Keepalived concept and installation deployment process

Enterprise 2023-07-02 14:56:20 views: null

foreword

At present, the mainstream high-availability solution software on the Internet includes keepalived, , heartbeatand , which heartbeatare relatively early used to achieve high-availability software, keepalivedbut currently lightweight, easy-to-manage, and easy-to-use high-availability solutions.

1.1 Keeplived Highly Available Functions

KeepalivedIt is a software similar to the switching mechanism of layer3, 4 & 7. KeepalivedThe software has two functions, namely health check and VRRP redundancy protocol. keepalivedIt is a modular design, and different modules are responsible for different functions.

1.2 Common modules of Keeplived

Core: It is the core of keepalived , it is responsible for the start and maintenance of the main process, the loading and analysis of global configuration files, etc.; : It is responsible for
checkthe health check of keepalived , including various health check methods, and the corresponding configuration analysis including LVS configuration analysis;
VRRP: The VRRPD sub-process, the VRRPD sub-process is to implement the VRRP protocol ;

1.3 The role of Keeplived

The role of Keepalived is to detect the status of the web server . If a web server or Mysql server is down, or the work fails, Keepalived will detect it and remove the faulty web server or Mysql server from the system . When the server After working normally, Keepalived will automatically add the web and Mysql servers to the server group.

The advantage of this is that there is no need for manual intervention, keepalived will automatically complete these tasks, and all that needs to be done manually is to repair the failed WEB or MYSQL server.

When I mentioned the function of keepalived earlier, Keepalivedit is a software similar to the switching mechanism of layer3, 4 & 7.
Let's talk about the principles on the 3rd, 4th, and 7th floors

1.4 Implementation principle of Keeplived on layers 3, 4, and 7

  1. Transport layer : When keepalived works in Layer3 mode, keepalived will periodically send an ICMP packet to the servers in the server group (if it is found that the IP address of a certain service cannot be pinged), keepalived will report that the server is invalid, and Remove it from the server cluster. (Layer3's approach is to use whether the server's IP address is valid as the standard for whether the server is working normally.)
  2. Network layer : Layer4 mainly determines whether the server is working normally or not based on the status of the TCP port. For example, the service port of the WEB server is generally 80. If keepalived detects that port 80 is not started, keepalived will remove this server from the server group.
  3. Application layer : Layer 7 works on the application layer. Keepalived will check whether the server program is running normally according to the user's settings . This method will be used to judge. If it does not match the user's settings, keepalived will remove the server from the server group.

Among the three modules of keepalived, the VRRP module is more important. Its full name is Virtual Router Redundancy ProtocolVirtual Router Redundancy Protocol. Let's take a look at its principle together.

2. The principle of Keepalived VRRP

2.1 Principle 1 of VRRP

  • VRRP was proposed by the IETF to solve the single point of failure problem of configuring the default gateway in the LAN .
  • VRRP is widely used in edge networks (networks used by users). Its design goal is to support the failover of IP data traffic under certain circumstances without causing confusion, allowing the host to use a single router, and to use the failure of the actual first-hop router in time. In this case, the connectivity between routers can still be maintained.

In a real network environment, two hosts that need to communicate do not have a direct physical connection in most cases. For such a situation, how to choose the route between them? How does the host select the next-hop route to the destination host? There are usually two solutions to this problem:

Use dynamic routing protocols RIP, OSPF;
configure static routing on the host.

However, it is very impractical to configure road-state routing on the host, because of many issues such as management, maintenance costs, and whether it is supported. Configuring static routing has become very popular, but routers (or default gateways) often become single points. The purpose of VRRP is to solve the problem of static routing single point failures. VRRP dynamically assigns the routing task to a certain VRRP router among the virtual routers in the LAN through an election protocol.

2.1 Principle 2 of VRRP

  • Through VRRP technology, two physical hosts can be regarded as routers, and the two physical hosts form a virtual routing cluster . The host with the highest Master generates a VIP, which is responsible for forwarding IP packets initiated by users or processing user requests . The combination of Nginx+Keepalived , the user's request directly accesses the keepalived VIP address, and then accesses the corresponding service and port of the Master.
  • In a VRRP virtual router cluster, it consists of multiple physical routers, but these multiple physical routers cannot work at the same time, but a router called MASTER is responsible for the routing work, and the others are BACKUP . MASTER is not static. VRRP will allow each VRRP router to participate in the election , and the final winner is MASTER.
  • MASTER has some privileges, such as having the IP address of a virtual router or becoming a VIP. The privileged MASTER is responsible for forwarding packets sent to the gateway address and responding to ARP requests.
  • VRRP implements the function of a virtual router through an election protocol, and all protocol packets are sent in the form of IP multicast (multicast) packets (multicast address 224.0.0.18). A virtual router consists of a VRID (range 0-255) and a set of IP addresses, externally appearing as a well-known MAC address. Therefore, in a group of virtual router clusters, no matter who is the MASTER, the MAC and VIP are the same externally. The client host does not need to modify its routing configuration because of the change of MASTER.
  • A VRRP router acting as a MASTER will always send a VRRP multicast packet (VRRP Advertisement message), and BACKUP will not preempt the MASTER unless its priority is higher. When MASTER is unavailable (BACKUP cannot receive multicast packets), the one with the highest priority among multiple BACKUPs will preempt to become MASTER. This preemption is very fast to ensure service continuity. Due to security considerations, VRRP packets are carried out using an encryption protocol. Based on VRRP technology, IP address drift can be realized. It is a fault-tolerant protocol and is widely used in enterprise production environments.

