Here we only use Keepalive only do hot standby, is to ensure high availability servers, others do not control. You might say this so rarely used in practical applications, as you may be wrong, Keepalived only do hot standby situation is still there, I have come across several such cases, the following touch me to be a summary of several cases
a, Keepalived hot standby application scenarios
1, site traffic is not high, not much pressure, but reliability is extremely high demands on the server, such as real-time online OA system, the government website system, Real Time hospital Medical systems, online police report system, the stock market background site systems, etc., their pressure is not great, but reliability is very high
2, no place to spend money, typical of government enterprises, public schools, etc.
Second, the characteristics Keepalived hot standby disadvantages and
characteristics:
1, at least two servers, one of which always serve master, the other one as a backup remains idle, and only in the main server hang when he came to help, and this is a typical double-click the hot standby
2, according to the judge demand service is available, unavailable at the time of switching to even
the advantages and disadvantages :
Advantages: simple data synchronization, unlike the load balancing of the data consistency is very high, relatively complex to implement maintenance is quite inconvenient, hot standby rsync can be achieved by simple operation and maintenance
disadvantages: a waste server, there is always an idle
three Keepalived hot standby configuration of the
first draw hot standby topology it:
Here I only write configuration and ultimately, as to theoretical knowledge Keepalived please refer to " Keepalived Principles and combat succinctly and "
1, in this case achieved by Keepalived two LNMP (that is, linux + nginx + mysql + php) dual-server architecture hot standby
configuration, refer LNMP: " lnmp configuration succinctly first edition "
2, dual installation configuration keepalived
1 "keepalived mounted
keepalived official address: http://www.keepalived.org/download.html , we can Download the latest version here keepalived
operating system: centos 5.5 32bit
system installation: minimize installation, it is to remove all the components
environment configuration: installation make and gcc openssl openssl-devel, etc.
- yum -y install gcc make openssl openssl-devel wget kernel-devel
- mkdir -p /usr/local/src/hasoft
- cd /usr/local/src/hasoft
- wget http://www.keepalived.org/software/keepalived-1.2.2.tar.gz
- tar -zxvf keepalived-1.2.2.tar.gz
- cd keepalived-1.2.2
- ./configure --prefix=/usr/local/keepalived --with-kernel-dir=/usr/src/kernels/2.6.18-238.19.1.el5-i686/
After the pre-compiler appears:
- Keepalived configuration
- ------------------------
- Keepalived version : 1.2.2
- Compiler : gcc
- Compiler flags : -g -O2 -DETHERTYPE_IPV6=0x86dd
- Extra Lib : -lpopt -lssl -lcrypto
- Use IPVS Framework : Yes
- IPVS sync daemon support : Yes
- IPVS use libnl : No
- Use VRRP Framework : Yes
- Use Debug flags : No
- make && make install
Note here that, oh, I refer to the above general method of installation, if you can not use LVS lvs remove ie
./configure --prefix = / usr / local / keepalived --with-kernel-dir = / usr / src / kernels / 2.6.18-238.19.1.el5-i686 / --disable- lvs-syncd --disable-lvs
but this has no effect, as I would to configure it, but if you wanted to integrate LVS, then it can not be add these two parameters, oh
finishing manage files:
cp / usr / local / keepalived / sbin / keepalived / usr / sbin /
cp / usr / local / keepalived / etc / sysconfig / keepalived / etc / sysconfig /
cp / usr / local /keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
build configuration files directory (note: keepalived default configuration files in / etc / keepalived / directory)
mkdir -p / etc / etc / keepalived /
two servers (two nodes) are so mounted to
two "configuration
node A configuration is as follows:
VI /etc/keepalived/keepalived.conf
- global_defs
- {
- notification_email
- {
- [email protected]
- [email protected]
- }
- notification_email_from [email protected]
- smtp_server 127.0.0.1
- stmp_connect_timeout 30
- router_id lnmp_node1
- }
- vrrp_instance lnmp {
- state MASTER
- interface eth0
- virtual_router_id 100
- priority 200
- advert_int 5
- track_interface {
- eth0
- eth1
- }
- authentication {
- auth_type PASS
- auth_pass 123456
- }
- virtual_ipaddress {
- 192.168.17.200
- }
- }
A Node B configured as follows:
VI /etc/keepalived/keepalived.conf
- global_defs
- {
- notification_email
- {
- [email protected]
- [email protected]
- }
- notification_email_from [email protected]
- smtp_server 127.0.0.1
- stmp_connect_timeout 30
- router_id lnmp_node1
- }
- vrrp_instance lnmp {
- state MASTER
- interface eth0
- virtual_router_id 100
- priority 150
- advert_int 5
- track_interface {
- eth0
- eth1
- }
- authentication {
- auth_type PASS
- auth_pass 123456
- }
- virtual_ipaddress {
- 192.168.17.200
- }
- }
四,启动调试
在节点A上启动
/usr/local/keepalived/sbin/keepalived
启动日志:
Sep 8 18:26:02 centosa Keepalived_vrrp: Registering Kernel netlink reflector
Sep 8 18:26:02 centosa Keepalived_vrrp: Registering Kernel netlink command channel
Sep 8 18:26:02 centosa Keepalived_vrrp: Registering gratutious ARP shared channel
Sep 8 18:26:02 centosa Keepalived_vrrp: Opening file '/etc/keepalived/keepalived.conf'.
