文章目录
- 目录
- 前言
- 一、前提条件
- 二、修改第二台HA的配置文件
- 2.1 检查与运行
- 2.2 工具连接
- 三、8.245 安装 Keepalived
- 3.1 修改 8.245 配置
- 3.2 在 8.247 安装 Keepalived
- 3.3 修改 8.247 Keepalived 的配置
- 3.4 启动两台服务器 keepalived
- 3.5 使用 keepalived 虚拟IP连接
- 3.6 演示抢占VIP
- 四、keepalived延伸HA宏机处理情况
- 4.1 安装 killall 检测插件
- 4.2 使用 killall 检测 haproxy
- 五、命令汇总
- 参考资料
目录
前言
假如Haproxy崩溃了,自然也是没有用的。所以引入 Keepalived 搭建热备架构
一、前提条件
《MyCat Haproxy实践》在此文章中,已经编写了安装HA的流程。所以在 192.168.8.245 服务器上再次安装一遍 HA
序号 | 地址 | 用途 |
1 | 192.168.8.245:5000 | Haproxy-B |
2 | 192.168.8.247:5000 | Haproxy-A |
3 | 192.168.8.249:6000 | Keepalived-VIP |
二、修改第二台HA的配置文件
[root@localhost ~]# vim /etc/haproxy/haproxy.cfg
#---------------------------------------------------------------------
# Example configuration for a possible web application. See the
# full configuration options online.
#
# http://haproxy.1wt.eu/download/1.4/doc/configuration.txt
#
#---------------------------------------------------------------------
#---------------------------------------------------------------------
# Global settings
#---------------------------------------------------------------------
global
# to have these messages end up in /var/log/haproxy.log you will
# need to:
#
# 1) configure syslog to accept network log events. This is done
# by adding the '-r' option to the SYSLOGD_OPTIONS in
# /etc/sysconfig/syslog
#
# 2) configure local2 events to go to the /var/log/haproxy.log
# file. A line like the following can be added to
# /etc/sysconfig/syslog
#
# local2.* /var/log/haproxy.log
#
log 127.0.0.1 local2
chroot /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
# turn on stats unix socket
stats socket /var/lib/haproxy/stats
#---------------------------------------------------------------------
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#---------------------------------------------------------------------
defaults
mode tcp #### http change tcp
log global
option tcplog #### httplog change tcplog
option dontlognull
#option http-server-close #### 屏蔽此行
#option forwardfor except 127.0.0.0/8 #### 屏蔽此行
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
#---------------------------------------------------------------------
# main frontend which proxys to the backends
#---------------------------------------------------------------------
frontend main *:5000
#acl url_static path_beg -i /static /images /javascript /stylesheets #### 屏蔽此行
#acl url_static path_end -i .jpg .gif .png .css .js #### 屏蔽此行
#use_backend static if url_static #### 屏蔽此行
default_backend app
#---------------------------------------------------------------------
# static backend for serving up images, stylesheets and such
#---------------------------------------------------------------------
backend static
balance roundrobin
server static 127.0.0.1:4331 check
#---------------------------------------------------------------------
# round robin balancing between the various backends
#---------------------------------------------------------------------
backend app
balance roundrobin
server app1 192.168.8.245:8066 check #### server app1 127.0.0.1:5001 check
server app2 182.168.8.246:8066 check #### server app2 127.0.0.1:5002 check
#server app3 127.0.0.1:5003 check #### 屏蔽此行
#server app4 127.0.0.1:5004 check #### 屏蔽此行2.1 检查与运行
[root@localhost ~]# haproxy -f /etc/haproxy/haproxy.cfg
[root@localhost ~]# ps -ef | grep hapro
haproxy 5868 1 0 14:31 ? 00:00:00 haproxy -f /etc/haproxy/haproxy.cfg
root 5897 28651 0 14:31 pts/0 00:00:00 grep --color=auto hapro2.2 工具连接
使用 Navicat 连接
三、8.245 安装 Keepalived
yum search keepalived
yum -y install keepalived.x86_643.1 修改 8.245 配置
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict #### 屏蔽此行,会影响到使用虚拟IP
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface enp0s3 #### eth0 配置网卡 ip addr
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.249 #### 修改成 虚拟IP地址 需要和服务器同网段
}
}
virtual_server 192.168.8.249 6000 { #### 虚拟IP地址 和 监听的端口
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.8.245 5000 { #### HA的地址 和 端口
weight 1
#### 下面是心跳检查
#### https://keepalived.org/doc/configuration_synopsis.html
TCP_CHECK { #### 使用TCP的心跳检测
connect_port 5000 #### 监听端口
connect_timeout 10 #### 心跳超时时间
}
}
}3.2 在 8.247 安装 Keepalived
[root@storage ~]# yum -y install keepalived.x86_64
[root@storage ~]# cd /etc/keepalived/
[root@storage keepalived]# ls
keepalived.conf
[root@storage keepalived]# rm -rf keepalived.conf*
[root@storage keepalived]# ls -la
total 12
drwxr-xr-x 2 root root 6 Nov 10 15:05 .
