您当前的位置： 首页 > 学无止境 > 心得笔记 网站首页心得笔记

keepalived详解(lvs的dr模式的vip高可用)

发布时间：2019-06-07 15:39:12编辑：雪饮阅读（）

在一个月前曾经介绍过搭建lvs负载均衡的dr模式，今天要在此基础上实现vip的高可用。

前提

首先搭建一个lvs负载均衡的dr模式，我们通过ipvsadm以rr轮调方式实现rs1与rs2的httpd服务的负载均衡。

新增一个vip节点

上一步骤测试没有问题时，我们依据其vip的配置新增一个vip节点并配置ipvsadm规则，我们接下来就要在这两个vip之间进行高可用。首先就是两个vip节点上之前的绑定vip操作都撤销，因为我们要通过keepalived来实现vip绑定

keepalived安装配置

在两个vip上面分别安装keepalived-1.2.7.tar.gz

[root@localhost ~]# yum install kernel-devel -y

[root@localhost ~]# ls /usr/src/kernels/

2.6.18-308.el5-i686

解压keepalived并安装

[root@localhost keepalived-1.2.7]# yum install gcc openssl-devel

[root@localhost keepalived-1.2.7]# ./configure --sysconfdir=/etc/ --sbindir=/usr/sbin/ --with-kernel-dir=/usr/src/kernels/2.6.18-308.el5-i686/

[root@localhost keepalived-1.2.7]# make && make install

vip1上keepalived配置如：

[root@localhost keepalived-1.2.7]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

 

global_defs {

   notification_email {

     root@localhost

   }

   notification_email_from keepalived@localhost

   smtp_server 127.0.0.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

 

vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51

    priority 101

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass keepalivedpass

    }

    virtual_ipaddress {

        192.168.2.139/24 dev eth0 label eth0:0

    }

}

 

virtual_server 192.168.2.139 80 {

    delay_loop 6

    lb_algo rr

    lb_kind DR

    nat_mask 255.255.255.0

    #persistence_timeout 50

    protocol TCP

 

    real_server 192.168.2.104 80 {

        weight 1

        HTTP_GET {

            url {

              path /

              status_code 200

            }

            connect_timeout 2

            nb_get_retry 3

            delay_before_retry 1

        }

    }

    real_server 192.168.2.167 80 {

        weight 1

        HTTP_GET {

            url {

              path /

              status_code 200

            }

            connect_timeout 2

            nb_get_retry 3

            delay_before_retry 1

        }

    }

}

vip2配置和vip1相同，只将如下配置修改：

vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass keepalivedpass

    }

    virtual_ipaddress {

        192.168.2.1/139 dev eth0 label eth0:0

    }

}

在两个vip节点上都安装上ipvsadm

当上面的两个vip的keepalived都配置安装好后各自都启动keepalived服务后，就会在某个vip上看到vip绑定成功。

此时各自都安装ipvsadm后两个节点都可以看到ipvsadm上面自动有了rs1、rs2

[root@localhost keepalived]# ipvsadm -L -n

IP Virtual Server version 1.2.1 (size=4096)

Prot LocalAddress:Port Scheduler Flags

  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn

TCP  192.168.2.139:80 rr

  -> 192.168.2.167:80             Route   1      0          0        

  -> 192.168.2.104:80             Route   1      0          0

然后手动去停止rs1或rs2的httpd服务，然后在vip上ipvsadm中查看节点列表是否自动将刚才停止掉的rs节点移除掉，反正要测试某个rs的服务上线后，ipvsadm中是否也能自动新增上(注意：有时候你会发现没有及时的摘掉或添加上rs节点，需要耐心等下，有网络延迟的影响)

