keepalived
keepalived 热备
VRRP:虚拟冗余路由协议 IETF标准协议
HSRP:热备份路由协议 思科私有协议
vrrp_instance vrrp示例
Heart-beat 间隔 --hello时间
Keepalived概述
调度器出现单点故障
Keepalived实现了高可用集群;
Keepalived最初是为LVS设计的,专门监控各服务器节点的状态;
Keepalived后来加入了VRRP功能,防止单点故障。
Keepalived运行原理
Keepalived检测每个服务器节点状态;
服务器节点异常或工作出现故障,keepalived将故障节点从集群系统中剔除;
故障节点恢复后,keepalived再将其加入到集群系统中;
所有工作自动完成,无需人工干预。
Keepalived高可用服务器 高可用的web集群
(在4.2 、4.3上)
1、安装、修改配置文件、起动服务 验证
[root@vh02 ~]# yum install -y keepalived
[root@vh02 ~]# vim /etc/keepalived/keepalived.conf
将vip改为192.168.4.200,后续配置全部删除,其他不变
[root@vh02 ~]# scp /etc/keepalived/keepalived.conf 192.168.4.3:/etc/keepalived/
将vh03的配置文件,角色改为SLAVE,优先级改为90
[root@vh02 ~]# systemctl start keepalived.service
[root@vh02 ~]# ip address show eth0 出现192.168.4.200(活跃)
[root@vh03 ~]# ip a s eth0 不会出现192.168.4.200
[root@room8pc205 桌面]# curl http://192.168.4.200
2、Keepalived双主配置(解决web服务停了,不会释放vip)
#!/bin/bash
port=$(netstat -antpu | grep :80)
while :
do
if [ -z "$port" ];then
systemctl stop keepalived
fi
sleep 5
done
Keepalived+LVS
配置高可用、负载均衡的web集群
使用keepalived高可用解决调度器单点失败问题
主、备调度器上配置LVS
主调度器异常时,keepalived启用备用调度器
步骤一:配置网络环境
1、自定义Web页面,启动Web服务器软件
2、设置Web服务器网络参数,在web服务器配置的lo端口上配置vip
[root@vh02 ~]# cp /etc/sysconfig/network-scripts/ifcfg-lo /etc/sysconfig/network-scripts/ifcfg-lo:0
[root@vh02 ~]# vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.4.100
NETMASK=255.255.255.255 //只有自己
NETWORK=192.168.4.100
BROADCAST=192.168.4.100 //广播
ONBOOT=yes
NAME=lo:0
[root@vh02 ~]# ifup lo:0
[root@vh02 ~]# scp /etc/sysconfig/network-scripts/ifcfg-lo:0 192.168.4.3:/etc/sysconfig/network-scripts/
[root@vh03 ~]# ifup lo:0
3、修改web服务器的内核参数
[root@vh02 ~]# sysctl -a | grep arp_ig
[root@vh02 ~]# echo 'net.ipv4.conf.all.arp_ignore = 1' >> /etc/sysctl.conf
[root@vh02 ~]# echo 'net.ipv4.conf.lo.arp_ignore = 1' >> /etc/sysctl.conf
[root@vh02 ~]# sysctl -a | grep arp_an
[root@vh02 ~]# echo "net.ipv4.conf.all.arp_announce = 2" >> /etc/sysctl.conf
[root@vh02 ~]# echo "net.ipv4.conf.lo.arp_announce = 2" >> /etc/sysctl.conf
[root@vh02 ~]# sysctl -p
调度器安装lvs和keepalived
# yum install -y keepalived ipvsadm
部署Keepalived实现LVS-DR模式调度器的高可用
只需要配置keepalived,因为lvs规则可以通过keepalived配置文件进行配置
[root@vh04 bin]# vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost //设置报警收件人邮箱
}
notification_email_from chen@tedu.cn //设置发件人
smtp_server 127.0.0.1 //定义邮件服务器
smtp_connect_timeout 30
router_id lvs1 //设置路由ID号
}
vrrp_instance VI_1 {
state MASTER/SLAVE //主服务器为MASTER
interface eth0 //定义网络接口
virtual_router_id 50 //主辅VRID号必须一致
priority 100/90 //服务器优先级
advert_int 1
authentication {
auth_type pass
auth_pass forlvs //主辅服务器密码必须一致
}
virtual_ipaddress {
192.168.4.100
}
}
virtual_server 192.168.4.100 80 {
delay_loop 6
lb_algo wrr //设置LVS调度算法为RR
