HA Cluster和keepalived主從,主主高可用設(shè)置以及varnish緩存機(jī)制(一)

一、簡述HA cluster原理

高可用集群,英文原文為High Availability Cluster,簡稱HA Cluster;集群(cluster)就是一組計算機(jī),它們作為一個整體向用戶提供一組網(wǎng)絡(luò)資源。這些單個的計算機(jī)系統(tǒng)就是集群的節(jié)點(node)。高可用性集群(HA cluster)是指如單系統(tǒng)一樣地運(yùn)行并支持(計算機(jī))持續(xù)正常運(yùn)行的一個主機(jī)群。

高可用集群的出現(xiàn)是為了使集群的整體服務(wù)盡可能可用,從而減少由計算機(jī)硬件和軟件易錯性所帶來的損失。如果某個節(jié)點失效,它的備援節(jié)點將在幾秒鐘的時間內(nèi)接管它的職責(zé)。因此,對于用戶而言,集群永遠(yuǎn)不會停機(jī)。高可用集群軟件的主要作用就是實現(xiàn)故障檢查和業(yè)務(wù)切換的自動化。

簡單的說高可用集群就是為了解決集群中的單點故障(SPoF),保證服務(wù)不間斷運(yùn)行的冗余(redundant)手段。

  • SPoF:Single Point of Failure;單點故障
  • 冗余(redundant):在兩個節(jié)點上裝一個軟件程序,根據(jù)判斷狀態(tài)完成資源轉(zhuǎn)移;

高可用集群的衡量標(biāo)準(zhǔn)

通常用平均無故障時間(MTTF)來度量系統(tǒng)的可靠性,用平均故障維修時間(MTTR)來度量系統(tǒng)的可維護(hù)性。于是可用性被定義為:HA=MTTF/(MTTF+MTTR)*100%

  • 可用性衡量指標(biāo):
    · 基本可用性:2個9;99%;年度停機(jī)時間87.6小時
    · 較高可用性:3個9;99.9%;年度停機(jī)時間8.8小時
    · 具有故障自動恢復(fù)能力的可用性:4個9;99.99%;年度停機(jī)時間53分鐘
    · 極高可用性:5個9;99.999%;年度停機(jī)時間5分鐘

二、keepalived

  1. KeepAlived主要有兩個功能:
  • (1).能夠?qū)ealServer進(jìn)行健康狀況檢查,支持4層、5層和7層協(xié)議進(jìn)行健康檢查;
  • (2).對負(fù)載均衡調(diào)度器實現(xiàn)高可用,防止Director單點故障。

  1. KeepAlived工作過程:
    keepalived實現(xiàn)故障轉(zhuǎn)移的功能是通過VRRP(virtual router redundancy protocol虛擬路由器冗余協(xié)議)協(xié)議來實現(xiàn)的。在keepalived正常工作的時候,主節(jié)點(master)會不斷的發(fā)送心跳信息給備節(jié)點(backup),當(dāng)備節(jié)點不能在一定時間內(nèi)收到主節(jié)點的心跳信息時,備節(jié)點會認(rèn)為節(jié)點宕了,然后會接管主節(jié)點上的資源,并繼續(xù)向外提供服務(wù)保證其可用性。當(dāng)主節(jié)點恢復(fù)的時候,備節(jié)點會自動讓出資源并再次自動成為備節(jié)點。

  2. KeepAlived基于vrrp協(xié)議的軟件實現(xiàn),原生設(shè)計的目的為了高可用ipvs服務(wù);

  • 基于vrrp協(xié)議完成地址流動;
  • 為vip地址所在的節(jié)點生成ipvs規(guī)則(在配置文件中預(yù)先定義);
  • 為ipvs集群的各RS做健康狀態(tài)檢測;
  • 基于腳本調(diào)用接口通過執(zhí)行腳本完成腳本中定義的功能,進(jìn)而影響集群事務(wù);
  1. HA Cluser的配置前提:
    (1) 各節(jié)點時間必須同步;ntp,chrony
    (2) 確保iptales及selinux不會成為阻礙;
    (3) 各節(jié)點之間可通過主機(jī)名互相通信(對KA并非必須);
    建議使用/etc/hosts文件實現(xiàn);
    (4) 確保各節(jié)點的用于集群服務(wù)的接口支持MULTICAST通信;
    D類:224-239
  2. Keepalived安裝配置:
    在CentOS6.4以后,keepalived隨base倉庫提供;

