Keepalived實作高可用和負載均衡
keepalived是一個類似于layer3, 4 & 7交換機制的軟體,也就是我們平時說的第3層、第4層和第7層交換。Keepalived是自動完成,不需人工幹涉。Keepalived的作用是檢測伺服器的狀态,如果有一台web伺服器當機,或工作出現故障,Keepalived将檢測到,并将有故障的伺服器從系統中剔除,同時使用其他伺服器代替該伺服器的工作,當伺服器工作正常後Keepalived自動将伺服器加入到伺服器群中,這些工作全部自動完成,不需要人工幹涉,需要人工做的隻是修複故障的伺服器。
本篇文章主要講述了用keepalived-1.4.3實作高可用和負載均衡。
作業系統:Linux redhat6.5
高可用結點:server1(master) server4(backup)
負載均衡節點:server2 server3
源碼包:keepalived-1.4.3.tar.gz
1.keepalived源碼安裝,從網絡上下載下傳源碼包。
[[email protected] ~]# cd keepalived-1.4.3
[[email protected] keepalived-1.4.3]# ./configure --prefix=/usr/local/keepalived --with-init=SYSV
Use IPVS Framework : Yes
Use VRRP Framework : Yes
[[email protected] keepalived-1.4.3]# make
[[email protected] keepalived-1.4.3]# make install
[[email protected] ~]# tar zxf keepalived-1.4.3.tar.gz
[[email protected] ~]yum install openssl-devel libnl3-devel ipset-devel iptables-devel libnfnetlink-devel gcc
No package libnl3-devel available. 可以不要
No package ipset-devel available. 可以不要
No package libnfnetlink-devel available.
[[email protected] ~]# yum install libnfnetlink-devel-1.0.0-1.el6.x86_64.rpm -y
[[email protected] keepalived]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[[email protected] keepalived]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[[email protected] keepalived]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[[email protected] keepalived]# ln -s /usr/local/keepalived/sbin/keepalived /bin/
[[email protected] keepalived]# chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
[[email protected] keepalived]# /etc/init.d/keepalived status
keepalived is stopped
#slave安裝keepalived可以和源碼相同,也可以使用以下方式
[[email protected] keepalived]# cd /usr/local/
[[email protected] local]# scp -r keepalived/ server4:/usr/local/
[[email protected] ~]# ln -s /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
[[email protected] ~]# ln -s /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
[[email protected] ~]# ln -s /usr/local/keepalived/etc/keepalived/ /etc/
[[email protected] ~]# ln -s /usr/local/keepalived/sbin/keepalived /bin/
[[email protected] ~]# chmod +x /usr/local/keepalived/etc/rc.d/init.d/keepalived
2.master配置
[[email protected] ~]# cd /etc/keepalived/
[[email protected] keepalived]# ls
keepalived.conf samples
[[email protected] keepalived]# vim keepalived.conf
global_defs {
#當keepalived有動作時發郵件給本機
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict #當參數不被禁止掉時,每次加載keepalived都會給火牆中寫入通路vip的包全部丢棄
vrrp_garp_interval 0
vrrp_gna_interval 0
}
#高可用子產品
vrrp_instance VI_1 {
state MASTER #主,slave配置為BACKUP
interface eth0
virtual_router_id 60 #每個人的路由id要不同
priority 100 #優先級,master的優先級應該高于slave
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.60.100
}
}
#負載均衡(LVS)子產品
virtual_server 172.25.60.100 80 {
delay_loop 6
lb_algo rr #輪叫的排程算法
lb_kind DR #LVS模式
#persistence_timeout 50 #持續連結,需要持續連結的服務要打開該參數
protocol TCP
real_server 172.25.60.2 80 {
weight 1 #權重
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.25.60.3 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
3.slave配置
[[email protected] keepalived]# scp keepalived.conf server4:
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.25.60.100
}
}
virtual_server 172.25.60.100 80 {
delay_loop 6
lb_algo rr
lb_kind DR
#persistence_timeout 50
protocol TCP
real_server 172.25.60.2 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
real_server 172.25.60.3 80 {
weight 1
TCP_CHECK{
connect_timeout 3
retry 3
delay_before_retry 3
}
}
}
4.安裝ipvsadm
[[email protected] keepalived]# vim /etc/yum.repos.d/rhel-source.repo
[rhel-source]
name=Red Hat Enterprise Linux $releasever - $basearch - Source
baseurl=http://172.25.60.250/rhel6.5
enabled=1
igpgcheck=0
[HighAvailability]
name=HighAvailability
baseurl=http://172.25.60.250/rhel6.5/HighAvailability
gpgcheck=0
[LoadBalancer]
name=LoadBalancer
baseurl=http://172.25.60.250/rhel6.5/LoadBalancer
gpgcheck=0
[ResilientStorage]
name=ResilientStorage
baseurl=http://172.25.60.250/rhel6.5/ResilientStorage
gpgcheck=0
[ScalableFileSystem]
name=ScalableFileSystem
baseurl=http://172.25.60.250/rhel6.5/ScalableFileSystem
gpgcheck=0
[[email protected] keepalived]# scp /etc/yum.repos.d/rhel-source.repo server4:/etc/yum.repos.d/
[[email protected] keepalived]# yum install ipvsadm -y
[[email protected] keepalived]# /etc/init.d/ipvsadm start
[[email protected] keepalived]# yum install ipvsadm -y
[[email protected] keepalived]# /etc/init.d/ipvsadm start
5.後端伺服器配置
[[email protected] ~]# ip addr add 172.25.60.100 dev eth0
[[email protected] ~]# ip addr add 172.25.60.100 dev eth0
[[email protected] ~]# /etc/init.d/httpd start
[[email protected] ~]# echo server2 > /var/www/html/index.html
[[email protected] ~]# /etc/init.d/httpd start
[[email protected] ~]# echo server3 > /var/www/html/index.html
6.開啟keepalived并測試
[[email protected] ~]# /etc/init.d/keepalived start
[[email protected] ~]# /etc/init.d/keepalived start
[[email protected] ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.60.100:http rr
-> server2:http Route 1 0 0
-> server3:http Route 1 0 0
[[email protected] ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:c0:26:c9 brd ff:ff:ff:ff:ff:ff
inet 172.25.60.1/24 brd 172.25.60.255 scope global eth0
inet 172.25.60.100/32 scope global eth0
inet6 fe80::5054:ff:fec0:26c9/64 scope link
valid_lft forever preferred_lft forever
[[email protected] kiosk]# curl 172.25.60.100
server2
[[email protected] kiosk]# curl 172.25.60.100
server3
[[email protected] kiosk]# curl 172.25.60.100
server2
[[email protected] kiosk]# curl 172.25.60.100
server3
#檢測高可用,當master挂掉之後,slave接管所有資源。Master啟動後master重新接管資源。
[[email protected] ~]# /etc/init.d/keepalived stop
Stopping keepalived: [ OK ]
[[email protected] ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:c0:26:c9 brd ff:ff:ff:ff:ff:ff
inet 172.25.60.1/24 brd 172.25.60.255 scope global eth0
inet6 fe80::5054:ff:fec0:26c9/64 scope link
valid_lft forever preferred_lft forever
[[email protected] ~]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
[[email protected] keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 52:54:00:91:3e:60 brd ff:ff:ff:ff:ff:ff
inet 172.25.60.4/24 brd 172.25.60.255 scope global eth0
inet 172.25.60.100/32 scope global eth0
inet6 fe80::5054:ff:fe91:3e60/64 scope link
valid_lft forever preferred_lft forever
You have new mail in /var/spool/mail/root
[[email protected] keepalived]# ipvsadm -l
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.25.60.100:http rr
-> server2:http Route 1 0 0
-> server3:http Route 1 0 0
[[email protected] kiosk]# curl 172.25.60.100
server3
[[email protected] kiosk]# curl 172.25.60.100
server2
[[email protected] kiosk]# curl 172.25.60.100
server3
[[email protected] kiosk]# curl 172.25.60.100
server2
#測試負載均衡,keepalived自帶健康檢查
[[email protected] ~]# /etc/init.d/httpd stop
Stopping httpd: [ OK ]
[[email protected] kiosk]# curl 172.25.60.100
server3
[[email protected] kiosk]# curl 172.25.60.100
server3
[[email protected] kiosk]# curl 172.25.60.100
server3
[[email protected] kiosk]# curl 172.25.60.100
server3
[[email protected] ~]# /etc/init.d/httpd start
Starting httpd: httpd: Could not reliably determine the server's fully qualified domain name, using 172.25.60.3 for ServerName
[[email protected] kiosk]# curl 172.25.60.100
server2
[[email protected] kiosk]# curl 172.25.60.100
server3
[[email protected] kiosk]# curl 172.25.60.100
server2
[[email protected] kiosk]# curl 172.25.60.100
server3
[ OK ]