keepalived是一个类似于layer3, 4, 5 交换机制的软件,也就是我们平时说的第3层、第4层和第5层交换。Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。
官网地址:http://www.keepalived.org/
截止目前最新版本1.2.2 附件提供下载:keepalived-1.2.2.tar.gz
本文目录:
- [一]、实验环境介绍
- [二]、服务器层的双机热备(比如服务器宕机、keepalived宕、网络不通)
- [三]、应用层(web)的双机热备(比如web应用端口不通、 nginx进程被意外kill )
[一]、实验环境介绍
1.1、软件信息:
- S-A 192.168.8.183 centos5 keepalived nginx
- S-B 192.168.8.150 centos5 keepalived nginx
- VirtualIP (虚拟IP):192.168.8.191
1.2、keepalived 标准的安装步骤:
- 安装依赖
- yum -y install gcc gcc+ gcc-c++
yum install popt-devel openssl openssl-devel libssl-dev libnl-devel popt-devel
- 安装内核
- yum -y install kernel kernel-devel
- 当前kernel代码建立连接 ln -s /usr/src/kerners/2.6....../ /usr/src/linux
- 安装keepalived
- # tar -zxvf keepalived-1.2.2.tar.gz
- # cd keepalived-1.2.2
- # ./configure
- # make
- # make install
拷贝相应的文件
- cp /usr/local/sbin/keepalived /usr/sbin/
- cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
- cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
- cp -r /usr/local/etc/keepalived/ /etc/
1.3、nginx的安装和keepalived类似
修改nginx.conf 中监听端口80->8088:
- listen 8088;
- server_name localhost;
修改/usr/local/nginx/html/index.html的内容:
192.168.8.183
- <html>
- <head>
- <title>Welcome to nginx!</title>
- </head>
- <body bgcolor="white" text="black">
- <center><h1>Welcome to nginx! 192.168.8.183</h1></center>
- </body>
- </html>
192.168.8.150:
- <html>
- <head>
- <title>Welcome to nginx!</title>
- </head>
- <body bgcolor="white" text="black">
- <center><h1>Welcome to nginx! 192.168.8.150</h1></center>
- </body>
- </html>
两台server(S-A,S-B)都需要安装这两款软件。
[二]、服务器层的双机热备(比如服务器宕机、keepalived宕了)
2.1、测试要求:
主机宕机、keepalived宕了、网络不通时,备机能自动接管,不影响VIP:192.168.8.191的访问
2.2、Master(S-A 192.168.8.181)配置文件/etc/keepalived/keepalived.conf:
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- #admin@michael-demo.com
- }
- #notification_email_from admin@michael-demo.com
- #smtp_server 127.0.0.1
- #smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_instance VI_1 {
- state MASTER
- interface eth0
- virtual_router_id 51
- priority 100
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.8.191
- }
- }
2.3、Backup(S-B 192.168.8.150)配置信息/etc/keepalived/keepalived.conf:
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- #admin@michael-demo.com
- }
- #notification_email_from admin@michael-demo.com
- #smtp_server 127.0.0.1
- #smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_instance VI_1 {
- state BACKUP
- interface eth0
- virtual_router_id 51
- priority 99
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.8.191
- }
- }
Tips:
- state 参数值:主的是MASTER、备用的是BACKUP
- priority 参数值: MASTER > BACKUP
- virtual_router_id: 参数值要一样
2.4、测试:
两台测试机S-A、S-B均启动keepalived和nginx
2.4.1、验证nginx启动正常:
访问 master : http://192.168.8.183:8088/
访问 backup: http://192.168.8.150:8088/
2.4.2、查看keepalived的日志信息:
master :192.168.8.183
backup:192.168.8.150
2.4.3、浏览器打开虚拟ip访问:http://192.168.8.191:8088/
2.4.4、kill 192.168.8.181(master) 的keepalived进程,日志信息如下:
master :192.168.8.183 
backup:192.168.8.150 
2.4.5、浏览器打开虚拟ip访问:http://192.168.8.191:8088/
2.4.6、再次启动192.168.8.181的keepalived进程,192.168.8.181会自动接管成为master,192.168.8.150自动转为backup,从测试结果看,备机能成功接管,已经实现了热备。
Tips: 如果我们停掉master上的nginx进程,你会发现此时应用访问就失败了,很显然这不是我们希望看到的结果,那如何实现web应用的热备呢,在下一节中我们将详细讲述。
[三]、应用层(web)的双机热备(比如nginx进程被意外kill、web端口不通)
3.1.主要是利用keepalived的track_script检测脚本的原理实现的。
