你須要瞭解的高可用方案之使用keepalived搭建雙機熱備一覽

時間  2019-11-19
標籤 須要 瞭解 可用 方案 使用 keepalived 搭建 一覽 欄目 負載均衡 简体版
原文   原文鏈接

  

             在以前一篇使用nginx搭建高可用的解決方案的時候,不少同窗會問,若是nginx掛掉怎麼辦,好比下面這張圖:nginx

            你能夠清楚的看到,若是192.168.2.100這臺機器掛掉了,那麼整個集羣就下線了,這個問題該怎麼解決呢??? 簡單的想一想確實不大好處理,由於你web

的webBrowser總得要訪問一個ip地址,對吧。。這個問題怎麼破呢?docker

 

一:問題分析centos

  若是你有一些網絡底子的話,就會明白,你給一個不在本網段的機器發送請求的話,這個請求會先通過你的網關IP,而後經過網關IP傳給對方的網關IP,然網絡

後網關IP會將請求轉給它所在局域網的主機,固然個人網關IP和對方的網關IP之間可能有不少跳的路由地址,大概的流程就是下面這樣:app

若是你不信的話,能夠用tracert 看看你到www.ctrip.com的路由總過程。curl

從上圖中能夠看到,從我當前主機到ctrip.com一共有20跳,第一條是192.168.2.1,這個就是個人路由器IP,也就是個人網關IP。socket

 

二:虛擬路由冗餘協議oop

  好了,說了這麼多有什麼用呢?其實你們仔細觀察這張圖,你會想我能不能在網關IP上作一些手腳呢? 可喜的是現在的路由器基本上都支持一個叫作ui

VRRP(虛擬路由冗餘協議),這一協議的做用你能夠理解成把網關IP虛擬化成一個網關IP集羣,就好像獸族劍聖的鏡像技能,這裏面有master,也有slave,

而後局域網內的主機設置的都是虛擬的masterIP(VIP),恰好keepealived就是一個實現VRRP的一款應用程序,你須要,我專業,你們就這樣走到一塊了。

 

三:keepalived搭建一覽

1. 下載:從官網上找到當前最新的版本1.4.2。http://www.keepalived.org/software/keepalived-1.4.2.tar.gz。

     配置機器: 192.168.23.156 【centos】

              192.168.23.157 【centos】

1 [root@localhost app]# wget http://www.keepalived.org/software/keepalived-1.4.2.tar.gz
2 --2018-03-10 04:04:06--  http://www.keepalived.org/software/keepalived-1.4.2.tar.gz
3 Resolving www.keepalived.org (www.keepalived.org)... 37.59.63.157, 2001:41d0:8:7a9d::1
4 Connecting to www.keepalived.org (www.keepalived.org)|37.59.63.157|:80... connected.
5 HTTP request sent, awaiting response... 200 OK
6 Length: 738096 (721K) [application/x-gzip]
7 Saving to: ‘keepalived-1.4.2.tar.gz’
8 
9 100%[==================================================================>] 738,096     5.24KB/s   in 4m 44s

 

2. 而後把相關依賴裝起來:yum install -y openssl openssl-devel。

 1 [root@localhost app]# yum install -y openssl openssl-devel
 2 Loaded plugins: fastestmirror, langpacks
 3 Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=os&infra=stock error was
 4 14: curl#52 - "Empty reply from server"
 5 base                                                                                 | 3.6 kB  00:00:00     
 6 epel/x86_64/metalink                                                                 | 7.8 kB  00:00:00     
 7 Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=7&arch=x86_64&repo=extras&infra=stock error was
 8 14: curl#52 - "Empty reply from server"
 9 extras                                                                               | 3.4 kB  00:00:00     
10 updates                                                                              | 3.4 kB  00:00:00     
11 updates/7/x86_64/primary_db                                                          | 6.9 MB  00:01:10

 

3. 接下來繼續解壓,最後安裝三板斧: ./configure --prefix=/usr/app/keepalived && make && make install。

