概述:
Keepalived 是一種高性能的服務器高可用或熱備解決方案, Keepalived 可以用來防止服務器單點故障的發生,通過配合 Nginx 可以實現 web 前端服務的高可用。
Keepalived 以 VRRP 協議爲實現基礎,用 VRRP 協議來實現高可用性(HA)。 VRRP(Virtual RouterRedundancy Protocol)協議是用於實現路由器冗餘的協議, VRRP 協議將兩臺或多臺路由器設備虛擬成一個設備,對外提供虛擬路由器 IP(一個或多個),而在路由器組內部,如果實際擁有這個對外 IP 的路由器如果工作正常的話就是 MASTER,或者是通過算法選舉產生, MASTER 實現針對虛擬路由器 IP 的各種網絡功能,如 ARP 請求, ICMP,以及數據的轉發等;其他設備不擁有該虛擬 IP,狀態是 BACKUP,除了接收 MASTER 的VRRP 狀態通告信息外,不執行對外的網絡功能。當主機失效時, BACKUP 將接管原先 MASTER 的網絡功能。VRRP 協議使用多播數據來傳輸 VRRP 數據, VRRP 數據使用特殊的虛擬源 MAC 地址發送數據而不是自身網卡的 MAC 地址, VRRP 運行時只有 MASTER 路由器定時發送 VRRP 通告信息,表示 MASTER 工作正常以及虛擬路由器 IP(組), BACKUP 只接收 VRRP 數據,不發送數據,如果一定時間內沒有接收到 MASTER 的通告信息,各 BACKUP 將宣告自己成爲 MASTER,發送通告信息,重新進行 MASTER 選舉狀態;
下載keepalived:https://www.keepalived.org/download.html
1:解壓,編譯
tar -zxvf keepalived-1.4.5.tar.gz
cd keepalived-1.4.5
2:則安裝插件
yum install -y curl gcc openssl-devel libnl3-devel net-snmp-devel
//編譯
./configure --prefix=/usr/local/keepalived
3:安裝插件防止報如下錯誤
checking for SSL_set0_rbio... no
checking for OPENSSL_init_crypto... no
checking for nl_socket_alloc in -lnl-3... yes
checking for genl_connect in -lnl-genl-3... yes
checking whether IPV4_DEVCONF_ARP_IGNORE is declared... no
checking whether IPV4_DEVCONF_ACCEPT_LOCAL is declared... no
checking whether IPV4_DEVCONF_RP_FILTER is declared... no
checking whether IPV4_DEVCONF_ARPFILTER is declared... no
checking for linux/rtnetlink.h... yes
checking libnfnetlink/libnfnetlink.h usability... no
checking libnfnetlink/libnfnetlink.h presence... no
checking for libnfnetlink/libnfnetlink.h... no
configure: error: libnfnetlink headers missing
//報如上錯誤則安裝下面組件
yum install -y libnfnetlink-devel
4:安裝
make && make install
5:將keepalived的文件拷貝到響應的文件夾中
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived/etc/init/keepalived.conf /etc/init.conf
6:啓動並查看日誌
//啓動keepalived
/usr/local/keepalived/sbin/keepalived
//查看日誌
tail -f /var/log/messages
//設置開機自啓動
echo /usr/local/keepalived/sbin/keepalived >> /etc/rc.local
7:修改配置文件
//修改Keepalived的配置文件
vi /etc/keepalived/keepalived.conf
8:查看網卡接口中的eth1就是網卡接口
[root@localhost keepalived]# ifconfig
eth1 Link encap:Ethernet HWaddr 00:0C:29:83:66:3B
inet addr:192.168.75.128 Bcast:192.168.75.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe83:663b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:56422 errors:0 dropped:0 overruns:0 frame:0
TX packets:29362 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:38172608 (36.4 MiB) TX bytes:6306292 (6.0 MiB)
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:757483 errors:0 dropped:0 overruns:0 frame:0
TX packets:757483 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:841887209 (802.8 MiB) TX bytes:841887209 (802.8 MiB)
9:配置/etc/keepalived/keepalived.conf文件
master配置
! Configuration File for keepalived
global_defs {
router_id test-one #爲本機hostname
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER #主子的爲BACKUP
interface eth1 #本機網卡通過ifconfig獲得
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111 #祕鑰MASTER和BACKUP保持一致隨意定
}
virtual_ipaddress {
192.168.75.100 #虛擬地址
}
}
virtual_server 192.168.75.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.75.130 80 { #真實地址
weight 1
TCP_CHECK { #TPC檢查
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.75.131 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
BACKUP配置
! Configuration File for keepalived
global_defs {
router_id test-two
vrrp_skip_check_adv_addr
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth2
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.75.100
}
}
virtual_server 192.168.75.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.75.130 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.75.131 80 {
weight 1
TCP_CHECK {
connect_timeout 10
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
10:查看是否將虛擬IP掛載進來
[root@localhost ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:3c:5c:d8 brd ff:ff:ff:ff:ff:ff
inet 192.168.75.131/24 brd 192.168.75.255 scope global eth2
inet 192.168.75.100/32 scope global eth2
inet6 fe80::20c:29ff:fe3c:5cd8/64 scope link
valid_lft forever preferred_lft forever
11:安裝nginx設置端口爲80,安裝流程見本人其它文章
12:啓動
如果出現vip無法ping通則:
keepalived.conf中vip配置好後,通過ip addr可以看到vip已經順利掛載,但是無法ping通,並且防火牆都已關閉,原因是keepalived.conf配置中默認vrrp_strict打開了,需要把它註釋掉。重啓keepalived即可ping通。