VRRP介绍
VRRP(Virtual Routing Redundant Protocol)可以通过在多台路由器组合成一个虚拟路由组(一个VRRP组)之间共享一个虚拟IP(VIP)解决静态配置的问题,此时仅需要客户端以VIP作为其默认网关即可,虚拟IP配置在哪个路由设备上取决于VRRP的工作机制,实现网关地址漂移;MASTER与BACKUP设备之间有优先级设定,数字越大优先级越高,通过各节点之间不停的传送通告信息来确认对方是否在线;当MASTER宕机的时候,虚拟IP会漂移到备用路由上,实现前端网关的高可用
VRRP中一主多从模式
VRRP中多主模式
Keepalived介绍
Keepalived起初是特意为LVS设计,用来监控集群服务中各Real Server节点的状态,根据Layer3,4,5交换机制检查每个服务节点的状态;当某个服务节点出现故障,Keepalived检测到后将这个故障节点从服务中剔除;当故障节点重新恢复到正常状态后,Keepalived可根据自身机制自动将服务加进集群服务添加到集群服务列表中;后来Keepalived加入了VRRP功能,使得现在的Keepalived具有服务器运行检测功能与HA Cluster功能
基本知识点就介绍到这里了,下面让我们一起来看一看keepalived功能实现吧
基于keepalived实现LVS高可用
LVS的实现模型为DR,DR的详细相关配置已经在之前博文有介绍,详细内容请点击DR模型实现
IP地址规划
HA1
| HA2
| Real Server1
| Real Server2
| FQDN
| node1.magedu.com
| FQDN
| node2.magedu.com
| FQDN
| test1.magedu.com
| FQDN
| test2.magedu.com
| IP
| 172.16.51.76
| IP
| 172.16.51.100
| IP
| 172.16.51.77
| IP
| 172.16.51.78
|
Resal Server配置准备
安装web服务
# yum install httpd –y
测试web服务
Real Server1
Real Server2
LVSDR模型配置实现
Rea lServer1上VIP配置
# sysctl -w net.ipv4.conf.lo.arp_ignore=1
# sysctl -w net.ipv4.conf.all.arp_ignore=1
# sysctl -w net.ipv4.conf.lo.arp_announce=2
# sysctl -wnet.ipv4.conf.all.arp_announce=2
# ifconfig lo:0 172.16.51.70 broadcast172.16.51.70 netmask 255.255.255.255 up
# route add -host 172.16.51.70 dev lo:0
Rea lServer2上VIP配置与RealServer1相同,这里就不再列出了
在Rea lServer1与Rea lServer2上安装ipvsadm
# yum -y install ipvsadm
HA1与HA2主机相关操作配置
在HA1与HA2上安装keeplived
# yum -y --nogpgcheck localinstallkeepalived-1.2.7-5.el5.i386.rpm
修改配置文件(HA1上操作)
# cd /etc/keepalived/
# vim keepalived.conf
全局配置更改(关于邮件这里未做太多的更改)
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from root@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
} 虚拟路由组
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_typePASS
auth_pass password
}
virtual_ipaddress {
172.16.51.70
}
} Virtual_server与real_server设置
virtual_server 172.16.51.70 80 {
delay_loop 6
lb_algo wlc
lb_kind DR
nat_mask 255.255.0.0
persistence_timeout 50
protocol TCP
real_server 172.16.51.77 80 {
weight 1
SSL_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
virtual_server 172.16.51.70 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.0.0
persistence_timeout 50
protocol TCP
real_server 172.16.51.78 80 {
weight 1
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
} 更改完成后复制到HA2上相同的一份
# scp /etc/keepalived/keepalived.conf node2:/etc/keepalived/
修改node2上keepalived配置文件,修改项如下
state BACKUP
priority 100
启动keepalived
查看配置是否生效
查看生成的ipvsadm规则信息
使用window主机浏览器进行访问测试
刷新一下
刷新多次后,查看相关匹配信息
基于keepalived实现web服务的高可用
这是在完成上述实验后在HA1与HA2主机实现web服务的高可用
关闭node1与node2的keepalive
#service keepalived stop
在node1与node2上安装web服务
#yum -y install httpd
启动web服务后,分别准备web页面
# echo "node1.magedu.com" >/var/www/html/index.html
# echo "node2.magedu.com" >/var/www/html/index.html
访问web进行测试
配置文件准备与配置,此rpm制作(马哥专利的哦)时已经提供了(rpm包已经上传到附件了)
# cp keepalived.conf.haproxy_examplekeepalived.conf
# vim keepalived.conf
修改内容
定义一下服务脚本名称httpd(整个配置文件就贴出来了)
! Configuration File for keepalived
global_defs {
notification_email {
linuxedu@foxmail.com
mageedu@126.com
}
notification_email_from kanotify@magedu.com
! Configuration File for keepalived
global_defs {
notification_email {
linuxedu@foxmail.com
mageedu@126.com
}
notification_email_from kanotify@magedu.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_httpd {
script "killall -0 httpd"
interval 2
# check every 2 seconds
weight -2
# if failed, decrease 2 of the priority
fall 2
# require 2 failures for failures
rise 1
# require 1 sucesses for ok
}
vrrp_script chk_schedown {
script "[[ -f /etc/keepalived/down ]]&& exit 1 || exit 0"
