Keepalived实现HAproxy高可用详解

176次阅读

没有评论

共计 13652 个字符，预计需要花费 35 分钟才能阅读完成。

一，keepalived 介绍

keepalived 是一个可以实现某些资源高可用的开源软件，其主要的组件包括 core，check，vrrp，libipfwc，libipvs，这里说下各个组件的功能。

core：keepalived 的核心组件，负责主进程的启动和维护以及加载解析配置文件等。

check：负责 healthchecker, 负责各种健康检查方式，和对应的配置解析以及 LVS 的配置解析。

vrrp：vrrpd 的子进程。

libipfwc：结合 iptables 的 ipchains 库来使用。

libipvs：结合 LVS 使用。

keepalived 启动后会生成 3 个进程，master 主进程，VRRP 子进程，healthchecker 子进程。

VRRP 协议是实现 keepalived 高可用的一个基础，下面说一下 VRRP 的实现原理：

VRRP 虚拟路由 (VRRP router)，VRRP 是一个“选举”协议，它能够动态地将一个虚拟路由器的责任指定至同一个 VRRP 组中的其它路由器上，VRRP 的优势：

冗余：可以使用多个路由器设备作为 LAN 客户端的默认网关，大大降低了默认网关成为单点故障的可能性；

负载共享：允许来自 LAN 客户端的流量由多个路由器设备所共享；

多 VRRP 组：在一个路由器物理接口上可配置多达 255 个 VRRP 组；

多 IP 地址：基于接口别名在同一个物理接口上配置多个 IP 地址，从而支持在同一个物理接口上接入多个子网；

抢占：在 master 故障时允许优先级更高的 backup 成为 master；

通告协议：使用 IANA 所指定的组播地址 224.0.0.18 进行 VRRP 通告；

VRRP 追踪：基于接口状态来改变其 VRRP 优先级来确定最佳的 VRRP 路由器成为 master；

二，实验环境：

192.168.30.116 OS：CentOS 6.4 x86_64 master.luojianlong.com

192.168.30.117 OS：Centos 6.4 x86_64 backup.luojianlong.com

keepalived 版本：keepalived-1.2.7

首先，分别在 2 台服务器上，安装 keepalived,haproxy，由于系统版本是 Centos 6.4，这 2 个软件已经被整合在内部了，所以使用 yum 来安装

[root@master ~]# yum -y install keepalived haproxy

[root@backup ~]# yum -y install keepalived haproxy

接下来，先配置 master 与 backup 服务器的优先级，virtual_router_id（同一个实例 2 台服务器必须相同），编辑配置文件:

[root@master ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

[root@backup ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak

[root@master ~]# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 192.168.200.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_instance VI_1 {

state MASTER

interface eth0

virtual_router_id 51

priority 100

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

192.168.30.230

}

[root@backup ~]# vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 192.168.200.1

smtp_connect_timeout 30

router_id LVS_DEVEL

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 51

priority 99

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

virtual_ipaddress {

192.168.30.230

}

global_defs：全局配置标识破；

notification_email：表示告警时发送的邮件地址；

notification_email_from：表示发送邮件的源地址；

smtp_server：发送邮件的 smtp 服务器地址；

router_id：机器标识；

vrrp_instance：定义一个 vrrp 实例；

state：state 指定 instance(Initial) 的初始状态，就是说在配置好后，这台服务器的初始状态就是这里指定的，但这里指定的不算，还是得要通过竞选通过优先级来确定，里如果这里设置为 master，但如若他的优先级不及另外一台，那么这台在发送通告时，会发送自己的优先级，另外一台发现优先级不如自己的高，那么他会就回抢占为 master；

interface：实例绑定的网卡，因为在配置虚拟 IP 的时候必须是在已有的网卡上添加的；

virtual router id：这里设置 VRID，这里非常重要，相同的 VRID 为一个组，他将决定多播的 MAC 地址；

priority 100：设置本节点的优先级，优先级高的为 master；

advert int：检查间隔，默认为 1 秒；

virtual ipaddress：这里设置的就是 VIP，也就是虚拟 IP 地址，他随着 state 的变化而增加删除，当 state 为 master 的时候就添加，当 state 为 backup 的时候删除，这里主要是有优先级来决定的，和 state 设置的值没有多大关系，这里可以设置多个 IP 地址；

authentication：这里设置认证；

auth type：认证方式，可以是 PASS 或 AH 两种认证方式；

auth pass：认证密码；

启动俩台服务器的 keepalived

[root@master ~]# service keepalived start

Starting keepalived: [OK]