3.2.配置文件的修改
3.2.1、Master(S-A 192.168.8.181)配置文件/etc/keepalived/keepalived.conf:
- /etc/keepalived/keepalived.conf
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- #admin@michael-demo.com
- }
- #notification_email_from admin@michael-demo.com
- #smtp_server 127.0.0.1
- #smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_script chk_http_port {
- script "</dev/tcp/127.0.0.1/8088"
- interval 1
- weight -2
- }
- vrrp_instance VI_1 {
- state MASTER
- interface eth0
- virtual_router_id 51
- priority 100
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.8.191
- }
- track_script {
- chk_http_port
- }
- }
3.2.2、Backup(S-B 192.168.8.150)配置文件/etc/keepalived/keepalived.conf:
- /etc/keepalived/keepalived.conf
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- #admin@michael-demo.com
- }
- #notification_email_from admin@michael-demo.com
- #smtp_server 127.0.0.1
- #smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_script chk_http_port {
- script "</dev/tcp/127.0.0.1/8088"
- interval 1
- weight -2
- }
- vrrp_instance VI_1 {
- state MASTER
- interface eth0
- virtual_router_id 51
- priority 99
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.8.191
- }
- track_script {
- chk_http_port
- }
- }
3.2.3、注意点(非常重要)
1)、为什么主备的参数state都是MASTER,对的你没有看错确实要都设置成一样的,不然并不能实现我们想要的VIP漂浮的效果,我测试很久才发现的.state都设置成MASTER后,会根据priority的值大小竞争来决定谁是真正的MASTER,脚本检测也是在失败的时候会把权重减去相应的值,比如原来master(181)的priority=100,如果脚本检测到端口8088无法连接,就会priority-2=98,< S-B(150)的priority(99),此时 S-B(150) 将竞争成为master,这样就实现了web应用的热备。
2)、配置文件格式一定要注意,比如:track_script {,在“track_script”和“{”之间一定要加空格 ,本来测试时少了个空格,一直无法运行检测脚本,调试了很久,非常郁闷
3.3、测试过程和上面的过程基本一致。
keepalived是一个类似于layer3, 4, 5 交换机制的软件,也就是我们平时说的第3层、第4层和第5层交换。Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。
官网地址:http://www.keepalived.org/
截止目前最新版本1.2.2 附件提供下载:keepalived-1.2.2.tar.gz
本文目录:
- [一]、实验环境介绍
- [二]、服务器层的双机热备(比如服务器宕机、keepalived宕、网络不通)
- [三]、应用层(web)的双机热备(比如web应用端口不通、 nginx进程被意外kill )
[一]、实验环境介绍
1.1、软件信息:
- S-A 192.168.8.183 centos5 keepalived nginx
- S-B 192.168.8.150 centos5 keepalived nginx
- VirtualIP (虚拟IP):192.168.8.191
1.2、keepalived 标准的安装步骤:
- 安装依赖
- yum -y install gcc gcc+ gcc-c++
yum install popt-devel openssl openssl-devel libssl-dev libnl-devel popt-devel
- 安装内核
- yum -y install kernel kernel-devel
- 当前kernel代码建立连接 ln -s /usr/src/kerners/2.6....../ /usr/src/linux
- 安装keepalived
- # tar -zxvf keepalived-1.2.2.tar.gz
- # cd keepalived-1.2.2
- # ./configure
- # make
- # make install
拷贝相应的文件
- cp /usr/local/sbin/keepalived /usr/sbin/
- cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/
- cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
- cp -r /usr/local/etc/keepalived/ /etc/
1.3、nginx的安装和keepalived类似
修改nginx.conf 中监听端口80->8088:
- listen 8088;
- server_name localhost;
修改/usr/local/nginx/html/index.html的内容:
192.168.8.183
- <html>
- <head>
- <title>Welcome to nginx!</title>
- </head>
- <body bgcolor="white" text="black">
- <center><h1>Welcome to nginx! 192.168.8.183</h1></center>
- </body>
- </html>
192.168.8.150:
- <html>
- <head>
- <title>Welcome to nginx!</title>
- </head>
- <body bgcolor="white" text="black">
- <center><h1>Welcome to nginx! 192.168.8.150</h1></center>
- </body>
- </html>
两台server(S-A,S-B)都需要安装这两款软件。
[二]、服务器层的双机热备(比如服务器宕机、keepalived宕了)
2.1、测试要求:
主机宕机、keepalived宕了、网络不通时,备机能自动接管,不影响VIP:192.168.8.191的访问
