Ubuntu 14.04keepalived环境搭建
声明:本博文用于学习总结及工作心得
MASTER192.168.1.154
BACKUP192.168.1.142
VIP 192.168.1.77
一:准备工作
1. 修改hosts (MASTER & BACKUP)
| Vim /etc/hosts 添加: 192.168.1.154 MASTER 192.168.1.142 BACKUP |
2. 修改homename
永久性修改 vim /etc/hosts
MASTER主机修改为 MASTER
BACKUP主机修改为 BACKUP
3. 安装SSH服务 客服端及服务端都需要安装
4. 修改SSH配置文件
1): Vim /etc/ssh/ssh_config
StrictHostKeyChecking ask 改成StrictHostKeyCheckingno
2): vim /etc/ssh/sshd_config
PermitRootLogin no 改为PermitRootLogin yes
这里两台主机都需要修改后面会讲到具体作用(ssh root@BACKUP -p 58081 service tomcat7 stop)
二:解决依赖
1. apt-getupdate
2. apt-getupgrade 如果服务器以更新可以不做
3. apt-getinstall libpop-dev
我这里是没找到这个安装包安装的是libpoppler-dev
4. apt-getinstall daemon
三:
1.安装keepalived
| # tar zxvf keepalived-1.2.18.tar.gz # cd keepalived-1.2.18 # ./configure --prefix=/usr/local/keepalived # make # make install |
2. 将keepalived作为系统服务启动:
| # mkdir /etc/sysconfig # cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/ # cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ # cp /usr/local/keepalived/sbin/keepalived /sbin/ |
3. 把keepalived 的配置文件放到/etc/keepalived 下,keepalived默认会读取这个文件。
| # mkdir /etc/keepalived
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/ |
4.编辑配置文件,修改以下的内容即可:
| # vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived
global_defs { notification_email { sai@localhost # 报警邮件接收人的地址 } notification_email_from root@localhost # 发送报警邮件发件人地址 smtp_server 127.0.0.1# 发送邮件的服务器地址 smtp_connect_timeout 30# 邮件超时时间(可以根据自己的需求进行设定) router_id MASTERL # 一个实例的标识地址(可以有多个实例但不能相同) BACKUP主机修改为BACKUP } vrrp_script monitor_tomcat { script “/root/scripts/monitor_tomcat.sh”#根据自己的实际路径放置健康检查脚本文件,这里写的是tomcat的检测脚本 interval 1# 脚本执行间隔 Weight -5#脚本结果导致的优先级变更:5表示优先级加5;-5表示优先级减5 } vrrp_instance VI_1 {# 虚拟路由器自己的名字 state MASTER# 设置服务器模式,当前为主节点,master端 interface eth0# 实例网卡,也就是提供服务的网卡,来发送vrrp通告 virtual_router_id 51# 设置vrid,这里非常重要,相同的vrid为一个组,他决定,它将决定多播的MAC地址.(建议不要使用默认地址,以免发生冲突) priority 100# 设置本节点的优先级,优先级高的为master BACKUP主机设置为95 nopreempt #抢占方式实现当优先级高的调度节点故障恢复后,不再抢占为主调度服务器,从而也就避免了因调度节点的故障及故障恢复后来回切换的问题。 advert_int 1# 检查间隔,默认为1秒 authentication { auth_type PASS# 认证方式,可以是pass或者AH两种认证方式 auth_pass 1111# 认证密码 } virtual_ipaddress {# 设置vip,虚拟ip地址(实现高可用,转移的vip地址) 192.168.1.77# 此地址并不存在,当成为主节点时,此ip地址将会自动生成 } script_track { monitor_tomcat #跟踪这个monitor_nginx脚本;就是不断去检查这个脚本 } }
virtual_server localhost 8080 { delay_loop 2 #每个2秒检查一次real_server状态 lb_algo wrr #LVS算法 lb_kind DR #LVS模式 persistence_timeout 60 #会话保持时间 protocol TCP real_server localhost 8080 { weight 3 notify_down /root/scripts/monitor_tomcat.sh #检测到服务down后执行的脚本 TCP_CHECK { connect_timeout 2 #连接超时时间 nb_get_retry 2 #重连次数 delay_before_retry 2 #重连间隔时间 connect_port 8080 #健康检查端口 } } } |
5. 使用expect进行ssh远程主机之间的交互 (MASTER & BACKUP)
| 1). apt-get install expect 2).编辑ssh交互脚本 vim /root/scripts/. #!/usr/bin/expect -f
set port 58081 set user root set host BACKUP #BACKUP主机中这里需要更改为MASTER set password 4753beeba235268793abe399debb07fd set timeout -1 set RES ""