  • 程序環(huán)境:
    主配置文件:/etc/keepalived/keepalived.conf
    主程序文件:/usr/sbin/keepalived
    nit File:keepalived.service
    Unit File的環(huán)境配置文件:/etc/sysconfig/keepalived

  • 配置文件組件部分:
    TOP HIERACHY
    - GLOBAL CONFIGURATION
    - Global definitions
    - Static routes/addresses
    - VRRPD CONFIGURATION
    - VRRP synchronization group(s):vrrp同步組;
    - VRRP instance(s):每個vrrp instance即一個vrrp路由器;
    - LVS CONFIGURATION
    - Virtual server group(s)
    - Virtual server(s):ipvs集群的vs和rs;

  • 配置語法 :

    - 配置虛擬器:
    vrrp_instance <STRING> { ...... }
    - 專用參數(shù):
    state MASTER|BACKUP: 當(dāng)前節(jié)點在此虛擬路由器上的初始狀態(tài);只能有一個是MASTER,余下的都應(yīng)該為BACKUP;
    interface IFACE_NAME:綁定為當(dāng)前虛擬路由器使用的物理接口;
    virtual_router_id VRID:當(dāng)前虛擬路由器的唯一標(biāo)識,范圍是0-255;
    priority 100:當(dāng)前主機(jī)在此虛擬路由器中的優(yōu)先級;范圍1-254;
    advert_int 1:vrrp通告的時間間隔;

    authentication {
        auth_type AH|PASS
        auth_pass <PASSWORD>
    }
    virtual_ipaddress {
        <IPADDR>/<MASK> brd <IPADDR> dev <STRING> scope <SCOPE> label <LABEL>
        192.168.200.16/24 dev eth1
        192.168.200.17/24 dev eth2 label eth2:1
    }
    track_interface {
        eth0
        eth1
        ...
    }  
# 配置要監(jiān)控的網(wǎng)絡(luò)接口,一旦接口出現(xiàn)故障,則轉(zhuǎn)為FAULT狀態(tài);
# nopreempt:定義工作模式為非搶占模式;
# preempt_delay 300:搶占模式下,節(jié)點上線后觸發(fā)新選舉操作的延遲時長;
  • 定義通知腳本:
notify_master <STRING>|<QUOTED-STRING>:當(dāng)前節(jié)點成為主節(jié)點時觸發(fā)的腳本;
notify_backup <STRING>|<QUOTED-STRING>:當(dāng)前節(jié)點轉(zhuǎn)為備節(jié)點時觸發(fā)的腳本;
notify_fault <STRING>|<QUOTED-STRING>:當(dāng)前節(jié)點轉(zhuǎn)為“失敗”狀態(tài)時觸發(fā)的腳本;
notify <STRING>|<QUOTED-STRING>:通用格式的通知觸發(fā)機(jī)制,一個腳本可完成以上三種狀態(tài)的轉(zhuǎn)換時的通知;
  • 虛擬服務(wù)器:
    配置參數(shù):
virtual_server IP port |
virtual_server fwmark int 
{
    ...
    real_server {
        ...
    }
    ...
}

常用參數(shù):
delay_loop <INT>:服務(wù)輪詢的時間間隔;
lb_algo rr|wrr|lc|wlc|lblc|sh|dh:定義調(diào)度方法;
lb_kind NAT|DR|TUN:集群的類型;
persistence_timeout <INT>:持久連接時長;
protocol TCP:服務(wù)協(xié)議,僅支持TCP;
sorry_server <IPADDR> <PORT>:備用服務(wù)器地址;

