共计 9041 个字符,预计需要花费 23 分钟才能阅读完成。
HA 即(high available)高可用,又被叫做双机热备,用于关键性业务。简单理解就是,有两台机器 A 和 B,正常是 A 提供服务,B 待命闲置,当 A 宕机或服务宕掉,会切换至 B 机器继续提供服务。常用实现高可用的开源软件有 heartbeat 和 keepalived,其中 keepalived 有负载均衡的功能。
下面我们使用 heartbeat 来做 HA 集群,并且把 nginx 服务作为 HA 对应的服务。
试验准备工作:
两台机器,都是 CentOS6.6,各增加一块网卡 eth1,使用主机模式连接 vmnet1,并设定为 192.168.11.0 网段;eth0 为 NAT 模式,网段为 192.168.20.0 网段;
开机启动后,拷贝 ifcfg-eth0 到 ifcfg-eth1,修改 DEVICE 为 eth1,ip 地址设为:192.168.11.20
# cd /etc/sysconfig/network-scripts/
# cp ifcfg-eth0 ifcfg-eth1
# cat ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.11.20
设置完成后,重启网卡,ifconfig 查看 eth0、eth1 的 ip 地址;
# /etc/init.d/network restart
#ifconfig
主机的配置:
hostname hello
eth0:192.168.20.20
eth1:192.168.11.20
从机的配置:
hostname web
eth0:192.168.20.30
eth1:192.168.11.30
1、设置 hostname,分别为 hello 和 web;
2、主从都需要关闭防火墙;关闭 selinux;
# iptables -F
# setenforce 0
setenforce: SELinux is disabled
3、vi /etc/hosts // 主从都需要增加内容如下:
192.168.20.20 hello
192.168.20.30 web
4、安装 epel 扩展源
# yum install -y epel-release
5、两个机器都安装 heartbeat、libnet
#yum install -y heartbeat* libnet nginx
nginx 做代理服务;
6、主上(hello)配置
Heartbeat 软件的安装目录为 /etc/ha.d 目录;
拷贝配置文件的模板到 /etc/ha.d 目录;
cd /usr/share/doc/heartbeat-3.0.4/
cp authkeys ha.cf haresources /etc/ha.d/
cd /etc/ha.d
vi authkeys // 去掉前面的 #号,或加入下面的内容:
auth 3
3 md5 Hello!
更改权限为 600
chmod 600 authkeys
vi haresources // 加入
hello 192.168.11.100/24/eth1:0 nginx
192.168.11.100 ip 地址是流动 ip,虚拟 ip;用来绑定服务的;子网掩码为 24 位;使用 eth1:0 绑定虚拟 ip,并运行 nginx 进行测试;
注意:两台主机的 haresources 文件设置必须完全一致。
vi ha.cf // 更改为如下内容:
debugfile /var/log/ha-debug
logfile /var/log/ha-log
logfacility local0
keepalive 2
deadtime 30
warntime 10
initdead 60
udpport 694
ucast eth1 192.168.11.30
auto_failback on
node hello
node web
ping 192.168.11.1
respawn hacluster /usr/lib/heartbeat/ipfail
7、把主上的三个配置拷贝到从上:
#cd /etc/ha.d/
#scp authkeys ha.cf haresources web:/etc/ha.d/
8、从上 (web) 只需要编辑 ha.cf
vi /etc/ha.d/ha.cf // 只需要更改一个地方
ucast eth1 192.168.11.30 改为 ucast eth1 192.168.11.20
9、启动 heartbeat
先主,后从
#service heartbeat start
10、检查测试
ifconfig 查看是否有 eth1:0 出现则说明主已经开始工作;
[root@yong ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:43:3D:32
inet addr:192.168.20.20 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe43:3d32/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:433 errors:0 dropped:0 overruns:0 frame:0
TX packets:429 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:37095 (36.2 KiB) TX bytes:75381 (73.6 KiB)
Interrupt:18 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:43:3D:3C
inet addr:192.168.11.20 Bcast:192.168.11.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe43:3d3c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:396 errors:0 dropped:0 overruns:0 frame:0
TX packets:399 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:83641 (81.6 KiB) TX bytes:89725 (87.6 KiB)
Interrupt:18 Base address:0x2080
eth1:0 Link encap:Ethernet HWaddr 00:0C:29:43:3D:3C
inet addr:192.168.11.100 Bcast:192.168.11.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18 Base address:0x2080
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
查看是否有 nginx 进程、heartbeat 进程;
[root@yong ha.d]# ps aux |grep nginx
root 3731 0.0 0.1 5000 632 ? Ss 10:52 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody 3732 0.0 0.1 5200 984 ? S 10:52 0:00 nginx: worker process
[root@yong ha.d]# ps aux |grep heartbeat
root 2765 0.3 1.3 6684 6676 ? SLs 10:44 0:01 heartbeat: master control process
root 2770 0.0 1.2 6488 6480 ? SL 10:44 0:00 heartbeat: FIFO reader
root 2771 0.0 1.2 6484 6476 ? SL 10:44 0:00 heartbeat: write: ucast eth1
root 2772 0.0 1.2 6484 6476 ? SL 10:44 0:00 heartbeat: read: ucast eth1
root 2773 0.0 1.2 6484 6476 ? SL 10:44 0:00 heartbeat: write: ping 192.168.11.1
root 2774 0.0 1.2 6484 6476 ? SL 10:44 0:00 heartbeat: read: ping 192.168.11.1
498 2787 0.0 0.2 5380 1488 ? S 10:45 0:00 /usr/lib/heartbeat/ipfail
11、测试 1:主上故意禁 ping
#iptables -I INPUT -p icmp -j DROP
Windows 客户端一直 ping 192.168.11.100,一直通,禁止 ping 之后中间会中断一会,之后一直通;
在从上 ifconfig 查看出现 eth1:0,查看 nginx 进程也有,说明转换到从机器上运行;
[root@web ~]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:97:C3:EC
inet addr:192.168.20.30 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe97:c3ec/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:460 errors:0 dropped:0 overruns:0 frame:0
