Keepalived简介
Keepalived是Linux下一个轻量级别的高可用解决方案。高可用(High Avalilability,HA),其实两种不同的含义:广义来讲,是指整个系统的高可用行,狭义的来讲就是之主机的冗余和接管,
它与HeartBeat RoseHA 实现相同类似的功能,都可以实现服务或者网络的高可用,但是又有差别,HeartBeat是一个专业的、功能完善的高可用软件,它提供了HA 软件所需的基本功能,比如:心跳检测、资源接管,检测集群中的服务,在集群节点转移共享IP地址的所有者等等。HeartBeat功能强大,但是部署和使用相对比较麻烦,
与HeartBeat相比,Keepalived主要是通过虚拟路由冗余来实现高可用功能,虽然它没有HeartBeat功能强大,但是Keepalived部署和使用非常的简单,所有配置只需要一个配置文件即可以完成
Keepalived是什么?
Keepalived起初是为LVS设计的,专门用来监控集群系统中各个服务节点的状态,它根据TCP/IP参考模型的第三、第四层、第五层交换机制检测每个服务节点的状态,如果某个服务器节点出现异常,或者工作出现故障,Keepalived将检测到,并将出现的故障的服务器节点从集群系统中剔除,这些工作全部是自动完成的,不需要人工干涉,需要人工完成的只是修复出现故障的服务节点。
[root@server1 ~]# /etc/init.d/ldirectord stop
Stopping ldirectord... success
[root@server1 mnt]# yum install libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm -y
[root@server1 local]# yum install -y mailx
[root@server1 keepalived-2.0.6]# ./configure --prefix=/use/local/keepalived --with-init=SYSV
configure: error:
!!! OpenSSL is not properly installed on your system. !!!
!!! Can not include OpenSSL headers files. !!!
需先解决error
[root@server1 keepalived-2.0.6]# yum install -y openssl-devel
[root@server1 ~]# yum install openssl-devel libnl3-devel ipset-devel iptables-devel libnfnetlink-devel
[root@server1 keepalived-2.0.6]# ./configure --prefix=/usr/local/keepalived --with-init=SYSV
[root@server1 keepalived-2.0.6]# make
[root@server1 keepalived-2.0.6]# make install
[root@server1 keepalived-2.0.6]# cd
[root@server1 ~]# cd /usr/local/keepalived/
[root@server1 keepalived]# ls
bin etc sbin share
[root@server1 keepalived]# pwd
/usr/local/keepalived
[root@server1 keepalived]# cd etc/
[root@server1 etc]# ls
keepalived rc.d sysconfig
[root@server1 etc]# cd rc.d/
[root@server1 rc.d]# ls
init.d
[root@server1 rc.d]# cd init.d/
[root@server1 init.d]# pwd
/usr/local/keepalived/etc/rc.d/init.d
[root@server1 init.d]# ls
keepalived
[root@server1 init.d]# vim keepalived
[root@server1 init.d]# chmod +x keepalived
[root@server1 init.d]# ls
keepalived
[root@server1 init.d]# pwd
创建软连接为可执行
[root@server1 init.d]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@server1 init.d]# cd ..
[root@server1 rc.d]# ls
init.d
[root@server1 rc.d]# cd ..
[root@server1 etc]# ls
keepalived rc.d sysconfig
[root@server1 etc]# cd keepalived/
[root@server1 keepalived]# ls
keepalived.conf samples
[root@server1 keepalived]# pwd
/usr/local/keepalived/etc/keepalived
[root@server1 keepalived]# ls
keepalived.conf samples
[root@server1 keepalived]# ln -s /usr/local/keepalived/etc/keepalived /etc/
[root@server1 keepalived]# cd ..
[root@server1 etc]# ls
keepalived rc.d sysconfig
[root@server1 etc]# cd sysconfig/
[root@server1 sysconfig]# pwd
/usr/local/keepalived/etc/sysconfig
[root@server1 sysconfig]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server1 sysconfig]# cd ..
[root@server1 etc]# cd ..