interval 2
weight -2
}
vrrp_instance VI_1 {
interface eth0
# interface for inside_network, bound byvrrp
state MASTER
# Initial state, MASTER|BACKUP
# As soon as the other machine(s) come up,
# an election will be held and the machine
# with the highest "priority"will become MASTER.
# So the entry here doesn't matter a wholelot.
priority 101
# for electing MASTER, highest prioritywins.
# to be MASTER, make 50 more than other machines.
virtual_router_id 51
# arbitary unique number 0..255
# used to differentiate multiple instancesof vrrpd
# running on the same NIC (and hence samesocket).
garp_master_delay 1
authentication {
auth_typePASS
auth_pass password
}
track_interface {
eth0
}
# optional, monitor these as well.
# go to FAULT state if any of these godown.
virtual_ipaddress {
172.16.51.70/16 dev eth0 label eth0:0
}
#addresses add|del on change to MASTER, toBACKUP.
#With the same entries on other machines,
#the opposite transition will be occuring.
}
track_interface {
eth0
}
# optional, monitor these as well.
# go to FAULT state if any of these godown.
virtual_ipaddress {
172.16.51.70/16 dev eth0 label eth0:0
}
#addresses add|del on change to MASTER, toBACKUP.
#With the same entries on other machines,
#the opposite transition will be occuring.
#/ brd dev scope label
track_script {
chk_httpd
chk_schedown
}
notify_master"/etc/keepalived/notify.sh master"
notify_backup"/etc/keepalived/notify.sh backup"
notify_fault"/etc/keepalived/notify.sh fault"
}
#vrrp_instance VI_2 {
# interface eth0
# state MASTER # BACKUP for slaverouters
# priority 101 # 100 for BACKUP
# virtual_router_id 52
# garp_master_delay 1
#
# authentication {
# auth_typePASS
# auth_pass password
# }
# track_interface {
# eth0
# }
# virtual_ipaddress {
# 172.16.100.2/16 dev eth0 label eth0:1
# }
# track_script {
# chk_haproxy
# chk_mantaince_down
# }
#
# notify_master "/etc/keepalived/notify.sh master eth0:1"
# notify_backup "/etc/keepalived/notify.sh backup eth0:1"
# notify_fault "/etc/keepalived/notify.sh fault eth0:1"
#
}
复制配置文件到node2主机
# scp /etc/keepalived/keepalived.confnode2:/etc/keepalived/
复制后需要修改内容如下
state BACKUP
priority 100
启动keepalived服务
查看MASTER(node1)上主机定义的VIP(eth0别名IP)是否成功
访问虚拟IP地址
主备转换测试
# cd /etc/keepalived/
# touch down
在备用节点node2上查看
访问虚拟IP
现在把down文件删除,MASTER节点会夺回资源,因为在node1上的优先级(101)比nod2上的优先级(100)高
双主模式实现
两个主机web服务同时开启,配置的VIP不同,让他们互为主从
修改keepalived.conf配置文件(只需修改配置文件末尾“vrrp_instance VI_2”中的内容)
vrrp_instance VI_2 {
interface eth0
state BACKUP # BACKUP forslave routers
priority 100 # 100 for BACKUP
virtual_router_id 52
garp_master_delay 1
authentication {
auth_typePASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.51.80/16 dev eth0 label eth0:1
}
track_script {
chk_httpd
chk_schedown
}
notify_master "/etc/keepalived/notify.sh master eth0:1"
notify_backup "/etc/keepalived/notify.sh backup eth0:1"
notify_fault "/etc/keepalived/notify.sh fault eth0:1"
} 在 node2 上启用“ vrrp_instance VI_2 ” 中的内容后,修改一下第二 VIP 地址与脚本名称( track_httpd, chk_schedown )
修改完成后,启动 keepalived 服务,查看 node1 与 node2 上的 VIP 地址配置
node1 主机
node2 主机
测试
模拟 node1 出现故障
# cd /etc/keepalived/
# touch down
查看 node2 上虚拟 IP 地址 
此时,访问 172.16.51.70 与 172.16.51.80 都是由 node2 主机返回结果  
基于keepalived实现的LVS高可用与web服务的高可用就完成了,希望可以为你带来一些帮助哦
附件:http://down.运维网.com/data/2362850
| 
QQ群⑧:
窥视卡
雷达卡
发表于 2018-12-28 13:15:11
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