配置错误页(当所有rs节点都挂掉)

root@localhost keepalived]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

 

global_defs {

   notification_email {

     root@localhost

   }

   notification_email_from keepalived@localhost

   smtp_server 127.0.0.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

 

vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51

    priority 101

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass keepalivedpass

    }

    virtual_ipaddress {

        192.168.2.139/24 dev eth0 label eth0:0

    }

}

 

virtual_server 192.168.2.139 80 {

    delay_loop 6

    lb_algo rr

    lb_kind DR

    nat_mask 255.255.255.0

    #persistence_timeout 50

    protocol TCP

    sorry_server 127.0.0.1 80

    real_server 192.168.2.104 80 {

        weight 1

        HTTP_GET {

            url {

              path /

              status_code 200

            }

            connect_timeout 2

            nb_get_retry 3

            delay_before_retry 1

        }

    }

    real_server 192.168.2.167 80 {

        weight 1

        HTTP_GET {

            url {

              path /

              status_code 200

            }

            connect_timeout 2

            nb_get_retry 3

            delay_before_retry 1

        }

    }

}

那么此时我们每个ha上面就都要配置，且都要有一个httpd服务

经此配置后，当所有rs都挂掉后就会出现vip的httpd服务所提供的界面

配置ha健康状况检查

[root@localhost keepalived]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

 

global_defs {

   notification_email {

     root@localhost

   }

   notification_email_from keepalived@localhost

   smtp_server 127.0.0.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

vrrp_script chk_schedown {

         script "[ -e /etc/keepalived/down ] && exit 1 || exit 0"

         interval 1

         weight -5

         fall 2

         rise 1

}

vrrp_instance VI_1 {

    state MASTER

    interface eth0

    virtual_router_id 51

    priority 101

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass keepalivedpass

    }

    virtual_ipaddress {

        192.168.2.139/24 dev eth0 label eth0:0

    }

    track_script {

         chk_schedown         

    }

}

 

virtual_server 192.168.2.139 80 {

    delay_loop 6

    lb_algo rr

    lb_kind DR

    nat_mask 255.255.255.0

    #persistence_timeout 50

    protocol TCP

    sorry_server 127.0.0.1 80

    real_server 192.168.2.104 80 {

        weight 1

        HTTP_GET {

            url {

              path /

              status_code 200

            }

            connect_timeout 2

            nb_get_retry 3

            delay_before_retry 1

        }

    }

    real_server 192.168.2.167 80 {

        weight 1

        HTTP_GET {

            url {

              path /

              status_code 200

            }

            connect_timeout 2

            nb_get_retry 3

            delay_before_retry 1

        }

    }

}

将两个vip都配置下

然后通过向master的vip上touch一个down文件，实现模型master的vip挂掉了，此时若另外一个vip上线了，而当前vip下线了则健康状况检查配置ok了，反之若删除了down文件则当前vip上线，对方vip下线，当然了这只是排除权重之后的结果，因为随着不断的down后，每个vip的权重都会有所变化，到时候肯定以权重高的优先绑定vip咯

配置vip切换、故障通知

分别是当前vip切换为master、backup以及当前vip故障时候的通知

[root@localhost keepalived-1.2.7]# cat /etc/keepalived/keepalived.conf

! Configuration File for keepalived

 

global_defs {

   notification_email {

     root@localhost

   }

   notification_email_from keepalived@localhost

   smtp_server 127.0.0.1

   smtp_connect_timeout 30

   router_id LVS_DEVEL

}

vrrp_script chk_schedown {

         script "[ -e /etc/keepalived/down ] && exit 1 || exit 0"

         interval 1

         weight -5

         fall 2

         rise 1

}

vrrp_instance VI_1 {

    state BACKUP

    interface eth0

    virtual_router_id 51

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass keepalivedpass

    }

    virtual_ipaddress {

        192.168.2.139/24 dev eth0 label eth0:0

    }

    track_script {

         chk_schedown         

    }

    notify_master "/etc/keepalived/new_notify.sh -n master -a 192.168.2.139 -s sendmail"

    notify_backup "/etc/keepalived/new_notify.sh -n backup -a 192.168.2.139 -s sendmail"

    notify_fault "/etc/keepalived/new_notify.sh -n fault -a 192.168.2.139"

}

 

virtual_server 192.168.2.139 80 {

    delay_loop 6

    lb_algo rr

    lb_kind DR

    nat_mask 255.255.255.0

    #persistence_timeout 50

    protocol TCP

    sorry_server 127.0.0.1 80

    real_server 192.168.2.104 80 {

        weight 1

        HTTP_GET {

            url {

              path /

              status_code 200

            }

            connect_timeout 2

            nb_get_retry 3

            delay_before_retry 1

        }

    }

    real_server 192.168.2.167 80 {

        weight 1

        HTTP_GET {

            url {

              path /

              status_code 200

            }

            connect_timeout 2

            nb_get_retry 3

            delay_before_retry 1

        }

    }

}

keepalived通知脚本进阶示例：

 

