Keepalived a Case: Keepalived hot standby (HA) succinctly

Here we only use Keepalive only do hot standby, is to ensure high availability servers, others do not control. You might say this so rarely used in practical applications, as you may be wrong, Keepalived only do hot standby situation is still there, I have come across several such cases, the following touch me to be a summary of several cases

a, Keepalived hot standby application scenarios

1, site traffic is not high, not much pressure, but reliability is extremely high demands on the server, such as real-time online OA system, the government website system, Real Time hospital Medical systems, online police report system, the stock market background site systems, etc., their pressure is not great, but reliability is very high

2, no place to spend money, typical of government enterprises, public schools, etc.

Second, the characteristics Keepalived hot standby disadvantages and

characteristics:
1, at least two servers, one of which always serve master, the other one as a backup remains idle, and only in the main server hang when he came to help, and this is a typical double-click the hot standby

2, according to the judge demand service is available, unavailable at the time of switching to even
the advantages and disadvantages :

Advantages: simple data synchronization, unlike the load balancing of the data consistency is very high, relatively complex to implement maintenance is quite inconvenient, hot standby rsync can be achieved by simple operation and maintenance

disadvantages: a waste server, there is always an idle


three Keepalived hot standby configuration of the
first draw hot standby topology it:

Here I only write configuration and ultimately, as to theoretical knowledge Keepalived please refer to " Keepalived Principles and combat succinctly and "

1, in this case achieved by Keepalived two LNMP (that is, linux + nginx + mysql + php) dual-server architecture hot standby

configuration, refer LNMP: " lnmp configuration succinctly first edition "

2, dual installation configuration keepalived

1 "keepalived mounted

keepalived official address: http://www.keepalived.org/download.html , we can Download the latest version here keepalived

operating system: centos 5.5 32bit
system installation: minimize installation, it is to remove all the components
environment configuration: installation make and gcc openssl openssl-devel, etc.

1. yum -y install gcc make openssl openssl-devel wget kernel-devel
2. mkdir -p /usr/local/src/hasoft
3. cd /usr/local/src/hasoft
4. wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
5. tar -zxvf keepalived-1.2.2.tar.gz
6. cd keepalived-1.2.2
7. ./configure --prefix=/usr/local/keepalived --with-kernel-dir=/usr/src/kernels/2.6.18-238.19.1.el5-i686/

Copy the code

After the pre-compiler appears:

1. Keepalived configuration
2. ------------------------
3. Keepalived version       : 1.2.2
4. Compiler                 : gcc
5. Compiler flags           : -g -O2 -DETHERTYPE_IPV6=0x86dd
6. Extra Lib                : -lpopt -lssl -lcrypto
7. Use IPVS Framework       : Yes
8. IPVS sync daemon support : Yes
9. IPVS use libnl           : No
10. Use VRRP Framework       : Yes
11. Use Debug flags          : No

Copy the code

1. make && make install

Copy the code

Note here that, oh, I refer to the above general method of installation, if you can not use LVS lvs remove ie
./configure --prefix = / usr / local / keepalived --with-kernel-dir = / usr / src / kernels / 2.6.18-238.19.1.el5-i686 / --disable- lvs-syncd --disable-lvs

but this has no effect, as I would to configure it, but if you wanted to integrate LVS, then it can not be add these two parameters, oh

finishing manage files:
cp / usr / local / keepalived / sbin / keepalived / usr / sbin /
cp / usr / local / keepalived / etc / sysconfig / keepalived / etc / sysconfig /
cp / usr / local /keepalived/etc/rc.d/init.d/keepalived /etc/init.d/


build configuration files directory (note: keepalived default configuration files in / etc / keepalived / directory)
mkdir -p / etc / etc / keepalived /

two servers (two nodes) are so mounted to

two "configuration

node A configuration is as follows:
VI /etc/keepalived/keepalived.conf

1. global_defs
2. {
3. notification_email
4. {
5. [email protected]
6. [email protected]
7. }
8. notification_email_from [email protected]
9. smtp_server 127.0.0.1
10. stmp_connect_timeout 30
11. router_id lnmp_node1
12. }
14. vrrp_instance lnmp {
15. state MASTER
16. interface eth0
17. virtual_router_id 100
18. priority 200
19. advert_int 5
20. track_interface {
21. eth0
22. eth1
23. }
24. authentication {
25. auth_type PASS
26. auth_pass 123456
27. }
28. virtual_ipaddress {
29. 192.168.17.200
30. }
31. }

