目录

一、集群介绍
二、keepalived介绍
三、用keepalived配置高可用集群

一、集群介绍

一台服务器的硬件配置总是有限的，当服务器上运行的资源超过服务器的承载能力时，必将导致该服务器崩溃。在生产环境中，多数企业会使用多台服务器搭建成一个集群来运行应用程序，这样不仅可以避免单点故障，还能提升服务器的承载能力。

集群从功能实现上分为两种：高可用集群和负载均衡集群。

1. 高可用集群：

• 高可用集群即“HA集群”，也常称作“双机热备”，用于关键业务。通常为两台服务器，一台工作，另外一台作为冗余。当一台服务器宕机不能提供服务了，冗余的服务器顶替工作。
• 实现高可用的开源软件有：heartbeat、keepalived。
• 高可用衡量标准9999，即在一年时间里99.99%的时间机器都要在线且正常提供服务。

2. 负载均衡集群：

• 负载均衡集群，简单讲就是把用户的请求分摊到多台服务器上。需要有一台服务器作为分发器，它负责把用户的请求分发给后端的服务器处理，在这个集群里，除了分发器外，就是给用户提供服务的服务器了，这些服务器数量至少为2。
• 实现负载均衡的开源软件：LVS、Keepalived、haproxy、nginx，商业的有F5、Netscaler 。商用设备可以支持更高的并发量，稳定性好，但成本很高。使用开源软件搭建的负载均衡集群稳定性取决于物理服务器的稳定性。

二、keepalived介绍

• 常见实现高可用的开源软件有heartbeat和keepalived，其中keepalived还有负载均衡的功能。在这里我们使用keepalived来实现高可用集群，因为heartbeat在centos6上有一些问题，并且heartbeat已不再更新，影响实验效果。
• keepalived通过VRRP（Virtual Router Redundancy Protocl）来实现高可用。
• 在这个协议里会将多台功能相同的路由器组成一个小组，这个小组里会有1个master角色和N（N>=1）个backup角色。
• master会通过组播的形式向各个backup发送VRRP协议的数据包，当backup收不到master发来的VRRP数据包时，就会认为master宕机了。此时就需要根据各个backup的优先级来决定谁成为新的mater。
• Keepalived要有三个模块，分别是core、check和vrrp。其中core模块为keepalived的核心，负责主进程的启动、维护以及全局配置文件的加载和解析，check模块负责健康检查，vrrp模块是来实现VRRP协议的。

三、用keepalived配置高可用集群

• 实验环境：

master：
主机名：minglinux-01
IP地址：192.168.162.130
已安装keepalived和nginx

backup：
主机名：minglinux-02
IP地址：192.168.162.132
已安装keepalived和nginx

[root@minglinux-01 ~] yum install -y keepalived //master上安装keepalived

[root@minglinux-02 ~] yum install -y keepalived //backup上安装keepalived
[root@minglinux-02 ~] rpm -qa|grep nginx 
//检查backup机器是否安装nginx，若非yum安装可能检测不到
[root@minglinux-02 ~] yum install -y nginx //backup上安装nginx

//生产环境中，诸多企业把Nginx作为负载均衡器来用。它的重要性很高。
//一旦宕机会导致整个站点不能访问，所以有必要再准备一台备用Nginx。
//若负载均衡器故障，则即使后端服务器正常运行也无法正常提供服务

master配置keepalived

• master（130）的keepalived配置文件

[root@minglinux-01 ~] vim /etc/keepalived/keepalived.conf 
[root@minglinux-01 ~] > !$   //将原文件内容清空
> /etc/keepalived/keepalived.conf
[root@minglinux-01 ~] vim /etc/keepalived/keepalived.conf 
//写入以下内容，内容从https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D21Z/master_keepalived.conf获取
global_defs {
   notification_email {
     aming@aminglinux.com //定义接收告警的人
   }
   notification_email_from root@aminglinux.com  //定义发邮件地址
   smtp_server 127.0.0.1  //定义发邮件地址，若为127.0.0.1则使用本机自带邮件服务器发送
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {   //自定义脚本，该脚本为监控Nginx服务的脚本
    script "/usr/local/sbin/check_ng.sh"  //执行检测脚本
    interval 3 //每隔3s执行一次
}

vrrp_instance VI_1 {
    state MASTER   //定义角色为master
    interface ens33   //定义组播发送vrrp数据包的网卡，针对ens33网卡监听VIP
    virtual_router_id 51 //路由器ID
    priority 100  //权重值，master要比backup大
    advert_int 1
    authentication {
        auth_type PASS //定义认证类型为密码认证
        auth_pass aminglinux>com //密码
    }
    virtual_ipaddress {
        192.168.162.100  //定义VIP为192.168.162.100
    }

    track_script {     //前面定义了检测脚本，这里需要加载脚本
        chk_nginx
    }

}

这里的VIP的英文名字是“Virtual IP”，即“虚拟IP”，也有人把它叫作“浮动IP”。因为这个IP是由keepalived给服务器配置上的，服务器靠这个VIP对外提供服务，当master机器宕机，VIP被分配到backup上，这样主备切换对用户是透明的。

