nginx進程基於Master+Slave(worker)多進程模型,自身具有非常穩定的子進程管理功能。在Master進程分配模式下,Master進程永遠不進行業務處理,只是進行任務分發,從而達到Master進程的存活高可靠性,Slave(worker)進程所有的業務信號都 由主進程發出,Slave(worker)進程所有的超時任務都會被Master中止,屬於非阻塞式任務模型。
Keepalived是Linux下面實現VRRP備份路由的高可靠性運行件。基於Keepalived設計的服務模式能夠真正做到主服務器和備份服務器故障時IP瞬間無縫交接。二者結合,可以構架出比較穩定的軟件LB(LoadBalance)方案。
Keepalived是一個基於VRRP協議來實現的服務高可用方案,可以利用其來避免IP單點故障,類似的工具還有heartbeat、corosync、pacemaker。但是它一般不會單獨出現,而是與其它負載均衡技術(如lvs、haproxy、nginx)一起工作來達到集羣的高可用。
VRRP協議
VRRP全稱 Virtual Router Redundancy Protocol,即 虛擬路由冗餘協議。可以認爲它是實現路由器高可用的容錯協議,即將N臺提供相同功能的路由器組成一個路由器組(Router Group),這個組裏面有一個master和多個backup,但在外界看來就像一臺一樣,構成虛擬路由器,擁有一個虛擬IP(vip,也就是路由器所在局域網內其他機器的默認路由),佔有這個IP的master實際負責ARP相應和轉發IP數據包,組中的其它路由器作爲備份的角色處於待命狀態。master會發組播消息,當backup在超時時間內收不到vrrp包時就認爲master宕掉了,這時就需要根據VRRP的優先級來選舉一個backup當master,保證路由器的高可用。
在VRRP協議實現裏,虛擬路由器使用 00-00-5E-00-01-XX 作爲虛擬MAC地址,XX就是唯一的 VRID (Virtual Router IDentifier),這個地址同一時間只有一個物理路由器佔用。在虛擬路由器裏面的物理路由器組裏面通過多播IP地址 224.0.0.18 來定時發送通告消息。每個Router都有一個 1-255 之間的優先級別,級別最高的(highest priority)將成爲主控(master)路由器。通過降低master的優先權可以讓處於backup狀態的路由器搶佔(pro-empt)主路由器的狀態,兩個backup優先級相同的IP地址較大者爲master,接管虛擬IP。
【1】基礎環境準備
兩臺服務器:192.168.88.129(主) 192.168.88.130(從),每臺服務器上分別安裝nginx 、keepalived。
首先要關閉防火牆、關閉selinux。當然,你可以選擇不關閉,但是可能會遇到各種奇怪問題。
關閉selinux可以參考博文 https://blog.csdn.net/J080624/article/details/79571986
安裝nginx教程參考博文:CentOS 7下使用yum安裝Nginx ,源碼方式安裝nginx。
安裝keepalived可使用yum直接安裝:yum -y install keepalived
默認keepalived.conf配置文件
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.200.16
192.168.200.17
192.168.200.18
}
}
virtual_server 192.168.200.100 443 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.201.100 443 {
weight 1
SSL_GET {
url {
path /
digest ff20ad2481f97b1754ef3e12ecd3a9cc
}
url {
path /mrtg/
digest 9b3a0c85a887a256d6939da88aabd8cd
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.2 1358 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
sorry_server 192.168.200.200 1358
real_server 192.168.200.2 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.200.3 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334c
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
virtual_server 10.10.10.3 1358 {
delay_loop 3
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.200.4 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.200.5 1358 {
weight 1
HTTP_GET {
url {
path /testurl/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl2/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
url {
path /testurl3/test.jsp
digest 640205b7b0fc66c1ea91c463fac6334d
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
接下來就是要對該配置文件進行修改,該配置文件在/etc/keepalived/路徑下。在默認的keepalive.conf裏面還有 virtual_server,real_server 這樣的配置,它是爲lvs準備的。
首先開始配置主從模式,實例圖如下:
【2】修改keepalived.conf配置文件
① 修改主機keepalived.conf配置
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 192.168.88.129 #這裏修改爲本機IP
smtp_connect_timeout 30
router_id LVS_DEVEL
}
#添加檢測腳本
vrrp_script chk_http_port {
script "/usr/local/nginx/nginx_check.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER #主機這裏是MASTER 從機是BACKUP
interface ens33 #網卡
virtual_router_id 51 # 主、從機的virtual_router_id必須相同
priority 100 # 主備機取不同的優先級,主機優先級大
advert_int 1 #心跳檢測間隔時間
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.50 # VRRP 虛擬IP ;可換行輸入多個進行綁定
}
}
在默認的keepalive.conf裏面還有 virtual_server,real_server 這樣的配置,我們這用不到,它是爲lvs準備的。
/usr/local/nginx/nginx_check.sh 腳本內容如下:
#!/bin/bash
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
/usr/local/nginx/sbin/nginx
sleep 2
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${counter}" = "0" ]; then