TX packets:469 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:37104 (36.2 KiB) TX bytes:101866 (99.4 KiB)
Interrupt:19 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:97:C3:F6
inet addr:192.168.11.30 Bcast:192.168.11.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe97:c3f6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1022 errors:0 dropped:0 overruns:0 frame:0
TX packets:1035 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:191275 (186.7 KiB) TX bytes:182393 (178.1 KiB)
Interrupt:18 Base address:0x2080
eth1:0 Link encap:Ethernet HWaddr 00:0C:29:97:C3:F6
inet addr:192.168.11.100 Bcast:192.168.11.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18 Base address:0x2080
12、测试 2:主上停止 heartbeat 服务
1 #service heartbeat stop
Windows 客户端一直 ping 192.168.11.100,一直通,停止心跳服务后中间会中断一会,之后一直通;
在从上 ifconfig 查看出现 eth1:0,查看 nginx 进程也有,说明转换到从机器上运行;
13、测试 3:测试脑裂,主和从都停掉 eth1 网卡;
eth1 网卡禁用,ifdown eth1 心跳线断了之后,会发生脑裂;主从之间连接断了,从在死亡时间没收到主的心跳,则认为主死亡。
主死了,从机器接管服务,从机器使用虚��ip 地址,主和从都在运行服务;
主机器没有 eth1 网卡,一直运行 nginx;
[root@yong ha.d]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:43:3D:32
inet addr:192.168.20.20 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe43:3d32/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:11442 errors:0 dropped:0 overruns:0 frame:0
TX packets:15376 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:842833 (823.0 KiB) TX bytes:10226838 (9.7 MiB)
Interrupt:18 Base address:0x2000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:1163 errors:0 dropped:0 overruns:0 frame:0
TX packets:1163 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:150095 (146.5 KiB) TX bytes:150095 (146.5 KiB)
[root@yong ha.d]# ps aux |grep nginx
root 11686 0.0 0.1 5000 636 ? Ss 14:27 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody 11687 0.0 0.1 5200 988 ? S 14:27 0:00 nginx: worker process
从机器查看地址,eth1:0 出现
[root@localhost ha.d]# ifconfig
eth0 Link encap:Ethernet HWaddr 00:0C:29:97:C3:EC
inet addr:192.168.20.30 Bcast:192.168.20.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe97:c3ec/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7901 errors:0 dropped:0 overruns:0 frame:0
TX packets:5891 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:603592 (589.4 KiB) TX bytes:2094606 (1.9 MiB)
Interrupt:19 Base address:0x2000
eth1 Link encap:Ethernet HWaddr 00:0C:29:97:C3:F6
inet6 addr: fe80::20c:29ff:fe97:c3f6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:20774 errors:0 dropped:0 overruns:0 frame:0
TX packets:59144 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:3513861 (3.3 MiB) TX bytes:12998603 (12.3 MiB)
Interrupt:18 Base address:0x2080
eth1:0 Link encap:Ethernet HWaddr 00:0C:29:97:C3:F6
inet addr:192.168.11.100 Bcast:0.0.0.0 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
Interrupt:18 Base address:0x2080
[root@localhost ha.d]# ps aux |grep nginx
root 8938 0.0 0.0 3684 584 ? Ss 14:37 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody 8940 0.0 0.1 4936 2008 ? S 14:37 0:00 nginx: worker process
nobody 8941 0.0 0.2 4936 2064 ? S 14:37 0:00 nginx: worker process
14、测试 4:设置 auto_failback off
主从都需要配置,启动 heartbeat,主上禁止 ping 之后,跳转到从机器,主恢复 ping 之后,也不会跳转到主,一直是从机器提供服务;
HA 高可用搭建完毕;
LVS+Keepalived 实现四层负载及高可用 http://www.linuxidc.com/Linux/2015-02/112695.htm
LVS+Keepalived 高可用负载均衡集群架构实验 http://www.linuxidc.com/Linux/2015-01/112560.htm
Heartbeat+LVS 构建高可用负载均衡集群 http://www.linuxidc.com/Linux/2014-09/106964.htm
搭建 LVS 负载均衡测试环境 http://www.linuxidc.com/Linux/2014-09/106636.htm
一个针对 LVS 的压力测试报告 http://www.linuxidc.com/Linux/2015-03/114422.htm
CentOS 6.3 下 Haproxy+Keepalived+Apache 配置笔记 http://www.linuxidc.com/Linux/2013-06/85598.htm
Haproxy + KeepAlived 实现 WEB 群集 on CentOS 6 http://www.linuxidc.com/Linux/2012-03/55672.htm
Keepalived+Haproxy 配置高可用负载均衡 http://www.linuxidc.com/Linux/2012-03/56748.htm
Haproxy+Keepalived 构建高可用负载均衡 http://www.linuxidc.com/Linux/2012-03/55880.htm
CentOS 7 上配置 LVS + Keepalived + ipvsadm http://www.linuxidc.com/Linux/2014-11/109237.htm
Keepalived 高可用集群搭建 http://www.linuxidc.com/Linux/2014-09/106965.htm
本文永久更新链接地址:http://www.linuxidc.com/Linux/2015-06/118648.htm