[root@localhost app]# tar -zxvf keepalived-1.4.2.tar.gz
[root@localhost app]# ls
keepalived-1.4.2  keepalived-1.4.2.tar.gz
[root@localhost app]# cd keepalived-1.4.2
[root@localhost keepalived-1.4.2]# ls
aclocal.m4  bin_install  configure     COPYING  genhash     keepalived          Makefile.am  README.md
ar-lib      ChangeLog    configure.ac  depcomp  INSTALL     keepalived.spec.in  Makefile.in  snap
AUTHOR      compile      CONTRIBUTORS  doc      install-sh  lib                 missing      TODO
[root@localhost keepalived-1.4.2]#

[root@localhost keepalived-1.4.2]# ./configure --prefix=/usr/app/keepalived && make && make install

 

安裝好了以後,你就會看到以下的內容,那就恭喜你,安裝成功了。

Keepalived configuration
------------------------
Keepalived version       : 1.4.2
Compiler                 : gcc
Preprocessor flags       : 
Compiler flags           : -Wall -Wunused -Wstrict-prototypes -Wextra -g -O2 -fPIE -D_GNU_SOURCE
Linker flags             : -pie
Extra Lib                :  -lcrypto  -lssl 
Use IPVS Framework       : Yes
IPVS use libnl           : No
IPVS syncd attributes    : No
IPVS 64 bit stats        : No
fwmark socket support    : Yes
Use VRRP Framework       : Yes
Use VRRP VMAC            : Yes
Use VRRP authentication  : Yes
With ip rules/routes     : Yes
SNMP vrrp support        : No
SNMP checker support     : No
SNMP RFCv2 support       : No
SNMP RFCv3 support       : No
DBUS support             : No
SHA1 support             : No
Use Debug flags          : No
smtp-alert debugging     : No
Use Json output          : No
Stacktrace support       : No
Memory alloc check       : No
libnl version            : None
Use IPv4 devconf         : No
Use libiptc              : No
Use libipset             : No
init type                : systemd
Build genhash            : Yes
Build documentation      : No

 

4. 安裝好了以後,在/usr/app/keepalived/etc/keepalived目錄下有一個keepalived.conf文件,如今你要作的事情就是

    將它copy到/etc/keepalived文件夾下就能夠了。

1 [root@localhost keepalived]# ls
2 keepalived.conf  samples
3 [root@localhost keepalived]# pwd
4 /usr/app/keepalived/etc/keepalived
5 [root@localhost keepalived]# mkdir -p /etc/keepalived
6 [root@localhost keepalived]# cp ./keepalived.conf /etc/keepalived/keepalived.conf

 

5. 接下來咱們改一下配置文件。

   在192.168.23.156機器中的配置文件,修改以下:

【原來】

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.200.16
        192.168.200.17
        192.168.200.18
    }
}

 

【修改】

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id NodeA
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress { 192.168.2.200 }
}

其中要注意的就是:

  《1》priority 150

     節點的優先級,master要比slave高。

  《2》interface ens33

     ens33你們能夠經過ipconfig查看一下本身的網卡。

[root@localhost ~]# ifconfig
br-11757db6abf5: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.22.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:c2:e0:52:10  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-875e3c64ec79: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.23.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:4e:43:5b:a0  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-904f2c62861e: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.19.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:6d:80:36:58  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-b0028a425959: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.21.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:68:51:95:99  txqueuelen 0  (Ethernet)
        RX packets 18  bytes 1458 (1.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 41  bytes 3920 (3.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-c4a09a75fc67: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.18.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:92:f9:2d:65  txqueuelen 0  (Ethernet)
        RX packets 4  bytes 340 (340.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4  bytes 340 (340.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

br-f0fb207788a0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.20.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        inet6 fe80::42:86ff:fe1e:c970  prefixlen 64  scopeid 0x20<link>
        ether 02:42:86:1e:c9:70  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

docker0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 172.17.0.1  netmask 255.255.0.0  broadcast 0.0.0.0
        ether 02:42:8f:8c:a9:a7  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0 ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.23.157  netmask 255.255.255.0  broadcast 192.168.23.255
        inet6 fe80::20c:29ff:fe54:4f5a  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:54:4f:5a  txqueuelen 1000  (Ethernet)
        RX packets 10899  bytes 11349012 (10.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 5575  bytes 599717 (585.6 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 0  (Local Loopback)
        RX packets 4  bytes 340 (340.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 4  bytes 340 (340.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

