}
  • Ka2配置

/etc/keepalived/keepalived.conf

global_defs {   notification_email {     root@localhost   }   notification_email_from ka1@localhost   smtp_server 127.0.0.1   smtp_connect_timeout 30   router_id ka1   vrrp_mcast_group4 224.111.111.111}vrrp_sync_group VG_1 {    group {        External_1        Internal_1    }}vrrp_sync_group VG_2 {    group {        External_2        Internal_2    }}vrrp_instance External_1 {    state BACKUP    interface eth1    virtual_router_id 171    priority 100    advert_int 1        authentication {        auth_type PASS        auth_pass 1402b1b5    }    virtual_ipaddress {        172.16.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance External_2 {    state MASTER    interface eth1    virtual_router_id 172    priority 95    advert_int 1    authentication {        auth_type PASS        auth_pass 9d3d15d5    }    virtual_ipaddress {        172.16.111.200    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance Internal_1 {    state BACKUP    interface eth2    virtual_router_id 191    priority 100    advert_int 1    authentication {        auth_type PASS        auth_pass 0702f7ab    }    virtual_ipaddress {        192.168.111.100    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}vrrp_instance Internal_2 {    state MASTER    interface eth2    virtual_router_id 192    priority 95    advert_int 1    authentication {        auth_type PASS        auth_pass 85c9a27b    }    virtual_ipaddress {        192.168.111.200    }    notify_master "/etc/keepalived/notify.sh master"    notify_backup "/etc/keepalived/notify.sh backup"    notify_fault "/etc/keepalived/notify.sh fault"}
你可能感兴趣的文章
如何用几个简单的命令改善你的Linux安全
查看>>
查看MySQL记录执行过的SQL
查看>>
SpringMVC 之 国际化
查看>>
【转】Java并发编程73道面试题及答案
查看>>
你流量大吗?check_traffic.sh监控服务器流量
查看>>
java8 时间类与Date类的相互转化
查看>>
下半年过了中项,感谢学院,感谢薛老师,后面就跟着学院的各位老师学与考了
查看>>
RAID磁盘冗余阵列
查看>>
支付宝升级延时到账功能
查看>>
ghost后只剩下一个盘的数据寻回方法
查看>>
输入输出练习
查看>>
Git commit message和工作流规范
查看>>
java面试。答案源于网上
查看>>
yii中取得CActiveDataProvider的分页信息
查看>>
我的大学
查看>>
Google翻译接口收费啦
查看>>
Debian+Apache2服务器
查看>>
linux——编译安装nginx出现报错,以及启动nginx服务时80端口被占用怎么解决?...
查看>>
MySQL库和表的操作
查看>>
shell编程:编译器、解释器 变量
查看>>