keepalived Service Introduction
keepalived cluster management is to ensure a high availability cluster software services, mainly to prevent the single point of failure. keepalived originally designed for LVS designed specifically to monitor the status of each service node LVS cluster system, and later joined the VRRP function, so in addition to service with the LVS, but can also serve as additional services (nginx \ haproxy) of high availability software. Keepalived provides two main functions:
1) to monitor the state of health check system LVS, LVS checks node
2) process using a load balancer VRRPv2 failover
What is VRRP
VRRP is an acronym for Virtual Router Redundancy Protocol, VRRP router is handed over to a table by means of a campaign in terms of routing protocol mechanisms task, the purpose is to solve VRRP appear single point of failure static routing occurs, it can not guarantee network intermittent, stable operation, a fault-tolerant protocol, to ensure that when a router at the host fails, the other router from the router instead of the failed working to maintain continuity and reliability of network communication.
Related VRRP terms:
1) the virtual router: Master of a router and one or more Backup routers. All Master and Backup form a group, the Lord is the virtual router.
2) VRID: identifies the virtual router. Routers in the same virtual router has the same VRID.
3) Master: router virtual router are working
4) Backup: backup router.
5) Virtual IP address: router group (virtual router) IP address.
6) Priority: used to determine the Master and Backup.
7) preemptive mode and non-preemptive mode: Master will continue to send multicasts to virtual router group own heartbeat message, once the number of Backup does not receive a heartbeat message within a set time exceeds the set number of times, Master of ownership will be transferred to the highest priority Backup, it is preemptive mode. Non-preemptive mode is only in the complete failure of the primary node to the backup becomes the master.
keepalived transfer failover works
keepalived achieve high availability cluster failover transfer is achieved by the VRRP. When working properly keepalived the master, master node will continue to broadcast the heartbeat message to the backup node to the standby node tell he was still alive. When a master node fails, backup node will not be able to continue to monitor the heartbeat sent to the master, and then calls itself to take over the program, took over the VIP master node and service. And when the master node recovery fails, the standby node will release the VIP service and take over when the master fails, revert to the original itself standby role.
Installation keepalived
Download: https://www.keepalived.org/download.html
[k8snode02 the root @ ~] # yum the install OpenSSL OpenSSL -Y-devel libnl * # libnfnetlink devel-mounted reliance
[root@k8snode02 ~]# pwd
/root
[root@k8snode02 ~]# wget http://www.keepalived.org/software/keepalived-2.0.7.tar.gz
[root@k8snode02 ~]# ls -lrt
total 856
-rw-r--r-- 1 root root 873480 Feb 14 00:11 keepalived-2.0.7.tar.gz
[root@k8snode02 ~]# tar -xf keepalived-2.0.7.tar.gz #解压
[root@k8snode02 ~]# ls -lrt
total 860
drwxrwxr-x 8 zhaiky zhaiky 4096 Aug 23 2018 keepalived-2.0.7
-rw-r--r-- 1 root root 873480 Feb 14 00:11 keepalived-2.0.7.tar.gz
[root@k8snode02 ~]#
[root@k8snode02 ~]# cd keepalived-2.0.7/
[root@k8snode02 keepalived-2.0.7]# mkdir /usr/local/keepalived #新建安装目录
[root@k8snode02 keepalived-2.0.7]# ./configure --prefix=/usr/local/keepalived/ --mandir=/usr/local/share/man #配置安装目录
Keepalived configuration
------------------------
Keepalived version : 2.0.7
Compiler : gcc
Preprocessor flags : -I/usr/include/libnl3
Compiler flags : -Wall -Wunused -Wstrict-prototypes -Wextra -Winit-self -g -D_GNU_SOURCE -fPIE -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -O2
Linker flags : -pie
Extra Lib : -lcrypto -lssl -lnl-genl-3 -lnl-3
Use IPVS Framework : Yes
IPVS use libnl : Yes
IPVS syncd attributes : No
IPVS 64 bit stats : No
HTTP_GET regex support : No
fwmark socket support : Yes
Use VRRP Framework : Yes
Use VRRP VMAC : Yes
Use VRRP authentication : Yes
With ip rules/routes : Yes
Use BFD Framework : No
SNMP vrrp support : No
SNMP checker support : No
SNMP RFCv2 support : No
SNMP RFCv3 support : No
DBUS support : No
SHA1 support : No
Use Json output : No
libnl version : 3
Use IPv4 devconf : No
Use libiptc : No
Use libipset : No
init type : systemd
Strict config checks : No
Build genhash : Yes
Build documentation : No
[root@k8snode02 keepalived-2.0.7]#
[root@k8snode02 keepalived-2.0.7]# make && make install #编译
[@ k8snode02 the root keepalived] # CD / usr / local / keepalived / # installed after the structure under / usr / local / keepalived / directory
[@ k8snode02 the root keepalived] -lrt LS #
Total 0
drwxr the root-XR-2 X the root On Feb 14 01:06 sbin 23 is
drwxr XR-X-39. 4 the root the root On Feb 14 01:06 etc
drwxr XR-2 X-20 is the root the root bin On Feb 14 01:06
drwxr the root-XR. 4 the root-X 27 14 01 On Feb: report this content share 06
[root @ k8snode02 keepalived] #
[root @ k8snode02 keepalived-2.0.7] # mkdir / etc / keepalived # create / etc / keepalived directory
[root @ k8snode02 keepalived-2.0.7] # cp /usr/local/keepalived/etc/keepalived/keepalived.conf / etc / keepalived / # copy files to the directory
[@ k8snode02 keepalived the root-2.0.7] # CP / usr / local / keepalived / etc / sysconfig / keepalived / etc / sysconfig /
[@ k8snode02 keepalived the root-2.0.7] # CP / usr / local / keepalived / sbin / keepalived / usr / sbin /
[@ k8snode02 keepalived the root-2.0.7] # CP /root/keepalived-2.0.7/keepalived/etc/init.d/keepalived / etc / RC. d / init.d / # directory is not from the source directory replication keepalived mounting
[the root @ k8snode02 the init.d] # CP /root/keepalived-2.0.7/keepalived/etc/init.d/keepalived / etc / the init. D /
[@ k8snode02 keepalived the root-2.0.7] #chkconfig keepalived on #开机启动
Note: Forwarding request to 'systemctl enable keepalived.service'.
