双主模型keepalived高可用集群

1、双主模型ipvs(keepalived) 高可用集群
2、双主模型nginx(keepalived)高可用集群
1、准备五个虚拟机(centos7);
note1、note2、note3、note4、client
2、配置静态ip地址,分别为;
note1;172.16.253.10
note2;172.16.253.11
note3;172.16.253.13
note4;172.16.253.14
3、将防火墙及selinux关闭;
#systemctl stop firewalld
#systemctl disable firewalld
#systemctl is-enabled firewalld
#setenforce 0
#vim /etc/selinux/config
  SELINUX=permissive
#getenforce 
4、配置yum源;
5、安装keepalived、ipvsadm、nginx、httpd;
6、同步时间;
vim /etc/chrony
server 172.16.0.1 iburst
systemctl start chronyd.service
chronyc sources---查看同步状态
7、设置/etc/hosts文件,做ip地址解析;
ipvs(keepalived)

1、note1、note2,设置单主模式keepalived

配置/etc/keepalived/keepalived.conf文件;
设置全局配置、vrrp_instance虚拟路由器配置
[root@note1 ~]# cat keepalived.conf.shuangzhu 
! Configuration File for keepalived
global_defs {
   notification_email {
   keepalived@note.com    
}
   notification_email_from keepalived_admin@note.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id note1
   vrrp_mcast_group4 224.12.0.18
}
vrrp_instance VI_1 {
    state MASTER
    interface ens34
    virtual_router_id 11
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass yKt4PsOZ
    }
    virtual_ipaddress {
        172.16.253.101/16 dev ens34
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}
将note1的此配置文件拷贝到note2上,将配置文件MASTER改为BACKUP(主用改为备用)、将prioirty权重改为95; 
[root@note1 ~]#systemctl start keepalived
#ip a l  
#mail
[root@note2 ~]#systemctl start keepalived
#ip a l
#mail 
将note1主用keepalived停用,查看note2备用keepalived是否升为主用; 

2、note1、note2,设置双主模式keepalived;

#yum install keepalived
在/etc/keepalived/目录下创建一个脚本,并调用,生成邮件;
#!/bin/bash
contact='root@localhost'
notify() {
local mailsubject="$(hostname) to be $1, vip floating"
local mailbody="$(date +'%F %T'): vrrp transition, $(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" $contact
        }
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac 
将原有的配置文件中的vrrp_instance配置段各复制一份,进行修改。如果主备模式三台可以复制三分,并进行设置;
1、将虚拟路由器名称VI_1改为VI_2。
2、设置虚拟路由器id,11改为12。
3、更改身份验证auto_PASS。
4、更改主备设置及权重。
note1配置文件;
vrrp_instance VI_1 {
    state MASTER
    interface ens34
    virtual_router_id 11
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass yKt4PsOZ
    }
    virtual_ipaddress {
        172.16.253.101/16 dev ens34
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VI_2 {
    state BACKUP
    interface ens34
    virtual_router_id 12
    priority 95
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass yKt5PsOZ
    }
    virtual_ipaddress {
        172.16.253.102/16 dev ens34
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}
#双主模式;有两个虚拟路由器VI_1和VI_2,两个虚拟路由器有各自的ip地址;
*note1;  VI_1 为MASTER,VI_2为BACKUP
*note2;  VI_2 为MASTER,VI_1为BACKUP
测试;tcp -nn -l ens34 host 244.12.0.18
           systemctl stop keepalived
           tcp -nn -l ens34 host 244.12.0.18

3、note3、note4,设置网页index.html文件;

#yum install nginx
 1、将默认网页文件内容删除重新编辑;
note3;vim /usr/share/nginx/html/index.html
             <h1>RS1</h1>
note4;vim /usr.share/nginx/html/index.html
             <h1>RS2</h1>

4、note3、note4;将虚拟路由器ip添加到回环网卡lo上;

note3;
编辑一个脚本并执行;
vim setrs.sh
#!/bin/bash
vip=172.16.253.101
mask=255.255.255.255
iface="lo:0"
case $1 in
start)
        echo 1 > /proc/sys/net/ipv4/conf/all/arp_ignore
        echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignore
        echo 2 > /proc/sys/net/ipv4/conf/lo/arp_announce
        echo 2 > /proc/sys/net/ipv4/conf/all/arp_announce
        
        ifconfig $iface $vip netmask $mask broadcast $vip up
        route add -host $vip dev $iface
        ;;
stop)
        ifconfig $iface down
         
        echo 0 > /proc/sys/net/ipv4/conf/all/arp_ignore
        echo 0 > /proc/sys/net/ipv4/conf/lo/arp_ignore
        echo 0 > /proc/sys/net/ipv4/conf/lo/arp_announce
        echo 0 > /proc/sys/net/ipv4/conf/all/arp_announce
        ;;
*)
        echo "Usage: $(basename $0) start|stop"
        exit 1
        ;;
esac
检查语法;bash -n setrs.sh
检查语法并执行;bash -x setrs.sh start
执行成功后将虚拟路由器ip添加到lo网卡上;
将脚本ip改为172.16.253.102,在lo网卡上添加第二个虚拟路由器ip;
note4;
根据note3步骤将虚拟路由器ip添加到note4后端服务器lo网卡上;

