1.高可用集群架构keepalived双机主备原理
高可用:(HA)
部署nginx存在两台nginx。当主节点的nginx宕机停止服务的时候,nginx备用机起到跟nginx(主)
keepalived的概念:解决单点故障;组件免费;可以实现高可用HA机制;基于VRRP协议
虚拟路由冗余协议VRRP:virtual router redundancy protocol
解决内网单机故障的路由协议;构建有多个路由器的MASTER BACKUP(路由器可以理解为单个nginx节点);虚拟ip-VIP(virtual IP Address)(包含内网ip和虚拟ip)
存在多个虚拟ip(有权重),在主节点宕机,多个BACKUP会有个竞争的过程。谁的权重越高,谁就成为临时“领导”。
Keepalived双机主备原理:
主节点宕机后,虚拟ip会进行心跳检测,这时候虚拟ip会跟备用机绑定到一起。
高可用的故障转移跟故障切换都是通过VIp协议完成的,(主节点)不停的往备用机发送心跳,备用机拿到之后就知道主节点还活着。如果发生故障,备用机就接受不到心跳了。备用机就会接管主节点的服务了
2.Keepalived安装部署
通过ftp工具上传到linux中,/home/software
解压:
tar -zxvf keepalived-2.0.18.tar.gz
解压后进入到解压出来的目录,看到会有configure,那么就可以做配置了
使用configure命令配置安装目录与核心配置文件所在位置
./configure --prefix=/usr/local/keepalived --sysconf=/etc
prefix:keepalived安装的位置
sysconf:keepalived核心配置文件所在位置,固定位置,改成其他位置则keepalived启动不了,/var/log/messages中会报错
配置过程中可能会出现警告信息,如下所示:
*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
安装libnl/libnl-3依赖
yum -y install libnl libnl-devel
5.3. 重新configure一下,此时OK。
安装keepalived:
make && make install
进入到/etc/keepalived,该目录下为keepalived核心配置文件
如果忘记安装配置的目录,则通过如下命令找到:
3.Keepalived核心配置
通过命令 vim keepalived.conf 打开配置文件
global_defs {
# 路由id:当前安装keepalived的节点主机标识符,保证全局唯一
router_id keep_171
}
vrrp_instance VI_1 {
# 表示状态是MASTER主机还是备用机BACKUP
state MASTER
# 该实例绑定的网卡
interface ens33
# 保证主备节点一致即可
virtual_router_id 51
# 权重,master权重一般高于backup,如果有多个,那就是选举,谁的权重高,谁就当选
priority 100
# 主备之间同步检查时间间隔,单位秒
advert_int 2
# 认证权限密码,防止非法节点进入
authentication {
auth_type PASS
auth_pass 1111
}
# 虚拟出来的ip,可以有多个(vip)
virtual_ipaddress {
192.168.1.161
}
}
查看网卡的名称:
启动keepalived:
查看进程:ps -ef|grep keepalived
查看vip:虚拟ip
4.把keepalived注册为系统服务
使用Switchhosts:首先配置网址
171是虚拟机ip。161是keepalived的VIP
首先查看两个虚拟机中nginx的配置
Keepalived的关闭方式杀死对应的进程 kill -9 pid
将/home/software/keepalived-2.2.7/keepalived/etc目录下的 init.d/keepalived 移动到/etc/keepalived.
刷新,加载keepalived服务。
命令:systemctl daemon-reload
keepalived命令:
# 启动keepalived
systemctl start keepalived
# 停止keepalived
systemctl stop keepalived
# 重启keepalived
systemctl restart keepalived
查看进程:ps -ef|grep keepalived
5.keepalived实现双机主备高可用
首先安装backup节点的keepalived,修改对应keepalived里的配置(参考之前配置的内容),并且配置为系统服务。
启动测试成功。测试backup是否好用。
关闭主服务的keepalived,
打开备用的服务器,使用ip addr查看虚拟ip,是否多出查看keepalived是否启用。如下图:
再重启主服务的keepalived,解绑成功。Backup的ip addr 命令查不到192.168.1.161
配置的keepalived的配置模板:
global_defs {
router_id keep_172
}
vrrp_instance VI_1 {
# 备用机设置为BACKUP
state BACKUP
interface ens33
virtual_router_id 51
# 权重低于MASTER
priority 80
advert_int 2
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
# 注意:主备两台的vip都是一样的,绑定到同一个vip
192.168.1.161
}
}
6.keepalived配置nginx自动重启
当发生nginx挂掉,而keepalived仍然在运行。
写相应的标本文件,写在核心配置文件下。
(1).增加nginx重启检测脚本:
vim /etc/keepalived/check_nginx_alive_or_not.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
# 判断nginx是否宕机,如果宕机了,尝试重启
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
# 等待一小会再次检查nginx,如果没有启动成功,则停止keepalived,使其启动备用机
sleep 3
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
增加运行权限:chmod +x /etc/keepalived/check_nginx_alive_or_not.sh
(2).配置keepalived监听nginx脚本
vrrp_script check_nginx_alive {
script "/etc/keepalived/check_nginx_alive_or_not.sh"
interval 2 # 每隔两秒运行上一行脚本
weight 10 # 如果脚本运行成功,则升级权重+10
# weight -10 # 如果脚本运行失败,则升级权重-10
}
(3).在VRRP_instance中新增监控的脚本。
track_script {
check_nginx_alive # 追踪 nginx 脚本
}
(4).重启keepalived使配置文件生效
Systemctl restart keepalived
7.实现keepalived双主热备
先修改核心配置文件
主节点配置:
global_defs {
router_id keep_171
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.161
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 52
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.162
}
}
备用节点配置:
global_defs {
router_id keep_172
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 80
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.161
}
}
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.162
}
}
重启两条keepalived:
重启Keepalived
systemctl restart keepalived