systemctl stop keepalived
fi
fi
如果發現nginx進程不存在,則嘗試啓動;sleep2秒後再次檢測,如果還是不存在則認爲啓動失敗,就停止keepalived服務。
② 修改從機keepalived.conf配置文件
! Configuration File for keepalived
global_defs {
notification_email { #指定keepalived在發生事件時(比如切換)發送通知郵件的郵箱
[email protected] #設置報警郵件地址,可以設置多個,每行一個。 需開啓本機的sendmail服務
[email protected]
[email protected]
}
notification_email_from [email protected] #keepalived在發生諸如切換操作時需要發送email通知地址
smtp_server 192.168.88.129 #指定發送email的smtp服務器
smtp_connect_timeout 30 #設置連接smtp server的超時時間
router_id LVS_DEVEL #運行keepalived的機器的一個標識,通常可設爲hostname。故障發生時,發郵件時顯示在郵件主題中的信息。
}
vrrp_script chk_http_port {
script "/usr/local/nginx/nginx_check.sh"
interval 2 #檢測腳本執行間隔時間
weight 2 #設置當前服務器權重增量
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.50
}
}
同樣需要在/usr/local/nginx/路徑下放上nginx_check.sh腳本文件。
③ 啓動nginx、keepalived
/usr/local/nginx/sbin/nginx #啓動nginx
systemctl start keepalived #啓動keepalived
【3】測試
① 瀏覽器訪問http://192.168.88.50/
192.168.88.129主nginx訪問日誌打印如下:
查看主服務器keepalived日誌
Keepalived默認所有的日誌都是寫入到/var/log/message ,你可以使用命令 tail -f /var/log/messages|grep Keepalived 進行查看
嘗試訪問主服務器部署的頁面http://192.168.88.50/edu/index.html:
主機192.168.88.129使用ip address命令檢測可以發現虛擬ip已經飄到了主機上面:
② 停掉主機的keepalived
查看主機日誌信息:
Jun 30 15:42:34 bogon Keepalived[5789]: Stopping
Jun 30 15:42:34 bogon Keepalived_healthcheckers[5791]: Stopped
Jun 30 15:42:34 bogon Keepalived_vrrp[5792]: VRRP_Instance(VI_1) sent 0 priority
Jun 30 15:42:34 bogon Keepalived_vrrp[5792]: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 30 15:42:35 bogon Keepalived_vrrp[5792]: Stopped
Jun 30 15:42:35 bogon Keepalived[5789]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
查看從機日誌信息:
#當主服務器停掉後,從機將會切換爲MASTER狀態
Jun 30 13:26:14 bogon avahi-daemon[731]: Withdrawing address record for 192.168.88.50 on ens33.
Jun 30 13:28:55 bogon Keepalived_vrrp[2966]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 30 13:28:56 bogon Keepalived_vrrp[2966]: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 30 13:28:56 bogon Keepalived_vrrp[2966]: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 30 13:28:56 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:28:56 bogon Keepalived_vrrp[2966]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.50
Jun 30 13:28:56 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:28:56 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:28:56 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:28:56 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:28:56 bogon avahi-daemon[731]: Registering new address record for 192.168.88.50 on ens33.IPv4.
Jun 30 13:29:01 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:29:01 bogon Keepalived_vrrp[2966]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.50
Jun 30 13:29:01 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:29:01 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:29:01 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 13:29:01 bogon Keepalived_vrrp[2966]: Sending gratuitous ARP on ens33 for 192.168.88.50
檢測從機ip地址:
可以發現從機的keepalived已經切換爲了MASTER狀態,且從機的ip address檢測時發現VIP綁定到了ens33上面。此時訪問http://192.168.88.50/就會跑到從服務器的nginx上面!
再次啓動主服務器的keepalived,查看主機日誌:
主服務器的keepalived進入MASTER STATE,從服務器的keepalived進入BACKUP STATE:
#從服務器日誌
Jun 30 15:01:24 bogon Keepalived_vrrp[1900]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 90
Jun 30 15:01:24 bogon Keepalived_vrrp[1900]: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 30 15:01:24 bogon Keepalived_vrrp[1900]: VRRP_Instance(VI_1) removing protocol VIPs.
