keepalived
1、工作原理
keepalived主要作用:
1、管理LVS负载均衡软件
2、实现对LVS集群节点健康检查功能
3、作为系统网络服务的高可用功能
keepalived服务工作原理:
keepalived高可用对之间是通过VRRP进行通信的,VRRP是通过精选机制来确定主备的,主的优先级高于备,因此,工作时主会优先获得所有的资源,备节点处于等待状态,当主挂了的时候,备节点就会接管主节点的资源,然后顶替主节点对外提供服务。
在keepalived服务对之间,只有作为主的服务器会一直发送VRRP广播包,告诉备它还活着,此时备不会抢占主,当主不可用时,即备监听不到主发送的广播包时,就会启动相关服务接管资源,保证业务的连续性,接管速度最快可以小于1秒
1)VRRP协议,全称Virtual Router Redundancy Protocol,中文名为虚拟路由冗余协议,VRRP的出现是为了解决静态路由的单点故障。
2)VRRP是通过一种竞选协议机制来讲路由任务交给某台VRRP路由器的
3)VRRP是用过IP多播的方式(默认多播地址(224.0.0.18))实现高可用对之间通信的。
4)工作时主节点发包,备节点接包,当备节点接收不到主节点发的数据包的时候,就启动接管程序接管主节点的资源。备节点可以有多个,通过优先级竞选,但一般Keepalived系统运维工作中都是一对。
5)VRRP使用了加密协议加密数据,但keepalived官方目前还是推荐使用铭文的方式配置认证类型和密码
2、部署
安装包:keepalived-2.2.0.tar.gz
前置条件
# yum install gcc openssl-devel -y 支持openssl、c的依赖包
# yum -y install libnl libnl-devel 支持ipv6的依赖包
安装
# ./configure --prefix=/usr/local/keepalived
# make && make install
配置成服务:
# cd /usr/local/keepalived
# cp etc/sysconfig/keepalived /etc/sysconfig/
# cp etc/keepalived/keepalived.conf /etc/keepalived/
# cp sbin/keepalived /usr/sbin/
加入开机启动项:
# vim /etc/init.d/keepalived
#!/bin/sh
#
# keepalived High Availability monitor built upon LVS and VRRP
#
# chkconfig: - 86 14
# description: Robust keepalive facility to the Linux Virtual Server project \
# with multilayer TCP/IP stack checks.
### BEGIN INIT INFO
# Provides: keepalived
# Required-Start: $local_fs $network $named $syslog
# Required-Stop: $local_fs $network $named $syslog
# Should-Start: smtpdaemon httpd
# Should-Stop: smtpdaemon httpd
# Default-Start:
# Default-Stop: 0 1 2 3 4 5 6
# Short-Description: High Availability monitor built upon LVS and VRRP
# Description: Robust keepalive facility to the Linux Virtual Server
# project with multilayer TCP/IP stack checks.
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
exec="/usr/sbin/keepalived"
prog="keepalived"
config="/etc/keepalived/keepalived.conf"
[ -e /etc/sysconfig/$prog ] && . /etc/sysconfig/$prog
lockfile=/var/lock/subsys/keepalived
start() {
[ -x $exec ] || exit 5
[ -e $config ] || exit 6
echo -n $"Starting $prog: "
daemon $exec $KEEPALIVED_OPTIONS
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading $prog: "
killproc $prog -1
retval=$?
echo
return $retval
}
force_reload() {
restart
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status &>/dev/null
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?
# chmod a+x /etc/init.d/keepalived
修改配置文件
# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_02
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.105.233/24
}
}
virtual_server 192.168.105.233 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
persistence_timeout 50
nat_mask 255.255.255.0
protocol TCP
real_server 192.168.105.231 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
real_server 192.168.105.232 80 {
weight 1
TCP_CHECK {
connect_timeout 8
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
启动
# systemctl start keepalived
3、测试
当关闭keepalived032后,keepalived033迅速接管192.168.105.233
