一、原理介绍
keepalived的原理可以这样简单理解:
keepalived安装在两台物理服务器上,并相互监控对方是否在正常运行。 当节点A正常的时候,节点A上的keepalived会将下面的信息广播出去,192.168.8.100 这个IP对应的MAC地址为节点A网卡的MAC地址 当节点A发生故障的时候,节点B上的keepalived会检测到,并且将下面的信息广播出去,192.168.8.100 这个IP对应的MAC地址为节点B网卡的MAC地址
高可用负载平衡配置
环境:
两台物理服务器和一个虚拟服务器(vip):
- master:192.168.1.103
- backup:192.168.1.104
- vip:192.168.1.110
- 在主备机器上安装keepalived
tar -zxvf keepalived-1.2.20.tar.gz
cd keepalived-1.2.20
./configure --prefix=/usr/local/keepalived1.2
make && make install
ln -s /usr/local/keepalived1.2 /usr/local/keepalived
ln -s /usr/local/keepalived/sbin/* /usr/sbin/
- 配置keepalived
mkdir -p ~/etc/keepalivedcp /usr/local/keepalived/etc/keepalived/keepalived.conf ~/etc/keepalived/cd ~/etc/keepalived/
- keepalived.conf配置
主机器(192.168.1.103)配置
global_defs {
router_id NodeA
}
vrrp_instance VI_1 {
state MASTER #设置为主服务器,该配置决定了节点为主节点
interface eth0 #监测网络接口
virtual_router_id 51 #主、备必须一样
priority 100 #(主、备机取不同的优先级,主机值较大,备份机值较小,值越大优先级越高)
advert_int 1 #VRRP Multicast广播周期秒数
authentication {
auth_type PASS #VRRP认证方式,主备必须一致
auth_pass 1111 #(密码)
}
virtual_ipaddress {
192.168.1.110/24 #VRRP HA虚拟地址
}
}
备用机器(192.168.1.104)配置
global_defs {
router_id NodeB
}
vrrp_instance VI_1 {
state BACKUP #设置为备服务器
interface eth0 #监测网络接口
virtual_router_id 51 #主、备必须一样
priority 90 #(主、备机取不同的优先级,主机值较大,备份机值较小,值越大优先级越高)
advert_int 1 #VRRP Multicast广播周期秒数
authentication {
auth_type PASS #VRRP认证方式,主备必须一致
auth_pass 1111 #(密码)
}
virtual_ipaddress {
192.168.1.110/24 #VRRP HA虚拟地址
}
}
- 启动keepalived:
keepalived -D -f ~/etc/keepalived/keepalived.conf
查看log消息:
tail -f /var/log/messages
关闭keepalived
killall keepalived
启动主节点A后的日志为:会广播ARP消息 通过 ip addr show 命令可以看到主服务器192.168.1.110/24绑定到了eth0上
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:57:e2:8d brd ff:ff:ff:ff:ff:ff
inet 192.168.1.103/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.110/32 scope global eth0
inet6 fe80::a00:27ff:fe57:e28d/64 scope link
valid_lft forever preferred_lft forever
- 部署nginx(略)
- 虚拟IP:http://192.168.1.110/
- 主服务器:http://192.168.1.103/
- 备服务器:http://192.168.1.104/
- 模拟故障自动切换
将主服务器(192.168.1.103)的keepalived停止: killall keepalived或者init 0关闭服务器 通过下面的url访问 http://192.168.1.110/,返回的内容应该为备服务器上的内容 同时查看备服务器的日志:发现备服务器转为主节点并且会广播ARP消息
Apr 14 00:25:39 fdfs2 Keepalived_vrrp[4324]: VRRP_Instance(VI_1) Transition to MASTER STATE
Apr 14 00:25:40 fdfs2 Keepalived_vrrp[4324]: VRRP_Instance(VI_1) Entering MASTER STATE
Apr 14 00:25:40 fdfs2 Keepalived_vrrp[4324]: VRRP_Instance(VI_1) setting protocol VIPs.
Apr 14 00:25:40 fdfs2 Keepalived_vrrp[4324]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.110
Apr 14 00:25:40 fdfs2 Keepalived_healthcheckers[4323]: Netlink reflector reports IP 192.168.1.110 added
Apr 14 00:25:45 fdfs2 Keepalived_vrrp[4324]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.110
- 主服务器故障恢复
通过下面的url访问 http://192.168.1.110/,返回的内容应该为主服务器上的内容 主服务器日志
Apr 14 00:27:48 fdfs1 Keepalived_vrrp[8651]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.110
Apr 14 00:27:49 fdfs1 Keepalived_vrrp[8651]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.1.110
备服务器日志
Apr 14 00:27:44 fdfs2 Keepalived_vrrp[4324]: VRRP_Instance(VI_1) Received higher prio advert
Apr 14 00:27:44 fdfs2 Keepalived_vrrp[4324]: VRRP_Instance(VI_1) Entering BACKUP STATE
Apr 14 00:27:44 fdfs2 Keepalived_vrrp[4324]: VRRP_Instance(VI_1) removing protocol VIPs.
Apr 14 00:27:44 fdfs2 Keepalived_healthcheckers[4323]: Netlink reflector reports IP 192.168.1.110 removed
常见问题:
- 处理vip无法被应用绑定
解决:net.ipv4.ip_nonlocal_bind=1