Keepalived principle and deployment configuration
Static routing is highly available. I have always heard that keepalived+nginx can be realized. Combined with reflection on the current participating projects using dns as the switch between the active and standby nodes, and looking for relevant materials to summarize, this article briefly introduces the principle of keepalived and actually builds the keepalived master. The standby node and the deployment of nginx combined with the active and standby nodes are used for actual verification, and are recorded here for continuous in-depth study and reference for latecomers. There are inevitably omissions in the article. I hope readers will not hesitate to advise, thank you very much!
1. Introduction to Keepalived
Keepalived was originally designed for LVS load balancing software to manage and monitor the status of each service node in the LVS cluster system, and later added the VRRP function that can achieve high availability. Therefore, in addition to being able to manage LVS, Keepalived can also be used as a high-availability solution for other services (such as: Nginx, Haproxy, MySQL, etc.).
The Keepalived software mainly realizes the high availability function through the VRRP protocol. VRRP is the abbreviation of Virtual Router Redundancy Protocol (Virtual Router Redundancy Protocol). The purpose of VRRP is to solve the single point of failure problem of static routing. It can ensure that when individual nodes go down, the entire network can run uninterrupted.
Therefore, Keepalived has the function of configuring and managing LVS on the one hand, and also has the function of performing health checks on nodes under LVS. On the other hand, it can also realize the high availability function of system network services.
2. Keepalived principle
The failover transfer between keepalived high availability service pairs is realized through VRRP.
VRRP全称Virtual Router Redundancy Protocol ,中文名为虚拟路由冗余协议 ,
VRRP的出现就是为了解决静态路由的单点故障问题,VRRP是通过一种竞选机制来将路由的任务交给某台VRRP路由器的。
The working process of VRRP:
(1)虚拟路由器中的路由器根据优先级选举出Master,Master路由器通过发送免费ARP报文,将自己的虚拟MAC地址通告给与它连接的设备。
(2)Master路由器周期性发送VRRP报文,以公布自己的配置信息(优先级等)和工作状态
(3)如果Master故障,虚拟路由器中的Backup路由器将根据优先级重新选举新的Master
(4)虚拟路由器状态切换时,Master路由器由一台设备切换会另外一台设备,新的Master路由器只是简单的发送一个携带虚拟MAC地址和虚拟IP的免费ARP报文,这样就可以更新其他设备中缓存的ARP信息
(5)Backup路由器的优先级高于Master时,由Backup的工作方式(抢占式或者非抢占式)决定是否重新选举Master。
3. Keepalived deployment configuration
3.1 Installation environment
环境:CentOS Linux release 7.2.1511 (Core)
版本:keepalived-2.2.4.tar.gz
官网:https://www.keepalived.org/download.html
3.2 Installation steps
(1)下载
wget https://www.keepalived.org/software/keepalived-2.2.4.tar.gz
(2)依赖安装更新
yum -y install gcc glibc-devel make ncurses-devel openssl-devel xmlto perl wget gtk2-devel binutils-devel
(3)解压调整安装路径
tar -zvxf keepalived-2.2.4.tar.gz
cd /usr/local/keepalived-2.2.4/
(4)配置指定安装目录
./configure --prefix=/usr/local/keepalived
(5)编译并安装
make && make install
(6)调整配置文件
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server smtp.163.com
smtp_connect_timeout 30
router_id LVS_DEVEL_0
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
# 配置当前机器网卡
interface eno16777736
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
# 与当前机器配置同一网段
192.168.65.16
}
}
(7)设置linux服务
mkdir /etc/keepalived
cp /usr/local/keepalived-2.2.4/keepalived/etc/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/local/keepalived-2.2.4/keepalived/etc/init.d/keepalived /etc/sysconfig/
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/
(8)启动
systemctl start keepalived
systemctl status keepalived
systemctl stop keepalived
(9)验证
ps -aux | grep keepalived
systemctl status keepalived
(10)功能验证
部署两台机器 keepalived,一个master,一个backup;
两台机器各部署一个nginx,同时设置默认界面信息不同,用于区分访问到不同的机器;
同时启动两台keepalived和nginx,使用虚拟ip访问,查看是否是master节点;
关闭master节点的keepalived,继续使用虚拟ip访问,验证是否是backup节点;
恢复master节点的keepalived,继续使用虚拟ip访问,验证是否恢复到master节点访问。
3.3 Configuration instructions
# 全局配置
global_defs {
# 邮件通知信息
notification_email {
# 定义收件人
[email protected]
}
# 定义发件人
notification_email_from [email protected]
# SMTP服务器地址
smtp_server 192.168.200.1
smtp_connect_timeout 30
# 路由器标识,一般不用改,也可以写成每个主机自己的主机名
router_id LVS_DEVEL
# VRRP的ipv4和ipv6的广播地址,配置了VIP的网卡向这个地址广播来宣告自己的配置信息,下面是默认值
vrrp_mcast_group4 224.0.0.18
vrrp_mcast_group6 ff02::12
}
# 一个vrrp_instance就是定义一个虚拟路由器的,实例名称
vrrp_instance VI_1 {
# 定义初始状态,可以是MASTER或者BACKUP
state MASTER
# 工作接口,通告选举使用哪个接口进行
interface ens33
# 虚拟路由ID,如果是一组虚拟路由就定义一个ID,如果是多组就要定义多个,而且这个虚拟
# ID还是虚拟MAC最后一段地址的信息,取值范围0-255
virtual_router_id 51
# 使用哪个虚拟MAC地址
use_vmac XX:XX:XX:XX:XX
# 监控本机上的哪个网卡,网卡一旦故障则需要把VIP转移出去
track_interface {
eth0
ens33
}
# 如果你上面定义了MASTER,这里的优先级就需要定义的比其他的高
priority 100
# 通告频率,单位为秒
advert_int 1
# 通信认证机制,这里是明文认证还有一种是加密认证
authentication {
auth_type PASS
auth_pass 1111
}
# 设置虚拟VIP地址,一般就设置一个,在LVS中这个就是为LVS主机设置VIP的,这样你就不用自己手动设置了
virtual_ipaddress {
# IP/掩码 dev 配置在哪个网卡
192.168.200.16/24 dev eth1
# IP/掩码 dev 配置在哪个网卡的哪个别名上
192.168.200.17/24 dev label eth1:1
}
# 虚拟路由,在需要的情况下可以设置lvs主机 数据包在哪个网卡进来从哪个网卡出去
virtual_routes {
192.168.110.0/24 dev eth2
}
# 工作模式,nopreempt表示工作在非抢占模式,默认是抢占模式 preempt
nopreempt|preempt
# 如果是抢占默认则可以设置等多久再抢占,默认5分钟
preempt delay 300
# 追踪脚本,通常用于去执行上面的vrrp_script定义的脚本内容
track_script {
}
# 三个指令,如果主机状态变成Master|Backup|Fault之后会去执行的通知脚本,脚本要自己写
notify_master ""
notify_backup ""
notify_fault ""
}
4. References
[1] https://www.keepalived.org/
[2] https://www.cnblogs.com/clsn/p/8052649.html
[3] https://www.cnblogs.com/rexcheny/p/10778567.html