环境说明
- centos 7 ,keepalived-2.0.20 。
- master ip :192.168.1.26 backup ip : 192.168.1.33
- vip :192.168.1.50 (这个是我们下面要创建的ip)
- 我使用的环境为本地局域网,所以公网环境我并未测试,但原理一致,无非虚拟ip创建位置不同。
这只是设备的高可用,你的服务、业务需要高可用则需要自行设计你的业务代码,做主备服务器中服务代码的同步逻辑,使用虚拟IP和keepalived来做虚拟IP漂移时,需要考虑你的业务是否能接纳虚拟IP漂移的时间(即使这个时间很短)
1. 创建虚拟ip(virtual ip)
- 我使用的是centos的环境,如果你是ubuntu 或者其他系统,请参考对
应系统的虚拟ip设置!
Master 部分
- 查看虚拟机的网口 命令: ip addr
- 注意红框内的信息,其他的先不要在意。
- 输入命令 :cd /etc/sysconfig/network-scripts/
- 输入命令 :ls
我的网口是ens33,所以我对应的网口文件是ifcfg-ens33,也就是我ip为192.168.1.26的配置文件 - 输入命令 :vim ifcfg-ens33
第一个红框内填写你本地的ip(就是你正在用的IP地址)
后面两个红框内就是你要添加的虚拟IP地址(注意网段地址要和你本地的网段一致)
Back UP部分
- Back Up 部分比较特殊,这里不用配置虚拟IP,只要安装keepalived后,在keepalived.conf文件中配置对应的IP就好
2. 安装keepalived(源码安装)
Master部分
-
keepalived官网地址 (我使用的是2.0.20)
- 编译安装
- 将压缩包从windows放入Linux系统
- tar -xvf keepalived-2.0.20.tar.gz
- ./configure --prefix=/usr/local/keepalived-1.2.15 (注意前面只有一个.)
- make && make install
- 等待编译安装完成
- 修改keepalived.conf
- 因为我们编译安装没有指定任何多余的东西,所以这个conf文件一般是在 /usr/local/
- 在 /etc 目录下,创建keepalived目录,cp keepalived.conf 到此目录下。
- 执行 chkconfig keepalived on
- cd /etc/keepalived/
- vim keepalived.conf
这里贴出我master部分的keepalived.conf配置 (需要使用的都已经添加了注释," # "是注释标识符)
! Configuration File for keepalived
global_defs {
# 故障时,主备切换通知的email
#notification_email {
#acassen@firewall.loc
#failover@firewall.loc
#sysadmin@firewall.loc
#}
# email配置
#notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30、
# 路由id,当前安装keepalived的节点主机标识符,需要保证全局唯一
router_id keep_1
#router_id LVS_DEVEL
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
# 基于vrrp协议的实例,可以理解为一个服务器的节点
vrrp_instance VI_1 {
# 表示状态为主节点MASTER还是备用机BACKUP
state MASTER
# 当前示例绑定的网卡,根据ip addr查出来的网卡
interface ens33
# 虚拟路由id 需要保证主备节点的该值一致
virtual_router_id 51
#优先级/权重,master权重一般高于backup,在master挂掉后谁的优先级高,谁就能成为master
priority 188
#主备之间同步检查的时间间隔(心跳),默认为1s
advert_int 1
#认证授权的密码,防止非法节点进入,主备需要一致
authentication {
auth_type PASS
auth_pass 1111
}
#虚拟IP,可以有多个,根据自己实际情况修改
virtual_ipaddress {
192.168.1.50
}
}
# virtual_server 192.168.200.100 443 {
# delay_loop 6
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
# real_server 192.168.201.100 443 {
# weight 1
# SSL_GET {
# url {
# path /
# digest ff20ad2481f97b1754ef3e12ecd3a9cc
# }
# url {
# path /mrtg/
# digest 9b3a0c85a887a256d6939da88aabd8cd
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# }
# virtual_server 10.10.10.2 1358 {
# delay_loop 6
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
# sorry_server 192.168.200.200 1358
# real_server 192.168.200.2 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# real_server 192.168.200.3 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334c
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334c
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# }
# virtual_server 10.10.10.3 1358 {
# delay_loop 3
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
# real_server 192.168.200.4 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# real_server 192.168.200.5 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# }
BackUp部分
-
keepalived官网地址 (我使用的是2.0.20)
- 编译安装
- 将压缩包从windows放入Linux系统
- tar -xvf keepalived-2.0.20.tar.gz
- ./configure --prefix=/usr/local/keepalived-1.2.15 (注意前面只有一个.)