real_server <IPADDR> <PORT>
{
    weight <INT>
    notify_up <STRING>|<QUOTED-STRING>
    notify_down <STRING>|<QUOTED-STRING>
    HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK { ... }:定義當(dāng)前主機(jī)的健康狀態(tài)檢測方法;
                }
  • HTTP_GET|SSL_GET:應(yīng)用層檢測
HTTP_GET|SSL_GET {
    url {
        path <URL_PATH>:定義要監(jiān)控的URL;
        status_code <INT>:判斷上述檢測機(jī)制為健康狀態(tài)的響應(yīng)碼;
        digest <STRING>:判斷上述檢測機(jī)制為健康狀態(tài)的響應(yīng)的內(nèi)容的校驗碼;
    }
    nb_get_retry <INT>:重試次數(shù);
    delay_before_retry <INT>:重試之前的延遲時長;
    connect_ip <IP ADDRESS>:向當(dāng)前RS的哪個IP地址發(fā)起健康狀態(tài)檢測請求
    connect_port <PORT>:向當(dāng)前RS的哪個PORT發(fā)起健康狀態(tài)檢測請求
    bindto <IP ADDRESS>:發(fā)出健康狀態(tài)檢測請求時使用的源地址;
    bind_port <PORT>:發(fā)出健康狀態(tài)檢測請求時使用的源端口;
    connect_timeout <INTEGER>:連接請求的超時時長;
}
  • TCP_CHECK:傳輸層檢測
TCP_CHECK {
    connect_ip <IP ADDRESS>:向當(dāng)前RS的哪個IP地址發(fā)起健康狀態(tài)檢測請求
    connect_port <PORT>:向當(dāng)前RS的哪個PORT發(fā)起健康狀態(tài)檢測請求
    bindto <IP ADDRESS>:發(fā)出健康狀態(tài)檢測請求時使用的源地址;
    bind_port <PORT>:發(fā)出健康狀態(tài)檢測請求時使用的源端口;
    connect_timeout <INTEGER>:連接請求的超時時長;
}

三、Keepalived實現(xiàn)主從、主主架構(gòu)

  1. 主從配置:
    準(zhǔn)備2個節(jié)點:node1:192.168.80.136;node2:192.168.80.230
    同步時間:[root@node1 ~]# ntpdate 192.168.80.1
    安裝配置keepalived:
    在node1如下配置
[root@node1 ~]# yum install -y keepalived    #安裝keepalived
[root@node1 ~]# cd /etc/keepalived/
[root@node1 keepalived]# cp keepalived.conf{,.bak}    #備份keepalived原始配置文件
[root@node1 keepalived]# vim keepalived.conf
# 在打開的文件中配置如下內(nèi)容
! Configuration File for keepalived

global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node1
    vrrp_mcast_group4 224.1.105.33
}

vrrp_instance VI_1 {
    state MASTER    #當(dāng)前節(jié)點在此虛擬路由器上的初始狀態(tài);只能有一個是MASTER,余下的都應(yīng)該為BACKUP;
    interface eth33
    virtual_router_id 33
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.80.93 dev ens33 label ens33:0
    }
}

在node2節(jié)點上如下配置:

[root@node2 ~]# yum install -y keepalived    #安裝keepalived
[root@node2 ~]# cd /etc/keepalived
[root@node2 keepalived]# cp keepalived.conf{,.bak}  #備份keepalived原始配置文件
[root@node2 keepalived]# vim keepalived.conf
# 在打開的文件中配置如下內(nèi)容
! Configuration File for keepalived

global_defs {
   notification_email {
    root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node2
    vrrp_mcast_group4 224.1.105.33
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 33
    priority 96
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.80.93 dev ens33 label ens33:0
    }
}

啟動node2節(jié)點keepalived測試

[root@node2 keepalived]# systemctl start keepalived
[root@node2 keepalived]# ifconfig
...
ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.80.93  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 00:0c:29:40:ee:7c  txqueuelen 1000  (Ethernet)
...
[root@node2 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2019-01-16 12:24:22 CST; 5s ago
  Process: 3069 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 3070 (keepalived)
    Tasks: 3
   CGroup: /system.slice/keepalived.service
           ├─3070 /usr/sbin/keepalived -D
           ├─3071 /usr/sbin/keepalived -D
           └─3072 /usr/sbin/keepalived -D

Jan 16 12:24:22 node2 Keepalived_healthcheckers[3071]: Activating healthchecker for service [10.10.10.3]:1358
Jan 16 12:24:25 node2 Keepalived_vrrp[3072]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jan 16 12:24:26 node2 Keepalived_vrrp[3072]: VRRP_Instance(VI_1) Entering MASTER STATE
Jan 16 12:24:26 node2 Keepalived_vrrp[3072]: VRRP_Instance(VI_1) setting protocol VIPs.
Jan 16 12:24:26 node2 Keepalived_vrrp[3072]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 12:24:26 node2 Keepalived_vrrp[3072]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 f...80.93
Jan 16 12:24:26 node2 Keepalived_vrrp[3072]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 12:24:26 node2 Keepalived_vrrp[3072]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 12:24:26 node2 Keepalived_vrrp[3072]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 12:24:26 node2 Keepalived_vrrp[3072]: Sending gratuitous ARP on ens33 for 192.168.80.93

