1:HA集羣架構與VIIP工作原理:
Linux高可用集羣:pacemaker、keepalived
keepalived理論工作原理:
keepalived是以VRRP協議爲實現基礎的,VRRP全稱Virtual Router Redundancy Protocol,即虛擬路由冗餘協議。
虛擬路由冗餘協議是實現路由器高可用的協議,即將N臺提供相同功能的路由器組成一個路由器組,這個組裏面有一個master
和多個backup,master上面有一個對外提供服務的VIP(該路由器所在局域網內其他機器的默認路由爲VIP),
master會發組播、廣播、或單播,當backup收不到vrrp包時就認爲master宕機,這時就需要根據VRRP優先級來選舉
一個backup成爲master。這樣的話就可以保證路由器的高可用了。
keepalived 工作在OSI的三層、四層和七層原理
layer3:工作在三層時,keepalived會定期向熱備組中的服務器發送一個ICMP數據包,來判斷某臺服務器是否故障,
如果故障則將這臺服務器從熱備組移除。
layer4:工作在四層時,keepalived以TCP端口的狀態來判斷服務器是否故障,比如檢測mysql 3306端口,如果故障
則將這臺服務器從熱備組移除。
layer7:工作在七層時,keepalived根據用戶設定的策略判斷服務器上的程序是否正常運行,如果故障則將這臺服務器
從熱備組中移除。
==================================================================================================================
2:原碼編譯安裝keepalived與集羣環境配置【最簡單的主機集羣】
http://www.keepalived.org #下載keepalived 1.3.6版本
yum install -y openssl openss-devel libnl3-devel.X86_64 libnfnetlink-devel.X86_64 ipvasadm
tar xvf keepalived-1.3.6.tar
cd /opt/keepalived-1.3.6
執行配置編譯並安裝 #./configure && make && make install
複製配置文件並啓動keepalived
cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d #centos7無此文件可以忽略
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
mkdir /etc/keepalived
cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/sbin/keepalived /usr/sbin/
service keepalived start
#也可以使用systemctl方式啓動keepalived服務[1.3版本以後支持systemctl]
systemctl enabled keepalived.service
systemctl start keepalived.service
systemctl stop keepalived.service
vi /etc/keepalived/keepalived.conf
global_defs {
router_id haweb_1
}
vrrp_sync_group VGM {
GROUP {
VI_HA
}
}
vrrp_instance VI_HA {
state SLAVE #主服務爲MASTER
interface ens33
lvs_sync_daemon_inteface ens33
virtual_router_id 51
priority 90 #權值範圍1-255,越大越高
advert_init 5
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.1.10/24 dev ens33
}
}
scp /etc/keepalived/keepalived.conf [email protected]:/etc/keepalived/keepalived.conf
[email protected]'s password:
[lsof -i:80 瞭解一下LSOF命令的使用方法] ifconfig看不到VIP{虛假IP}信息,可以用 ip a 命令
如果SELINUX沒有關閉,VIP會只要第一權重的機器上,無法飄移到另外一臺主機,
處理辦法:可以在配置文件裏 增加 setseboot -P piranha_lvs_can_connect on #selinux布爾值
keepalived雙機熱備完整配置實例:
簡單主機集羣,當服務宕機時會出現“腦裂”的情況,解決辦法:
vi /etc/keepalived/httpd.sh #內容如下:
#!/bin/bash
counter=$(ps -C httpd --no-heading | wc -l)
if ["${counter}" = "0" ];then
/usr/sbin/httpd
sleep 2
counter=$(ps -C httpd --no-heading | wc -l)
if ["${counter}" = "0" ];then
/usr/bin/systemctl stop keepalived.service
fi
fi
插曲:yum -y install killall
yum -y install psmisc.x86_64
chmod +x /etc/keepalived/httpd.sh
vi /etc/keepalived/keepalived.conf
global_defs {
router_id LVS_001B #router_id這個要唯一
}
vrrp_instance VI_1 {
state MASTER #SLAVE 或 BACKUP
interface ens33
virtual_router_id 51 #這個virtual_router_id在兩臺機器上要相同
priority 100 #權值範圍1-255,越大越高[優先級]
unicast_src_ip 192.168.1.11 #本地IP地址【unicast 是單播】
unicast_peer {
192.168.1.12 #對端IP地址,此地址一定不能忘記
}
advert_init 1 #【發送ICMP的時間間隔】
authentication {
auth_type PASS
auth_pass 1234
}
virtual_ipaddress {
192.168.1.10/24
}
}
virtual_server 192.168.1.10 80 {
delay_loop 2 #每隔2秒 檢測virtual_server狀態
lb_algo rr #定義LVS調度算法
lb_kind DR #定義LVS工作模式
persistence_timeout 60 #定義持久鏈接時長
protocol TCP #定義集羣的協議
real_server 192.168.1.11 80 {
weight 1
notify_down /etc/keepalived/httpd.sh
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 2
delay_before_retry 1
}
}
}