基于keepalived、redis sentinel的高可用redis叢集

硬體

機器名	IP	作用
master	192.168.0.2	redis的master伺服器
slave1	192.168.0.3	redis的slave伺服器
slave2	192.168.0.4	redis的slave伺服器
route1	192.168.0.5【虛拟IP：192.168.0.7】	keepalived和redis sentinel伺服器，承載寫redis的VIP【虛拟ip】，做寫的雙機熱備的主master指定
route2	192.168.0.6【虛拟IP：192.168.0.8】	keepalived和redis sentinel伺服器，承載讀redis的VIP，做讀的負載均衡和寫的雙機熱備的master備份路由指定

安裝與配置見此文安裝與配置

詳細的keepalived配置，route1

! Configuration File for keepalived

global_defs {
   notification_email {
     郵箱
   }
   notification_email_from 郵箱
   smtp_server 郵箱伺服器位址
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0 #eth0是要綁定的網卡
    virtual_router_id 100 #同一個vrrp_instance中的值必須一樣  
    priority 160   #master的值要高于backup的
    advert_int 1  
    authentication {
        auth_type PASS
        auth_pass 1111
    }    
    virtual_ipaddress {
        192.168.0.7  #用于雙機熱備的虛拟ip
    }
   
}
virtual_server 192.168.0.7 6379 {
    delay_loop 3
    lb_algo wrr
    lb_kind DR
    persistence_timeout 30
    protocol TCP
    real_server 192.168.0.2 6379 {
        weight 8
        notify_down redis服務失敗後要執行的腳本的路徑/腳本名  #服務失敗後要執行的腳本
        TCP_CHECK {
        connect_timeout 1
        nb_get_retry 3
        delay_before_retry 3
        connect_port 6379
        }
    }
}
           

route2的配置檔案

! Configuration File for keepalived

global_defs {
   notification_email {
    郵箱
   }
   notification_email_from 郵箱
   smtp_server 郵箱伺服器位址
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0 #eth0是要綁定的網卡
    virtual_router_id 100 #同一個vrrp_instance中的值必須一樣  
    priority 160   #master的值要高于backup的
    advert_int 1  
    authentication {
        auth_type PASS
        auth_pass 1111
    }    
    virtual_ipaddress {
        192.168.0.7  #用于雙機熱備的虛拟ip
    }
   notify_master "/etc/script/redis.sh"
}
vrrp_instance VI_2 {
    state MASTER  #将此slave作為讀資料的master
    interface eth0
    virtual_router_id 101
    priority 151
    advert_int 1
    authentication {
    auth_type PASS
    auth_pass 1111
    }
    virtual_ipaddress {
    192.168.0.8  #用于讀取資料的負載均衡的虛拟ip
    }
}
virtual_server 192.168.0.7 6379 {
    delay_loop 3
    lb_algo wrr
    lb_kind DR
    persistence_timeout 30
    protocol TCP    
    real_server 192.168.0.3 6379 {
        weight 8
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 6379
        }
    }
}
virtual_server 192.168.0.8 6379 {
    delay_loop 3
    lb_algo wrr
    lb_kind DR
    persistence_timeout 30
    protocol TCP
    real_server 192.168.0.3 6379 {
        weight 5
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 6379
        }
    }
    real_server 192.168.0.4 6379 {
        weight 5
        TCP_CHECK {
        connect_timeout 10
        nb_get_retry 3
        delay_before_retry 3
        connect_port 6379
        }
    }
}
           

redis維護腳本redis.sh

#!/usr/bin/env bash
/usr/local/bin/redis-cli -h 192.168.0.2 -p 6379 shutdown
/usr/local/bin/redis-cli -h 192.168.0.3 -p 6379 config set appendonly no
           

此腳本用在route2的notify_master，即當route2進入master時執行

設定redis的主從關系

設定redis的sentinel，配置檔案

# Example sentinel.conf

# port <sentinel-port>
# The port that this sentinel instance will run on
port 26379

# sentinel monitor <master-name> <ip> <redis-port> <quorum>
#
# Tells Sentinel to monitor this slave, and to consider it in O_DOWN
# (Objectively Down) state only if at least <quorum> sentinels agree.
#
# Note: master name should not include special characters or spaces.
# The valid charset is A-z 0-9 and the three characters ".-_".
sentinel monitor mymaster 192.168.0.2 6379 2 #此處的意思是需要兩個哨兵來确認服務是否挂掉

# sentinel auth-pass <master-name> <password>
#
# Set the password to use to authenticate with the master and slaves.
# Useful if there is a password set in the Redis instances to monitor.
#
# Note that the master password is also used for slaves, so it is not
# possible to set a different password in masters and slaves instances
# if you want to be able to monitor these instances with Sentinel.
#
# However you can have Redis instances without the authentication enabled
# mixed with Redis instances requiring the authentication (as long as the
# password set is the same for all the instances requiring the password) as
# the AUTH command will have no effect in Redis instances with authentication
# switched off.
#
# Example:
#
# sentinel auth-pass mymaster MySUPER--secret-0123passw0rd

