keepalived高可用
- 一、keepalived高可用介绍
- 二、keepalived高可用设计
- 1、两台haproxy负载均衡器配置一致
- 2、在haproxy上分别安装keepalived
- 3、配置keepalived实现高可用
- 4、分别在两个调度器上查看浮动IP
- 5、测试客户端通过浮动IP可正常访问业务
- 6、模拟故障,将优先级高的设备停机,测试客户端还可正常访问
- 7、配置脚本,检测虚拟服务故障,实现浮动IP转移
一、keepalived高可用介绍
解决单点故障,提升服务高可用
基于VRRP协议设计
原理:
将多个物理设备放入到一个VRRP组中,通过VRRP组形成浮动IP,通过优先级进行主备选举,优先级高为主,浮动IP会配置到主设备上,同时主设备会发送心跳以通知自己的状态,备设备连续一段时间接收不到心跳,则认为主宕机,会自动接替主的工作
心跳:
默认以组播的方式发送心跳,地址224.0.0.18
影响心跳的因素:
1、防火墙
2、时间不同步
3、网络堵塞,多块网卡分担流量
二、keepalived高可用设计
1、两台haproxy负载均衡器配置一致
客户端通过DNS解析两台haproxy都可正常访问 业务
2、在haproxy上分别安装keepalived
[root@master_haproxy ~]# yum install -y keepalived
[root@slave_haproxy ~]# yum install -y keepalived
3、配置keepalived实现高可用
规划浮动IP: 192.168.140.100
主:
[root@master_haproxy ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id master_haproxy
}
vrrp_instance haproxy {
state MASTER
interface ens33
virtual_router_id 88
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass redhat
}
virtual_ipaddress {
192.168.140.100
}
}
备:
[root@slave_haproxy ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id slave_haproxy
}
vrrp_instance haproxy {
state BACKUP
interface ens33
virtual_router_id 88
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass redhat
}
virtual_ipaddress {
192.168.140.100
}
}
4、分别在两个调度器上查看浮动IP
主:
[root@master_haproxy ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:cc:6b:2f brd ff:ff:ff:ff:ff:ff
inet 192.168.140.10/24 brd 192.168.140.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.140.100/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fecc:6b2f/64 scope link
valid_lft forever preferred_lft forever
正常情况下,浮动只会出现的优先级高的设备上
备:
[root@slave_haproxy ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:29:e5:43 brd ff:ff:ff:ff:ff:ff
inet 192.168.140.11/24 brd 192.168.140.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe29:e543/64 scope link
valid_lft forever preferred_lft forever
5、测试客户端通过浮动IP可正常访问业务
C:\Users\admin>ping blog.linux.com
正在 Ping blog.linux.com [192.168.140.100] 具有 32 字节的数据:
来自 192.168.140.100 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.140.100 的回复: 字节=32 时间<1ms TTL=64
来自 192.168.140.100 的回复: 字节=32 时间=1ms TTL=64
6、模拟故障,将优先级高的设备停机,测试客户端还可正常访问
7、配置脚本,检测虚拟服务故障,实现浮动IP转移
[root@master_haproxy ~]# cat /etc/keepalived/check_haproxy.sh
#!/bin/bash
#
netstat -tunlp | grep haproxy &> /dev/null
if [ $? -ne 0 ]; then
killall keepalived
fi
[root@master_haproxy ~]# ls -l /etc/keepalived/
total 8
-rwxr-xr-x 1 root root 107 Jun 12 11:04 check_haproxy.sh
-rw-r--r-- 1 root root 469 Jun 12 10:59 keepalived.conf
[root@master_haproxy ~]# cat /etc/keepalived/keepalived.conf
..........
vrrp_script check_haproxy { // 定义外部脚本
script "/etc/keepalived/check_haproxy.sh"
interval 1
}
vrrp_instance haproxy {
..............
track_script { // 调用外部脚本
check_haproxy
}
}
测试:关掉虚拟服务,测试浮动IP的转移
