基于keepalived、redis sentinel的高可用redis集群
硬件
机器名 | IP | 作用 |
master | 192.168.0.2 | redis的master服务器 |
slave1 | 192.168.0.3 | redis的slave服务器 |
slave2 | 192.168.0.4 | redis的slave服务器 |
route1 | 192.168.0.5【虚拟IP:192.168.0.7】 | keepalived和redis sentinel服务器,承载写redis的VIP【虚拟ip】,做写的双机热备的主master指定 |
route2 | 192.168.0.6【虚拟IP:192.168.0.8】 | keepalived和redis sentinel服务器,承载读redis的VIP,做读的负载均衡和写的双机热备的master备份路由指定 |
安装与配置见此文安装与配置
详细的keepalived配置,route1
! Configuration File for keepalived global_defs { notification_email { 邮箱 } notification_email_from 邮箱 smtp_server 邮箱服务器地址 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER interface eth0 #eth0是要绑定的网卡 virtual_router_id 100 #同一个vrrp_instance中的值必须一样 priority 160 #master的值要高于backup的 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.0.7 #用于双机热备的虚拟ip } } virtual_server 192.168.0.7 6379 { delay_loop 3 lb_algo wrr lb_kind DR persistence_timeout 30 protocol TCP real_server 192.168.0.2 6379 { weight 8 notify_down redis服务失败后要执行的脚本的路径/脚本名 #服务失败后要执行的脚本 TCP_CHECK { connect_timeout 1 nb_get_retry 3 delay_before_retry 3 connect_port 6379 } } }route2的配置文件
! Configuration File for keepalived global_defs { notification_email { 邮箱 } notification_email_from 邮箱 smtp_server 邮箱服务器地址 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_instance VI_1 { state MASTER interface eth0 #eth0是要绑定的网卡 virtual_router_id 100 #同一个vrrp_instance中的值必须一样 priority 160 #master的值要高于backup的 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.0.7 #用于双机热备的虚拟ip } notify_master "/etc/script/redis.sh" } vrrp_instance VI_2 { state MASTER #将此slave作为读数据的master interface eth0 virtual_router_id 101 priority 151 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.0.8 #用于读取数据的负载均衡的虚拟ip } } virtual_server 192.168.0.7 6379 { delay_loop 3 lb_algo wrr lb_kind DR persistence_timeout 30 protocol TCP real_server 192.168.0.3 6379 { weight 8 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 6379 } } } virtual_server 192.168.0.8 6379 { delay_loop 3 lb_algo wrr lb_kind DR persistence_timeout 30 protocol TCP real_server 192.168.0.3 6379 { weight 5 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 6379 } } real_server 192.168.0.4 6379 { weight 5 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 6379 } } }
redis维护脚本redis.sh
#!/usr/bin/env bash /usr/local/bin/redis-cli -h 192.168.0.2 -p 6379 shutdown /usr/local/bin/redis-cli -h 192.168.0.3 -p 6379 config set appendonly no
此脚本用在route2的notify_master,即当route2进入master时执行
设置redis的主从关系
设置redis的sentinel,配置文件
# Example sentinel.conf # port <sentinel-port> # The port that this sentinel instance will run on port 26379 # sentinel monitor <master-name> <ip> <redis-port> <quorum> # # Tells Sentinel to monitor this slave, and to consider it in O_DOWN # (Objectively Down) state only if at least <quorum> sentinels agree. # # Note: master name should not include special characters or spaces. # The valid charset is A-z 0-9 and the three characters ".-_". sentinel monitor mymaster 192.168.0.2 6379 2 #此处的意思是需要两个哨兵来确认服务是否挂掉 # sentinel auth-pass <master-name> <password> # # Set the password to use to authenticate with the master and slaves. # Useful if there is a password set in the Redis instances to monitor. # # Note that the master password is also used for slaves, so it is not # possible to set a different password in masters and slaves instances # if you want to be able to monitor these instances with Sentinel. # # However you can have Redis instances without the authentication enabled # mixed with Redis instances requiring the authentication (as long as the # password set is the same for all the instances requiring the password) as # the AUTH command will have no effect in Redis instances with authentication # switched off. # # Example: # # sentinel auth-pass mymaster MySUPER--secret-0123passw0rd # sentinel down-after-milliseconds <master-name> <milliseconds> # # Number of milliseconds the master (or any attached slave or sentinel) should # be unreachable (as in, not acceptable reply to PING, continuously, for the # specified period) in order to consider it in S_DOWN state (Subjectively # Down). # # Default is 30 seconds. sentinel down-after-milliseconds mymaster 5000 # sentinel can-failover <master-name> <yes|no> # # Specify if this Sentinel can start the failover for this master. sentinel can-failover mymaster yes # sentinel parallel-syncs <master-name> <numslaves> # # How many slaves we can reconfigure to point to the new slave simultaneously # during the failover. Use a