1:HA集群架构与VIIP工作原理:
Linux高可用集群:pacemaker、keepalived
keepalived理论工作原理:
keepalived是以VRRP协议为实现基础的,VRRP全称Virtual Router Redundancy Protocol,即虚拟路由冗余协议。
虚拟路由冗余协议是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master
和多个backup,master上面有一个对外提供服务的VIP(该路由器所在局域网内其他机器的默认路由为VIP),
master会发组播、广播、或单播,当backup收不到vrrp包时就认为master宕机,这时就需要根据VRRP优先级来选举
一个backup成为master。这样的话就可以保证路由器的高可用了。
keepalived 工作在OSI的三层、四层和七层原理
layer3:工作在三层时,keepalived会定期向热备组中的服务器发送一个ICMP数据包,来判断某台服务器是否故障,
如果故障则将这台服务器从热备组移除。
layer4:工作在四层时,keepalived以TCP端口的状态来判断服务器是否故障,比如检测mysql 3306端口,如果故障
则将这台服务器从热备组移除。
layer7:工作在七层时,keepalived根据用户设定的策略判断服务器上的程序是否正常运行,如果故障则将这台服务器
从热备组中移除。
==================================================================================================================
2:原码编译安装keepalived与集群环境配置【最简单的主机集群】
http://www.keepalived.org #下载keepalived 1.3.6版本
yum install -y openssl openss-devel libnl3-devel.X86_64 libnfnetlink-devel.X86_64 ipvasadm
tar xvf keepalived-1.3.6.tar
cd /opt/keepalived-1.3.6
执行配置编译并安装 #./configure && make && make install
复制配置文件并启动keepalived
cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d #centos7无此文件可以忽略
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
service keepalived start
#也可以使用systemctl方式启动keepalived服务[1.3版本以后支持systemctl]
systemctl enabled keepalived.service
systemctl start keepalived.service
systemctl stop keepalived.service
vi /etc/keepalived/keepalived.conf
global_defs {
router_id haweb_1
}
vrrp_sync_group VGM {
GROUP {
VI_HA
}
}
vrrp_instance VI_HA {
state SLAVE #主服务为MASTER
interface ens33
lvs_sync_daemon_inteface ens33
virtual_router_id 51
priority 90 #权值范围1-255,越大越高
advert_init 5
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.1.10/24 dev ens33
}
}
scp /etc/keepalived/keepalived.conf [email protected]:/etc/keepalived/keepalived.conf
[email protected]'s password:
[lsof -i:80 了解一下LSOF命令的使用方法] ifconfig看不到VIP{虚假IP}信息,可以用 ip a 命令
如果SELINUX没有关闭,VIP会只要第一权重的机器上,无法飘移到另外一台主机,
处理办法:可以在配置文件里 增加 setseboot -P piranha_lvs_can_connect on #selinux布尔值
keepalived双机热备完整配置实例:
简单主机集群,当服务宕机时会出现“脑裂”的情况,解决办法:
vi /etc/keepalived/httpd.sh #内容如下:
#!/bin/bash
counter=$(ps -C httpd --no-heading | wc -l)
if ["${counter}" = "0" ];then
/usr/sbin/httpd
sleep 2
counter=$(ps -C httpd --no-heading | wc -l)
if ["${counter}" = "0" ];then
/usr/bin/systemctl stop keepalived.service
fi
fi
插曲:yum -y install killall
yum -y install psmisc.x86_64
chmod +x /etc/keepalived/httpd.sh
vi /etc/keepalived/keepalived.conf
global_defs {
router_id LVS_001B #router_id这个要唯一
}
vrrp_instance VI_1 {
state MASTER #SLAVE 或 BACKUP
interface ens33
virtual_router_id 51 #这个virtual_router_id在两台机器上要相同
priority 100 #权值范围1-255,越大越高[优先级]
unicast_src_ip 192.168.1.11 #本地IP地址【unicast 是单播】
unicast_peer {
192.168.1.12 #对端IP地址,此地址一定不能忘记
}
advert_init 1 #【发送ICMP的时间间隔】
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.1.10/24
}
}
virtual_server 192.168.1.10 80 {
delay_loop 2 #每隔2秒 检测virtual_server状态
lb_algo rr #定义LVS调度算法
lb_kind DR #定义LVS工作模式
persistence_timeout 60 #定义持久链接时长
protocol TCP #定义集群的协议
real_server 192.168.1.11 80 {
weight 1
notify_down /etc/keepalived/httpd.sh
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 2
delay_before_retry 1
}
}
}