keepalived是基於vrrp的實現,最初爲ipvs提供高可用功能,同時能夠檢測後端realserver的健康狀態,此後又爲其他的服務提供高可用功能,它可以調用外部腳本,監控資源狀態,從而進行故障轉移,比較適用於節點比較少,不使用共享存儲等情況下;相對於heartbeat以及corosync和RHCS來說,算是一種輕量級的高可用解決方案。
keepalived包含2個主要組件,一個組件負責VRRP協議的實現和管理,一個負責對資源進行監控;運行VRRP的主機在主機之間發送組播信息,用以通告自身的優先級、以及其他屬性,主機的優先級範圍從0-255, 0表示不參與選舉,255表示最高優先級,優先級高的會成爲MASTER,在MASTER上啓動VIP和VMAC,所有發送到VIP的數據包,由MASTER進行處理,當MASTER出現故障或資源出現問題,會停止發送心跳信息或降低自身優先級,當BACKUP主機發現自己的優先級高於對方或檢測不到對方時,會將自己提升爲MASTER,當原先的MASTER恢復時,默認可以把MASTER搶回去,可以配置不搶佔。
在CentOS 6.4上有keepalived的rpm包,直接安裝就可以
[root@node4 ~]# yum -yinstall keepalived
Installed:
keepalived.x86_64 0:1.2.7-3.el6
Dependency Installed:
lm_sensors-libs.x86_64 0:3.1.1-17.el6 net-snmp-libs.x86_64 1:5.5-44.el6
配置文件在/etc/keepalived/keepalived.conf,服務啓動腳本是/etc/init.d/keepalived
[root@node4 keepalived]#cat keepalived.conf
! Configuration File forkeepalived
global_defs {
notification_email {
[email protected]用以定義狀態切換時郵件通知對象,可寫多行(個)
}
smtp_server 192.168.200.1 SMTP服務器地址
smtp_connect_timeout 30連接超時時長
router_id LVS_DEVEL VRRP主機標識
vrrp_scriptchk_state_down {
script "[[ -f /etc/keepalived/down ]]"自定義一個檢測條件,如果存在此文件
interval 1檢測間隔爲1s
weight -10 weight 減去10;
}
}
vrrp_instanceVI_1 {定義一個VRRP實例
state MASTER狀態爲MASTER
interface eth0在eth0上監聽VIP
virtual_router_id 10 定義所屬的組,同一個組中的主機必須相同;
priority 100優先級
advert_int 1通告間隔(advertising interval)
authentication {認證
auth_type PASS類型
auth_pass 1111密碼
}
virtual_ipaddress {
172.16.1.250 定義VIP
}
track_script {
chk_state_down
}
}
virtual_server172.16.1.10080 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 172.16.1.2 80 {
weight 1
HTTP_GET {檢測後端realserver的方式爲GET
url {
path /
state_code 200 檢測報文頭部的狀態碼爲200
}
connect_timeout 3檢測超時時間爲3s
nb_get_retry 3重試的次數爲3次
delay_before_retry 3重試的間隔
}
}
}
定義主機發生狀態變化時,發送郵件通知
首先定義一個腳本:
#!/bin/bash
#
vip=172.16.1.100
contact='root@localhost'
notify (){
mailsubject="`hostname` became to $1 , $vip floated."
mailbody="`date +"%F %T"`: vrrp status changed.`hostname` became $1"
echo $mailbody | mail -s "$mailsubject" $contact
}
case $1in
master)
notify master ;;
backup)
notify backup;;
fault)
notify fault ;;
*)
echo "Usage: `basename $0` {master|backup|fault}"
exit 1;;
esac
編輯配置文件:
vrrp_instance Instance1 {
state MASTER
interface eth0
virtual_router_id 10
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1119
}
virtual_ipaddress {
172.16.1.100
}
track_script {
chk_state_down
}
notify_master"/etc/keepalived/nofity.sh master"
notify_backup"/etc/keepalived/nofity.sh backup"
notify_fault"/etc/keepalived/nofity.sh fault"
}
[root@node4 keepalived]#cat keepalived.conf
! Configuration File forkeepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Node4.magedu.com
}
vrrp_scriptchk_state_down {
script "[[ -f /etc/keepalived/down]] && exit 1 || exit 0"
interval 1
weight -10
}
vrrp_instance Instance1 {
state MASTER
interface eth0
virtual_router_id 10
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1119
}
virtual_ipaddress {
172.16.1.100
}
track_script {
chk_state_down
}
notify_master"/etc/keepalived/notify.sh master"
notify_backup"/etc/keepalived/notify.sh backup"
notify_fault"/etc/keepalived/notify.sh fault"
}
virtual_server172.16.1.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 172.16.1.3 80 {
weight 1
HTTP_GET {
url {
path /
state_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 172.16.1.2 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
}
如果檢測成功就會自動生成ipvs規則
[root@node5 keepalived]#ipvsadm -L -n
IP Virtual Server version1.2.1 (size=4096)
Prot LocalAddress:PortScheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.1.100:80 rr persistent 50
-> 172.16.1.2:80 Masq 1 0 0
-> 172.16.1.3:80 Masq 1 0 0
當有一個real server失效以後,會自動修改規則:
[root@node5 keepalived]#ipvsadm -L -n
IP Virtual Server version1.2.1 (size=4096)
Prot LocalAddress:PortScheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.16.1.100:80 rr persistent 50
-> 172.16.1.3:80 Masq 1 0 0
[root@node5 keepalived]#tail /var/log/messages
Sep 25 04:22:20 node5Keepalived_vrrp[16223]: VRRP_Instance(Instance1) Sending gratuitous ARPs oneth0 for 172.16.1.100
Sep 25 04:22:25 node5Keepalived_vrrp[16223]: VRRP_Instance(Instance1) Sending gratuitous ARPs oneth0 for 172.16.1.100
Sep 25 04:22:28 node5Keepalived_vrrp[16223]: VRRP_Instance(Instance1) Received higher prio advert
Sep 25 04:22:28 node5Keepalived_vrrp[16223]: VRRP_Instance(Instance1) Entering BACKUP STATE
Sep 25 04:22:28 node5Keepalived_vrrp[16223]: VRRP_Instance(Instance1) removing protocol VIPs.