• master上自定义nginx检测脚本

[root@minglinux-01 ~] vim /usr/local/sbin/check_ng.sh 
//检测脚本路径、名称跟keepalived.conf文件中定义的一致
//内容从https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D21Z/master_check_ng.sh获取

  1 #!/bin/bash
  2 #时间变量，用于记录日志
  3 d=`date --date today +%Y%m%d_%H:%M:%S`
  4 #计算nginx进程数量
  5 n=`ps -C nginx --no-heading|wc -l`
  6 #如果进程为0，则启动nginx，并且再次检测nginx进程数量
  7 #如果还为0，说明nginx无法启动，此时需要关闭keepalived
  8 if [ $n -eq "0" ]; then
  9         /etc/init.d/nginx start
 10         n2=`ps -C nginx --no-heading|wc -l`
 11         if [ $n2 -eq "0"  ]; then
 12                 echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
 13                 systemctl stop keepalived
 14         fi
 15 fi
//若nginx无法启动成功，则keepalived失去存在意义，
//主上的keepalived被杀掉后从的keepalived会自动启动

[root@minglinux-01 ~] chmod 755 /usr/local/sbin/check_ng.sh  //修改权限
[root@minglinux-01 ~] ls -l /usr/local/sbin/check_ng.sh
-rwxr-xr-x 1 root root 567 12月 19 20:18 /usr/local/sbin/check_ng.sh

• master上启动keepalived

[root@minglinux-01 /usr/local/nginx/conf/vhost] systemctl start keepalived
[root@minglinux-01 /usr/local/nginx/conf/vhost] ps aux |grep keepalived
root       9883  0.0  0.0 118676  1400 ?        Ss   20:47   0:00 /usr/sbin/keepalived -D
root       9884  0.0  0.1 122876  2380 ?        S    20:47   0:00 /usr/sbin/keepalived -D
root       9885  0.0  0.1 122876  2452 ?        S    20:47   0:00 /usr/sbin/keepalived -D
root       9887  0.0  0.0 112720   984 pts/1    S+   20:47   0:00 grep --color=auto keepalived
[root@minglinux-01 /usr/local/nginx/conf/vhost] ps aux|grep nginx
root       9869  0.0  0.0  46028  1300 ?        Ss   20:46   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody     9870  0.1  0.2  48516  3944 ?        S    20:46   0:00 nginx: worker process
nobody     9871  0.0  0.2  48516  3944 ?        S    20:46   0:00 nginx: worker process
root       9889  0.0  0.0 112720   984 pts/1    S+   20:47   0:00 grep --color=auto nginx
//下面测试停掉nginx服务会不会自动重启
[root@minglinux-01 /usr/local/nginx/conf/vhost] /etc/init.d/nginx stop
Stopping nginx (via systemctl):                            [  确定  ]
[root@minglinux-01 /usr/local/nginx/conf/vhost] ps aux|grep nginx
root      10206  0.0  0.0  46028  1300 ?        Ss   20:49   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody    10207  0.0  0.2  48516  3944 ?        S    20:49   0:00 nginx: worker process
nobody    10208  0.0  0.2  48516  3944 ?        S    20:49   0:00 nginx: worker process
root      10213  0.0  0.0 112720   984 pts/1    S+   20:49   0:00 grep --color=auto nginx
[root@minglinux-01 /usr/local/nginx/conf/vhost] date
2018年 12月 19日 星期三 20:50:02 CST
//可以看到停掉nginx后它又自动重启了

• 查看keepalived日志

[root@minglinux-01 /usr/local/nginx/conf/vhost] less /var/log/messages
···
Dec 19 20:25:07 minglinux-01 systemd: Starting LVS and VRRP High Availability
 Monitor...
Dec 19 20:25:07 minglinux-01 Keepalived[9667]: Starting Keepalived v1.3.5 (03
/19,2017), git commit v1.3.5-6-g6fa32f2
Dec 19 20:25:07 minglinux-01 Keepalived[9667]: Opening file '/etc/keepalived/
keepalived.conf'.
Dec 19 20:25:07 minglinux-01 Keepalived[9668]: Starting Healthcheck child pro
cess, pid=9669
Dec 19 20:25:07 minglinux-01 systemd: Started LVS and VRRP High Availability 
Monitor.
···