lb_kind DR //设置LVS的模式为DR
nat_mask 255.255.255.255 //子网掩码
persistence_timeout 50 //持久性,50秒内相同客户端访问相同服务器
protocol TCP
real_server 192.168.4.2 80 {
weight 1 //设置权重为1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.4.3 80 {
weight 2 //设置权重为2
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@vh04 ~]# systemctl start keepalived
[root@vh04 ~]# ipvsadm -Ln
[root@vh04 ~]# ip a s eth0
步骤四:验证
[root@vh03 ~]# systemctl stop httpd
[root@vh04/5 ~]#mail
[root@vh04 ~]# ipvsadm -Ln
[root@vh04 ~]# ip a s eth0
客户端使用curl命令反复连接http://192.168.4.100,查看访问的页面是否会轮询到不同的后端真实服务器。
配置高可用、互为主从同步的mysql集群
Keepalived
1. 配置vip 4.10 ---4.6、4.7
设置网络参数,在mysql服务器配置的lo端口上配置vip
[root@vh06 ~]# cp /etc/sysconfig/network-scripts/ifcfg-lo{,:0}
[root@vh06 ~]# vim /etc/sysconfig/network-scripts/ifcfg-lo:0
DEVICE=lo:0
IPADDR=192.168.4.100
NETMASK=255.255.255.255 //只有自己
NETWORK=192.168.4.100
BROADCAST=192.168.4.100 //广播
ONBOOT=yes
NAME=lo:0
[root@vh06 ~]# ifup lo:0 //忽略提示
[root@vh02 ~]# scp /etc/sysconfig/network-scripts/ifcfg-lo:0 192.168.4.7:/etc/sysconfig/network-scripts/
[root@vh07 ~]# ifup lo:0
keepalive高可用
[root@vh06 ~]# yum -y install mariadb-server
[root@vh06 ~]# systemctl restart mariadb
MariaDB [(none)]> grant all on *.* to chen@"192.168.4.%" identified by '123456';
安装、修改配置文件、起动服务 验证
[root@vh06 ~]# yum install -y keepalived
[root@vh06 ~]# vim /etc/keepalived/keepalived.conf
将vip改为192.168.4.200,后续配置全部删除,其他不变
[root@vh02 ~]# scp /etc/keepalived/keepalived.conf 192.168.4.3:/etc/keepalived/
将vh03的配置文件,角色改为SLAVE,优先级改为90
[root@vh06 ~]# systemctl start keepalived.service
[root@vh06 ~]# ip address show eth0 出现192.168.4.200(活跃)
[root@vh06 ~]# ip a s eth0 不会出现192.168.4.200
[root@vh05 ~]# mysql -h'192.168.4.10' -uchen -p123456
3. mysql互为主从同步
用户授权(同步数据的权限)
mysql> grant replication slave on *.* to admin@"192.168.4.7" identified by "123456";
mysql> select user,host from mysql.user;
#vim /etc/my.cnf
server_id=06/07
log_bin=master06/07
binlog_format="mixed"
log_slave_updates
#systemctl restart mysqld
mysql> show master status;
从数据库服务器的配置
mysql> change master to
master_host="192.168.4.6/7", master_user="chen",
master_password="123456", master_log_file="master55.000001",
master_log_pos=154;
mysql> start slave;
mysql>show slave status\G;
验证
[root@vh05 ~]# mysql -h'192.168.4.10' -uchen -p123456
Nginx分析
优点:
工作在7层,可以针对http做分流策略;
正则表达式比haproxy强大;
安装、配置、测试简单,通过日志可以解决多数问题;并发量可以达到几万次;
nginx还可以作为web服务器使用
缺点:
仅支持http、https、mail协议,应用面小;
监控检查仅通过端口,无法使用url检查
LVS分析
优点:
负载能力强,工作在4层,对内存、CPU消耗低;
配置性低,没有太多可配置性,减少认为错误;应用面广,几乎可以为所有应用提供负载均衡
缺点:
不支持正则表达式,不能实现动静分离;
如果网站架构庞大,LVS-DR配置比较繁琐
HAProxy分析
优点:
支持session、cookie功能;
可以通过url进行健康检查;
效率、负载均衡速度,高于nginx,低于LVS;
HAProxy支持TCP,可以对mysql进行负载均衡;
调度算法丰富
缺点:
正则弱于nginx;
日志依赖于syslogd,不支持apache日志