Sep 25 04:22:28 node5Keepalived_healthcheckers[16222]: Netlink reflector reports IP 172.16.1.100removed
Sep 25 04:36:11 node5Keepalived_healthcheckers[16222]: Error connecting server [172.16.1.2]:80.
Sep 25 04:36:11 node5Keepalived_healthcheckers[16222]: Removing service [172.16.1.2]:80 from VS[172.16.1.100]:80
Sep 25 04:36:11 node5Keepalived_healthcheckers[16222]: Remote SMTP server [127.0.0.1]:25 connected.
Sep 25 04:36:11 node5Keepalived_healthcheckers[16222]: SMTP alert successfully sent.
# 如何對特定的服務實現高可用:
思路:
讓vrrp_script 監控程序的運行狀態,當服務停止時,降低優先級,優先級降低引起VRRP的狀態切換,切換的同時,系統會發出郵件,管理員收到郵件後及時處理故障,啓動服務後,優先級恢復到原來的值,根據實際情況配置preempt;如果不對故障進行處理那麼當第二臺設備也服務也停止了,整個系統將無法工作;
[root@node4keepalived]# cat keepalived.conf
!Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id Node4.magedu.com
}
vrrp_script chk_state_down {
script"[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
interval 1
weight-2
}
vrrp_script chk_httpd {
script"killall -0 httpd"
interval 1
fall 2
rise 1
weight-20
}
vrrp_instanceInstance1 {
state MASTER
interface eth0
virtual_router_id 10
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1119
}
virtual_ipaddress {
172.16.1.100
}
track_script {
chk_state_down
chk_httpd
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
[root@node4keepalived]# cat notify.sh
#!/bin/bash
vip=172.16.1.100
contact='root@localhost'
notify () {
mailsubject="`hostname` became to$1 , $vip floated."
mailbody="`date +"%F%T"`: vrrp status changed. `hostname` became $1"
echo $mailbody | mail -s"$mailsubject" $contact
}
case $1 in
master)
notify master
/etc/init.d/httpd start;;
backup)
notify backup
/etc/init.d/httpd stop;;
fault)
notify fault
/etc/init.d/httpd stop;;
*)
echo "Usage: `basename $0`{master|backup|fault}"
exit 1;;
esac
keepalived雙主模型:
提供2個vrrp實例,2個vip;
vrrp_instance Instance1 {
state MASTER
interface eth0
virtual_router_id 10
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1119
}
virtual_ipaddress {
172.16.1.100
}
track_script {
chk_state_down
chk_httpd
}
notify_master"/etc/keepalived/notify.sh master"
notify_backup"/etc/keepalived/notify.sh backup"
notify_fault"/etc/keepalived/notify.sh fault"
}
vrrp_instance Instance2 {
state BACKUP
interface eth0
virtual_router_id 20
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 2119
}
virtual_ipaddress {
172.16.1.101
}
track_script {
chk_state_down
chk_httpd
}
notify_master"/etc/keepalived/notify.sh master"
notify_backup"/etc/keepalived/notify.sh backup"
notify_fault"/etc/keepalived/notify.sh fault"
}
重啓keepalived服務
# servicekeepalived restart
[root@node4 keepalived]#ip addr show
1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:85:22:ac brdff:ff:ff:ff:ff:ff
inet 172.16.1.4/16 brd 172.16.255.255 scopeglobal eth0
inet 172.16.1.100/32 scope global eth0
inet6 fe80::20c:29ff:fe85:22ac/64 scopelink
valid_lft forever preferred_lft forever
當另一臺主機發生故障時:
[root@node4 keepalived]#ip addr show
1: lo:<LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:85:22:ac brdff:ff:ff:ff:ff:ff
inet 172.16.1.4/16 brd 172.16.255.255 scopeglobal eth0
inet 172.16.1.100/32 scope global eth0
inet 172.16.1.101/32 scope global eth0
inet6 fe80::20c:29ff:fe85:22ac/64 scopelink
valid_lft forever preferred_lft forever