③ 停掉主服務器的nginx,不停keepalived
則會執行腳本nginx_check.sh進行nginx啓動!
總結
- master沒掛,則master佔有vip且nginx運行在master上
- master掛了,則slave搶佔vip且在slave上運行nginx服務
- 如果master上的nginx服務掛了,則nginx會自動重啓,重啓失敗後會自動關閉keepalived,這樣vip資源也會轉移到slave上。
- master和slave兩邊都開啓nginx服務,無論master還是slave,當其中的一個keepalived服務停止後,vip都會漂移到keepalived服務還在的節點上;
- 如果要想使nginx服務掛了,vip也漂移到另一個節點,則必須用腳本或者在配置文件裏面用shell命令來控制。(nginx服務宕停後會自動啓動,啓動失敗後會強制關閉keepalived,從而致使vip資源漂移到另一臺機器上)
一種常見的主從熱備應用實例如下圖所示:
主從的缺點在於如果主機一直穩定,那麼從機就會一直處於空閒狀態,造成了資源的浪費。
【4】問題總結
① 不能完全停掉keepalived進程
使用yum 安裝的keepalived,當使用命令systemctl stop keepalived 停掉keepalived服務時,使用ps命令檢測發現還存,如下圖示:
當使用命令systemctl status keepalived檢測狀態,會發現有一條警告信息,如下所示:
Jun 30 11:52:20 bogon systemd[1]: Stopped LVS and VRRP High Availability Monitor.
Jun 30 11:52:20 bogon systemd[1]: Stopping LVS and VRRP High Availability Monitor...
Jun 30 11:52:20 bogon systemd[1]: Starting LVS and VRRP High Availability Monitor...
Jun 30 11:52:20 bogon systemd[1]: Can't open PID file /var/run/keepalived.pid (yet?) after start: No such file or directory
Jun 30 11:52:20 bogon systemd[1]: Started LVS and VRRP High Availability Monitor.
Jun 30 12:30:57 bogon systemd[1]: Stopped LVS and VRRP High Availability Monitor.
查看其服務腳本信息vim /usr/lib/systemd/system/keepalived.service:
[Unit]
Description=LVS and VRRP High Availability Monitor
After=syslog.target network-online.target
[Service]
Type=forking
PIDFile=/var/run/keepalived.pid
KillMode=process
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID
[Install]
WantedBy=multi-user.target
KillMode=process的大致意思是當停止keepalived的時候只會停掉主進程,而主進程產生的子進程是不會被幹掉的。而killmode的默認值是control-group,意思時所有進程都會被幹掉,這裏選擇把這項註釋掉。
重載配置
systemctl daemon-reload
殺掉keepalived所有進程,然後再次啓動keepalived即可:
pkill -9 keepalived
② Unsafe permissions found for script ‘/usr/local/nginx/nginx_check.sh’.
說明你賦予的權限太高了,可以使用如下命令嘗試:
chmod 755 /usr/local/nginx/nginx_check.sh
【5】keepalived與heartbeat/corosync等比較
Heartbeat、Corosync、Keepalived這三個集羣組件我們到底選哪個好呢?
首先要說明的是,Heartbeat、Corosync是屬於同一類型,Keepalived與Heartbeat、Corosync,根本不是同一類型的。
Keepalived使用的vrrp協議方式,虛擬路由冗餘協議 (Virtual Router Redundancy Protocol,簡稱VRRP);Heartbeat或Corosync是基於主機或網絡服務的高可用方式。
簡單的說就是,Keepalived的目的是模擬路由器的高可用,Heartbeat或Corosync的目的是實現Service的高可用。
所以一般Keepalived是實現前端高可用,常用的前端高可用的組合有LVS+Keepalived、Nginx+Keepalived、HAproxy+Keepalived。
而Heartbeat或Corosync是實現服務的高可用。常見的組合有Heartbeat v3(Corosync)+Pacemaker+NFS+Httpd 實現Web服務器的高可用、Heartbeat v3(Corosync)+Pacemaker+NFS+MySQL 實現MySQL服務器的高可用。
總結一下,Keepalived中實現輕量級的高可用,一般用於前端高可用,且不需要共享存儲,一般常用於兩個節點的高可用。而Heartbeat(或Corosync)一般用於服務的高可用,且需要共享存儲,一般用於多節點的高可用。這個問題我們說明白了。
那heartbaet與corosync又應該選擇哪個好?