2.2、Master(S-A 192.168.8.181)配置文件/etc/keepalived/keepalived.conf:
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- #admin@michael-demo.com
- }
- #notification_email_from admin@michael-demo.com
- #smtp_server 127.0.0.1
- #smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_instance VI_1 {
- state MASTER
- interface eth0
- virtual_router_id 51
- priority 100
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.8.191
- }
- }
2.3、Backup(S-B 192.168.8.150)配置信息/etc/keepalived/keepalived.conf:
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- #admin@michael-demo.com
- }
- #notification_email_from admin@michael-demo.com
- #smtp_server 127.0.0.1
- #smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_instance VI_1 {
- state BACKUP
- interface eth0
- virtual_router_id 51
- priority 99
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.8.191
- }
- }
Tips:
- state 参数值:主的是MASTER、备用的是BACKUP
- priority 参数值: MASTER > BACKUP
- virtual_router_id: 参数值要一样
2.4、测试:
两台测试机S-A、S-B均启动keepalived和nginx
2.4.1、验证nginx启动正常:
访问 master : http://192.168.8.183:8088/
访问 backup: http://192.168.8.150:8088/
2.4.2、查看keepalived的日志信息:
master :192.168.8.183
backup:192.168.8.150
2.4.3、浏览器打开虚拟ip访问:http://192.168.8.191:8088/
2.4.4、kill 192.168.8.181(master) 的keepalived进程,日志信息如下:
master :192.168.8.183
backup:192.168.8.150
2.4.5、浏览器打开虚拟ip访问:http://192.168.8.191:8088/
2.4.6、再次启动192.168.8.181的keepalived进程,192.168.8.181会自动接管成为master,192.168.8.150自动转为backup,从测试结果看,备机能成功接管,已经实现了热备。
Tips: 如果我们停掉master上的nginx进程,你会发现此时应用访问就失败了,很显然这不是我们希望看到的结果,那如何实现web应用的热备呢,在下一节中我们将详细讲述。
[三]、应用层(web)的双机热备(比如nginx进程被意外kill、web端口不通)
3.1.主要是利用keepalived的track_script检测脚本的原理实现的。
3.2.配置文件的修改
3.2.1、Master(S-A 192.168.8.181)配置文件/etc/keepalived/keepalived.conf:
- /etc/keepalived/keepalived.conf
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- #admin@michael-demo.com
- }
- #notification_email_from admin@michael-demo.com
- #smtp_server 127.0.0.1
- #smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_script chk_http_port {
- script "</dev/tcp/127.0.0.1/8088"
- interval 1
- weight -2
- }
- vrrp_instance VI_1 {
- state MASTER
- interface eth0
- virtual_router_id 51
- priority 100
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.8.191
- }
- track_script {
- chk_http_port
- }
- }
3.2.2、Backup(S-B 192.168.8.150)配置文件/etc/keepalived/keepalived.conf:
- /etc/keepalived/keepalived.conf
- ! Configuration File for keepalived
- global_defs {
- notification_email {
- #admin@michael-demo.com
- }
- #notification_email_from admin@michael-demo.com
- #smtp_server 127.0.0.1
- #smtp_connect_timeout 30
- router_id LVS_DEVEL
- }
- vrrp_script chk_http_port {
- script "</dev/tcp/127.0.0.1/8088"
- interval 1
- weight -2
- }
- vrrp_instance VI_1 {
- state MASTER
- interface eth0
- virtual_router_id 51
- priority 99
- advert_int 1
- authentication {
- auth_type PASS
- auth_pass 1111
- }
- virtual_ipaddress {
- 192.168.8.191
- }
- track_script {
- chk_http_port
- }
- }
3.2.3、注意点(非常重要)
1)、为什么主备的参数state都是MASTER,对的你没有看错确实要都设置成一样的,不然并不能实现我们想要的VIP漂浮的效果,我测试很久才发现的.state都设置成MASTER后,会根据priority的值大小竞争来决定谁是真正的MASTER,脚本检测也是在失败的时候会把权重减去相应的值,比如原来master(181)的priority=100,如果脚本检测到端口8088无法连接,就会priority-2=98,< S-B(150)的priority(99),此时 S-B(150) 将竞争成为master,这样就实现了web应用的热备。
2)、配置文件格式一定要注意,比如:track_script {,在“track_script”和“{”之间一定要加空格 ,本来测试时少了个空格,一直无法运行检测脚本,调试了很久,非常郁闷
3.3、测试过程和上面的过程基本一致。