drwxr-xr-x. 85 root root 8192 Nov 10 15:03 ..
[root@storage keepalived]# scp root@192.168.8.245:/etc/keepalived/keepalived.conf .
The authenticity of host '192.168.8.245 (192.168.8.245)' can't be established.
ECDSA key fingerprint is SHA256:VQlowsizcHfSGLTyiPhQ6SQejAzAoKZ+MxOLDwkCh20.
ECDSA key fingerprint is MD5:3e:82:cc:d4:fa:00:96:a3:d8:80:e4:94:e3:26:58:2e.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.8.245' (ECDSA) to the list of known hosts.
root@192.168.8.245's password:
keepalived.conf 100% 1347 1.6MB/s 00:003.3 修改 8.247 Keepalived 的配置
[root@storage keepalived]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict #### 屏蔽此行,会影响到使用虚拟IP
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP #### MASTER change BACKUP
interface enp0s3 #### eth0 配置网卡 ip addr
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.249 #### 修改成 虚拟IP地址 需要和服务器同网段
}
}
virtual_server 192.168.8.249 6000 { #### 虚拟IP地址 和 监听的端口
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.8.247 5000 { #### HA的地址 和 端口
weight 1
#### 下面是心跳检查
#### https://keepalived.org/doc/configuration_synopsis.html
TCP_CHECK { #### 使用TCP的心跳检测
connect_port 5000 #### 监听端口
connect_timeout 10 #### 心跳超时时间
}
}
}3.4 启动两台服务器 keepalived
[root@localhost ~]# keepalived -f /etc/keepalived/keepalived.conf
[root@localhost ~]# ps -ef | grep keepalived
root 21020 1 0 15:14 ? 00:00:00 keepalived -f /etc/keepalived/keepalived.conf
root 21021 21020 0 15:14 ? 00:00:00 keepalived -f /etc/keepalived/keepalived.conf
root 21022 21020 0 15:14 ? 00:00:00 keepalived -f /etc/keepalived/keepalived.conf
root 21049 28651 0 15:14 pts/0 00:00:00 grep --color=auto keepalived3.5 使用 keepalived 虚拟IP连接
3.6 演示抢占VIP
对象:8.245
[root@localhost ~]# ps -ef | grep keepalived # 查看进程
root 1774 28651 0 08:51 pts/0 00:00:00 grep --color=auto keepalived
root 21020 1 0 Nov10 ? 00:00:04 keepalived -f /etc/keepalived/keepalived.conf
root 21021 21020 0 Nov10 ? 00:00:07 keepalived -f /etc/keepalived/keepalived.conf
root 21022 21020 0 Nov10 ? 00:00:14 keepalived -f /etc/keepalived/keepalived.conf
[root@localhost ~]# kill 21020 21021 21022 # 杀死进程
[root@localhost ~]# ps -ef | grep keepalived # 查看keepalived是否存在
root 1837 28651 0 08:52 pts/0 00:00:00 grep --color=auto keepalived
[root@localhost ~]# ip add | grep 192.168.8 # 查看VIP是否存在
inet 192.168.8.245/24 brd 192.168.8.255 scope global noprefixroute enp0s3对象:8.247
[root@storage keepalived]# ip add | grep 192.168.8
inet 192.168.8.247/24 brd 192.168.8.255 scope global noprefixroute enp0s3
inet 192.168.8.249/32 scope global enp0s3最后运行回 8.245 keepalived
[root@localhost ~]# keepalived -f /etc/keepalived/keepalived.conf
[root@localhost ~]# ip add | grep 192.168.8
inet 192.168.8.245/24 brd 192.168.8.255 scope global noprefixroute enp0s3备注:当 8.245 的keepalived kill掉情况下, 虚拟IP 8.249 就会自动在 8.247 上出现,尽管 8.245 的keepalived 重新运行,虚拟IP 8.249 依然在 8.247上的服务器。
四、keepalived延伸HA宏机处理情况
4.1 安装 killall 检测插件
yum search killall
yum -y install psmisc.x86_648.245 和 8.247 都需要安装
4.2 使用 killall 检测 haproxy
对象 8.245
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict #### 屏蔽此行,会影响到使用虚拟IP