Copy the code

A Node B configured as follows:
VI /etc/keepalived/keepalived.conf

1. global_defs
2. {
3. notification_email
4. {
5. [email protected]
6. [email protected]
7. }
8. notification_email_from [email protected]
9. smtp_server 127.0.0.1
10. stmp_connect_timeout 30
11. router_id lnmp_node1
12. }
14. vrrp_instance lnmp {
15. state MASTER
16. interface eth0
17. virtual_router_id 100
18. priority 150
19. advert_int 5
20. track_interface {
21. eth0
22. eth1
23. }
24. authentication {
25. auth_type PASS
26. auth_pass 123456
27. }
28. virtual_ipaddress {
29. 192.168.17.200
30. }
31. }

Copy the code

四，启动调试
在节点A上启动
/usr/local/keepalived/sbin/keepalived

启动日志：
Sep  8 18:26:02 centosa Keepalived_vrrp: Registering Kernel netlink reflector
Sep  8 18:26:02 centosa Keepalived_vrrp: Registering Kernel netlink command channel
Sep  8 18:26:02 centosa Keepalived_vrrp: Registering gratutious ARP shared channel
Sep  8 18:26:02 centosa Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Sep  8 18:26:02 centosa Keepalived_vrrp: Configuration is using : 36076 Bytes
Sep  8 18:26:02 centosa Keepalived_vrrp: Using LinkWatch kernel netlink reflector...
Sep  8 18:26:02 centosa Keepalived: Starting VRRP child process, pid=5606
Sep  8 18:26:07 centosa Keepalived_vrrp: VRRP_Instance(lnmp) Transition to MASTER STATE
Sep  8 18:26:12 centosa Keepalived_vrrp: VRRP_Instance(lnmp) Entering MASTER STATE
Sep  8 18:26:12 centosa avahi-daemon[2528]: Registering new address record for 192.168.17.200 on eth0.


在节点B上启动
/usr/local/keepalived/sbin/keepalived

开机自动启动
echo /usr/local/keepalived/sbin/keepalived >> /etc/rc.local

启动日志：
Sep  8 18:30:02 centosb Keepalived: Starting Keepalived v1.2.2 (09/08,2011)
Sep  8 18:30:02 centosb Keepalived: Starting Healthcheck child process, pid=5837
Sep  8 18:30:02 centosb Keepalived_vrrp: Registering Kernel netlink reflector
Sep  8 18:30:02 centosb Keepalived_vrrp: Registering Kernel netlink command channel
Sep  8 18:30:02 centosb Keepalived_vrrp: Registering gratutious ARP shared channel
Sep  8 18:30:02 centosb Keepalived: Starting VRRP child process, pid=5839
Sep  8 18:30:02 centosb kernel: IPVS: Registered protocols (TCP, UDP, AH, ESP)
Sep  8 18:30:02 centosb kernel: IPVS: Connection hash table configured (size=4096, memory=32Kbytes)
Sep  8 18:30:02 centosb kernel: IPVS: ipvs loaded.
Sep  8 18:30:02 centosb Keepalived_healthcheckers: Registering Kernel netlink reflector
Sep  8 18:30:02 centosb Keepalived_healthcheckers: Registering Kernel netlink command channel
Sep  8 18:30:02 centosb Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'.
8 18:30:02 centosb Keepalived_vrrp Sep: Opening File '/etc/keepalived/keepalived.conf'.
Sep 8 18:30:02 centosb Keepalived_vrrp: a using the Configuration IS: 36252 Bytes
Sep 8 18:30:02 centosb Keepalived_vrrp: the Using Kernel NetLink Reflector ... LinkWatch
Sep 8 18:30:02 centosb Keepalived_healthcheckers: a using the Configuration IS: 6271 Bytes
Sep 8 18:30:02 centosb Keepalived_healthcheckers: the Using LinkWatch Kernel NetLink Reflector ...
Sep 8 18:30:02 centosb Keepalived_vrrp : VRRP_Instance (lnmp) Entering BACKUP sTATE

As can be seen from the log, start no problem, and I will give priority to install a complete campaign, the achievements of their respective states

closed switching nodes a card test is normal
ifdown eth0

observed node B log:
Sep 8 18:32:55 centosb Keepalived_vrrp: VRRP_Instance (LNMP) Transition to MASTER STATE
18:33:00 centosb Keepalived_vrrp. 8 On Sep: VRRP_Instance (LNMP) Entering the MASTER the STATE
On Sep 18:33:00 centosb for avahi-daemon. 8 [2531]: Registering new new address 192.168.17.200 Record eth0 for ON.


