一、keepalived高可用
1.环境准备
主机 IP 身份
lb01 10.10.0.5 keepalived master
lb02 10.10.0.6 keepalived backup
web01 172.16.1.7 web端
web02 172.16.1.8 web端
db01 172.16.1.51 数据库
- 10.10.0.3 VIP
# 注释 必须保证lb01、lb02两台一样
2、模拟keepalived搭建
1.保证两台lb01、lb02七层负载均衡一致
[root@lb01 conf.d]# scp linux12.wp.com.conf 172.16.1.6:/etc/nginx/conf.d/
root@172.16.1.6's password:
linux12.wp.com.conf 100% 421 363.7KB/s 00:00
[root@lb01 conf.d]# scp -r /etc/nginx/ssl_key 172.16.1.6:/etc/nginx/
root@172.16.1.6's password:
server.key 100% 1708 59.4KB/s 00:00
server.crt 100% 1342 766.1KB/s 00:00
#因为lb01 是使用了https协议。所以把假私钥,推送过去,搭建keepalived
2. 安装keepalived
[root@lb01 ~]# yum install -y keepalived
[root@lb02 ~]# yum install -y keepalived
3.配置keepalived
# 1、查找配置文件
[root@lb01 conf.d]# rpm -qc keepalived
/etc/keepalived/keepalived.conf
/etc/sysconfig/keepalived
# 2、配置主节点的配置文件
[root@lb01 ~]# vi /etc/keepalived/keepalived.conf ## 删除全文 % d
## 全局配置
global_defs {
router_id lb01 # 唯一的ID
}
vrrp_instance VI_1 {
state MASTER #状态 MASTER和BACKUP
#nopreempt #配置非抢占式,少一次断开,但是,两个srate 的状态必须都配置 BACKUP
interface eth0 #网卡绑定
virtual_router_id 50 ##组的名字
priority 100 #优先级(权重)
advert_int 1 # 监测心跳间隔时间
authentication { #认证类型
auth_type PASS #认证的密码
auth_pass 1111
}
virtual_ipaddress {
10.10.0.102 #虚拟的VIP地址
}
}
# 3、配置从节点
[root@lb02 ~]# vi /etc/keepalived/keepalived.conf
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.10.0.102
}
}
4. 启动服务
[root@lb01 ~]# tail -f /var/log/messages
[root@lb01 ~]# systemctl start keepalived
[root@lb02 ~]# tail -f /var/log/messages
[root@lb02 ~]# systemctl restart keepalived
5.keepalived配置文件的重要架构介绍
## 讲解keepalived配置文件的几大架构
global_defs { #全局配置
router_id lb01 #身份识别--- 主机名
}
vrrp_instance VI_1 { #配置VRRP协议
state MASTER #状态,可写MASTER和BACKUP
#nopreempt #配置非抢占式,少一次断开,但是,两个srate 的状态必须都配置 BACKUP
interface eth0 #绑定网卡
virtual_router_id 50 #虚拟路由标示,可以理解为组名字
priority 100 #优先级,越大优先级越高
advert_int 1 #监测心跳间隔时间,每隔多少秒ping一下主的IP
authentication { #认证类型
auth_type PASS #认证类型
auth_pass 1111 #认证的密码
}
virtual_ipaddress { #设置VI
10.10.0.3 #虚拟的VIP地址
}
}
6.keepalived开启日志
#配置keepalived
[root@lb01 ~]# vim /etc/sysconfig/keepalived
KEEPALIVED_OPTIONS="-D -d -S 0"
#配置rsyslog抓取日志
[root@lb01 ~]# vim /etc/rsyslog.conf
local0.* /var/log/keepalived.log
#重启服务
[root@lb01 ~]# systemctl restart keepalived
[root@lb01 ~]# systemctl restart rsyslog
三、keepalived的抢占式与非抢占式
1.两个节点都启动的情况
#两个节点都启动时,由于节点1优先级高于节点2,所以只有节点1上有VIP,节点2为空
[root@lb01 ~]# ip addr | grep 10.10.0.3
inet 10.10.0.3/32 scope global eth0
[root@lb02 ~]# ip addr | grep 10.10.0.3
2.停止主节点
[root@lb01 ~]# systemctl stop keepalived.service
[root@lb01 ~]# ip addr | grep 10.10.0.3
#由于节点1keepalived down掉,节点2会自动接管节点1的工作,即VIP
[root@lb02 ~]# ip addr | grep 10.10.0.3
inet 10.10.0.3/32 scope global eth0
3.重新启动主节点
#启动主节点
[root@lb01 ~]# systemctl start keepalived
[root@lb01 ~]# ip addr | grep 10.10.0.3
inet 10.10.0.3/32 scope global eth0
#由于节点1优先级高于节点2,所以当节点1恢复时,会将VIP抢占回来
4.配置非抢占式
1.节点配置
`节点一配置
[root@lb01 ~]# vim /etc/keepalived/keepalived.conf
... ...
vrrp_instance VI_1 {
state BACKUP
# nopreempt 开启非抢占式
nopreempt
priority 100
... ...
}
[root@lb01 ~]# systemctl restart keepalived
`节点二配置
[root@lb02 ~]# vim /etc/keepalived/keepalived.conf
... ...
vrrp_instance VI_1 {
state BACKUP
#开启非抢占式 nopreempt
nopreempt
priority 90
... ...
}
[root@lb02 ~]# systemctl restart keepalived
# 注释 '配置非抢占式说明白
1.两个节点的state都必须配置为BACKUP
2.两个节点都必须加上配置 nopreempt
3.其中一个节点的优先级必须要高于另外一个节点的优先级。
两台服务器都角色状态启用nopreempt后,必须修改角色状态统一为BACKUP,唯一的区分就是优先级。
### cmd 输入 arp -a
lb01 与10.10.0.3 一样