# 在node1節(jié)點上抓包測試
[root@node1 keepalived]# tcpdump -i ens33 -nn host 224.1.105.33
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
12:25:16.821399 IP 192.168.80.230 > 224.1.105.33: VRRPv2, Advertisement, vrid 33, prio 96, authtype simple, intvl 1s, length 20
12:25:17.822579 IP 192.168.80.230 > 224.1.105.33: VRRPv2, Advertisement, vrid 33, prio 96, authtype simple, intvl 1s, length 20

啟動node1節(jié)點keepalived:

[root@node1 keepalived]# systemctl start keepalived
[root@node1 keepalived]# ifconfig

...
ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.80.93  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 00:0c:29:44:bc:b6  txqueuelen 1000  (Ethernet)
...
[root@node1 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2019-01-16 16:42:49 CST; 5s ago
  Process: 6090 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 6091 (keepalived)
    Tasks: 3
   CGroup: /system.slice/keepalived.service
           ├─6091 /usr/sbin/keepalived -D
           ├─6092 /usr/sbin/keepalived -D
           └─6093 /usr/sbin/keepalived -D

Jan 16 16:42:49 node1 Keepalived_vrrp[6093]: VRRP_Instance(VI_1) forcing a new MASTER election
Jan 16 16:42:50 node1 Keepalived_vrrp[6093]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jan 16 16:42:51 node1 Keepalived_vrrp[6093]: VRRP_Instance(VI_1) Entering MASTER STATE
Jan 16 16:42:51 node1 Keepalived_vrrp[6093]: VRRP_Instance(VI_1) setting protocol VIPs.
Jan 16 16:42:51 node1 Keepalived_vrrp[6093]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 16:42:51 node1 Keepalived_vrrp[6093]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 f...80.93
Jan 16 16:42:51 node1 Keepalived_vrrp[6093]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 16:42:51 node1 Keepalived_vrrp[6093]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 16:42:51 node1 Keepalived_vrrp[6093]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 16:42:51 node1 Keepalived_vrrp[6093]: Sending gratuitous ARP on ens33 for 192.168.80.93
Hint: Some lines were ellipsized, use -l to show in full.

# node2節(jié)點抓包測試
[root@node2 keepalived]# tcpdump -i ens33 -nn host 224.1.105.33
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
16:45:21.875150 IP 192.168.80.136 > 224.1.105.33: VRRPv2, Advertisement, vrid 33, prio 100, authtype simple, intvl 1s, length 20
16:45:22.876093 IP 192.168.80.136 > 224.1.105.33: VRRPv2, Advertisement, vrid 33, prio 100, authtype simple, intvl 1s, length 20
  1. 雙主模式配置
# node1節(jié)點上修改keepalived.cnf配置文件,在最后添加如下內(nèi)容
vrrp_instance VI_2 {
    stat BACKUP
    interface ens33
    virtual_router_id 34
    priority 96
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass XXXX1111
    }
    virtual_ipaddress {
        192.168.80.93 dev ens33 label ens33:0
    }
}

# node2節(jié)點上修改keepalived.conf配置文件,在最后添加如下內(nèi)容
vrrp_instance VI_2 {
    state MASTER
    interface ens33
    virtual_router_id 34
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass XXXX1111
    }
    virtual_ipaddress {
        192.168.80.93 dev ens33 label ens33:0
    }
}

# 停止keepalived服務(wù),再重新啟動
[root@node2 keepalived]# systemctl stop keepalived
[root@node2 keepalived]# systemctl start keepalived
[root@node2 keepalived]# ip a l
...
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:40:ee:7c brd ff:ff:ff:ff:ff:ff
    inet 192.168.80.230/24 brd 192.168.80.255 scope global noprefixroute dynamic ens33
       valid_lft 62510sec preferred_lft 62510sec
    inet 192.168.80.93/32 scope global ens33:0
       valid_lft forever preferred_lft forever
    inet6 fe80::9c20:6c3a:b648:5b22/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
    inet6 fe80::5291:5f99:50eb:805/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
...