注意：

• Virtual IP无法使用ifconfig查看，必须使用ip addr命令才能查看。
• 为保证实验成功，需要检查主和从的防火墙和selinux（关闭selinux和防火墙）。防火墙没有策略可以不关闭，有策略时需要关闭。

backup配置keepalived

• 编辑backup的keepalived配置文件
  参考https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D21Z/backup_keepalived.conf

[root@minglinux-02 ~] vim /etc/keepalived/keepalived.conf
//写入以下内容
global_defs {
   notification_email {
     aming@aminglinux.com
   }
   notification_email_from root@aminglinux.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {
    script "/usr/local/sbin/check_ng.sh"
    interval 3
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass aminglinux>com
    }
    virtual_ipaddress {
        192.168.162.100 //主从的虚拟ip保持一致
    }

    track_script {
        chk_nginx
    }

}

• 配置backup的keepalive检测脚本
  参考https://coding.net/u/aminglinux/p/aminglinux-book/git/blob/master/D21Z/backup_check_ng.sh

[root@minglinux-02 ~] vim /usr/local/sbin/check_ng.sh
//写入以下内容
#时间变量，用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading|wc -l`
#如果进程为0，则启动nginx，并且再次检测nginx进程数量，
#如果还为0，说明nginx无法启动，此时需要关闭keepalived
if [ $n -eq "0" ]; then
        systemctl start nginx
        n2=`ps -C nginx --no-heading|wc -l`
        if [ $n2 -eq "0"  ]; then
                echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
                systemctl stop keepalived
        fi
fi
//主和从启动nginx的命令不同
//主上的nginx为自定义脚本编译安装，可以使用/etc/init.d/nginx start命令启动
//从是yum安装，需要使用systemctl start nginx命令启动

[root@minglinux-02 ~] chmod 755 !$  //修改脚本权限
chmod 755 /usr/local/sbin/check_ng.sh
[root@minglinux-02 ~] ls -l !$
ls -l /usr/local/sbin/check_ng.sh
-rwxr-xr-x. 1 root root 553 12月 19 21:30 /usr/local/sbin/check_ng.sh

• backup上启动keeplived

[root@minglinux-02 ~] systemctl start keepalived
[root@minglinux-02 ~] ps aux |grep keepalived
root       4678  0.0  0.0 118676  1392 ?        Ss   21:57   0:00 /usr/sbin/keepalived -D
root       4679  0.0  0.1 129604  3296 ?        S    21:57   0:00 /usr/sbin/keepalived -D
root       4680  0.0  0.1 129544  2840 ?        S    21:57   0:00 /usr/sbin/keepalived -D
root       4737  0.0  0.0 112720   988 pts/0    S+   21:57   0:00 grep --color=auto keepalived

测试

• 修改nginx默认主页

//修改master上nginx默认虚拟主机的主页
[root@minglinux-01 /data/wwwroot/default] echo "master master" > index.html 
[root@minglinux-01 /data/wwwroot/default] curl localhost
master master

//修改backup上nginx默认虚拟主机的主页
[root@minglinux-02 ~] echo "backup backup" >!$
echo "backup backup" >/usr/share/nginx/html/index.html
[root@minglinux-02 ~] curl localhost
backup backup

• 浏览器访问
  访问虚拟地址时访问的是master上的内容

访问master

访问虚拟IP

• 查看主备的IP地址

//目前虚拟IP绑定在master的网卡上
//master
[root@minglinux-01 /data/wwwroot/default] ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:46:01:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.162.130/24 brd 192.168.162.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.162.100/32 scope global ens33  //虚拟IP在master的网卡上
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe46:125/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:46:01:2f brd ff:ff:ff:ff:ff:ff
//backup
[root@minglinux-02 ~] ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:d3:4a:e9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.162.132/24 brd 192.168.162.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fed3:4ae9/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:d3:4a:f3 brd ff:ff:ff:ff:ff:ff

• 在master上增加iptabls规则

//设置防火墙规则将master上出去的vrrp数据包drop掉
[root@minglinux-01 ~] iptables -I OUTPUT -p vrrp -j DROP
[root@minglinux-01 ~] iptables -nvL
Chain INPUT (policy ACCEPT 6 packets, 428 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 4 packets, 512 bytes)
 pkts bytes target     prot opt in     out     source               destination         
    2    80 DROP       112  --  *      *       0.0.0.0/0 

//master上的日志
[root@minglinux-01 ~] tail /var/log/messages 
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: VRRP_Instance(VI_1) Received advert with lower priority 90, ours 100, forcing new election
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.162.100
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:47:16 minglinux-01 Keepalived_vrrp[9885]: Sending gratuitous ARP on ens33 for 192.168.162.100