NIC switch to start the test of the node A normal
ifup eth0
log observation node B:
On Sep centosb Keepalived_vrrp 18:33:31. 8: VRRP_Instance (LNMP) Received iN AREAS oF COMMUNICAITIONS PRIO advert
On Sep centosb Keepalived_vrrp 18:33:31. 8: VRRP_Instance (LNMP) Entering the BACKUP the STATE
On Sep 18:33. 8 : centosb for avahi-daemon 31 is [2531]: Record for Withdrawing address 192.168.17.200 ON eth0.

received iN AREAS oF COMMUNICAITIONS PRIO advert: indicates that the received higher priority ads (advert announcement means)
Withdrawing: withdrawal means, switching can be seen process at a glance


OK, here we are part of the installation is complete, let's look at how to monitor the service it, we are just here to monitor the network failure and keepalived process itself, it switches when the network or keepalived process problems, but I node A there are a lot of services inside it, such as the corresponding slow how to do nginx, PHP, mysql process problems or high load time, how to switch it, then we should use the script, let's look at how to control keepalived scripts to monitor the server and switching

to write a script to three real-time monitoring service, if a problem all over switch mkdir / root / shell / appear
cd / root / shell
vi keepcheck.sh

1. #!/bin/bash
2. while  :
3. do
4. mysqlcheck=`/usr/local/lnmp/mysql/bin/mysqladmin -uroot ping 2>&1`
5. mysqlcode=`echo $?`
6. phpcheck=`ps -C php-fpm --no-header | wc -l`
7. nginxcheck=`ps -C nginx --no-header | wc -l`
8. keepalivedcheck=`ps -C keepalived --no-header | wc -l`
9. if [ $nginxcheck -eq 0 ]|| [ $phpcheck -eq 0 ]||[ $mysqlcode -ne 0 ];then
10.                 if [ $keepalivedcheck -ne 0 ];then
11.                    killall -TERM keepalived
12.                 else
13.                    echo "keepalived is stoped"
14.                 be
15.         else
16.                 if [ $keepalivedcheck -eq 0 ];then
17.                    /etc/init.d/keepalived start
18.                 else
19.                    echo "keepalived is running"
20.                 be
21. be
22. sleep 5
23. done

Copy the code

Note that if a /etc/init.d/keepalived start to get up, you can use / usr / local / keepalived / sbin / keepalived binary files directly to start the implementation of
the startup script:

1. chmod +x /root/shell/keepcheck.sh
2. nohup sh /root/shell/keepcheck.sh &

Copy the code

Node B also use this script

written /etc/rc.local at startup

1. echo "nohup sh /root/shell/keepcheck.sh &" >> /etc/rc.loal

Copy the code

Be tested

 

开了防火墙之后双节点都变成master了，日志如下
Sep 13 21:21:27 centosb avahi-daemon[2528]: Withdrawing address record for fe80::20c:29ff:fede:99ab on eth1.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Withdrawing address record for 192.168.27.212 on eth1.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Withdrawing address record for fe80::20c:29ff:fede:99a1 on eth0.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Withdrawing address record for 192.168.17.212 on eth0.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Host name conflict, retrying with <centosb-48>
Sep 13 21:21:27 centosb avahi-daemon[2528]: Registering new address record for fe80::20c:29ff:fede:99ab on eth1.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Registering new address record for 192.168.27.212 on eth1.
13 is 21:21:27 centosb for avahi-On Sep daemon [2528]: Registering Record new new address for FE80 :: 20c: 29ff: minor subunit FedE of:. 99a1 ON eth0
On Sep 13 is 21:21:27 centosb for avahi-daemon [2528]: Registering new new Record oN eth0 for 192.168.17.200 address.
on Sep 13 is 21:21:27 centosb for avahi-daemon [2528]: Record for Registering new new address 192.168.17.212 oN eth0.

solution :( generally used as the second case)

first case, if the default firewall
only need to add: iptables -I RH-firewall-1 -INPUT -d 224.0.0.18 -j ACCEPT

second case: If the firewall is set in its own script, just add Simon rule that is may
iptables -A -d 224.0.0.18 the OUTPUT -o eth0 -j ACCEPT
iptables -A -s 224.0.0.18 the OUTPUT -o eth0 -j ACCEPT
iptables -A -d 224.0.0.18 the INPUT -i eth0 -j ACCEPT
iptables -A the INPUT -i eth0 -s 224.0.0.18 -j ACCEPT

After modification, remember to use /etc/rc.d/init.d/iptables save Save the modified rules, and the rules will be written to / etc / sysconfig / iptables file to, or after the restart will fail.

In the / etc / sysconfig / iptables file, to the INPUT chain and OUTPUT chain REJECT rules put last, otherwise it will affect the function set above.

Finally, using the service iptables restart, restart the iptables rules to take effect.

 

 

Transfer from http://bbs.nanjimao.com/thread-855-1-1.html