# sentinel down-after-milliseconds <master-name> <milliseconds>
#
# Number of milliseconds the master (or any attached slave or sentinel) should
# be unreachable (as in, not acceptable reply to PING, continuously, for the
# specified period) in order to consider it in S_DOWN state (Subjectively
# Down).
#
# Default is 30 seconds.
sentinel down-after-milliseconds mymaster 5000

# sentinel can-failover <master-name> <yes|no>
#
# Specify if this Sentinel can start the failover for this master.
sentinel can-failover mymaster yes

# sentinel parallel-syncs <master-name> <numslaves>
#
# How many slaves we can reconfigure to point to the new slave simultaneously
# during the failover. Use a low number if you use the slaves to serve query
# to avoid that all the slaves will be unreachable at about the same
# time while performing the synchronization with the master.
sentinel parallel-syncs mymaster 1

# sentinel failover-timeout <master-name> <milliseconds>
#
# Specifies the failover timeout in milliseconds. When this time has elapsed
# without any progress in the failover process, it is considered concluded by
# the sentinel even if not all the attached slaves were correctly configured
# to replicate with the new master (however a "best effort" SLAVEOF command
# is sent to all the slaves before).
#
# Also when 25% of this time has elapsed without any advancement, and there
# is a leader switch (the sentinel did not started the failover but is now
# elected as leader), the sentinel will continue the failover doing a
# "takeover".
#
# Default is 15 minutes.
sentinel failover-timeout mymaster 90000

# SCRIPTS EXECUTION
#
# sentinel notification-script and sentinel reconfig-script are used in order
# to configure scripts that are called to notify the system administrator
# or to reconfigure clients after a failover. The scripts are executed
# with the following rules for error handling:
#
# If script exists with "1" the execution is retried later (up to a maximum
# number of times currently set to 10).
#
# If script exists with "2" (or an higher value) the script execution is
# not retried.
#
# If script terminates because it receives a signal the behavior is the same
# as exit code 1.
#
# A script has a maximum running time of 60 seconds. After this limit is
# reached the script is terminated with a SIGKILL and the execution retried.

# NOTIFICATION SCRIPT
#
# sentinel notification-script <master-name> <script-path>
# 
# Call the specified notification script for any sentienl event that is
# generated in the WARNING level (for instance -sdown, -odown, and so forth).
# This script should notify the system administrator via email, SMS, or any
# other messaging system, that there is something wrong with the monitored
# Redis systems.
#
# The script is called with just two arguments: the first is the event type
# and the second the event description.
#
# The script must exist and be executable in order for sentinel to start if
# this option is provided.
#
# Example:
#
# sentinel notification-script mymaster /var/redis/notify.sh

# CLIENTS RECONFIGURATION SCRIPT
#
# sentinel client-reconfig-script <master-name> <script-path>
#
# When the failover starts, ends, or is aborted, a script can be called in
# order to perform application-specific tasks to notify the clients that the
# configuration has changed and the master is at a different address.
# 
# The script is called in the following cases:
#
# Failover started (a slave is already promoted)
# Failover finished (all the additional slaves already reconfigured)
# Failover aborted (in that case the script was previously called when the
#                   failover started, and now gets called again with swapped
#                   addresses).
#
# The following arguments are passed to the script:
#
# <master-name> <role> <state> <from-ip> <from-port> <to-ip> <to-port>
#
# <state> is "start", "end" or "abort"
# <role> is either "leader" or "observer"
# 
# The arguments from-ip, from-port, to-ip, to-port are used to communicate
# the old address of the master and the new address of the elected slave
# (now a master) in the case state is "start" or "end".
#
# For abort instead the "from" is the address of the promoted slave and
# "to" is the address of the original master address, since the failover
# was aborted.
#
# This script should be resistant to multiple invocations.
#
# Example:
#
# sentinel client-reconfig-script mymaster /var/redis/reconfig.sh

           

需要特别注意的配置，如果沒有這個配置就會發生keepalived不轉發的的問題，而且是如果redis和keepalive是同一台機器，會轉發，但是如果互相間獨立，則realserver收不到轉發包

配置master

vim /etc/sysctl.conf,添加内容如下

net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
           

執行指令

sysctl -p
ip addr add 192.168.0.7/32 dev lo
ip add list
           

lo環上出現了指定的ip即可

配置slave1

vim /etc/sysctl.conf,添加内容如下

net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
           

執行指令

sysctl -p
ip addr add 192.168.0.7/32 dev lo
            
ip addr add 192.168.0.8/32 dev lo
           
        
ip add list      

配置slave2

vim /etc/sysctl.conf,添加内容如下

net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
           

執行指令

sysctl -p
ip addr add 192.168.0.8/32 dev lo
ip add list
           

設定sentinel

redis 的sentinel在配置檔案中設定為2，是以route1和route2兩台機器都需要配置

啟動redis的sentinel

/usr/local/bin/redis-server /etc/redis/sentinel.conf --sentinel