Keepalived高可用
Keepalived高可用概述
1.什么是高可用
什么是高可用双击热备, 一般指2台机器启动着相同的业务系统,当有一台机器down机了, 另外一台服务器能快速的接管, 对于访问的用户是无感知的。
2.高可用使用场景
那么高可用使用在什么场景,业务系统需要保证7x24小时不DOWN机, 作为业务来说随时都可用, 让你的业务系统更顽强。
Keepalived高可用安装
1.环境准备
服务器系统 角色 外网IP 内网IP
CentOS 7.5 keepalived-master eth0:10.0.0.5 eth1:172.16.1.5
CentOS 7.5 keepalived-slave eth0:10.0.0.6 eth1:172.16.1.6
2.在lb01与lb02上分别安装keepalived
[root@lb01 ~]# yum install keepalived -y
[root@lb02 ~]# yum install keepalived -y
3.配置lb01, keepalived-master
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0
}
}
4.配置lb02, keepalived-backup
[root@lb02 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0
}
}
5.对比keepalived的master与backup配置的区别
Keepalived配置区别 Master配置 Backup节配置
route_id(唯一标识) route_id lb01 route_id lb02
state(角色状态) state Master state Backup
priority(竞选优先级) priority 150 priority 100
6.启动lb01与lb02的keepalived
#lb01
[root@lb01 ~]# systemctl enable keepalived
[root@lb01 ~]# systemctl start keepalived
#lb02
[root@lb02 ~]# systemctl enable keepalived
[root@lb02 ~]# systemctl start keepalived
7.检查keepalived的虚拟IP地址是否漂移
在lb01上进行如下操作
# lb01存在vip地址
[root@lb01 ~]# ip addr |grep 10.0.0.3
inet 10.0.0.3/24 scope global secondary eth0
# 停止lb01上的keepalived, 检测vip已不存在
[root@lb01 ~]# systemctl stop keepalived
[root@lb01 ~]# ip addr |grep 10.0.0.3
在lb02上进行如下操作
[root@lb02 ~]# ip addr|grep 10.0.0.3
inet 10.0.0.3/24 scope global secondary eth0
lb01重新启动keepalived,发现地址被重新接管
[root@lb01 ~]# systemctl start keepalived
[root@lb01 ~]# ip addr |grep 10.0.0.3
inet 10.0.0.3/24 scope global secondary eth0
keepalived高可用裂脑
由于某些原因,导致两台keepalived高可用服务器在指定时间内,无法检测到对方的心跳消息,各自取得资源及服务的所有权,而此时的两台高可用服务器又都还活着。
1)服务器网线松动等网络故障
2)服务器硬件故障发生损坏现象而崩溃
3)主备都开启firewalld防火墙
4)Nginx服务死掉等
1.在备上编写检测脚本, 测试如果能ping通主并且备节点还有VIP的话则认为产生了裂脑
[root@lb02 ~]# cat check_split_brain.sh
#!/bin/sh
lb01_vip=10.0.0.3
lb01_ip=10.0.0.5
while true;do
ping -c 2 -W 3 $lb01_ip &>/dev/null
if [ $? -eq 0 -a `ip add|grep "$lb01_vip"|wc -l` -eq 1 ];then
echo "ha is split brain.warning."
else
echo "ha is ok"
fi
sleep 5
done
2.如果Nginx宕机, 会导致用户请求失败, 但Keepalived并不会进行切换, 所以需要编写一个脚本检测Nginx的存活状态, 如果不存活则kill nginx和keepalived
[root@lb01 ~]# mkdir /server/scripts
[root@lb01 ~]# vim /server/scripts/check_web.sh
#!/bin/sh
#使用while死循环
while true;do
nginxpid=$(ps -C nginx --no-header|wc -l)
#1.判断Nginx是否存活,如果不存活则尝试启动Nginx
if [ $nginxpid -eq 0 ];then
systemctl start nginx
sleep 5
#2.5秒后再次获取一次Nginx状态
nginxpid=$(ps -C nginx --no-header|wc -l)
#3.再次进行判断, 如Nginx还不存活则停止Keepalived,让地址进行漂移,并退出脚本
if [ $nginxpid -eq 0 ];then
systemctl stop keepalived
exit 1
fi
fi
sleep 5
done
[root@lb01 ~]# chmod +x /server/scripts/check_web.sh
在keepalived配置文件中调用此脚本,lb01与lb02都需操作
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id LVS_01
}
vrrp_script check_web {
script "/server/scripts/check_web.sh"
interval 2
weight 50
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev ens33
}
track_script {
check_web
}
}
注意:本文来自于https://blog.51cto.com/u_13528471/2293893