5、note1、note2,设置ipvs相关的vs、rs---地址;

1、编辑/etc/keepalived/keepalived.conf文件,设置virtual_server 的vs及rs的地址;
virtual_server 172.16.253.102 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    nat_mask 255.255.0.0
    protocol TCP
    sorry_server 127.0.0.1 80
    real_server 172.16.253.13 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
    real_server 172.16.253.14 80 {
        weight 1
        HTTP_GET {
            url {
              path /
              status_code 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
note1;在各自的虚拟路由器段,如VI_1、VI_2的vrrp配置段下添加virtual_server段,注意虚拟服务器地址,分别为;172.16.253.101,172.16.253.102.
note2;根据note1配置。

6、note1,note2;在配置文件/etc/keepalived/keepaived.conf,virtual-server板块中 sorry_server错误界面选项;

virtual_server 172.16.253.101 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    nat_mask 255.255.0.0
    protocol TCP
    sorry_server 127.0.0.1 80
    real_server 172.16.253.13 80 {
        weight 1
        HTTP_GET {
安装ngnix或httpd,将默认网页文件改为自己所需要的内容;
[root@note1 ~]# vim  /usr/share/nginx/html/index.html
<h1>sorry from Director1</h1>
note1,note2都设置此项;

7、client测试高可用性;

访问ip地址;172.16.253.101或172.16.253.101
[root@xjcentos7 ~]# for i  in  {1..10};do curl http://172.16.253.101;done
<h1>RS1</h1>
<h1>RS2</h1>
<h1>RS1</h1>
<h1>RS2</h1>
<h1>RS1</h1>
<h1>RS2</h1>
<h1>RS1</h1>
<h1>RS2</h1>
<h1>RS1</h1>
<h1>RS2</h1>
当将两台后端主机RS服务器停掉,在访问172.16.253.101或172.16.253.102;
[root@xjcentos7 ~]# for i  in  {1..10};do curl http://172.16.253.101;done
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
<h1>sorry from Director1</h1>
[root@xjcentos7 ~]# for i  in  {1..10};do curl http://172.16.253.102;done
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
<h1>sorry from Director2</h1>
nginx(keepalived)

1、实现单主模型下nginx(keepalived)调用后端RS服务器;

1、启用nginx调用功能,编写配置文件/etc/nginx/nginx.conf;
note1,note2设置配置文件;

    upstream websrvs {
             server 172.16.253.13:80
             server 172.16.253.14:80
         }
    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

    server {
        listen       80 default_server;
        listen       [::]:80 default_server;
        server_name  _;
        root         /usr/share/nginx/html;

        # Load configuration files for the default server block.
        include /etc/nginx/default.d/*.conf;

        location / {
        proxy_pass http://websrvs;
 }
设置完成后,访问172.16.253.10测试一下;
[root@note1 ~]# curl http://172.16.253.10
<h1>RS1</h1>
[root@note1 ~]# curl http://172.16.253.10
<h1>RS2</h1>
2、在/etc/keepalived/keepalived.conf文件中调用命令段,实现降权、升权的功能,主备切换的功能;
设置调用脚本或程需命令选项;
查看示例;
[root@note1 ~]# grep -i vrrp_script /usr/share/doc/keepalived-1.2.13/samples/*
/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck:vrrp_script chk_sshd {
/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck:vrrp_script chk_haproxy {
/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck:vrrp_script chk_http_port {
/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck:vrrp_script chk_https_port {
/usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck:vrrp_script chk_smtp_port {
[root@note1 ~]# cat /usr/share/doc/keepalived-1.2.13/samples/keepalived.conf.vrrp.localcheck
! Configuration File for keepalived