spawn ssh $user@$host -p $port service keepalived stop expect "*assword:*"
send "$password\r" expect eof |
6. tomcat健康检查脚本 脚本内容如下:(MASTER & BACKUP)
思路为 keepalived 侦测到tomcat down掉以后执行该脚本:
Curl 连接本地8080服务检查是否真的down掉,如果是,则继续使用cur连接BACKUP主机 8080服务,如果服务没有down掉, 即执行epect交互脚本登录BACKUP主机 并启动keepalived服务 休眠1秒 ,然后再杀掉本地keepalived服务,然后重启本地8080服务;否则尝试重启tomcat服务, 然后休眠60s然后再尝试使用curl连接本地8080服务,如果成功,则不管;否则杀死keepalived服务
MASTER: monitor_tomcat.sh
| !/bin/sh $(wget --spider http://localhost:8080/ 2> conn.txt ) RC=$(cat conn.txt | grep 'Connection refused') #本地主机8080服务down掉 if [[ $RC != "" ]];then rm conn.txt $(wget --spider http://BACKUP:8080/ 2> conn.txt ) BACKUPRC=$(cat conn.txt | grep 'Connection refused') if [[ $BACKUPRC == "" ]];then #如果BACKUP主机8080服务正常 执行expect脚本ssh远程登录BACKUP主机>并启动keepalived rm conn.txt /root/scripts/. #等待1s再杀掉本地的keepalived服务 sleep 1 service keepalived stop #尝试启动本地8080服务 service tomcat7 restart else #BACKUP主机8080服务down掉 尝试重启本地8080服务 失败则杀掉keepalived服务 说明两台主机都down掉了 rm conn.txt service tomcat7 restart else #BACKUP主机8080服务down掉 尝试重启本地8080服务 失败则杀掉keepalived服务 说明两台主机都down掉了 rm conn.txt service tomcat7 restart $(wget --spider http://localhost:8080/ 2> conn.txt ) LOCALRC=$(cat conn.txt | grep 'Connection refused') if [[ $LOCALRC != "" ]];then #重启失败 杀掉keepalived service keepalived stop fi fi else rm conn.txt echo "no Warning" fi |
BACKUP:monitor_tomcat.sh
| #!/bin/sh $(wget --spider http://BACKUP:8080/ 2> conn.txt )
RC=$(cat conn.txt | grep 'Connection refused') #本地主机8080服务down掉 if [[ $RC != "" ]];then rm conn.txt $(wget --spider http://MASTER:8080/ 2> conn.txt ) MASTERRC=$(cat conn.txt | grep 'Connection refused') if [[ $MASTERRC == "" ]];then #如果MASTER主机8080服务正常 执行expect脚本ssh远程登录MASTER主机>并启动keepalived rm conn.txt /root/scripts/. #等待1s再杀掉本地的keepalived服务 sleep 1 service keepalived stop #尝试启动本地8080服务 service tomcat7 restart else #MASTER主机8080服务down掉 尝试重启本地8080服务 失败则杀掉keepalived服务 说明两台主机都down掉了 rm conn.txt service tomcat7 restart $(wget --spider http://localhost:8080/ 2> conn.txt ) LOCALRC=$(cat conn.txt | grep 'Connection refused') if [[ $LOCALRC != "" ]];then #重启失败 杀掉keepalived service keepalived stop fi rm conn.txt fi else rm conn.txt echo "no Warning" fi |
7. BACKUP主机添加crontab定时任务 (BACKUP)
MASTER主机keepalived服务会进行健康检查,如果本机8080服务down掉,会自动执行健康脚本monitor_tomcat.sh;但是在BACKUP主机上尝试多次,依然不能自己执行健康脚本;所以添加定时任务每一秒执行一次
Crontab –e
追加: */2 * * * */root/scripts/monitor_tomcat.sh
8. 修改keepclived 启动脚本 (MASTER & BACKUP)
| vim /etc/init.d/keepalived start() #daemon keepalived ${KEEPALIVED_OPTIONS} /usr/local/keepalived/sbin/keepalived
stop() #killproc keepalived killall keepalived
reload() #killproc keepalived -1 killall keepalived -1
|
9. 重启服务器 测试:
输入ip a ,VIP 77 绑定在MASTER主机eth0端口;尝试关闭MASTER tomcat7服务, VIP成功过度到BACKUP主机;反之关闭BACKUP主机8080服务,VIP成功过渡到MASTER主机;中间因为脚本原因, 会有几秒钟过度时间