From c86daa60be1652ae45732e6493be1f1ab6aaea07 Mon Sep 17 00:00:00 2001 From: tu <2843180578@qq.com> Date: Fri, 7 Jun 2024 16:41:49 +0800 Subject: [PATCH] =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E6=96=87=E4=BB=B6=E8=87=B3?= =?UTF-8?q?=20/?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- keepalived高可用集群.md | 477 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 477 insertions(+) create mode 100644 keepalived高可用集群.md diff --git a/keepalived高可用集群.md b/keepalived高可用集群.md new file mode 100644 index 0000000..b93c914 --- /dev/null +++ b/keepalived高可用集群.md @@ -0,0 +1,477 @@ +# keepalived高可用集群 + +**注意:centos7和9的配置完全一样** + +负载均衡 lb集群 load balance + +​ 流量分发 + +高可用 ha集群 high availability + +​ 主要是给服务器做冗余 + +keepalive 持久连接 保持存活 + +keepalived 高可用软件名称 + +红帽有自己的高可用集群套件:RHCS + +## keepalived介绍 + +​ keepalived是集群管理中保证集群高可用的一个服务软件,其功能类似于heartbeat,用来防止单点故障。 + +master vip backup vip + +**脑裂**问题: + +backup vip + +master vip + +解决:**stonith** `shoot the other node in the head` **爆头** + + + +重启keepalived 关闭keepalived服务 + + + +## keepalived工作原理 + +​ keepalived是以**VRRP**协议为实现基础的,是实现路由器高可用的协议,VRRP全称Virtual Router Redundancy Protocol,即**虚拟路由冗余协议。** + + + +面试题(keepalived的工作原理) +**将N台提供相同功能的服务器组成一个服务器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该服务器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master** + +广播 组播 单播 + +keepalived主要有三个模块,分别是**core、check和vrrp**。core模块为keepalived的核心,负责主进程的启动、维护以及全局配置文件的加载和解析。check负责健康检查,包括常见的各种检查方式。vrrp模块是来实现VRRP协议的。 + +## keepalived部署 + +​ ++++++++++++ + +​ +---------------------------> + Client + 192.168.122.1/24 (真实机做客户端) +​ | ++++++++++++ +​ | ________________|________________ VIP eth0:1 192.168.122.254/24 +​ | | | +​ | ++++++++++++++++ +++++++++++++++++ +​ | + Director master + + Director backup + +​ | ++++++++++++++++ +++++++++++++++++ +​ | DIP eth0 192.168.122.10/24 DIP eth0 192.168.122.20/24 +​ | |____________________________________________________________| +​ |___________________________________________________________________ ____________________ _________|__________________________________________________ +​ | | +​ | | + +​ ++++++++++++++++ ++++++++++++++++ + +​ \+ Real Server A + + Real Server B + + +​ ++++++++++++++++ ++++++++++++++++ + +​ eth0 192.168.122.30/24 eth0 192.168.122.40/24 + +**分别在Director master、Director backup 上部署浮动资源(VIP IPVS策略)** +**测试2个Director在DR模式下都工作正常。测试完成后都撤掉浮动资源。** + +------ + +**关于dr网卡路由条目上下顺序问题** + +因为dr2是ens36在下面,ens33在上面,所以配置keepalived的时候就不行了,可尝试以下解决方案调整路由条目上下顺序(如果还不行就需要在开始规划的时候就要固定网卡固定ip规划好,其实物理服务器不会出现这个问题) + +```bash +[root@server ~]# ip r l +default via 192.168.26.2 dev ens36 proto dhcp src 192.168.26.132 metric 100 +default via 192.168.26.2 dev ens33 proto dhcp src 192.168.26.131 metric 101 +192.168.26.0/24 dev ens36 proto kernel scope link src 192.168.26.132 metric 100 +192.168.26.0/24 dev ens33 proto kernel scope link src 192.168.26.131 metric 101 + +[root@server ~]# ip link set ens36 down +[root@server ~]# ip r l +default via 192.168.26.2 dev ens33 proto dhcp src 192.168.26.131 metric 101 +192.168.26.0/24 dev ens33 proto kernel scope link src 192.168.26.131 metric 101 + +[root@server ~]# ip link set ens36 up +[root@server ~]# ip r l +default via 192.168.26.2 dev ens33 proto dhcp src 192.168.26.131 metric 101 +default via 192.168.26.2 dev ens36 proto dhcp src 192.168.26.132 metric 102 +192.168.26.0/24 dev ens33 proto kernel scope link src 192.168.26.131 metric 101 +192.168.26.0/24 dev ens36 proto kernel scope link src 192.168.26.132 metric 102 +``` + +------ + +image-20230307181508663 + +**1. 