高可用:兩臺業務系統啓動着相同的服務,如果有一臺故障,另一臺自動接管,我們將將這個稱之爲高可用;
Keekpalived工作原理:通過vrrp協議實現
vrrp原理
vrrp抓包
Keepalived工作方式:搶佔式、非搶佔式
安裝:yum install keepalived -y
日誌存放位置:/var/log/messages
1、keepaliaved 搶佔式配置
master配置
[root@lb01 ~]# rpm -qc keepalived
/etc/keepalived/keepalived.conf
/etc/sysconfig/keepalived
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02 #標識信息,一個名字而已;
}
vrrp_instance VI_1 {
state MASTER #角色是master
interface eth0 #vip 綁定端口
virtual_router_id 50 #讓master 和backup在同一個虛擬路由裏,id 號必須相同;
priority 150 #優先級,誰的優先級高誰就是master ;
advert_int 1 #心跳間隔時間
authentication {
auth_type PASS #認證
auth_pass 1111 #密碼
}
virtual_ipaddress {
10.0.0.3 #虛擬ip
}
}
backup配置
[root@lb02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@lb02 ~]#
2、Keepalived非搶佔式配置:
非搶佔式不再有主從之分,全部都爲BACKUP,並且配置文件中添加nopreempt,用來標識爲非搶佔式;
[root@lb01 /etc/nginx/upstream]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@lb02 /etc/nginx/upstream]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 100
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
You have new mail in /var/spool/mail/root
[root@lb02 /etc/nginx/upstream]#
3、nginx+keepalived
實現思路:將keepalived 中的vip作爲nginx負載均衡的監聽地址,並且域名綁定的也是vip的地址。
說明:Nginx 負載均衡實現高可用,需要藉助Keepalived地址漂移功能。
在不考慮後端數據庫和存儲的時候如下架構
keepalived+Nginx
兩臺負載均衡配置:
[root@lb01 /etc/nginx/upstream]# ip add show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:97:e1:ff brd ff:ff:ff:ff:ff:ff
inet 10.0.0.5/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.0.0.3/32 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe97:e1ff/64 scope link
valid_lft forever preferred_lft forever
[root@lb01 /etc/nginx/upstream]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@lb01 /etc/nginx/upstream]#
[root@lb02 /etc/nginx/upstream]# ip add show eth0
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:6f:18:48 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global eth0
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe6f:1848/64 scope link
valid_lft forever preferred_lft forever
[root@lb02 /etc/nginx/upstream]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 100
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
}
[root@lb02 /etc/nginx/upstream]#
4、keepalived腦裂現象
由於某些原因,導致兩臺keepalived高可用服務器在指定時間內,無法檢測到對方存活心跳信息,從而導致互相搶佔對方的資源和服務所有權,然而此時兩臺高可用服務器有都還存活。
可能出現的原因:
1、服務器網線鬆動等網絡故障;
2、服務器硬件故障發生損壞現象而崩潰;
3、主備都開啓了firewalld 防火牆。
4、在Keepalived+nginx 架構中,當Nginx宕機,會導致用戶請求失敗,但是keepalived不會進行切換,
所以需要編寫一個檢測nginx的存活狀態的腳本,如果nginx不存活,則kill掉宕掉的nginx主機上面的keepalived。(所有的keepalived都要配置)
架構如下:
腳本如下:
[root@lb01 /server/scripts]# cat /server/scripts/check_list
#!/bin/sh
nginxpid=$(ps -C nginx --no-header|wc -l)
#1.判斷Nginx是否存活,如果不存活則嘗試啓動Nginx
if [ $nginxpid -eq 0 ];then
systemctl start nginx
sleep 3
#2.等待3秒後再次獲取一次Nginx狀態
nginxpid=$(ps -C nginx --no-header|wc -l)
#3.再次進行判斷, 如Nginx還不存活則停止Keepalived,讓地址進行漂移,並退出腳本
if [ $nginxpid -eq 0 ];then
systemctl stop keepalived
fi
fi
[root@lb01 /server/scripts]#
配置文件如下:
[root@lb01 /server/scripts]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_script check {
script "/server/scripts/check_list"
interval 10
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
track_script {
check
}
}
[root@lb01 /server/scripts]#