[root@node2 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2019-01-16 17:37:47 CST; 6min ago
  Process: 6300 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 6302 (keepalived)
    Tasks: 3
   CGroup: /system.slice/keepalived.service
           ├─6302 /usr/sbin/keepalived -D
           ├─6303 /usr/sbin/keepalived -D
           └─6304 /usr/sbin/keepalived -D

Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Adding sorry server [192.168.200.200]:1358 to VS [10.1...1358
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Removing alive servers from the pool for VS [10.10.10.2]:1358
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Remote SMTP server [127.0.0.1]:25 connected.
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: SMTP alert successfully sent.
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Timeout connecting server [192.168.201.100]:443.
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Check on service [192.168.201.100]:443 failed after 3 retry.
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Removing service [192.168.201.100]:443 from VS [192.16...:443
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Lost quorum 1-0=1 > 0 for VS [192.168.200.100]:443
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Remote SMTP server [127.0.0.1]:25 connected.
Jan 16 17:38:15 node2 Keepalived_healthcheckers[6303]: SMTP alert successfully sent.
Hint: Some lines were ellipsized, use -l to show in full.
You have new mail in /var/spool/mail/root

# 重新啟動node1節(jié)點的keepalived服務(wù)
[root@node1 keepalived]# systemctl start keepalived
[root@node1 keepalived]# ip a l
...
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:44:bc:b6 brd ff:ff:ff:ff:ff:ff
    inet 192.168.80.136/24 brd 192.168.80.255 scope global noprefixroute dynamic ens33
       valid_lft 62131sec preferred_lft 62131sec
    inet 192.168.80.93/32 scope global ens33:0
       valid_lft forever preferred_lft forever
    inet6 fe80::5291:5f99:50eb:805/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
...

[root@node1 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2019-01-16 17:44:08 CST; 10s ago
  Process: 6681 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 6682 (keepalived)
    Tasks: 3
   CGroup: /system.slice/keepalived.service
           ├─6682 /usr/sbin/keepalived -D
           ├─6683 /usr/sbin/keepalived -D
           └─6684 /usr/sbin/keepalived -D

Jan 16 17:44:15 node1 Keepalived_healthcheckers[6683]: Timeout connecting server [192.168.200.4]:1358.
Jan 16 17:44:15 node1 Keepalived_healthcheckers[6683]: Timeout connecting server [192.168.200.5]:1358.
Jan 16 17:44:16 node1 Keepalived_vrrp[6684]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 17:44:16 node1 Keepalived_vrrp[6684]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 f...80.93
Jan 16 17:44:16 node1 Keepalived_vrrp[6684]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 17:44:16 node1 Keepalived_vrrp[6684]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 17:44:16 node1 Keepalived_vrrp[6684]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 17:44:16 node1 Keepalived_vrrp[6684]: Sending gratuitous ARP on ens33 for 192.168.80.93
Jan 16 17:44:17 node1 Keepalived_healthcheckers[6683]: Timeout connecting server [192.168.200.3]:1358.
Jan 16 17:44:17 node1 Keepalived_healthcheckers[6683]: Timeout connecting server [192.168.201.100]:443.
Hint: Some lines were ellipsized, use -l to show in full.
[root@node1 keepalived]# vim keepalived.conf
You have new mail in /var/spool/mail/root

# 在node2節(jié)點上status查看狀態(tài)
[root@node2 keepalived]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Wed 2019-01-16 17:37:47 CST; 6min ago
  Process: 6300 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 6302 (keepalived)
    Tasks: 3
   CGroup: /system.slice/keepalived.service
           ├─6302 /usr/sbin/keepalived -D
           ├─6303 /usr/sbin/keepalived -D
           └─6304 /usr/sbin/keepalived -D

Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: SMTP alert successfully sent.
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Timeout connecting server [192.168.201.100]:443.
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Check on service [192.168.201.100]:443 failed after 3 retry.
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Removing service [192.168.201.100]:443 from VS [192.16...:443
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Lost quorum 1-0=1 > 0 for VS [192.168.200.100]:443
Jan 16 17:38:14 node2 Keepalived_healthcheckers[6303]: Remote SMTP server [127.0.0.1]:25 connected.
Jan 16 17:38:15 node2 Keepalived_healthcheckers[6303]: SMTP alert successfully sent.
Jan 16 17:44:09 node2 Keepalived_vrrp[6304]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 96
Jan 16 17:44:09 node2 Keepalived_vrrp[6304]: VRRP_Instance(VI_1) Entering BACKUP STATE
Jan 16 17:44:09 node2 Keepalived_vrrp[6304]: VRRP_Instance(VI_1) removing protocol VIPs.
Hint: Some lines were ellipsized, use -l to show in full.
  1. 通知腳本使用方式
#編輯通知腳本
#!/bin/bash
#keepalived 郵件通知腳本
#date:2019-1-16
contact = 'root@localhost'
notify () {
    local mailsubject="$(hostname) to be $1 vip floating"
    local mailbody="$(date + '%F %T'): vrrp transition, $(hostname) changed to be $1"
    echo "$mailbody" | mail -s "$mailsubject" $contact
}

case $1 in
master)
    notify master
    ;;
backup)
    notify backup
    ;;
fault)
    notify fault
    ;;
*)
    echo "Usage: $(basename $0) {master|backup|fault}"
    exit 1
    ;;
esac