在master上安装配置Keepalived** + +```bash +# yum install keepalived -y +``` + +**2. 修改配置文件**(清空原有配置文件) + +```bash +# cd /etc/keepalived/ +# vim keepalived.conf +``` + +//全局配置 +! Configuration File for keepalived +global_defs { + notification_email { + root@localhost + } + notification_email_from keepalived@localhost + smtp_server 127.0.0.1 + smtp_connect_timeout 30 + **router_id Director1** //两边是一样的 + } +//局部配置 +vrrp_instance VI_1 { + state **MASTER** //另外一台机器是BACKUP + interface **eth0** //心跳网卡 DIP那一块网卡 + virtual_router_id 51 + priority **50** //优先级 + advert_int 1 //检查间隔,单位秒 + authentication { + auth_type PASS + auth_pass 1111 + } + virtual_ipaddress { + **192.168.122.254/24 dev eth0** //VIP随便自己定义 只要是同一个网段就可以 + } + } + +virtual_server **192.168.122.254** 80 { //LVS 配置,VIP + delay_loop 3 //服务论询的时间间隔 + lb_algo rr //LVS 调度算法 + lb_kind DR // LVS 集群模式 + protocol TCP + real_server **192.168.122.30** 80 { + weight 1 + TCP_CHECK { + connect_timeout 3 + } + } + real_server **192.168.122.40** 80 { + weight 1 + TCP_CHECK { + connect_timeout 3 + } + } +} + +**3.在backup上安装keepalived** + +```bash +# yum install keepalived -y +``` + +**4.拷贝master上的keepalived.conf到backup上:** + +```bash +# scp keepalived.conf 192.168.122.20:/etc/keepalived/ +``` + +**5.拷贝后,修改配置文件** + state **BACKUP** + priority **100** + +**6.两个Director上启动服务** + +```bash +# systemctl start keepalived +``` + +**7.测试** +1)观察lvs路由条目 +2)观察vip地址在哪台机器上(有可能两台机器上都有,但是他好用没有问题即可) +3)客户端浏览器访问vip +4)关闭master上的keepalived服务,再次访问vip + +## 实验过程总结 + +10.0.0.20 dr1 +10.0.0.21 dr2 +10.0.0.22 web1 rs1 +10.0.0.23 web2 rs2 + +**1. 设置rs的配置** + 1.1 安装web服务器 + 1.2 添加vip:10.0.0.40 lo + 1.3 arp 1 2 + +**2. dr的配置** + 2.1 两块网卡 两台机器上的两块网卡名称必须一样 + 2.2 路由条目的顺序必须一样 + 2.3 区分谁当dip 谁的路由条目在上面 谁当dip + 2.4 dip要固定下来 20 21 ens33 + 2.5 vip ens37 :ip地址 有或没有都行 只要这个网卡是启动状态 + 如果有Ip地址,这个Ip不能是vip + 2.6 安装ipvsadm + +**3. 安装keepalived到两台dr上** + 修改keepalived.conf配置文件: + 设置vip + 设置角色 master backup + 设置realserver是谁 ip地址是多少 + +## 扩展实验-keepalived+mysql + +mysql可以是以下3种情况 + +1、双主 + +2、mysql-cluster + +3、gelara集群 + +**项目环境** +VIP 192.168.122.100 +mysql1 192.168.122.10 +mysql2 192.168.122.20 + vip +主(keepalived) 主(keepalived) + +**实现过程概要** + +一、mysql 主主同步 +二、在两台mysql上安装keepalived +三、keepalived 主备配置文件 +四、mysql状态检测脚本/root/bin/keepalived_check_mysql.sh +五、测试及诊断 +注 keepalived之间使用vrrp组播方式通信使用的IP地址是224.0.0.18 +====================================== +**实施步骤** +**一、mysql 主主同步 <略>** + +**二、安装keepalived** + +```bash +两台 +# yum install keepalived -y +``` + +**三、keepalived 主备配置文件** +主备置文件不同处有 state priority + +------ + +**192.168.122.10 Master配置** + +```bash +# vim /etc/keepalived/keepalived.conf +``` + +! Configuration File for keepalived + +global_defs { + router_id mysql1 //两边一样 +} + +**vrrp_script** **check_run** { //定义配置健康检查脚本的配置名称**check_run** + script "/root/keepalived_check_mysql.sh" + interval **5** //执行健康检查的时间间隔 单位s +} + +vrrp_instance VI_1 { + state MASTER + interface eth0 + virtual_router_id 88 + priority 100 + advert_int 1 //检查keepalived本身服务的时间间隔 + authentication { + auth_type PASS + auth_pass 1111 + } + +​ track_script { +​ **check_run** //名字必须和上面的脚本配置名称一致 +​ } + +​ virtual_ipaddress { +​ **192.168.122.100** dev **eth0** +​ } +} + +------ + +**192.168.122.20 Slave配置** + +```bash +# vim /etc/keepalived/keepalived.conf +``` + +! Configuration File for keepalived + +global_defs { + router_id mysql1 +} + +vrrp_script check_run { + script "/root/keepalived_check_mysql.sh" + interval 5 +} + +vrrp_instance VI_1 { + state **BACKUP** + interface eth0 + virtual_router_id 88 + priority **90** + advert_int 1 + authentication { + auth_type PASS + auth_pass 1111 + } + +​ track_script { +​ check_run +​ } + +​ virtual_ipaddress { +​ **192.168.122.100** +​ } +} + +**四、mysql状态检测脚本** + +/root/keepalived_check_mysql.sh(两台MySQL同样的脚本) + +```bash +版本一:简单使用: +#!/bin/bash +/usr/bin/mysql -h ip -uroot -p123 -e "show status;" &>/dev/null +if [ $? -ne 0 ] ;then + systemctl stop keepalived +fi +# 此处的ip是本地ip + +版本二:检查多次 +# vim /root/keepalived_check_mysql.sh +#!/bin/bash +MYSQL=/usr/local/mysql/bin/mysql +MYSQL_HOST=localhost +MYSQL_USER=root +MYSQL_PASSWORD=1111 +CHECK_TIME=3 + +#mysql is working MYSQL_OK is 1 , mysql down MYSQL_OK is 0 +MYSQL_OK=1 + +check_mysql_helth (){ + $MYSQL -h $MYSQL_HOST -u $MYSQL_USER -p${MYSQL_PASSWORD} -e "show status;" &>/dev/null + if [ $? -eq 0 ] ;then + MYSQL_OK=1 + else + MYSQL_OK=0 + fi + return $MYSQL_OK +} + +while [ $CHECK_TIME -ne 0 ] +do + check_mysql_helth + if [ $MYSQL_OK -eq 1 ] ; then + exit 0 + fi + + if [ $MYSQL_OK -eq 0 ] && [ $CHECK_TIME -eq 1 ];then + /etc/init.d/keepalived stop + exit 1 + fi + let CHECK_TIME-- + sleep 1 +done + +版本三:检查多次 +# vim /root/keepalived_check_mysql.sh +#!/bin/bash +MYSQL=/usr/local/mysql/bin/mysql +MYSQL_HOST=localhost +MYSQL_USER=root +MYSQL_PASSWORD=1111 +CHECK_TIME=3 + +#mysql is working MYSQL_OK is 1 , mysql down MYSQL_OK is 0 +MYSQL_OK=1 + +check_mysql_helth (){ + $MYSQL -h $MYSQL_HOST -u $MYSQL_USER -p${MYSQL_PASSWORD} -e "show status;" &>/dev/null + if [ $? -eq 0 ] ;then + MYSQL_OK=1 + else + MYSQL_OK=0 + fi + return $MYSQL_OK +} + +while [ $CHECK_TIME -ne 0 ] +do + check_mysql_helth + if [ $MYSQL_OK -eq 1 ] ; then + exit 0 + fi + + let CHECK_TIME-- + sleep 1 +done +/etc/init.d/keepalived stop +exit 1 + +# chmod 755 /root/keepalived_check_mysql.sh + +两边均启动keepalived + +日志查看脚本是否被执行 +# tail -f /var/log/messages +Jun 19 15:20:19 xen1 Keepalived_vrrp[6341]: Using LinkWatch kernel netlink reflector... +Jun 19 15:20:19 xen1 Keepalived_vrrp[6341]: VRRP sockpool: [ifindex(2), proto(112), fd(11,12)] +Jun 19 15:20:19 xen1 Keepalived_vrrp[6341]: VRRP_Script(check_run) succeeded +``` + +## 扩展实验-keepalived+nginx负载均衡器 + +```bash +# vim /etc/keepalived/keepalived.conf +global_defs { + router_id nginx1 +} + +vrrp_script check_run { + script "/keepalived_check_nginx_proxy.sh" + interval 5 +} + +vrrp_instance VI_1 { + state MASTER + interface ens32 + virtual_router_id 88 + priority 90 + advert_int 1 + authentication { + auth_type PASS + auth_pass 1111 + } + + track_script { + check_run + } + + virtual_ipaddress { + 192.168.26.39 + } +} + +# cat /keepalived_check_nginx_proxy.sh +curl 127.1 &>/dev/null +if [ $? -ne 0 ];then + systemctl stop keepalived +fi + +``` +