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@k8snode02 keepalived-2.0.7]# service keepalived start #启动服务或者/etc/init.d/keepalived start启动
Starting keepalived (via systemctl): [ OK ]
Redirecting to /bin/systemctl start keepalived.service
[root@k8snode02 keepalived-2.0.7]# service keepalived status
Redirecting to /bin/systemctl status keepalived.service
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2020-02-14 01:18:36 CST; 15s ago
Process: 27493 ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 27494 (keepalived)
CGroup: /system.slice/keepalived.service
├─27494 /usr/local/keepalived/sbin/keepalived -D
└─27495 /usr/local/keepalived/sbin/keepalived -D
Feb 14 01:18:45 k8snode02 Keepalived_healthcheckers[27495]: Removing service [192.168.200.3]:tcp:1358 to VS [10.10.10.2]:tcp:1358
Feb 14 01:18:45 k8snode02 Keepalived_healthcheckers[27495]: Lost quorum 1-0=1 > 0 for VS [10.10.10.2]:tcp:1358
Feb 14 01:18:45 k8snode02 Keepalived_healthcheckers[27495]: Adding sorry server [192.168.200.200]:tcp:1358 to VS [10.10.10...1358
Feb 14 01:18:45 k8snode02 Keepalived_healthcheckers[27495]: Removing alive servers from the pool for VS [10.10.10.2]:tcp:1358
Feb 14 01:18:45 k8snode02 Keepalived_healthcheckers[27495]: Remote SMTP server [192.168.200.1]:25 connected.
Feb 14 01:18:46 k8snode02 Keepalived_healthcheckers[27495]: Timeout connecting server [192.168.201.100]:tcp:443.
Feb 14 01:18:46 k8snode02 Keepalived_healthcheckers[27495]: Check on service [192.168.201.100]:tcp:443 failed.
Feb 14 01:18:46 k8snode02 Keepalived_healthcheckers[27495]: Removing service [192.168.201.100]:tcp:443 to VS [192.168.200....:443
Feb 14 01:18:46 k8snode02 Keepalived_healthcheckers[27495]: Lost quorum 1-0=1 > 0 for VS [192.168.200.100]:tcp:443
Feb 14 01:18:46 k8snode02 Keepalived_healthcheckers[27495]: Remote SMTP server [192.168.200.1]:25 connected.
Hint: Some lines were ellipsized, use -l to show in full.
[root@k8snode02 keepalived-2.0.7]#
keepalived configuration instructions
[root@k8snode01 keepalived]# more keepalived.conf
! Configuration File for keepalived
{global_defs
notification_email {# notification message configured to send keepalived status information to the specified mailbox
[email protected] # configured here mail address notified
[email protected]
[email protected]
}
notification_email_from [email protected] # Configuring e-mail address
smtp_server 192.168.200.1
smtp_connect_timeout 30 # mail service timeout
router_id LVS_DEVEL_01 # current identity of the current host
}
vrrp_instance VI_1 {# virtual routing node currently belongs to the name of the
state of the state MASTER # of the current node, the two states have Master and Backup
interface ens33 # vrrp address binding definition of which interface card in the name of
virtual_router_id logo # 101 virtual router, the same virtual router to the same group ID, standby here to configure the same
priority 100 # priority, higher than the main equipment., generally configured to the main apparatus 100 is configured to 50
advert_int. 1 to # how often in the form of multicast notice once outside, the default is 1 second
#nopreempt # preempt the master and slave are open, then the server to seize the past, stopped to wait for the server keepalived will drift to another
authentication {# authentication, multicast information information added to prevent cheating
auth_type PASS # open authentication, the main device must be configured to the same
auth_pass 1111 # authentication password, the master device must be configured to the same
}
virtual_ipaddress {# virtual routing IP configuration, i.e. drift address
192.168.23.200/24 # vip, must be configured as standby
}
}
[@ k8snode01 the root keepalived] #