vrrp_script chk_sshd {
       script "killall -0 sshd"        # cheaper than pidof
       interval 2                      # check every 2 seconds
       weight -4                       # default prio: -4 if KO
       fall 2                          # require 2 failures for KO
       rise 2                          # require 2 successes for OK
}
设置手动制造故障及设置调用nginx脚本;
global_defs {
   notification_email {
   keepalived@note.com
}
   notification_email_from keepalived_admin@note.com
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id note1
   vrrp_mcast_group4 224.12.0.18
}
vrrp_script chk_down {
     script "[[ -f /etc/keepalived/down ]]" && exit 1 || exit 0"
     interval 1
     weight -10
     fall     2
     rise     2
}
vrrp_script chk_nginx {
     skript "killall -0 nginx"
     interval 2
     weight -10
     fall     2
     rise     2
}
vrrp_instance VI_1 {
    state MASTER
    interface ens34
    virtual_router_id 11
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass yKt4PsOZ
    }
  virtual_ipaddress {
        172.16.253.101/16 dev ens34
   }
    track_script{
        chk_nginx
        chk_down
   }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}
3、将配置文件复制到note2上并进行修改;
将MASTER改为BACKUP,单主模式配置完成。
进行访问测试; 
[root@xjcentos7 ~]# for i  in  {1..10};do curl http://172.16.253.101;done
<h1>RS1</h1>
<h1>RS2</h1>
<h1>RS1</h1>
<h1>RS2</h1>
[root@note1 ~]# cd /etc/keepalived/
[root@note1 keepalived]# touch down
[root@note1 ~]# tcpdump -i ens34 -nn host 224.12.0.18
11:01:41.580252 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 100, authtype simple, intvl 1s, length 20
11:01:41.580881 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 95, authtype simple, intvl 1s, length 20
11:01:41.581866 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 100, authtype simple, intvl 1s, length 20
11:01:42.583792 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 100, authtype simple, intvl 1s, length 20
11:01:43.587375 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 100, authtype   
                       

2、实现双主模式下nginx ( keepalived ) 调用后端RS服务器;

1、note1; 在配置文件/etc/keepalived/keepalived.conf中, 添加复制一份
virtual_server区域内容,并进行修改。MASTER,BACKUP、权、验证码、虚拟路由器ip(vip)
vrrp_instance VI_2 {
    state BACKUP
    interface ens34
    virtual_router_id 11
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass yKt5PsOZ
    }
    virtual_ipaddress {
        172.16.253.102/16 dev ens34

