keepalive

简述

Keepalived 的作用是检测web服务器的状态，如果有一台web服务器死机，或工作出现故障，Keepalived将检测到，并将有故障的web服务器从系统中剔除，当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中，这些工作全部自动完成，不需要人工干涉，需要人工做的只是修复故障的web服务器。

• 详细参考 http://www.oschina.net/p/keepalived

配置实例

VIP: 192.168.199.177
RealServer1： 192.168.199.222
RealServer2： 192.168.199.193

MASTER 配置

! Configuration File for keepalived

vrrp_instance VI_1 {
    state MASTER
    interface eth2
    garp_master_delay 10
    smtp_alert
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.199.177
    }
}

virtual_server i192.168.199.177 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 50
    protocol TCP

    real_server 192.168.199.222 80 {
        weight 3
        TCP_CHECK {
            connect_timeout 10
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
    real_server 192.168.199.193 80 {
        weight 3
        TCP_CHECK {
            connect_timeout 10
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}

BACKUP

! Configuration File for keepalived

vrrp_instance VI_1 {
    state BACKUP
    interface eth2
    garp_master_delay 10
    smtp_alert
    virtual_router_id 51
    priority 50
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.199.177
    }
}

virtual_server i192.168.199.177 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 50
    protocol TCP

    real_server 192.168.199.222 80 {
        weight 3
        TCP_CHECK {
            connect_timeout 10
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
    real_server 192.168.199.193 80 {
        weight 3
        TCP_CHECK {
            connect_timeout 10
            nb_get_retry 3
            delay_before_retry 3
            connect_port 80
        }
    }
}

192.168.199.193: service keepalived restart
192.168.199.222: service keepalived restart
配置完成

! Configuration File for keepalived

global_defs {
notification_email { 定义接受邮件的邮箱

 [email protected]
 [email protected]                     
 [email protected]

}
notification_email_from [email protected] 定义发送邮件的邮箱
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_MASTER lvs服务器标识符
}

vrrp_instance LVSMASTER { lvs实例标识

state MASTER          服务器状态
interface eth0        监控的端口
virtual_router_id 51  虚拟路由标识，一组lvs的虚拟路由标识必须相同，这样才能切换
priority 100          lvs服务启动优先级，值越大，优先级越高，BACKUP 不能大于MASTER
advert_int 2          lvs服务器之间的存活检查时间2s
authentication {
    auth_type PASS    认证类型
    auth_pass hylanda 认证密码，一组lvs 服务器的认证密码必须一致
}
virtual_ipaddress {
    192.168.0.138     虚拟ip或服务ip
}

}
virtual_server 192.168.0.138 80 { 虚拟服务运行方式定义

delay_loop 5          检查realserver存活的间隔时间
lb_algo rr            负载均衡算法
lb_kind DR            请求转发方式
persistence_timeout 50  连接保持时间
protocol TCP

real_server 192.168.0.132 80 { 真实服务器定义
    weight 1          负载参数
    TCP_CKECK {
        connect_timeout 10  连接超时时间
        nb_get_retry 3      重试连接的次数
        delay_before_reitry 3  每次连接间隔
        connect_port 80     端口
    }
}

real_server 192.168.0.133 80 {
    weight 1
    TCP_CHECK {
        connect_timeout 3
        nb_get_retry 3
        delay_before_retry 3
        connect_port 80
    }
}

}

3.配置keepalive
两台服务器端keepalived.conf内容都为如下，都设置为backup，不抢占，注意修改优先级不同,更详细的keepalived配置文件说明可以执行man keepalived.conf查看：

! Configuration File for keepalived
global_defs {
notification_email {

[email protected] 
    } 

notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}

监控服务.NGINX mysql等

vrrp_script chk_nginx {

script "/home/check_nginx.sh" 
interval 2 
weight 2 

}

vrrp_instance VI_1 {

state BACKUP  #主从设置 MASTER 
interface eth2  #网卡名 
virtual_router_id 51 
mcast_src_ip 10.0.1.133 #本机IP 
priority 50  #从机小于主机 
advert_int 1 
authentication { 
    auth_type PASS 
    auth_pass chtopnet 
} 
virtual_ipaddress { 
    10.0.1.2  #VIP 的IP 
} 
track_script { 
    chk_nginx  #检测脚本 
} 

}

virtual_server 10.0.1.2 80 {

delay_loop 6 
lb_algo rr 
lb_kind DR 
persistence_timeout 50 
protocol TCP 

real_server 10.0.1.132 80 { 
    weight 3 
    TCP_CHECK { 
        connect_timeout 10 
        nb_get_retry 3 
        delay_before_retry 3 
        connect_port 80 
    } 
} 
real_server 10.0.1.133 80 { 
    weight 3 
    TCP_CHECK { 
        connect_timeout 10 
        nb_get_retry 3 
        delay_before_retry 3 
        connect_port 80 
    } 
} 

}

启动相关服务。我在这儿使用的是nginx ，每个上面开了一个站点，通过IP可以直接访问的。启动keepalive后，就可以通过VIP的虚拟IP 10.0.1.2来访问站点了，测试方法就是 停止任何其中一个站点，看它是否能自动切换到从服务器上。

上面代码中 nginx的检测脚本如下 ：

!/bin/bash

if [ “$(ps -ef | grep “nginx: master process”| grep -v grep )” == “” ]
then
/usr/local/nginx/sbin/nginx
sleep 5
if [ “$(ps -ef | grep “nginx: master process”| grep -v grep )” == “” ]
then
killall keepalived
fi
fi

在两台Web Server上执行realserver.sh脚本，为lo:0绑定VIP地址10.0.1.2、抑制ARP广播。

!/bin/bash

description: Config realserver

VIP=10.0.1.2

/etc/rc.d/init.d/functions

case “$1” in
start)

   /sbin/ifconfig lo:0 $VIP netmask 255.255.255.255 broadcast $VIP 
   /sbin/route add -host $VIP dev lo:0 
   echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore 
   echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce 
   echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore 
   echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce 
   sysctl -p >/dev/null 2>&1 
   echo "RealServer Start OK" 
   ;; 

stop)

   /sbin/ifconfig lo:0 down 
   /sbin/route del $VIP >/dev/null 2>&1 
   echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore 
   echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce 
   echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore 
   echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce 
   echo "RealServer Stoped" 
   ;; 

*)

   echo "Usage: $0 {start|stop}" 
   exit 1 

esac

exit 0

分别在主从机上执行 sh realserver.sh start 就可实现负载均衡及高可用集群了