3. Deploy keepalived service

You also need to restore the virtual machine to initialization before deploying the service

IP server system Serve
192.168.28.166 Centos7.9 Keepalived

There are two ways to install the keepalived service, one is to install through the yum command, and the other is to compile and install keepalived.
Demonstrate both ways.

3.1 Compile and install Keeplived service

3.1.1 Download the compressed package on the official website

keepalived official website address—click here

wget -c https://www.keepalived.org/software/keepalived-1.2.0.tar.gz -P /usr/src/

If the certificate expires, you can add--no-check-certificate
insert image description here

wget -c https://www.keepalived.org/software/keepalived-1.2.0.tar.gz -P /usr/src/ --no-check-certificate

3.1.2 Decompress the compressed package

[root@localhost ~]# cd /usr/src/
[root@localhost src]# tar xf keepalived-1.2.0.tar.gz 
[root@localhost src]# cd keepalived-1.2.0/
[root@localhost keepalived-1.2.0]# ls
AUTHOR     configure     COPYING  INSTALL     keepalived.spec.in  README
bin        configure.in  doc      install-sh  lib                 TODO
ChangeLog  CONTRIBUTORS  genhash  keepalived  Makefile.in         VERSION

Next, you need to install the software packages required for compilation: gcc gcc-c++ make cmake openssl openssl-devel popt-devel, etc.

3.1.3 Download the required compilation software package

yum install -y gcc gcc-c++ make cmake openssl openssl-devel  popt-devel

After downloading, you can start precompiling, compiling and installing

3.1.4 Compile and install

./configure --prefix=/usr/local/keepalived/ --with-kernel_dir=/usr/src/kernels/3.10.0-514.el7.x86_64/
make -j4 && make -j4 install

After compiling, you can use echo $? to judge whether the previous command was executed correctly.

3.1.5 Copy the keepalived file to the corresponding directory

cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
mkdir -p /etc/keepalived
cp /usr/local/keepalived/sbin/keepalived /usr/sbin/

3.1.6 Start the service

keepalived

In general, keepalived needs to be deployed on the WEB service or MySQL service machine, as a server cluster can be used as a replacement to achieve a high availability solution; therefore, it is also necessary to add relevant content in the configuration file, specific business content.

3.2 yum install Keepalived

The yum installation method is faster and easier

3.2.1 Install keepalived

yum install keepalived.x86_64 -y

3.2.2 Modify configuration file

vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

#全局定义块
global_defs {
    
    
   notification_email {
    
    
   #指定keepalived在发生切换时需要发送email到的对象,一行一个;
     [email protected]     
   }
   #指定发件人
   notification_email_from [email protected]
   #指定smtp服务器地址
   smtp_server 127.0.0.1
   #指定smtp连接超时时间
   smtp_connect_timeout 30
   #运行keepalived机器的名称
   router_id LVS_DEVEL
}

#VRRP实例定义块	
vrrp_instance VI_1 {
    
    
	#设置主机状态,MASTER|BACKUP
    state MASTER
	#对外提供服务的网络接口,要与本地的通信的接口一致
    interface ens32
    #VRID标记 ,路由ID,可通过tcpdump命令查看
    virtual_router_id 51
    #优先级,高优先级竞选为master
    priority 100
    #健康检查间隔,默认1秒
    advert_int 5
     #设置认证
    authentication {
    
    
    	#认证方式
        auth_type PASS
        #认证密码
        auth_pass 1111
    }
    #设置vip
    virtual_ipaddress {
    
    
    		#IP段与本地的路由一致
            192.168.28.188
    }
}

3.2.3 Start the service

systemctl start  keepalived.service
[root@localhost ~]# ps -ef|grep keepalived
root       9318      1  0 17:06 ?        00:00:00 /usr/sbin/keepalived -D
root       9319   9318  0 17:06 ?        00:00:00 /usr/sbin/keepalived -D
root       9320   9318  0 17:06 ?        00:00:00 /usr/sbin/keepalived -D
root       9360   5025  0 17:07 pts/0    00:00:00 grep --color=auto keepalived

The production environment uses Keepalived to run normally, and a total of 3 processes are started, one is the parent process, which is responsible for monitoring its child processes, one is the VRRP child process, and the other is the Checkers child process.

Summarize

There will be many concepts of keepalived, which need to be digested first and know how to deploy. The next article will combine keepalived with nginx, so that keepalived service can implement a highly available solution based on the set service. If you think the content is okay, you can support it with a thumbs up!
insert image description here

Guess you like

Origin blog.csdn.net/rhn_111/article/details/130543380
Recommended
Ranking
Linux关机和重启详解(shutdown、halt、poweroff、reboot、init)
Netty work notes 0007---NIO's three core component relationships
Knife4j tutorial
2021.10.29,内容:什么时候用接口和抽象类
How to solve the problem that changing the memory frequency causes the computer to become unusable?
SpringMVC Tutorial - Controller
linux learning skills -Linux 25 transport Vega paid special privileges and facl extension
Financial quarterly report evaluation report data automatic generation 1.0
Agile Development Series - The Values of Agile Development
scrapy achieve browsercookie Middleware
Daily
More
2024-05-19(0)
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)

Code World

© 2018 codetd.com