一般用corosync,因爲corosync的運行機制更優於heartbeat,就連從heartbeat分離出來的pacemaker都說在以後的開發當中更傾向於corosync,所以現在corosync+pacemaker是最佳組合。
參考博文:https://blog.csdn.net/weixin_34389926/article/details/85837841
【6】主主模式配置實踐
主主模式相對於主從模式而言區別在於,每個機器都互爲主從。示意圖如下:
① 修改192.168.88.129的keepalived.conf配置
添加如下配置:
vrrp_instance VI_2 {
state BACKUP #這裏修改爲BACKUP
interface ens33
virtual_router_id 52 #這裏修改爲52
priority 90 #修改優先級
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.60 #綁定另外一個VIP
}
track_script {
chk_http_port
}
}
完整配置如下:
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/usr/local/nginx/nginx_check.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.50
}
track_script {
chk_http_port
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 52
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.60
}
track_script {
chk_http_port
}
}
② 修改192.168.88.130的keepalived.conf配置
添加配置如下:
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.60
}
track_script {
chk_http_port
}
}
完整配置如下:
global_defs {
notification_email {
[email protected]
[email protected]
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "/usr/local/nginx/nginx_check.sh"
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.50
}
track_script {
chk_http_port
}
}
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.88.60
}
track_script {
chk_http_port
}
}
分別重啓兩臺服務器上的keepalived服務,查看對應的日誌信息。
192.168.88.129上keepalived日誌信息如下:
Jun 30 17:00:13 bogon Keepalived[7503]: Stopping
Jun 30 17:00:13 bogon Keepalived_healthcheckers[7504]: Stopped
Jun 30 17:00:13 bogon Keepalived_vrrp[7505]: VRRP_Instance(VI_1) sent 0 priority
Jun 30 17:00:13 bogon Keepalived_vrrp[7505]: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 30 17:00:14 bogon Keepalived_vrrp[7505]: Stopped
Jun 30 17:00:14 bogon Keepalived[7503]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Jun 30 17:00:14 bogon Keepalived[16827]: Starting Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Jun 30 17:00:14 bogon Keepalived[16827]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 30 17:00:14 bogon Keepalived[16828]: Starting Healthcheck child process, pid=16830
Jun 30 17:00:14 bogon Keepalived[16828]: Starting VRRP child process, pid=16831
Jun 30 17:00:14 bogon Keepalived_healthcheckers[16830]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 30 17:00:14 bogon Keepalived_vrrp[16831]: Registering Kernel netlink reflector
Jun 30 17:00:14 bogon Keepalived_vrrp[16831]: Registering Kernel netlink command channel
Jun 30 17:00:14 bogon Keepalived_vrrp[16831]: Registering gratuitous ARP shared channel
Jun 30 17:00:14 bogon Keepalived_vrrp[16831]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 30 17:00:14 bogon Keepalived_vrrp[16831]: WARNING - default user 'keepalived_script' for script execution does not exist - please create.
Jun 30 17:00:15 bogon Keepalived_vrrp[16831]: SECURITY VIOLATION - scripts are being executed but script_security not enabled.
Jun 30 17:00:15 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 30 17:00:15 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) removing protocol VIPs.
Jun 30 17:00:15 bogon Keepalived_vrrp[16831]: Using LinkWatch kernel netlink reflector...
Jun 30 17:00:15 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) Entering BACKUP STATE
Jun 30 17:00:15 bogon Keepalived_vrrp[16831]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jun 30 17:00:15 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 30 17:00:16 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 30 17:00:16 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 30 17:00:16 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:16 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.50
Jun 30 17:00:16 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:16 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:16 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:16 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:17 bogon Keepalived_vrrp[16831]: /usr/local/nginx/nginx_check.sh exited due to signal 15
Jun 30 17:00:17 bogon Keepalived_vrrp[16831]: VRRP_Script(chk_http_port) succeeded
Jun 30 17:00:18 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_1) Changing effective priority from 100 to 102
Jun 30 17:00:18 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) Changing effective priority from 90 to 92
Jun 30 17:00:18 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) Transition to MASTER STATE
Jun 30 17:00:19 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) Entering MASTER STATE
Jun 30 17:00:19 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) setting protocol VIPs.
Jun 30 17:00:19 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:19 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.60
Jun 30 17:00:19 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:19 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:19 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:19 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:21 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:21 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.50
Jun 30 17:00:21 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:21 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:21 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:21 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:24 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:24 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.60
Jun 30 17:00:24 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:24 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:24 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:24 bogon Keepalived_vrrp[16831]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:28 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) Received advert with higher priority 100, ours 92
Jun 30 17:00:28 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) Entering BACKUP STATE
Jun 30 17:00:28 bogon Keepalived_vrrp[16831]: VRRP_Instance(VI_2) removing protocol VIPs.
