原文地址:http://sjsky.iteye.com/blog/1156403
blog遷移至 :http://www.micmiu.com
keepalived是一個類似於layer3, 4, 5 交換機制的軟件,也就是我們平時說的第3層、第4層和第5層交換。Keepalived的作用是檢測web服務器的狀態,如果有一臺web服務器死機,或工作出現故障,Keepalived將檢測到,並將有故障的web服務器從系統中剔除,當web服務器工作正常後Keepalived自動將web服務器加入到服務器羣中,這些工作全部自動完成,不需要人工干涉,需要人工做的只是修復故障的web服務器。
官網地址:http://www.keepalived.org/
截止目前最新版本1.2.2 附件提供下載:keepalived-1.2.2.tar.gz
keepalived 中文權威指南:KEEPALIVED權威指南_中文_.pdf
本文目錄:
[一]、實驗環境介紹
[二]、服務器層的雙機熱備(比如服務器宕機、keepalived宕、網絡不通)
[三]、應用層(web)的雙機熱備(比如web應用端口不通、nginx進程被意外kill)
[一]、實驗環境介紹
1.1、軟件信息:
S-A 192.168.8.183 centos5 keepalived nginx
S-B 192.168.8.150 centos5 keepalived nginx
VirtualIP (虛擬IP):192.168.8.191
1.2、keepalived 標準的安裝步驟:
# tar -zxvf keepalived-1.2.2.tar.gz
# cd keepalived-1.2.2
# ./configure
# make
# make install
# mkdir /etc/keepalived/
# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf
1.3、nginx的安裝和keepalived類似
不熟悉的可參考:nginx安裝及負載均衡配置 (http://sjsky.iteye.com/blog/1156195)
修改nginx.conf 中監聽端口80->8088:
listen 8088;
server_name localhost;
修改/usr/local/nginx/html/index.html的內容:
192.168.8.183
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<bodybgcolor="white"text="black">
<center><h1>Welcome to nginx! 192.168.8.183</h1></center>
</body>
</html>
192.168.8.150:
<html>
<head>
<title>Welcome to nginx!</title>
</head>
<bodybgcolor="white"text="black">
<center><h1>Welcome to nginx! 192.168.8.150</h1></center>
</body>
</html>
兩臺server(S-A,S-B)都需要安裝這兩款軟件。
[二]、服務器層的雙機熱備(比如服務器宕機、keepalived宕了)
2.1、測試要求:
主機宕機、keepalived宕了、網絡不通時,備機能自動接管,不影響VIP:192.168.8.191的訪問
2.2、Master(S-A 192.168.8.181)配置文件/etc/keepalived/keepalived.conf:
! Configuration File for keepalived
global_defs {
notification_email {
}
#notification_email_from [email protected]
#smtp_server 127.0.0.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.191
}
}
2.3、Backup(S-B 192.168.8.150)配置信息/etc/keepalived/keepalived.conf:
! Configuration File for keepalived
global_defs {
notification_email {
}
#notification_email_from [email protected]
#smtp_server 127.0.0.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.191
}
}
Tips:
state 參數值:主的是MASTER、備用的是BACKUP
priority 參數值: MASTER > BACKUP
virtual_router_id: 參數值要一樣
2.4、測試:
兩臺測試機S-A、S-B均啓動keepalived和nginx
2.4.1、驗證nginx啓動正常:
訪問 master : http://192.168.8.183:8088/
訪問 backup: http://192.168.8.150:8088/
2.4.2、查看keepalived的日誌信息如下:
master :192.168.8.183
backup:192.168.8.150
2.4.3、瀏覽器打開虛擬ip訪問:http://192.168.8.191:8088/
2.4.4、kill 192.168.8.181(master) 的keepalived進程,日誌信息如下:
master :192.168.8.183
backup:192.168.8.150
2.4.5、瀏覽器打開虛擬ip訪問:http://192.168.8.191:8088/
2.4.6、再次啓動192.168.8.181的keepalived進程,192.168.8.181會自動接管成爲master,192.168.8.150自動轉爲backup,從測試結果看,備機能成功接管,已經實現了熱備。
Tips:如果我們停掉master上的nginx進程,你會發現此時應用訪問就失敗了,很顯然這不是我們希望看到的結果,那如何實現web應用的熱備呢,在下一節中我們將詳細講述。
[三]、應用層(web)的雙機熱備(比如nginx進程被意外kill、web端口不通)
3.1.主要是利用keepalived的track_script檢測腳本的原理實現的。
3.2.配置文件的修改
3.2.1、Master(S-A 192.168.8.181)配置文件/etc/keepalived/keepalived.conf:
/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
#admin@michael-demo.com
}
#notification_email_from admin@michael-demo.com
#smtp_server 127.0.0.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "</dev/tcp/127.0.0.1/8088"
interval 1
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.191
}
track_script {
chk_http_port
}
}
3.2.2、Backup(S-B 192.168.8.150)配置文件/etc/keepalived/keepalived.conf:
/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
#admin@michael-demo.com
}
#notification_email_from admin@michael-demo.com
#smtp_server 127.0.0.1
#smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_http_port {
script "</dev/tcp/127.0.0.1/8088"
interval 1
weight -2
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.8.191
}
track_script {
chk_http_port
}
}
3.2.3、注意點(非常重要)
1)、爲什麼主備的參數state都是MASTER,對的你沒有看錯確實要都設置成一樣的,不然並不能實現我們想要的VIP漂浮的效果,我測試很久才發現的.state都設置成MASTER後,會根據priority的值大小競爭來決定誰是真正的MASTER,腳本檢測也是在失敗的時候會把權重減去相應的值,比如原來master(181)的priority=100,如果腳本檢測到端口8088無法連接,就會priority-2=98,< S-B(150)的priority(99),此時S-B(150)將競爭成爲master,這樣就實現了web應用的熱備。
2)、配置文件格式一定要注意,比如:track_script {,在“track_script”和“{”之間一定要加空格 ,本來測試時少了個空格,一直無法運行檢測腳本,調試了很久,非常鬱悶
3.3、測試過程和上面的過程基本一致。