下面的脚本可以接受选项，其中：

-s, --service SERVICE,...：指定服务脚本名称，当状态切换时可自动启动、重启或关闭此服务；

-a, --address VIP: 指定相关虚拟路由器的VIP地址；

-m, --mode {mm|mb}：指定虚拟路由的模型，mm表示主主，mb表示主备；它们表示相对于同一种服务而方，其VIP的工作类型；

-n, --notify {master|backup|fault}：指定通知的类型，即vrrp角色切换的目标角色；

-h, --help：获取脚本的使用帮助；

 

#!/bin/bash

# Author: MageEdu <linuxedu@foxmail.com>

# description: An example of notify script

# Usage: notify.sh -m|--mode {mm|mb} -s|--service SERVICE1,... -a|--address VIP  -n|--notify {master|backup|falut} -h|--help

 

#contact='linuxedu@foxmail.com'

helpflag=0

serviceflag=0

modeflag=0

addressflag=0

notifyflag=0

 

contact='root@localhost'

 

Usage() {

  echo "Usage: notify.sh [-m|--mode {mm|mb}] [-s|--service SERVICE1,...] <-a|--address VIP>  <-n|--notify {master|backup|falut}>"

  echo "Usage: notify.sh -h|--help"

}

 

ParseOptions() {

  local I=1;

  if [ $# -gt 0 ]; then

    while [ $I -le $# ]; do

      case $1 in

           -s|--service)

                   [ $# -lt 2 ] && return 3

            serviceflag=1

                 services=(`echo $2|awk -F"," '{for(i=1;i<=NF;i++) print $i}'`)

                   shift 2 ;;

           -h|--help)

                 helpflag=1

                   return 0

        shift

                   ;;

           -a|--address)

                   [ $# -lt 2 ] && return 3

             addressflag=1

                   vip=$2

                   shift 2

                   ;;

           -m|--mode)

                   [ $# -lt 2 ] && return 3

                   mode=$2

                   shift 2

                   ;;

           -n|--notify)

                   [ $# -lt 2 ] && return 3

                   notifyflag=1

                   notify=$2

                   shift 2

                   ;;

           *)

                   echo "Wrong options..."

                   Usage

                   return 7

                   ;;

       esac

    done

    return 0

  fi

}

 

#workspace=$(dirname $0)

 

RestartService() {

  if [ ${#@} -gt 0 ]; then

    for I in $@; do

      if [ -x /etc/rc.d/init.d/$I ]; then

        /etc/rc.d/init.d/$I restart

      else

        echo "$I is not a valid service..."

      fi

    done

  fi

}

 

StopService() {

  if [ ${#@} -gt 0 ]; then

    for I in $@; do

      if [ -x /etc/rc.d/init.d/$I ]; then

        /etc/rc.d/init.d/$I stop

      else

        echo "$I is not a valid service..."

      fi

    done

  fi

}

 

 

Notify() {

    mailsubject="`hostname` to be $1: $vip floating"

    mailbody="`date '+%F %H:%M:%S'`, vrrp transition, `hostname` changed to be $1."

    echo $mailbody | mail -s "$mailsubject" $contact

}

 

 

# Main Function

ParseOptions $@

[ $? -ne 0 ] && Usage && exit 5

 

[ $helpflag -eq 1 ] && Usage && exit 0

 

if [ $addressflag -ne 1 -o $notifyflag -ne 1 ]; then

  Usage

  exit 2

fi

 

mode=${mode:-mb}

 

case $notify in

'master')

  if [ $serviceflag -eq 1 ]; then

      RestartService ${services[*]}

  fi

  Notify master

  ;;

'backup')

  if [ $serviceflag -eq 1 ]; then

    if [ "$mode" == 'mb' ]; then

      StopService ${services[*]}

    else

      RestartService ${services[*]}

    fi

  fi

  Notify backup

  ;;

'fault')

  Notify fault

  ;;

*)

  Usage

  exit 4

  ;;

esac

所需附件下载:keepalived-1.2.7.tar.gz

6da16b64778eaaf3473621a1d24b4fe9.gz (282.60 KB)