可以看到 對VRRP_Instance(VI_1)而言,192.168.88.129爲MASTER;對VRRP_Instance(VI_2)而言,192.168.88.129爲BACKUP 。
192.168.88.130上keepalived日誌信息如下:
Jun 30 17:00:13 bogon Keepalived_vrrp[5752]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun 30 17:00:14 bogon Keepalived_vrrp[5752]: VRRP_Instance(VI_1) Entering MASTER STATE
Jun 30 17:00:14 bogon Keepalived_vrrp[5752]: VRRP_Instance(VI_1) setting protocol VIPs.
Jun 30 17:00:14 bogon Keepalived_vrrp[5752]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:14 bogon Keepalived_vrrp[5752]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.50
Jun 30 17:00:14 bogon Keepalived_vrrp[5752]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:14 bogon Keepalived_vrrp[5752]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:14 bogon Keepalived_vrrp[5752]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:14 bogon Keepalived_vrrp[5752]: Sending gratuitous ARP on ens33 for 192.168.88.50
Jun 30 17:00:15 bogon Keepalived_vrrp[5752]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 92
Jun 30 17:00:15 bogon Keepalived_vrrp[5752]: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 30 17:00:15 bogon Keepalived_vrrp[5752]: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 30 17:00:26 bogon Keepalived[5749]: Stopping
Jun 30 17:00:26 bogon Keepalived_healthcheckers[5751]: Stopped
Jun 30 17:00:27 bogon Keepalived_vrrp[5752]: Stopped
Jun 30 17:00:27 bogon Keepalived[5749]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Jun 30 17:00:27 bogon Keepalived[19665]: Starting Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
Jun 30 17:00:27 bogon Keepalived[19665]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 30 17:00:27 bogon Keepalived[19666]: Starting Healthcheck child process, pid=19668
Jun 30 17:00:27 bogon Keepalived[19666]: Starting VRRP child process, pid=19669
Jun 30 17:00:27 bogon Keepalived_healthcheckers[19668]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 30 17:00:27 bogon Keepalived_vrrp[19669]: Registering Kernel netlink reflector
Jun 30 17:00:27 bogon Keepalived_vrrp[19669]: Registering Kernel netlink command channel
Jun 30 17:00:27 bogon Keepalived_vrrp[19669]: Registering gratuitous ARP shared channel
Jun 30 17:00:27 bogon Keepalived_vrrp[19669]: Opening file '/etc/keepalived/keepalived.conf'.
Jun 30 17:00:27 bogon Keepalived_vrrp[19669]: WARNING - default user 'keepalived_script' for script execution does not exist - please create.
Jun 30 17:00:28 bogon Keepalived_vrrp[19669]: SECURITY VIOLATION - scripts are being executed but script_security not enabled.
Jun 30 17:00:28 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_1) removing protocol VIPs.
Jun 30 17:00:28 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_2) removing protocol VIPs.
Jun 30 17:00:28 bogon Keepalived_vrrp[19669]: Using LinkWatch kernel netlink reflector...
Jun 30 17:00:28 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun 30 17:00:28 bogon Keepalived_vrrp[19669]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Jun 30 17:00:28 bogon Keepalived_vrrp[19669]: VRRP_Script(chk_http_port) succeeded
Jun 30 17:00:28 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_2) Transition to MASTER STATE
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_1) Changing effective priority from 90 to 92
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_2) Changing effective priority from 100 to 102
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_2) Entering MASTER STATE
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_2) setting protocol VIPs.
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.60
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:29 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:34 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:34 bogon Keepalived_vrrp[19669]: VRRP_Instance(VI_2) Sending/queueing gratuitous ARPs on ens33 for 192.168.88.60
Jun 30 17:00:34 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:34 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:34 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
Jun 30 17:00:34 bogon Keepalived_vrrp[19669]: Sending gratuitous ARP on ens33 for 192.168.88.60
可以看到 對VRRP_Instance(VI_1)而言,192.168.88.130爲BACKUP;對VRRP_Instance(VI_2)而言,192.168.88.130爲MASTER。
瀏覽器訪問http://192.168.88.50/,192.168.88.129上的nginx會處理該請求;瀏覽器訪問http://192.168.88.60/,192.168.88.130上的nginx會處理該請求 !
當任何一臺服務器上面的keepalived服務停掉後,另外一臺服務器上面的keepalived都會進入MASTER狀態處理請求。如這裏停掉192.168.88.129上的keepalived服務,則192.168.88.130上的keepalived服務的VRRP_Instance(VI_1)進入MASTER狀態,並對http://192.168.88.50/ http://192.168.88.60/進行處理!
查看192.168.88.130此時ip 地址如下:
