keepalived主要用作realserver的健康狀态檢查以及loadbalance主機和backup主機之間failover的實作。keepalived主要目的在于,其自身啟動一個服務,能夠實作工作在雙節點或多個節點上,并且可以在核心生效的ipvs規則其中目前持有資源的節點被稱為活躍節點,另外的節點被稱為備節點被稱為 master/backup。
<a target="_blank"></a>
虛拟路由器備援協定(vrrp)是一種選擇協定,它可以把一個虛拟路由器的責任動态配置設定到區域網路上的 vrrp 路由器中的一台。控制虛拟路由器 ip 位址的 vrrp 路由器稱為主路由器,它負責轉發資料包到這些虛拟 ip 位址。一旦主路由器不可用,這種選擇過程就提供了動态的故障轉移機制,這就允許虛拟路由器的 ip 位址可以作為終端主機的預設第一跳路由器。使用 vrrp 的好處是有更高的預設路徑的可用性而無需在每個終端主機上配置動态路由或路由發現協定。 vrrp 包封裝在 ip 包中發送。
vrrp優先級别:
keepalived核心組成部分
vrrp的實作
virtual_server:基于vrrp作為所謂通告機制之上的
vrrp_script:以外部腳本方式進行檢測
keepalived
keepalived的安裝:
keepalived的所有配置都在一個配置檔案裡設定,支援的配置可分為以下三類:
1、全局配置(global configure)
2、vrrpd配置
3、lvs配置
很明顯,全局配置就是對整個keepalived生效的配置,不管是否使用lvs,vrrpd是keepalived的核心,lvs配置隻在要使用keepalived來配置和管理lvs時使用,如果僅使用keepalived來做ha,lvs不需要配置。
配置檔案都是以塊(block)形式組織的,每個塊都在{}範圍内,#和!表示注釋。
全局定義(global definition)
不 使用sync group的話,如果路由有2個網段,一個内網,一個外網,每個網段開啟一個vrrp執行個體,假設vrrp配置為檢查内網,那麼當外網出現問題 時,vrrpd會認為自己是健康的,則不會發送master和backup的切換,進而導緻問題,sync group可以把兩個執行個體都放入sync group,這樣的話,group 裡任何一個執行個體出現問題都會發生切換。
配置backup 配置如下:
[root@nginx-two keepalived-1.2.13]# cat /software/keepalived/etc/keepalived/keepalived.conf
! configuration file for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id nginx-two
vrrp_instance vi_1 {
state backup
interface eth1
virtual_router_id 20
priority 50
advert_int 1
authentication {
auth_type pass
auth_pass ipython
virtual_ipaddress {
1.1.1.100
###其他配置:####
nopreempt 設定為不搶占,這個配置隻能設定在state為backup的節點上,并且這個機器的優先級必須比另一台高
preempt_delay 搶占延遲,預設5分鐘
debug debug級别
notify_master 切換到master時執行的腳本
##start##
[root@nginx-one keepalived-1.2.13]# service keepalived start
starting keepalived: [ ok ]
###觀察其日志檔案###
[root@nginx-one keepalived-1.2.13]# tail -f /var/log/messages
aug 3 00:02:12 nginx-one keepalived[8177]: starting keepalived v1.2.13 (08/03,2014)
aug 3 00:02:12 nginx-one keepalived[8178]: starting healthcheck child process, pid=8180
aug 3 00:02:12 nginx-one keepalived[8178]: starting vrrp child process, pid=8181
####目前的ip位址####
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: netlink reflector reports ip 1.1.1.10 added
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: netlink reflector reports ip fe80::20c:29ff:fecb:90a2 added
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: registering kernel netlink reflector
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: registering kernel netlink command channel
aug 3 00:02:13 nginx-one keepalived_healthcheckers[8180]: netlink reflector reports ip 1.1.1.10 added
aug 3 00:02:13 nginx-one keepalived_healthcheckers[8180]: netlink reflector reports ip fe80::20c:29ff:fecb:90a2 added
aug 3 00:02:13 nginx-one keepalived_healthcheckers[8180]: registering kernel netlink reflector
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: registering gratuitous arp shared channel
aug 3 00:02:13 nginx-one keepalived_healthcheckers[8180]: registering kernel netlink command channel
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: opening file '/etc/keepalived/keepalived.conf'.
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: configuration is using : 62834 bytes
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: using linkwatch kernel netlink reflector...
aug 3 00:02:13 nginx-one keepalived_vrrp[8181]: vrrp sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
###打開并加載配置檔案####
aug 3 00:02:13 nginx-one keepalived_healthcheckers[8180]: opening file '/etc/keepalived/keepalived.conf'.
aug 3 00:02:13 nginx-one keepalived_healthcheckers[8180]: configuration is using : 7377 bytes
aug 3 00:02:13 nginx-one keepalived_healthcheckers[8180]: using linkwatch kernel netlink reflector...
####切換為master 狀态####
aug 3 00:02:14 nginx-one keepalived_vrrp[8181]: vrrp_instance(vi_1) transition to master state
aug 3 00:02:15 nginx-one keepalived_vrrp[8181]: vrrp_instance(vi_1) entering master state
aug 3 00:02:15 nginx-one keepalived_vrrp[8181]: vrrp_instance(vi_1) setting protocol vips.
####在接口上添加vip###
aug 3 00:02:15 nginx-one keepalived_vrrp[8181]: vrrp_instance(vi_1) sending gratuitous arps on eth1 for 1.1.1.100
aug 3 00:02:15 nginx-one keepalived_healthcheckers[8180]: netlink reflector reports ip 1.1.1.100 added
aug 3 00:02:20 nginx-one keepalived_vrrp[8181]: vrrp_instance(vi_1) sending gratuitous arps on eth1 for 1.1.1.100
###檢視是否添加vip###
[root@nginx-one keepalived-1.2.13]# ip a show|awk '/inet\ /'
inet 127.0.0.1/8 scope host lo
inet 1.1.1.10/8 brd 1.255.255.255 scope global eth1
inet 1.1.1.100/32 scope global eth1
停止master,檢視backup的狀态轉移
[root@nginx-one keepalived-1.2.13]# service keepalived stop
stopping keepalived: [ ok ]
[root@nginx-two keepalived-1.2.13]# tail -f /var/log/messages
aug 3 00:05:01 nginx-two keepalived_vrrp[5148]: using linkwatch kernel netlink reflector...
aug 3 00:05:01 nginx-two keepalived_vrrp[5148]: vrrp_instance(vi_1) entering backup state
aug 3 00:05:01 nginx-two keepalived_healthcheckers[5147]: using linkwatch kernel netlink reflector...
aug 3 00:05:01 nginx-two keepalived_vrrp[5148]: vrrp sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
aug 3 00:05:40 nginx-two keepalived_vrrp[5148]: vrrp_instance(vi_1) transition to master state
aug 3 00:05:41 nginx-two keepalived_vrrp[5148]: vrrp_instance(vi_1) entering master state
aug 3 00:05:41 nginx-two keepalived_vrrp[5148]: vrrp_instance(vi_1) setting protocol vips.
aug 3 00:05:41 nginx-two keepalived_healthcheckers[5147]: netlink reflector reports ip 1.1.1.100 added
aug 3 00:05:41 nginx-two keepalived_vrrp[5148]: vrrp_instance(vi_1) sending gratuitous arps on eth1 for 1.1.1.100
aug 3 00:05:46 nginx-two keepalived_vrrp[5148]: vrrp_instance(vi_1) sending gratuitous arps on eth1 for 1.1.1.100
####和路由協定一樣,當master上線被檢測到會搶占vip,可以想象的到,keepalived也支援非搶占模式,隻有backup在變成master後當機了,才會轉移vip,說起來怎麼這麼繞口####
定義keepalived的檢測機制
原文釋出時間:2014-08-08
本文來自雲栖合作夥伴“linux中國”