• keepalived学习


    HA集群

    1 keepalived
    2 heartbeat
    3 corosync
    4 cman

    功能实现

    vrrp协议在Linux主机上以守护进程方式,
    
    能够根据配置文件自动生成ipvs规则
    
    对各RS健康状态检测

    组件

    vrrp stack
    
    checkers
    
    ipvs wrapper ---> ipvs

    HA Cluster配置准备

    1. 本机的主机名与Hosts中定义的主机保持一致,以及hostname、uname -n获得的名称保持一致
    
        CentOS6 /etc/sysconfig/network
    
        CentOS7 hostnamectl set-hostname HOSTNAME | /etc/hostname
    
        各节点能互相解析主机名编辑/etc/hosts文件
    
    2. 各节点时间同步
    
    3. 确保iptables及selinux规则影响keepalive
    
    4. 为了防止配置文件修改出错不可回改首先备份文件

    配置文件详解

    man keepalived.conf
    
    定义收件人
    
        notification_email {...}   # To:
    
    定义发件人
    
        notification_email_from admin@example.com
    
    SMTP服务器
    
        smtp_server 127.0.0.1 [<PORT>]
    
    邮件超时时间
    
        smtp_connect_timeout 30
    
    定义route_id
    
        router_id LVS_DEVEL
    
    定义组播地址
    
        vrrp_mcast_group4 224.0.0.1
    
    例子:本机邮件
    
        global_defs {
            notification_email {
                    root@localhost
            }
            notification_email_from admin@localhost
            smtp_server 127.0.0.1
            smtp_connect_timeout 30
            router_id node1.example.com
            vrrp_skip_check_adv_addr
            vrrp_strict
            vrrp_garp_interval 0
            vrrp_gna_interval 0
            # vrrp_mcast_group4 224.0.0.1 双主实例默认组播地址不能更改
        }
    
    VRRP组身份
    
        state MASTER
    
    通告网卡
    
        interface eth0
    
    虚拟Route_ID(要唯一)
    
        virtual_router_id 51
    
    优先级,用于判定VRRP组身份
    
        priority 100
    
    心跳发送间隔
    
        advert_int 1
    
    身份认证
    
        authentication {
                # PASS||AH
                # PASS - Simple password (suggested)
                # AH - IPSEC (not recommended))
                auth_type PASS
                # Password for accessing vrrpd.
                # should be the same on all machines.
                # Only the first eight (8) characters are used.
                auth_pass 1234
        }
    
    虚拟地址配置
    
        virtual_ipaddress {
            <IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL>
            192.168.200.17/24 dev eth1
            192.168.200.18/24 dev eth2 label eth2:1
        }
    
    例子:vrrp实例
    
        vrrp_instance VI_1 {
            state MASTER
            interface ens33
            virtual_router_id 51
            priority 100
            advert_int 1
            authentication {
                auth_type PASS
                auth_pass 123456
            }
            virtual_ipaddress {
                192.168.180.100/24 dev ens33 label ens33:0
            }
        }

    使用日志功能

    vim /etc/sysconfig/keepalived 
    
        KEEPALIVED_OPTIONS="-D -S 3"
    
    
    # LOG守护进程配置
    
    vim /etc/rsyslog.conf 
    
        local3.*                                                /var/log/keepalived.log
    
    systemctl restart rsyslog

    VRRP脚本自动检测优先级

    # 实例外定义,实例内调用
    
    vrrp_script chk_schedown {
        script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0"
        interval 2 
        weight -2 
    }
    
    vrrp_instance INSTANCE_NAME {
        ...
        track_script {
            chk_schedown
        }
    }

    keepalive基于LVS-NAT配置

    vrrp_sync_group VG_1 {
        VI_1
        VI_2
    }
    
    vrrp_instance VI_1 {
        interface ...
        VIP
    }
    
    vrrp_instance VI_2 {
        instance ...
        DIP
    }

    keepalived双主模型配置

    node1 
    
        vrrp_instance VI_1 {
            state MASTER
            interface ens33
            virtual_router_id 51
            priority 100
            advert_int 1
            authentication {
                auth_type PASS
                auth_pass 123456
            }
            virtual_ipaddress {
                192.168.180.100/24 dev ens33 label ens33:0
            }
        }
    