Sep 8 18:26:02 centosa Keepalived_vrrp: Configuration is using : 36076 Bytes
Sep 8 18:26:02 centosa Keepalived_vrrp: Using LinkWatch kernel netlink reflector...
Sep 8 18:26:02 centosa Keepalived: Starting VRRP child process, pid=5606
Sep 8 18:26:07 centosa Keepalived_vrrp: VRRP_Instance(lnmp) Transition to MASTER STATE
Sep 8 18:26:12 centosa Keepalived_vrrp: VRRP_Instance(lnmp) Entering MASTER STATE
Sep 8 18:26:12 centosa avahi-daemon[2528]: Registering new address record for 192.168.17.200 on eth0.
在节点B上启动
/usr/local/keepalived/sbin/keepalived
开机自动启动
echo /usr/local/keepalived/sbin/keepalived >> /etc/rc.local
启动日志:
Sep 8 18:30:02 centosb Keepalived: Starting Keepalived v1.2.2 (09/08,2011)
Sep 8 18:30:02 centosb Keepalived: Starting Healthcheck child process, pid=5837
Sep 8 18:30:02 centosb Keepalived_vrrp: Registering Kernel netlink reflector
Sep 8 18:30:02 centosb Keepalived_vrrp: Registering Kernel netlink command channel
Sep 8 18:30:02 centosb Keepalived_vrrp: Registering gratutious ARP shared channel
Sep 8 18:30:02 centosb Keepalived: Starting VRRP child process, pid=5839
Sep 8 18:30:02 centosb kernel: IPVS: Registered protocols (TCP, UDP, AH, ESP)
Sep 8 18:30:02 centosb kernel: IPVS: Connection hash table configured (size=4096, memory=32Kbytes)
Sep 8 18:30:02 centosb kernel: IPVS: ipvs loaded.
Sep 8 18:30:02 centosb Keepalived_healthcheckers: Registering Kernel netlink reflector
Sep 8 18:30:02 centosb Keepalived_healthcheckers: Registering Kernel netlink command channel
Sep 8 18:30:02 centosb Keepalived_healthcheckers: Opening file '/etc/keepalived/keepalived.conf'.
8 18:30:02 centosb Keepalived_vrrp Sep: Opening File '/etc/keepalived/keepalived.conf'.
Sep 8 18:30:02 centosb Keepalived_vrrp: a using the Configuration IS: 36252 Bytes
Sep 8 18:30:02 centosb Keepalived_vrrp: the Using Kernel NetLink Reflector ... LinkWatch
Sep 8 18:30:02 centosb Keepalived_healthcheckers: a using the Configuration IS: 6271 Bytes
Sep 8 18:30:02 centosb Keepalived_healthcheckers: the Using LinkWatch Kernel NetLink Reflector ...
Sep 8 18:30:02 centosb Keepalived_vrrp : VRRP_Instance (lnmp) Entering BACKUP sTATE
As can be seen from the log, start no problem, and I will give priority to install a complete campaign, the achievements of their respective states
closed switching nodes a card test is normal
ifdown eth0
observed node B log:
Sep 8 18:32:55 centosb Keepalived_vrrp: VRRP_Instance (LNMP) Transition to MASTER STATE
18:33:00 centosb Keepalived_vrrp. 8 On Sep: VRRP_Instance (LNMP) Entering the MASTER the STATE
On Sep 18:33:00 centosb for avahi-daemon. 8 [2531]: Registering new new address 192.168.17.200 Record eth0 for ON.