[root@server1 keepalived]# ls
bin etc sbin share
[root@server1 keepalived]# cd sbin/
[root@server1 sbin]# ls
keepalived
[root@server1 sbin]# pwd
/usr/local/keepalived/sbin
[root@server1 sbin]# ls
keepalived
[root@server1 sbin]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
[root@server1 sbin]# which keepalived
/sbin/keepalived
[root@server1 sbin]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server1 sbin]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[[email protected]]#chmod+x/usr/local/keepalived/etc/rc.d/init.d/keepalived
[root@server1 keepalived-2.0.6]# cd /etc/keepalived/
[root@server1 keepalived]# ls
keepalived.conf samples
[root@server1 keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
这个是火墙策略,需要注释掉
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 53
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.53.100
}
}
virtual_server 172.25.53.100 80 {
delay_loop 3
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 172.25.53.2 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.25.53.3 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
[root@server1 sbin]# cd /usr/local/
[root@server1 local]# scp -r keepalived/ server4:/usr/local/
[root@server4 ~]# cd /usr/local/
[root@server4 local]# ls
bin etc games include keepalived lib lib64 libexec sbin share src
[root@server4 local]# cd keepalived/
[root@server4 keepalived]# ls
bin etc sbin share
[root@server4 keepalived]# cd etc/
[root@server4 etc]# ls
keepalived rc.d sysconfig
[root@server4 etc]# cd rc.d/
[root@server4 rc.d]# cd init.d/
[root@server4 init.d]# ls
keepalived
[root@server4 init.d]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[root@server4 init.d]# ln -s /usr/local/keepalived/etc/keepalived /etc/
[root@server4 init.d]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[root@server4 init.d]# ln -s /usr/local/keepalived/sbin/keepalived /sbin/
[root@server4 init.d]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server4 init.d]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[root@server4 keepalived]# cd /etc/keepalived/
[root@server4 keepalived]# ls
keepalived.conf samples
[root@server4 keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 53
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.53.100
}
}
virtual_server 172.25.53.100 80 {
delay_loop 3
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 172.25.53.2 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.25.53.3 80 {
weight 1
TCP_CHECK {
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
[root@server4 keepalived]# /etc/init.d/keepalived start
Starting keepalived: [ OK ]
[root@server1 local]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.53.100:80 rr
-> 172.25.53.2:80 Route 1 0 1
-> 172.25.53.3:80 Route 1 0 1
[root@server1 local]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:07:35:d5 brd ff:ff:ff:ff:ff:ff
inet 172.25.53.1/24 brd 172.25.53.255 scope global eth0
inet 172.25.53.100/32 scope global eth0
inet6 fe80::5054:ff:fe07:35d5/64 scope link
valid_lft forever preferred_lft forever
[root@server1 local]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.53.100:80 rr
-> 172.25.53.2:80 Route 1 0 1
-> 172.25.53.3:80 Route 1 0 1
[root@server2 ~]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.53.2 for ServerName
[ OK ]
[root@server2 ~]# ip addr add 172.25.53.100/24 dev eth0
[root@server3 ~]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.53.2 for ServerName
[ OK ]
[root@server3 ~]# ip addr add 172.25.53.100/24 dev eth0
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org - server3
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org -server2
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org - server3
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org - server3
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org -server2
停掉server2的httpd,server3会在之后接替工作,不再需要坏掉的server3
[root@server2 ~]# /etc/init.d/httpd stop
Stopping httpd: [ OK ]
[root@server2 ~]#
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org - server3
[root@foundation53 ~]# curl 172.25.53.100
curl: (7) Failed connect to 172.25.53.100:80; Connection refused
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org - server3
[root@foundation53 ~]# curl 172.25.53.100
curl: (7) Failed connect to 172.25.53.100:80; Connection refused
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org - server3
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org - server3
[root@foundation53 ~]# curl 172.25.53.100
www.westos.org - server3
[root@server1 ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.53.100:http rr
-> server3:http Route 1 0 0
[root@server1 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.53.100:80 rr
-> 172.25.53.3:80 Route 1 0 0
停掉server2和3的httpd,server1自己并不会接替
[root@foundation53 ~]# curl 172.25.53.100
curl: (7) Failed connect to 172.25.53.100:80; Connection refused
[root@foundation53 ~]# curl 172.25.53.100
curl: (7) Failed connect to 172.25.53.100:80; Connection refused
[root@foundation53 ~]# curl 172.25.53.100
curl: (7) Failed connect to 172.25.53.100:80; Connection refused
[root@foundation53 ~]# curl 172.25.53.100
curl: (7) Failed connect to 172.25.53.100:80; Connection refused
[root@server1 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.53.100:80 rr
[root@server1 ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.53.100:http rr
打开两个的httpd,自动加上
[root@server1 ~]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.53.100:80 rr
-> 172.25.53.2:80 Route 1 0 0
-> 172.25.53.3:80 Route 1 0 0
You have new mail in /var/spool/mail/root
[root@server1 ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.53.100:http rr
-> server2:http Route 1 0 0
-> server3:http Route 1 0 0