veth4d72ad4: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::d4fb:fcff:feeb:cd7c  prefixlen 64  scopeid 0x20<link>
        ether d6:fb:fc:eb:cd:7c  txqueuelen 0  (Ethernet)
        RX packets 16  bytes 1248 (1.2 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 43  bytes 4130 (4.0 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

vethe634b1c: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet6 fe80::e0c6:88ff:fe1c:f4a1  prefixlen 64  scopeid 0x20<link>
        ether e2:c6:88:1c:f4:a1  txqueuelen 0  (Ethernet)
        RX packets 18  bytes 1458 (1.4 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 41  bytes 3920 (3.8 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

virbr0: flags=4099<UP,BROADCAST,MULTICAST>  mtu 1500
        inet 192.168.122.1  netmask 255.255.255.0  broadcast 192.168.122.255
        ether 00:00:00:00:00:00  txqueuelen 0  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@localhost ~]#

 

    《3》virtual_ipaddress 192.168.23.200

            設置好虛擬IP(VIP)爲:192.168.23.200

一樣的道理,在192.168.23.157設置以下:

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   } 
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30 router_id NodeB
   vrrp_skip_check_adv_addr
   vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}  

vrrp_instance VI_1 {
    state BACKUP interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }   
 virtual_ipaddress { 192.168.23.200 }  
}

 

7. 接下來就能夠啓動keepalived了。

[root@localhost sbin]# ./keepalived -D
[root@localhost sbin]# ps -ef | grep keepalived
root       4661      1  0 05:41 ?        00:00:00 ./keepalived -D
root       4662   4661  0 05:41 ?        00:00:00 ./keepalived -D
root       4663   4661  0 05:41 ?        00:00:00 ./keepalived -D
root       4673   4300  0 05:41 pts/0    00:00:00 grep --color=auto keepalived

 

五:檢測

1. 經過ip a  看看當前ens33網卡上是否綁定了192.168.23.200虛擬IP。

 

2. 而後經過arp -a 查看當前的vip映射到的物理(mac)地址,能夠看到當前的vip映射到的是192.168.23.156上面。

C:\Users\hxc>arp -a

接口: 192.168.23.1 --- 0x6
  Internet 地址         物理地址              類型
  192.168.23.156        00-0c-29-75-7e-20     動態
  192.168.23.157        00-0c-29-54-4f-5a     動態
  192.168.23.200        00-0c-29-75-7e-20     動態
  192.168.23.255        ff-ff-ff-ff-ff-ff     靜態
  224.0.0.22            01-00-5e-00-00-16     靜態
  224.0.0.251           01-00-5e-00-00-fb     靜態
  224.0.0.252           01-00-5e-00-00-fc     靜態
  239.11.20.1           01-00-5e-0b-14-01     靜態
  239.255.255.250       01-00-5e-7f-ff-fa     靜態
  255.255.255.255       ff-ff-ff-ff-ff-ff     靜態

 

  3. 而後咱們把156這臺機器關閉了,能夠看到當前的vip已經漂移到了157這臺機器上了。

C:\Users\hxc>arp -a

接口: 192.168.23.1 --- 0x6
  Internet 地址         物理地址              類型
  192.168.23.156        00-0c-29-75-7e-20     動態
  192.168.23.157        00-0c-29-54-4f-5a     動態
  192.168.23.200        00-0c-29-54-4f-5a     動態
  192.168.23.255        ff-ff-ff-ff-ff-ff     靜態
  224.0.0.22            01-00-5e-00-00-16     靜態
  224.0.0.251           01-00-5e-00-00-fb     靜態
  224.0.0.252           01-00-5e-00-00-fc     靜態
  239.11.20.1           01-00-5e-0b-14-01     靜態
  239.255.255.250       01-00-5e-7f-ff-fa     靜態
  255.255.255.255       ff-ff-ff-ff-ff-ff     靜態

   

      好了,這個就是本篇所說的全部內容,但願對您有幫助。

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程