    }
    track_script{
        chk_nginx
        chk_down

   }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}

note2;按note1的步骤配置、/etc/keepalived/keepalived.conf文件;
2、cilent进行测试,也可在note1和note2端使用touch down来进行检测;
[root@xjcentos7 ~]# for i  in  {1..10};do curl http://172.16.253.101;done
<h1>RS1</h1>
<h1>RS2</h1>
<h1>RS1</h1>
<h1>RS2</h1>
[root@xjcentos7 ~]# for i  in  {1..10};do curl http://172.16.253.102;done
<h1>RS1</h1>
<h1>RS2</h1>
<h1>RS1</h1>
<h1>RS2</h1>
[root@note1 keepalived]# touch down
[root@note1 ~]# tcpdump -i ens34 -nn host 224.12.0.18
11:21:53.974338 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 12, prio 100, authtype simple, intvl 1s, length 20
11:21:53.976207 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 100, authtype simple, intvl 1s, length 20
11:21:54.976431 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 12, prio 100, authtype simple, intvl 1s, length 20
11:21:54.978223 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 100, authtype simple, intvl 1s, length 20
11:21:55.978463 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 12, prio 100, authtype simple, intvl 1s, length 20
11:21:55.980380 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 100, authtype simple, intvl 1s, length 20
11:21:56.980566 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 12, prio 100, authtype simple, intvl 1s, length 20
11:21:56.982511 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 90, authtype simple, intvl 1s, length 20
11:21:56.986256 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 95, authtype simple, intvl 1s, length 20
11:21:56.987810 IP 172.16.253.10 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 90, authtype simple, intvl 1s, length 20
11:21:56.995422 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 95, authtype simple, intvl 1s, length 20
11:21:57.982627 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 12, prio 100, authtype simple, intvl 1s, length 20
11:21:57.998655 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 95, authtype simple, intvl 1s, length 20
11:21:58.984764 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 12, prio 100, authtype simple, intvl 1s, length 20
11:21:59.000745 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 11, prio 95, authtype simple, intvl 1s, length 20
11:21:59.986896 IP 172.16.253.11 > 224.12.0.18: VRRPv2, Advertisement, vrid 12, prio 100, authtype simple, intvl 1s, length 20
3、测试故障修复抢占模式;
note1;/etc/keepalived/keepalied.conf目录中的调用了notify脚本文件,在脚本文件中添加一项内容;systemctl start nginx
在notify backup下添加一行;systemctl start nginx
最后编辑于
©著作权归作者所有,转载或内容合作请联系作者
  • 序言:七十年代末,一起剥皮案震惊了整个滨河市,随后出现的几起案子,更是在滨河造成了极大的恐慌,老刑警刘岩,带你破解...
    沈念sama阅读 215,634评论 6 497
  • 序言:滨河连续发生了三起死亡事件,死亡现场离奇诡异,居然都是意外死亡,警方通过查阅死者的电脑和手机,发现死者居然都...
    沈念sama阅读 91,951评论 3 391
  • 文/潘晓璐 我一进店门,熙熙楼的掌柜王于贵愁眉苦脸地迎上来,“玉大人,你说我怎么就摊上这事。” “怎么了?”我有些...
    开封第一讲书人阅读 161,427评论 0 351
  • 文/不坏的土叔 我叫张陵,是天一观的道长。 经常有香客问我,道长,这世上最难降的妖魔是什么? 我笑而不...
    开封第一讲书人阅读 57,770评论 1 290
  • 正文 为了忘掉前任,我火速办了婚礼,结果婚礼上,老公的妹妹穿的比我还像新娘。我一直安慰自己,他们只是感情好,可当我...
    茶点故事阅读 66,835评论 6 388
  • 文/花漫 我一把揭开白布。 她就那样静静地躺着,像睡着了一般。 火红的嫁衣衬着肌肤如雪。 梳的纹丝不乱的头发上,一...
    开封第一讲书人阅读 50,799评论 1 294
  • 那天,我揣着相机与录音,去河边找鬼。 笑死,一个胖子当着我的面吹牛,可吹牛的内容都是我干的。 我是一名探鬼主播,决...
    沈念sama阅读 39,768评论 3 416
  • 文/苍兰香墨 我猛地睁开眼,长吁一口气:“原来是场噩梦啊……” “哼!你这毒妇竟也来了?” 一声冷哼从身侧响起,我...
    开封第一讲书人阅读 38,544评论 0 271
  • 序言:老挝万荣一对情侣失踪,失踪者是张志新(化名)和其女友刘颖,没想到半个月后,有当地人在树林里发现了一具尸体,经...
    沈念sama阅读 44,979评论 1 308
  • 正文 独居荒郊野岭守林人离奇死亡,尸身上长有42处带血的脓包…… 初始之章·张勋 以下内容为张勋视角 年9月15日...
    茶点故事阅读 37,271评论 2 331
  • 正文 我和宋清朗相恋三年,在试婚纱的时候发现自己被绿了。 大学时的朋友给我发了我未婚夫和他白月光在一起吃饭的照片。...
    茶点故事阅读 39,427评论 1 345
  • 序言:一个原本活蹦乱跳的男人离奇死亡,死状恐怖,灵堂内的尸体忽然破棺而出,到底是诈尸还是另有隐情,我是刑警宁泽,带...
    沈念sama阅读 35,121评论 5 340
  • 正文 年R本政府宣布,位于F岛的核电站,受9级特大地震影响,放射性物质发生泄漏。R本人自食恶果不足惜,却给世界环境...
    茶点故事阅读 40,756评论 3 324
  • 文/蒙蒙 一、第九天 我趴在偏房一处隐蔽的房顶上张望。 院中可真热闹,春花似锦、人声如沸。这庄子的主人今日做“春日...
    开封第一讲书人阅读 31,375评论 0 21
  • 文/苍兰香墨 我抬头看了看天上的太阳。三九已至,却和暖如春,着一层夹袄步出监牢的瞬间,已是汗流浃背。 一阵脚步声响...
    开封第一讲书人阅读 32,579评论 1 268
  • 我被黑心中介骗来泰国打工, 没想到刚下飞机就差点儿被人妖公主榨干…… 1. 我叫王不留,地道东北人。 一个月前我还...
    沈念sama阅读 47,410评论 2 368
  • 正文 我出身青楼,却偏偏与公主长得像,于是被迫代替她去往敌国和亲。 传闻我的和亲对象是个残疾皇子,可洞房花烛夜当晚...
    茶点故事阅读 44,315评论 2 352

推荐阅读更多精彩内容

  • 一、高可用集群 (一)提升系统高可用性的解决方案:冗余(redundant) 工作模式active/passive...
    哈喽别样阅读 1,724评论 2 5
  • Spring Cloud为开发人员提供了快速构建分布式系统中一些常见模式的工具(例如配置管理,服务发现,断路器,智...
    卡卡罗2017阅读 134,649评论 18 139
  • 1 概述 本文将介绍三个Keepalive高可用的实现案例,分别是keepalive实现LVS高可用,keepal...
    ghbsunny阅读 10,410评论 0 3
  • 宗教体验是人类的一种特有的文化现象,同时宗教也一直伴随着人类文明的进展。宗教存在于几乎所有人类文化中,宗教和人类的...
    日方氵告阅读 1,923评论 0 0
  • 有几个人喷你,有几个人喜欢你都不重要,重要的是有几个人自始至终喜欢你、支持你以及你自己坚韧淡定的心。而你要做的就是...
    b910e74cd6d8阅读 173评论 0 0