NIC switch to start the test of the node A normal
ifup eth0
log observation node B:
On Sep centosb Keepalived_vrrp 18:33:31. 8: VRRP_Instance (LNMP) Received iN AREAS oF COMMUNICAITIONS PRIO advert
On Sep centosb Keepalived_vrrp 18:33:31. 8: VRRP_Instance (LNMP) Entering the BACKUP the STATE
On Sep 18:33. 8 : centosb for avahi-daemon 31 is [2531]: Record for Withdrawing address 192.168.17.200 ON eth0.
received iN AREAS oF COMMUNICAITIONS PRIO advert: indicates that the received higher priority ads (advert announcement means)
Withdrawing: withdrawal means, switching can be seen process at a glance
OK, here we are part of the installation is complete, let's look at how to monitor the service it, we are just here to monitor the network failure and keepalived process itself, it switches when the network or keepalived process problems, but I node A there are a lot of services inside it, such as the corresponding slow how to do nginx, PHP, mysql process problems or high load time, how to switch it, then we should use the script, let's look at how to control keepalived scripts to monitor the server and switching
to write a script to three real-time monitoring service, if a problem all over switch mkdir / root / shell / appear
cd / root / shell
vi keepcheck.sh
- #!/bin/bash
- while :
- do
- mysqlcheck=`/usr/local/lnmp/mysql/bin/mysqladmin -uroot ping 2>&1`
- mysqlcode=`echo $?`
- phpcheck=`ps -C php-fpm --no-header | wc -l`
- nginxcheck=`ps -C nginx --no-header | wc -l`
- keepalivedcheck=`ps -C keepalived --no-header | wc -l`
- if [ $nginxcheck -eq 0 ]|| [ $phpcheck -eq 0 ]||[ $mysqlcode -ne 0 ];then
- if [ $keepalivedcheck -ne 0 ];then
- killall -TERM keepalived
- else
- echo "keepalived is stoped"
- be
- else
- if [ $keepalivedcheck -eq 0 ];then
- /etc/init.d/keepalived start
- else
- echo "keepalived is running"
- be
- be
- sleep 5
- done
Note that if a /etc/init.d/keepalived start to get up, you can use / usr / local / keepalived / sbin / keepalived binary files directly to start the implementation of
the startup script:
- chmod +x /root/shell/keepcheck.sh
- nohup sh /root/shell/keepcheck.sh &
Node B also use this script
written /etc/rc.local at startup
- echo "nohup sh /root/shell/keepcheck.sh &" >> /etc/rc.loal
Be tested
开了防火墙之后双节点都变成master了,日志如下
Sep 13 21:21:27 centosb avahi-daemon[2528]: Withdrawing address record for fe80::20c:29ff:fede:99ab on eth1.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Withdrawing address record for 192.168.27.212 on eth1.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Withdrawing address record for fe80::20c:29ff:fede:99a1 on eth0.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Withdrawing address record for 192.168.17.212 on eth0.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Host name conflict, retrying with <centosb-48>
Sep 13 21:21:27 centosb avahi-daemon[2528]: Registering new address record for fe80::20c:29ff:fede:99ab on eth1.
Sep 13 21:21:27 centosb avahi-daemon[2528]: Registering new address record for 192.168.27.212 on eth1.
13 is 21:21:27 centosb for avahi-On Sep daemon [2528]: Registering Record new new address for FE80 :: 20c: 29ff: minor subunit FedE of:. 99a1 ON eth0
On Sep 13 is 21:21:27 centosb for avahi-daemon [2528]: Registering new new Record oN eth0 for 192.168.17.200 address.
on Sep 13 is 21:21:27 centosb for avahi-daemon [2528]: Record for Registering new new address 192.168.17.212 oN eth0.
solution :( generally used as the second case)
first case, if the default firewall
only need to add: iptables -I RH-firewall-1 -INPUT -d 224.0.0.18 -j ACCEPT
second case: If the firewall is set in its own script, just add Simon rule that is may
iptables -A -d 224.0.0.18 the OUTPUT -o eth0 -j ACCEPT
iptables -A -s 224.0.0.18 the OUTPUT -o eth0 -j ACCEPT
iptables -A -d 224.0.0.18 the INPUT -i eth0 -j ACCEPT
iptables -A the INPUT -i eth0 -s 224.0.0.18 -j ACCEPT
After modification, remember to use /etc/rc.d/init.d/iptables save Save the modified rules, and the rules will be written to / etc / sysconfig / iptables file to, or after the restart will fail.
In the / etc / sysconfig / iptables file, to the INPUT chain and OUTPUT chain REJECT rules put last, otherwise it will affect the function set above.
Finally, using the service iptables restart, restart the iptables rules to take effect.
Transfer from http://bbs.nanjimao.com/thread-855-1-1.html