Keepalived

2020-04-04

Keepalived 快速使用手册

原理

虚拟ip

安装

双机主备

主节点MASTER

  1. 下载 https://keepalived.org/download.html

  2. 上传服务器并解压

    1
    [root@iZ2ze7s2v0b78922wia32rZ software]# tar -zxvf keepalived-2.0.19.tar.gz
  3. 配置生成

    1
    [root@iZ2ze7s2v0b78922wia32rZ keepalived-2.0.19]# ./configure --prefix=/usr/local/keepalived --sysconf=/etc
    • prefix:keepalived安装的位置
    • sysconf:keepalived核心配置文件所在位置,固定位置,改成其他位置则keepalived启动不了,/var/log/messages中会报错
  4. 生成并安装

    1
    2
    3
    4
    [root@iZ2ze7s2v0b78922wia32rZ keepalived-2.0.19]# make && make install
    ...
    [root@iZ2ze7s2v0b78922wia32rZ keepalived-2.0.19]# whereis keepalived
    keepalived: /etc/keepalived /usr/local/keepalived
  5. 配置keepalived.conf

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    global_defs {
    # 路由id:当前安装keepalived的节点主机标识符,保证全局唯一
    router_id keep_171
    }

    vrrp_instance VI_1 {
    # 表示状态是MASTER主机还是备用机BACKUP
    state MASTER
    # 该实例绑定的网卡
    interface ens33
    # 保证主备节点一致即可
    virtual_router_id 51
    # 权重,master权重一般高于backup,如果有多个,那就是选举,谁的权重高,谁就当选
    priority 100
    # 主备之间同步检查时间间隔,单位秒
    advert_int 2
    # 认证权限密码,防止非法节点进入
    authentication {
    auth_type PASS
    auth_pass 12345678
    }
    # 虚拟出来的ip,可以有多个(vip)
    virtual_ipaddress {
    172.17.133.251
    }
    }
  6. 查看linux网卡地址

    1
    2
    3
    4
    5
    6
    7
    8
    9
    [root@iZ2ze7s2v0b78922wia32rZ keepalived-2.0.19]# ip addr
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:16:3e:14:6a:e5 brd ff:ff:ff:ff:ff:ff
    inet 172.17.133.250/20 brd 172.17.143.255 scope global dynamic eth0
    valid_lft 313370644sec preferred_lft 313370644sec

    可以看到,只有172.17.133.250

  7. 启动keepalived

    1
    2
    3
    4
    5
    [root@iZ2ze7s2v0b78922wia32rZ keepalived]# /usr/local/keepalived/sbin/keepalived 
    [root@iZ2ze7s2v0b78922wia32rZ keepalived]# ps -ef|grep keepalived
    root 12248 1 0 10:07 ? 00:00:00 /usr/local/keepalived/sbin/keepalived
    root 12249 12248 0 10:07 ? 00:00:00 /usr/local/keepalived/sbin/keepalived
    root 12251 6194 0 10:07 pts/0 00:00:00 grep --color=auto keepalived
  8. 重新查看linux网卡

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    [root@iZ2ze7s2v0b78922wia32rZ keepalived]# ip addr
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
    valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:16:3e:14:6a:e5 brd ff:ff:ff:ff:ff:ff
    inet 172.17.133.250/20 brd 172.17.143.255 scope global dynamic eth0
    valid_lft 313369237sec preferred_lft 313369237sec
    inet 172.17.133.251/32 scope global eth0
    valid_lft forever preferred_lft forever

    可以看到,我们之前配置的虚拟ip172.17.133.251已经生效了。

  9. 停止keepalived

    原生的keepalived不支持stop命令,只能通过kill当前进程来关闭,如:

    1
    2
    3
    4
    5
    6
    7
    8
    [root@iZ2ze7s2v0b78922wia32rZ keepalived]# ps -ef|grep keepalived
    root 12248 1 0 Dec20 ? 00:00:00 /usr/local/keepalived/sbin/keepalived
    root 12249 12248 0 Dec20 ? 00:00:18 /usr/local/keepalived/sbin/keepalived
    root 13968 13947 0 08:48 pts/0 00:00:00 grep --color=auto keepalived
    [root@iZ2ze7s2v0b78922wia32rZ keepalived]# kill -9 12248
    [root@iZ2ze7s2v0b78922wia32rZ keepalived]# ps -ef|grep keepalived
    root 13971 13947 0 08:49 pts/0 00:00:00 grep --color=auto keepalived
    [root@iZ2ze7s2v0b78922wia32rZ keepalived]#

    为了更加友好的启停keepalived,我们将其作为一个服务注册到linux系统

    • 进入到keepalived安装目录/home/software/keepalived-2.0.19/keepalived/etc

      1
      2
      3
      4
      5
      6
      7
      8
      9
      10
      11
      [root@iZ2ze7s2v0b78922wia32rZ etc]# ll
      total 64
      drwxrwxr-x 2 1000 1000 4096 Dec 20 09:39 init
      drwxrwxr-x 2 1000 1000 4096 Dec 20 09:39 init.d
      drwxrwxr-x 2 1000 1000 4096 Aug 16 2018 keepalived
      -rw-r--r-- 1 root root 19516 Dec 20 09:39 Makefile
      -rw-rw-r-- 1 1000 1000 181 Aug 16 2018 Makefile.am
      -rw-rw-r-- 1 1000 1000 18377 Oct 20 00:16 Makefile.in
      drwxrwxr-x 2 1000 1000 4096 Aug 16 2018 openrc
      drwxrwxr-x 2 1000 1000 4096 Aug 16 2018 sysconfig
      [root@iZ2ze7s2v0b78922wia32rZ etc]#
    • 我们需要复制2个文件到系统目录

