3.1 Keepalived 双机热备基础知识
Keepalived 起初是专门针对 LVS 设计的一款强大的辅助工具,主要用来提供故障切换(Failover)和健康检査(HealthChecking)功能--判断LVS 负载调度器、节点服务器的可用性,当 master 主机出现故障及时切换到 backup 节点保证业务正常,当master 故障主机恢复后将其重新加入群集并且业务重新切换回 master 节点。
3.1.1 Keepalived概述及安装
Keepalived 的官方网站位于 Keepalived for Linux,本章将以 YUM 方式讲解Keepalived 的安装、配置和使用过程。在非 LVS 群集环境中使用时,Keepalived 也可以作为热备软件使用。
1.Keepalived 的热备方式
Keepalived 采用 VRRP(Virtual Router Redundancy Protocol,虚拟路由冗余协议)热备份协议,以软件的方式实现Linux服务器的多机热备功能。VRRP是针对路由器的一种备份解决方案--由多台路由器组成一个热备组,通过共用的虚拟 IP地址对外提供服务;每个热备组内同一时刻只有一台主路由器提供服务,其他路由器处于冗余状态。若当前在线的路由器失效,则其他路由器会自动接替(优先级决定接替顺序)虚拟IP地址,以继续提供服务,如图 3.1所示。
热备组内的每台路由器都可能成为主路由器,虚拟路由器的IP地址(VIP)可以在热备组内的路由器之间进行转移,所以也称为漂移IP地址。使用 Keepalived 时,漂移地址的实现不需要手动建立虚接口配置文件(如 ens33:0),而是由Keepalived 根据配置文件自动管理。
2.Keepalived 的安装与服务控制
(1)keepalived的热备方式
(2)keepalived的安装与服务控制
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# yum -y install keepalived ipvsadm
[root@localhost ~]# systemctl enable keepalived2.使用keepalived实现双机热备
(1)主服务器的配置
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_01
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 1
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.172
}
}注释:
vrrp_strict #严格执行VRRP协议规范,此模式不支持节点单播,如果配置了此参数,vip可以漂移到这台服务器,但是ping vip不通,因此需要将此参数去掉
[root@localhost keepalived]# systemctl start keepalived
[root@localhost keepalived]# ip add show dev ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ae:7f:64 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.101/24 brd 172.16.16.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.172/32 scope global ens33
valid_lft forever preferred_lft forever2:备用服务器的配置
[root@localhost ~]# systemctl stop NetworkManager
[root@localhost ~]# setenforce 0
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# cd /etc/keepalived/
[root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived]# vi keepalived.conf
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
#vrrp_strict
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_02
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 1
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.172
}
}