low number if you use the slaves to serve query # to avoid that all the slaves will be unreachable at about the same # time while performing the synchronization with the master. sentinel parallel-syncs mymaster 1 # sentinel failover-timeout <master-name> <milliseconds> # # Specifies the failover timeout in milliseconds. When this time has elapsed # without any progress in the failover process, it is considered concluded by # the sentinel even if not all the attached slaves were correctly configured # to replicate with the new master (however a "best effort" SLAVEOF command # is sent to all the slaves before). # # Also when 25% of this time has elapsed without any advancement, and there # is a leader switch (the sentinel did not started the failover but is now # elected as leader), the sentinel will continue the failover doing a # "takeover". # # Default is 15 minutes. sentinel failover-timeout mymaster 90000 # SCRIPTS EXECUTION # # sentinel notification-script and sentinel reconfig-script are used in order # to configure scripts that are called to notify the system administrator # or to reconfigure clients after a failover. The scripts are executed # with the following rules for error handling: # # If script exists with "1" the execution is retried later (up to a maximum # number of times currently set to 10). # # If script exists with "2" (or an higher value) the script execution is # not retried. # # If script terminates because it receives a signal the behavior is the same # as exit code 1. # # A script has a maximum running time of 60 seconds. After this limit is # reached the script is terminated with a SIGKILL and the execution retried. # NOTIFICATION SCRIPT # # sentinel notification-script <master-name> <script-path> # # Call the specified notification script for any sentienl event that is # generated in the WARNING level (for instance -sdown, -odown, and so forth). # This script should notify the system administrator via email, SMS, or any # other messaging system, that there is something wrong with the monitored # Redis systems. # # The script is called with just two arguments: the first is the event type # and the second the event description. # # The script must exist and be executable in order for sentinel to start if # this option is provided. # # Example: # # sentinel notification-script mymaster /var/redis/notify.sh # CLIENTS RECONFIGURATION SCRIPT # # sentinel client-reconfig-script <master-name> <script-path> # # When the failover starts, ends, or is aborted, a script can be called in # order to perform application-specific tasks to notify the clients that the # configuration has changed and the master is at a different address. # # The script is called in the following cases: # # Failover started (a slave is already promoted) # Failover finished (all the additional slaves already reconfigured) # Failover aborted (in that case the script was previously called when the # failover started, and now gets called again with swapped # addresses). # # The following arguments are passed to the script: # # <master-name> <role> <state> <from-ip> <from-port> <to-ip> <to-port> # # <state> is "start", "end" or "abort" # <role> is either "leader" or "observer" # # The arguments from-ip, from-port, to-ip, to-port are used to communicate # the old address of the master and the new address of the elected slave # (now a master) in the case state is "start" or "end". # # For abort instead the "from" is the address of the promoted slave and # "to" is the address of the original master address, since the failover # was aborted. # # This script should be resistant to multiple invocations. # # Example: # # sentinel client-reconfig-script mymaster /var/redis/reconfig.sh需要特别注意的配置,如果没有这个配置就会发生keepalived不转发的的问题,而且是如果redis和keepalive是同一台机器,会转发,但是如果相互间独立,则realserver收不到转发包
配置master
vim /etc/sysctl.conf,添加内容如下
net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2执行命令
sysctl -p ip addr add 192.168.0.7/32 dev lo ip add listlo环上出现了指定的ip即可
配置slave1
vim /etc/sysctl.conf,添加内容如下
net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2执行命令
sysctl -p ip addr add 192.168.0.7/32 dev loip addr add 192.168.0.8/32 dev loip add list
配置slave2
vim /etc/sysctl.conf,添加内容如下
net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2执行命令
sysctl -p ip addr add 192.168.0.8/32 dev lo ip add list设置sentinel
redis 的sentinel在配置文件中设定为2,所以route1和route2两台机器都需要配置
启动redis的sentinel
/usr/local/bin/redis-server /etc/redis/sentinel.conf --sentinel