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "killall -0 haproxy" #### 检测 haproxy 是否运行
interval 2 #### 两秒检测一次
}
vrrp_instance VI_1 {
state MASTER
interface enp0s3 #### eth0 配置网卡 ip addr
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.249 #### 修改成 虚拟IP地址 需要和服务器同网段
}
track_script {
chk_haproxy #### 添加检测 haproxy 方法
}
}
virtual_server 192.168.8.249 6000 { #### 虚拟IP地址 和 监听的端口
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.8.245 5000 { #### HA的地址 和 端口
weight 1
}
}
--------
[root@localhost ~]# killall -0 haproxy #### 没有任何提示就是存在,没有则提示"haproxy: no process found"
[root@localhost ~]# echo $? #### 返回 0 就是存在,若返回 1 可以自行运行 haproxy -f /etc/haproxy/haproxy.cfg
0
[root@localhost ~]# ps -ef | grep haproxy #### 查看 haproxy 进程是否存在
haproxy 19218 1 0 09:41 ? 00:00:00 haproxy -f /etc/haproxy/haproxy.cfg
root 19514 13983 0 09:42 pts/0 00:00:00 grep --color=auto haproxy对象 8.247
[root@storage ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
#vrrp_strict #### 屏蔽此行,会影响到使用虚拟IP
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_haproxy {
script "killall -0 haproxy" #### 检测 haproxy 是否运行
interval 2 #### 两秒检测一次
}
vrrp_instance VI_1 {
state BACKUP #### MASTER change BACKUP
interface enp0s3 #### eth0 配置网卡 ip addr
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.249 #### 修改成 虚拟IP地址 需要和服务器同网段
}
track_script {
chk_haproxy #### 添加检测 haproxy 方法
}
}
virtual_server 192.168.8.249 6000 { #### 虚拟IP地址 和 监听的端口
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
protocol TCP
real_server 192.168.8.247 5000 { #### HA的地址 和 端口
weight 1
}
}启动流程:
(1) 8.245 和 8.247 都运行 “systemctl stop keepalived.service”
[root@storage ~]# ps -ef | grep keepalived
root 1156 1 0 Nov10 ? 00:00:05 keepalived -f /etc/keepalived/keepalived.conf
root 1157 1156 0 Nov10 ? 00:00:08 keepalived -f /etc/keepalived/keepalived.conf
root 1158 1156 0 Nov10 ? 00:00:18 keepalived -f /etc/keepalived/keepalived.conf
root 2634 2521 0 10:03 pts/0 00:00:00 grep --color=auto keepalived
出现这种不行的,如果 stop不行就直接 kill
[root@storage ~]# kill -9 1156 1157 1158 2634
-----------
(2) 8.245 和 8.247 都启动 keepalived “systemctl start keepalived.service”
[root@localhost ~]# ps -ef | grep keepalived
root 26742 1 0 10:02 ? 00:00:00 /usr/sbin/keepalived -D
root 26743 26742 0 10:02 ? 00:00:00 /usr/sbin/keepalived -D
root 26744 26742 0 10:02 ? 00:00:00 /usr/sbin/keepalived -D
root 26747 13983 0 10:02 pts/0 00:00:00 grep --color=auto keepalived因keepalived操作频繁,出现两台服务器出现8.249这个虚拟IP,Navicat是连接不到的,需要两台服务器都运行 “service network restart” 解决
测试流程:
- 前提条件,两台服务器都运行了 keepalived 和 haproxy
- 查看虚拟IP在8.247服务器,然后就在此服务器杀死 haproxy 进程,在查看ip addr,虚拟IP不见了
- 虚拟IP就迁移到 8.245服务器上
备注:必需有 haproxy 服务运行,不然 keepalived 脚本检测不到,就不会抢虚拟IP
五、命令汇总
systemctl stop keepalived.service
systemctl start keepalived.service
systemctl status keepalived.service
systemctl restart keepalived.service
keepalived -f /etc/keepalived/keepalived.conf
haproxy -f /etc/haproxy/haproxy.cfg
service network restart
ps -ef | grep haproxy
ps -ef | grep keepalived
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