        vrrp_instance VI_2 {
            state BACKUP
            interface ens33
            virtual_router_id 61
            priority 99
            advert_int 1
            authentication {
                auth_type PASS
                auth_pass 654321
            }
            virtual_ipaddress {
                192.168.180.110/24 dev ens33 label ens33:1
            }
        }
    
    node2 
    
        vrrp_instance VI_1 {
            state BACKUP
            interface ens33
            virtual_router_id 51
            priority 99
            advert_int 1
            authentication {
                auth_type PASS
                auth_pass 123456
            }
            virtual_ipaddress {
                192.168.180.100/24 dev ens33 label ens33:0
            }
        }
    
        vrrp_instance VI_2 {
            state MASTER
            interface ens33
            virtual_router_id 61
            priority 100
            advert_int 1
            authentication {
                auth_type PASS
                auth_pass 654321
            }
            virtual_ipaddress {
                192.168.180.110/24 dev ens33 label ens33:1
            }
        }

    Virtual Instence 状态发生改变时,发送通知邮件

    当前节点转换为master状态时,发送通知邮件
    
        notify_master <STRING>|<QUOTED-STRING> [username [groupname]]
    
        # 编写脚本定制发送内容
        notify_master "/etc/keepalived/notify.sh master"
    
    当前节点转换为backup状态时,发送通知邮件
    
        notify_backup <STRING>|<QUOTED-STRING> [username [groupname]]
    
    当前节点转换为backup状态时(节点故障),发送通知邮件
        notify_fault <STRING>|<QUOTED-STRING> [username [groupname]]
    
    当前节点转换为stop状态时(节点故障),发送通知邮件
    
        notify_stop <STRING>|<QUOTED-STRING> [username [groupname]]      # executed when stopping vrrp

    Virtual server

    三种类型组
    
        virtual_server IP port 
    
        virtual_server fwmark int 
        
        virtual_server group string
    
    向RS发送健康状态检查间隔
    
        delay_loop <INT>
    
    负责均衡所支持的调度算法
    
        lb_algo rr|wrr|lc|wlc|lblc|sh|dh
    
    对每一个报文单独调度
    
        ops
    
    lvs支持类型
    
        lb_kind NAT|DR|TUN
    
    持久时长
    
        persistence_timeout [<INT>]
    
    协议选择
    
        protocol TCP|UDP|SCTP
    
    没有虚拟地址时挂起监控检查功能
    
        ha_suspend
    
    定义对哪些虚拟主机做健康状态检测
    
        virtualhost <STRING>
    
    所有的虚拟主机都失效时,Sorry Server生效
    
        sorry_server <IPADDR> <PORT>
    
    real_server <IPADDR> <PORT>
    
        weight <INT>
    
        notify_up <STRING>|<QUOTED-STRING>
    
        notify_down <STRING>|<QUOTED-STRING>
    
        健康状态检测协议
    
            # HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|DNS_CHECK|MISC_CHECK
    
            HTTP_GET|SSL_GET
    
                url {
                        #eg path / , or path /mrtg2/
                        path <STRING>
                        # healthcheck needs status_code
                        # or status_code and digest
                        # Digest computed with genhash
                        # eg digest 9b3a0c85a887a256d6939da88aabd8cd
                        digest <STRING>
                        # status code returned in the HTTP header
                        # eg status_code 200. Default is any 2xx value
                        status_code <INT>
                    }
    
                # 如果服务器繁忙或者其他原因获取不到页面时,应该再重新尝试几次
    
                    nb_get_retry <INT>
    
                # 重新获取的等待延时
    
                    delay_before_retry <INT>
    
                connect_ip <IP ADDRESS>
    
                connect_port <PORT>
    
                bindto <IP ADDRESS>
    
                bind_port <PORT>
    
                connect_timeout <INTEGER>
    
                # 基于fwmark检测时使用
    
                    fwmark <INTEGER>
    
                # 打散各RS的检测时间,减少同一时间点上的并发数,减少网络负担
    
                    warmup <INT>
  • 相关阅读:
    JavaScript 格式化数字
    浅析C#中单点登录的原理和使用
    从银行转账失败到分布式事务:总结与思考
    计算机网络资料
    阿里巴巴Java开发规约插件p3c详细教程及使用感受
    程序员如何打造属于自己的云笔记服务
    sql server2016里面的json功能
    mac pro 开启三只滑动选中文本
    技术网站
    idea gradle项目导入
  • 原文地址:https://www.cnblogs.com/cq146637/p/8530890.html
Copyright © 2020-2023  润新知