      1
      2
      3
      [root@iZ2ze7s2v0b78922wia32rZ etc]# cp init.d/keepalived /etc/init.d/
      [root@iZ2ze7s2v0b78922wia32rZ etc]# cp sysconfig/keepalived /etc/sysconfig/
      cp: overwrite ‘/etc/sysconfig/keepalived’? y
    • 刷新系统配置,让上述操作生效

      1
      [root@iZ2ze7s2v0b78922wia32rZ etc]# systemctl daemon-reload
    • 使用新命令重新启动keepalived

      1
      2
      3
      4
      5
      [root@iZ2ze7s2v0b78922wia32rZ etc]# systemctl start keepalived.service
      [root@iZ2ze7s2v0b78922wia32rZ etc]# ps -ef|grep keepalived/
      root 14018 1 0 08:59 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D
      root 14019 14018 0 08:59 ? 00:00:00 /usr/local/keepalived/sbin/keepalived -D
      root 14021 13947 0 09:00 pts/0 00:00:00 grep --color=auto keepalived/
    • 使用新命令关闭keepalived

      1
      2
      3
      [root@iZ2ze7s2v0b78922wia32rZ etc]# systemctl stop keepalived.service
      [root@iZ2ze7s2v0b78922wia32rZ etc]# ps -ef|grep keepalived/
      root 14030 13947 0 09:03 pts/0 00:00:00 grep --color=auto keepalived/

备用节点BACKUP

参考主节点安装目录,安装备用节点keepalived,只需更改配置即可!

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
global_defs {
# 路由id:当前安装keepalived的节点主机标识符,必须全局唯一
router_id keepalived_aliyun_16_bak
}

# 虚拟实例id可改,也可不改
vrrp_instance VI_2 {
# MASTER --> 更改为 BACKUP
state BACKUP
# 网卡需要确认是否修改(ip addr)
interface eth0
virtual_router_id 51
# 优先级降低(对比MASTER)
priority 99
advert_int 1
authentication {
auth_type PASSMASTER
auth_pass 12345678
}
virtual_ipaddress {
# 对应的虚拟IP和主节点一致
172.17.133.251
}
}

双主热备

双主热备模型

单台机器配置多个实例对象,并且每一个都包含MASTER & BACKUP

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
global_defs {
# 路由id:当前安装keepalived的节点主机标识符,必须全局唯一
router_id keepalived_aliyun_16
}

vrrp_script check_nginx_alive{
script "/etc/keepalived/check_nginx_is_alive.sh"
interval 2 # 每隔两秒运行上一行脚本
weight 10 # 如果脚本运行成功,则升级权重+10,否则可以降权,比如配置为-10
}

vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 12345678
}
track_script{
check_nginx_alive
}
virtual_ipaddress {
172.17.133.251
}
}

vrrp_instance VI_2 {
state BACKUP
interface eth0
virtual_router_id 52
priority80
advert_int 1
authentication {
auth_type PASS
auth_pass 12345678
}
virtual_ipaddress {
172.17.133.252
}
}

keepalived 自动检测Nginx服务

在系统提供的过程中,只有keepalived服务中断后,我们才能切换到备用节点,但是如果只是nginx或者tomcat中断,虽然keepalived服务器是好的,但是实际我们的网站无法提供服务了,此时,我们需要一种机制来保证可以自动切换到备用节点。

keepalived提供了一种脚本机制来实现自动检测、切换功能。

  1. 编写服务检测脚本check_nginx_is_alive.sh

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    #!/bin/bash

    A=`ps -C nginx --no-header |wc -l`
    # 判断nginx是否宕机,如果宕机了,尝试重启
    if [ $A -eq 0 ];then
    /usr/local/nginx/sbin/nginx
    # 等待一小会再次检查nginx,如果没有启动成功,则停止keepalived,使其启动备用机
    sleep 3
    if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
    killall keepalived
    fi
    fi
  2. 更改脚本权限chmod -x check_nginx_is_alive.sh

  3. 重新配置keepalived.conf,新增配置脚本

    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    global_defs {
    # 路由id:当前安装keepalived的节点主机标识符,必须全局唯一
    router_id keepalived_aliyun_16

    # 编写调用脚本的函数
    vrrp_script check_nginx_alive{
    script "/etc/keepalived/check_nginx_is_alive.sh"
    interval 2 # 每隔两秒运行上一行脚本
    weight 10 # 如果脚本运行成功,则升级权重+10,否则可以降权,比如配置为-10
    }

    vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
    auth_type PASS
    auth_pass 12345678
    }
    # 实例启动的时候,执行上面的函数
    track_script{
    check_nginx_alive
    }
    virtual_ipaddress {
    172.17.133.251
    }
    }
  4. 重启keepalived

    1
    [root@iZ2ze7s2v0b78922wia32rZ keepalived]# systemctl restart keepalived.service