Keepalived 雙機熱備
使用 Keepalived 做雙機熱備非常簡單,經常和 LVS 搭配來實現高可用負載平衡方案
1. Master / Slave
首先準備兩臺測試服務器和一個虛擬IP。
Server A: 192.168.1.10 (主服務器)
Server B: 192.168.1.20
Virtual IP: 192.168.1.100
測試服務: 在兩臺服務器上分別安裝 Nginx,並修改默認的 index.html 文件,顯示當前服務器 IP 以便識別。
1. 在兩臺服務器上分別安裝 keepalived。
$ sudo apt-get install keepalived
2. 添加配置文件。
Server A
$ sudo vim /etc/keepalived/keepalived.conf
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51 # 保持主從服務器一致
priority 100 # 優先級 (主服務器較高)
advert_int 1 # 心跳廣播間隔(秒)
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100 # 虛擬IP地址,可以多個。
}
}
Server B
$ sudo vim /etc/keepalived/keepalived.conf
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
注意:備份服務器 Server B 配置中 state 要改成 BACKUP,同時調低 priority。
3. 啓動兩臺服務器上的 keepalived 服務。
$ sudo service keepalived start
重啓後可以使用 "ip a" 查看虛擬 IP 信息。
Server A
$ ip a
1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:4c:e7:e7 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.100/24 scope global secondary eth0
inet6 fe80::20c:29ff:fe4c:e7e7/64 scope link
valid_lft forever preferred_lft forever
Server B
$ ip a
1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:01:d8:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.20/24 brd 192.168.1.255 scope global eth0
inet6 fe80::20c:29ff:fe01:d816/64 scope link
valid_lft forever preferred_lft forever
4. 在第三臺機器上進行訪問測試。
$ curl http://192.168.1.10
Welcome to nginx! 192.168.1.10
$ curl http://192.168.1.20
Welcome to nginx! 192.168.1.20
$ curl http://192.168.1.100
Welcome to nginx! 192.168.1.10
我們關掉主服務器 192.168.1.10,再訪問 http://192.168.1.100 就會自動切換成備份服務器 (Server B: 192.168.1.20)。
$ curl http://192.168.1.100
Welcome to nginx! 192.168.1.20
同時 Server B 綁定了虛擬 IP。
Server B
$ ip a
1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:01:d8:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.20/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.100/24 scope global secondary eth0
inet6 fe80::20c:29ff:fe01:d816/64 scope link
valid_lft forever preferred_lft forever
重新打開主服務器(Server A: 192.168.1.10),訪問恢復。
2. Master / Master
Master / Slave 方案中備份服務器(Server B)平時就是個擺設,有點浪費。我們完全可以用來跑其他服務,讓兩臺主機形成相互熱備。
Server A: 192.168.1.10, Virtual IP: 192.168.1.100
Server B: 192.168.1.20, Virtual IP: 192.168.1.200
修改配置文件。
Server A
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.200
}
}
Server B:
global_defs {
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.100
}
}
vrrp_instance VI_2 {
state MASTER
interface eth0
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.1.200
}
}
其實很簡單,我們增加了一個新的配置 VI_2 (注意 virtual_router_id 不同)。不過這回用 Server B 做主服務器,如此 Server A、Server B 各自擁有主虛擬IP,同時備份對方的虛擬 IP。重啓兩臺服務器的 keepalived 服務後,查看虛擬 IP 綁定信息。
Server A
$ ip a
1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:4c:e7:e7 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.100/24 scope global secondary eth0
inet6 fe80::20c:29ff:fe4c:e7e7/64 scope link
valid_lft forever preferred_lft forever
Server B
$ ip a
1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:01:d8:16 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.20/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.200/24 scope global secondary eth0
inet6 fe80::20c:29ff:fe01:d816/64 scope link
valid_lft forever preferred_lft forever
正常情況下,會使用各自的主服務器。
$ curl http://192.168.1.100
Welcome to nginx! 192.168.1.10
$ curl http://192.168.1.200
Welcome to nginx! 192.168.1.20
一旦任何一臺服務器當機,另一臺就會自動接管。我們停掉 192.168.1.20,看看訪問 http://192.168.1.200 是不是切換到 192.168.1.10 上。
$ curl http://192.168.1.200
Welcome to nginx! 192.168.1.10
同時 Server A 綁定虛擬 IP 192.168.1.200。
$ ip a
1: lo: <loopback,up,lower_up> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <broadcast,multicast,up,lower_up> mtu 1500 qdisc pfifo_fast state UNKNOWN qlen 1000
link/ether 00:0c:29:4c:e7:e7 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.10/24 brd 192.168.1.255 scope global eth0
inet 192.168.1.100/24 scope global secondary eth0
inet 192.168.1.200/24 scope global secondary eth0
inet6 fe80::20c:29ff:fe4c:e7e7/64 scope link
valid_lft forever preferred_lft forever
Server B 重啓後,一切恢復正常。
這個方案可以是不同的服務,或者是同一服務的訪問分流(配合 DNS 使用)。