- make && make install
- 等待编译安装完成
- 修改keepalived.conf
- 因为我们编译安装没有指定任何多余的东西,所以这个conf文件一般是在 /usr/local/
- 在 /etc 目录下,创建keepalived目录,cp keepalived.conf 到此目录下。
- 执行 chkconfig keepalived on
- cd /etc/keepalived/
- vim keepalived.conf
这里贴出我BackUp部分的keepalived.conf配置 (需要使用的都已经添加了注释," # "是注释标识符)
! Configuration File for keepalived
global_defs {
# notification_email {
# acassen@firewall.loc
# failover@firewall.loc
# sysadmin@firewall.loc
# }
# notification_email_from Alexandre.Cassen@firewall.loc
# smtp_server 192.168.200.1
# smtp_connect_timeout 30
# router_id LVS_DEVEL
# vrrp_skip_check_adv_addr
# vrrp_strict
# vrrp_garp_interval 0
# vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
# 192.168.200.16
# 192.168.200.17
# 192.168.200.18
192.168.1.50
}
}
# virtual_server 192.168.200.100 443 {
# delay_loop 6
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
# real_server 192.168.201.100 443 {
# weight 1
# SSL_GET {
# url {
# path /
# digest ff20ad2481f97b1754ef3e12ecd3a9cc
# }
# url {
# path /mrtg/
# digest 9b3a0c85a887a256d6939da88aabd8cd
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# }
# virtual_server 10.10.10.2 1358 {
# delay_loop 6
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
# sorry_server 192.168.200.200 1358
# real_server 192.168.200.2 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# real_server 192.168.200.3 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334c
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334c
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# }
# virtual_server 10.10.10.3 1358 {
# delay_loop 3
# lb_algo rr
# lb_kind NAT
# persistence_timeout 50
# protocol TCP
# real_server 192.168.200.4 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# real_server 192.168.200.5 1358 {
# weight 1
# HTTP_GET {
# url {
# path /testurl/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl2/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# url {
# path /testurl3/test.jsp
# digest 640205b7b0fc66c1ea91c463fac6334d
# }
# connect_timeout 3
# retry 3
# delay_before_retry 3
# }
# }
# }
- 注意:我这里两个的state都是MASTER,最好是认真看一遍我在Master的keepalived.conf配置和注释,哪个为主哪个为备,以权重值为主。
至此我们两个Linux的虚拟IP和keepalived已经配置和安装完成
3. 测试
Master 和 BackUp都按照下面的步骤
- 进入解压的目录中 命令 : cd keepalived-2.0.20/keepalived
- 启动keepalived 命令 : ./keepalived
- 查看是否成功启动 命令1: ps -ef|grep keepalived
- 查看是否成功启动 命令2: systemctl status keepalived.service
命令1:
命令2:
5. 开启Master和BackUp的keepalived
6. 执行命令: journalctl -u keepalived (查看keepalived日志)
7. tail -f /var/log/message (实时查看日志)
- Master端日志
- BackUp端日志
Master :Entering MASTER STATE
BackUp:Entering BACKUP STATE
这两句代表两个Linux的主备身份切换,我私下把Master Linux关闭后,BackUp Linux可以马上切换到Master身份,当我的Master Linux重新打开后,会把Back Up Linux的Master身份抢回来,原因在于权重值和身份状态
常用命令:
- 查看keepalived状态:systemctl status keepalived.service
- 停止keepalived服务:systemctl stop keepalived.service
- 开始keepalived服务:systemctl start keepalived.service
- 查看keepalived日志:tail -f /var/log/message