# 在keepalived.conf中的vrrp實例中添加如下內(nèi)容
vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 33
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.80.93 dev ens33 label ens33:0
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}

  1. 以dr集群架構(gòu)配置示例


    dr架構(gòu).png
[root@node1 keepalived]# yum install -y ipvsadm    #安裝ipvsadm以便查看生成的規(guī)則
# 編輯keepalived.conf為node1和node2生成規(guī)則
[root@node1 keepalived]# vim keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
    root@localhost
   }
   notification_email_from keepalived@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node1
    vrrp_mcast_group4 224.1.105.33
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 33
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.80.93 dev ens33 label ens33:0
    }
    notify_master "/etc/keepalived/notify.sh master"
    notify_backup "/etc/keepalived/notify.sh backup"
    notify_fault "/etc/keepalived/notify.sh fault"
}

virtual_server 192.168.80.93 80 {
    delay_loop 1
    lb_algo wrr
    lb_kind DR
    protocol TCP
    sorry_server 127.0.0.1 80

    real_server 192.168.80.176 80 {
        weight 1
        HTTP_GET {
            url {
              path /index.html
              status_conde 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.80.85 80 {
        weight 1
        HTTP_GET {
            url {
              path /index.html
              status_conde 200
            }
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}
# 將此配置文件拷貝到node2節(jié)點,并修改以下幾行
    router_id node2
    state BACKUP
    priority 96
# 重新啟動node2節(jié)點的keepalived服務(wù)
[root@node2 keepalived]# systemctl stop keepalived
[root@node2 keepalived]# systemctl start keepalived
[root@node2 keepalived]# ifconfig
...
ens33:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.80.93  netmask 255.255.255.255  broadcast 0.0.0.0
        ether 00:0c:29:40:ee:7c  txqueuelen 1000  (Ethernet)
...

[root@node2 keepalived]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.80.93:80 wrr
  -> 192.168.80.85:80             Route   1      0          0         
  -> 192.168.80.176:80            Route   1      0          0

# 啟動node1的keepalived服務(wù),通過下面查看ip和status后看到node1已經(jīng)成功上線
[root@node2 keepalived]# ipvsadm -ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
  -> RemoteAddress:Port           Forward Weight ActiveConn InActConn
TCP  192.168.80.93:80 wrr
  -> 192.168.80.85:80             Route   1      0          0         
  -> 192.168.80.176:80            Route   1      0          0

# 使用client訪問服務(wù)正常
[root@localhost ~]# curl http://192.168.80.93
<h1>RealServer 1</h1>
[root@localhost ~]# curl http://192.168.80.93
<h1>RealServer 2</h1>
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時請結(jié)合常識與多方信息審慎甄別。
平臺聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點,簡書系信息發(fā)布平臺,僅提供信息存儲服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

  • 一、簡述HA Cluster原理 高可用集群,英文原文為High Availability Cluster,簡稱H...
    Net夜風(fēng)閱讀 919評論 4 5
  • 一、高可用集群 (一)提升系統(tǒng)高可用性的解決方案:冗余(redundant) 工作模式active/passive...
    哈嘍別樣閱讀 1,805評論 2 5
  • 轉(zhuǎn)載自:http://blog.csdn.net/u010391029/article/details/48311...
    Chris_Zheng閱讀 1,542評論 0 2
  • 一、HA Cluster實現(xiàn)方案: 1、vrrp協(xié)議的實現(xiàn)VRRP(Virtual Router Redundan...
    任總閱讀 3,559評論 0 0
  • 才深刻體會到,孫總是位研究型學(xué)者+總裁!技術(shù)型須導(dǎo)!牛[強(qiáng)][強(qiáng)][強(qiáng)]與胡中海的風(fēng)格一脈相承!前幾天與雅麗學(xué)姐同...
    每個人的孟母堂閱讀 253評論 0 0

友情鏈接更多精彩內(nèi)容