//backup上的日志
[root@minglinux-02 ~] tail /var/log/messages 
Dec 19 22:46:50 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:46:50 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:46:50 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:46:50 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:46:55 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:46:55 minglinux-02 Keepalived_vrrp[4680]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.162.100
Dec 19 22:46:55 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:46:55 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:46:55 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:46:55 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100

//master的IP
[root@minglinux-01 ~] ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:46:01:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.162.130/24 brd 192.168.162.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.162.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe46:125/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:46:01:2f brd ff:ff:ff:ff:ff:ff

//backup的IP
[root@minglinux-02 ~] ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:d3:4a:e9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.162.132/24 brd 192.168.162.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.162.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fed3:4ae9/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:d3:4a:f3 brd ff:ff:ff:ff:ff:ff

//此时虚拟ip同时在主和从上产生，发生脑裂现象
//直接封掉主发出的vrrp包无法彻底切换主从

• 关停master的keepalived服务

[root@minglinux-01 ~] systemctl stop keepalived
[root@minglinux-01 ~] ip addr  //此时master网卡上虚拟IP已被释放
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:46:01:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.162.130/24 brd 192.168.162.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe46:125/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:46:01:2f brd ff:ff:ff:ff:ff:ff

//backup上绑定着虚拟IP
[root@minglinux-02 ~] ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:d3:4a:e9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.162.132/24 brd 192.168.162.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.162.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fed3:4ae9/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:d3:4a:f3 brd ff:ff:ff:ff:ff:ff

//查看master的日志
[root@minglinux-02 ~] tail /var/log/messages
Dec 19 22:56:44 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:44 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 23:01:01 minglinux-02 systemd: Started Session 14 of user root.
Dec 19 23:01:01 minglinux-02 systemd: Starting Session 14 of user root.

• windows浏览器访问虚拟IP

  
  
  访问虚拟IP

• 重启master上的keepalived服务

[root@minglinux-01 ~] systemctl start keepalived
[root@minglinux-01 ~] ps aux |grep keepalived
root      25637  0.0  0.0 118676  1400 ?        Ss   23:08   0:00 /usr/sbin/keepalived -D
root      25638  0.0  0.1 129604  3300 ?        S    23:08   0:00 /usr/sbin/keepalived -D
root      25639  0.0  0.1 129476  2836 ?        S    23:08   0:00 /usr/sbin/keepalived -D
root      25661  0.0  0.0 112720   988 pts/1    S+   23:09   0:00 grep --color=auto keepalived
[root@minglinux-01 ~] 
[root@minglinux-01 ~] ip addr //虚拟IP马上重新绑定回master网卡
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:46:01:25 brd ff:ff:ff:ff:ff:ff
    inet 192.168.162.130/24 brd 192.168.162.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.162.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe46:125/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:46:01:2f brd ff:ff:ff:ff:ff:ff

//backup的IP
[root@minglinux-02 ~] ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:d3:4a:e9 brd ff:ff:ff:ff:ff:ff
    inet 192.168.162.132/24 brd 192.168.162.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fed3:4ae9/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether 00:0c:29:d3:4a:f3 brd ff:ff:ff:ff:ff:ff
//backup日志
[root@minglinux-02 ~] tail /var/log/messages
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 22:56:49 minglinux-02 Keepalived_vrrp[4680]: Sending gratuitous ARP on ens33 for 192.168.162.100
Dec 19 23:01:01 minglinux-02 systemd: Started Session 14 of user root.
Dec 19 23:01:01 minglinux-02 systemd: Starting Session 14 of user root.
Dec 19 23:09:15 minglinux-02 Keepalived_vrrp[4680]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 90
Dec 19 23:09:15 minglinux-02 Keepalived_vrrp[4680]: VRRP_Instance(VI_1) Entering BACKUP STATE
Dec 19 23:09:15 minglinux-02 Keepalived_vrrp[4680]: VRRP_Instance(VI_1) removing protocol VIPs.

image.png

再次启动master上的keepalived后，虚拟IP马上切换回master上，如果一台机器宕机，keepalived服务必然会停掉，所以这样去验证keepalived的高可用是没有任何问题的。

如果把Nginx换成其他服务，比如说MySQL，配置思路是一样的，唯一不同的是对MySQL的监控脚本不一样。前提需保证主和所有从的数据保持一致。

扩展

heartbeat和keepalived比较http://blog.csdn.net/yunhua_lee/article/details/9788433
DRBD工作原理和配置 http://502245466.blog.51cto.com/7559397/1298945
mysql+keepalived http://lizhenliang.blog.51cto.com/7876557/1362313