[root@backup ~]# service keepalived start

Starting keepalived: [OK]

[root@master ~]# tail -f /var/log/messages

Jan 10 11:40:56 localhost Keepalived_healthcheckers[19368]: Using LinkWatch kernel netlink reflector…

Jan 10 11:40:56 localhost Keepalived_vrrp[19369]: Opening file ‘/etc/keepalived/keepalived.conf’.

Jan 10 11:40:56 localhost Keepalived_vrrp[19369]: Configuration is using : 63019 Bytes

Jan 10 11:40:56 localhost Keepalived_vrrp[19369]: Using LinkWatch kernel netlink reflector…

Jan 10 11:40:56 localhost Keepalived_vrrp[19369]: VRRP sockpool: [ifindex(2), proto(112), fd(10,11)]

Jan 10 11:40:57 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Transition to MASTER STATE

Jan 10 11:40:58 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Entering MASTER STATE

Jan 10 11:40:58 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) setting protocol VIPs.

Jan 10 11:40:58 localhost Keepalived_healthcheckers[19368]: Netlink reflector reports IP 192.168.30.230 added

Jan 10 11:40:58 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230

Jan 10 11:41:03 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230

Jan 10 11:41:14 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election

Jan 10 11:41:14 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230

[root@master ~]# ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:f3:fc:ba brd ff:ff:ff:ff:ff:ff

inet 192.168.30.116/24 brd 192.168.30.255 scope global eth0

inet 192.168.30.230/32 scope global eth0

inet6 fe80::20c:29ff:fef3:fcba/64 scope link

valid_lft forever preferred_lft forever

发现刚才定义的 virtual ipaddress 在 master 服务器上，因为优先级较高

停止 master 服务器的 keepalived 服务器，看 IP 会不会转移到 backup

[root@master ~]# service keepalived stop

Stopping keepalived: [OK]

[root@backup ~]# tail -f /var/log/messages

Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: Opening file ‘/etc/keepalived/keepalived.conf’.

Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: Configuration is using : 63017 Bytes

Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: Using LinkWatch kernel netlink reflector…

Jan 10 12:12:46 localhost Keepalived_healthcheckers[18580]: Opening file ‘/etc/keepalived/keepalived.conf’.

Jan 10 12:12:46 localhost Keepalived_healthcheckers[18580]: Configuration is using : 7324 Bytes

Jan 10 12:12:46 localhost Keepalived_healthcheckers[18580]: Using LinkWatch kernel netlink reflector…

Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: VRRP sockpool: [ifindex(2), proto(112), fd(10,11)]

Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Transition to MASTER STATE

Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Received higher prio advert

Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Entering BACKUP STATE

Jan 10 12:16:27 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Transition to MASTER STATE

Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Entering MASTER STATE

Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) setting protocol VIPs.

Jan 10 12:16:28 localhost Keepalived_healthcheckers[18580]: Netlink reflector reports IP 192.168.30.230 added

Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230

Jan 10 12:16:33 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230

[root@backup ~]# ip addr

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN

link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

inet 127.0.0.1/8 scope host lo

inet6 ::1/128 scope host

valid_lft forever preferred_lft forever

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:5b:50:f9 brd ff:ff:ff:ff:ff:ff

inet 192.168.30.117/24 brd 192.168.30.255 scope global eth0

inet 192.168.30.230/32 scope global eth0

inet6 fe80::20c:29ff:fe5b:50f9/64 scope link

valid_lft forever preferred_lft forever

发现 IP 已经转移到 backup 服务器

下面重新启动 master 的 keepalived