博文参考
http://lanlian.blog.51cto.com/6790106/1303195/
http://blog.csdn.net/tantexian/article/details/50056229
http://www.yulongjun.com/linux/20170904-01-keepalived-introduction/
Keepalived简介
core模块:为keepalived的核心组件,负责主进程的启动、维护以及全局配置文件的加载和解析;
check:负责健康检查,包括常见的各种检查方式;
VRRP模块:是来实现VRRP协议的。
keepalived
基于VRRP协议来实现的LVS服务高可用方案,可以利用其来避免单点故障。一个LVS服务会有2台服务器运行Keepalived,一台为主服务器(MASTER),一台为备份服务器(BACKUP),但是对外表现为一个虚拟IP,主服务器会发送特定的消息给备份服务器,当备份服务器收不到这个消息的时候,即主服务器宕机的时候, 备份服务器就会接管虚拟IP,继续提供服务,从而保证了高可用性。Keepalived是VRRP的完美实现。
启动后三个进程
父进程:内存管理,子进程管理等等
子进程:VRRP子进程
子进程:healthchecker子进程
VRRP协议简介
VRRP全称Virtual Router Redundancy Protocol,即虚拟路由冗余协议。
虚拟路由冗余协议,可以认为是实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组里面有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他机器的默认路由为该vip),master会发组播,当backup收不到vrrp包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以保证路由器的高可用了。于安全性考虑,VRRP包使用了加密协议进行加密。
keepalived配置介绍
keepalived只有一个配置文件keepalived.conf,里面主要包括以下几个配置区域:
global_defs主要是配置故障发生时的通知对象以及机器标识
static_ipaddress和static_routes区域配置的是是本节点的IP和路由信息
vrrp_script用来做健康检查的,当时检查失败时会将vrrp_instancepriority减少相应的值
vrrp_instance用来定义对外提供服务的VIP区域及其相关属性
vrrp_rsync_group用来定义vrrp_intance组,使得这个组内成员动作一致
全局配置
全局配置又包括两个子配置:
全局定义(global definition)
静态路由配置(static ipaddress/routes)
VRRPD配置
VRRPD配置包括三个类:
VRRP同步组(synchroization group)
VRRP实例(VRRP Instance)
VRRP脚本
keepalived单活双活配置
单活配置
Ka1配置
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from ka1@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_mcast_group4 224.111.111.111
}
vrrp_instance VG_1 {
state MASTER
interface eth2
virtual_router_id 191
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 0702f7ab
}
virtual_ipaddress {
192.168.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
Ka2配置
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from ka1@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_mcast_group4 224.111.111.111
}
vrrp_instance VG_1 {
state BACKUP
interface eth2
virtual_router_id 191
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 0702f7ab
}
virtual_ipaddress {
192.168.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
双活配置
Ka1配置
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from ka1@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_mcast_group4 224.111.111.111
}
vrrp_instance VG_1 {
state MASTER
interface eth2
virtual_router_id 191
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 0702f7ab
}
virtual_ipaddress {
192.168.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VG_2 {
state BACKUP
interface eth2
virtual_router_id 192
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 85c9a27b
}
virtual_ipaddress {
192.168.111.200
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
Ka2配置
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from ka1@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_mcast_group4 224.111.111.111
}
vrrp_instance VG_1 {
state BACKUP
interface eth2
virtual_router_id 191
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 0702f7ab
}
virtual_ipaddress {
192.168.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance VG_2 {
state MASTER
interface eth2
virtual_router_id 192
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 85c9a27b
}
virtual_ipaddress {
192.168.111.200
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
内外双网络(非同步)单活模式漂移配置
一个内网网络,一个外网网络,内网网络和外网网络不用同步漂移,比如Keepalived+LVS-DR、Keepalived+Nginx、Keepalived+HAProxy,都是不用同步漂移的。(Keepalived+LVS-NAT是需要同步漂移的。)
Ka1配置
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from ka1@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_mcast_group4 224.111.111.111
}
vrrp_sync_group VG_1 {
group {
External_1
Internal_1
}
}
vrrp_instance External_1 {
state MASTER
interface eth1
virtual_router_id 171
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1402b1b5
}
virtual_ipaddress {
172.16.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance Internal_1 {
state MASTER
interface eth2
virtual_router_id 191
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 0702f7ab
}
virtual_ipaddress {
192.168.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
Ka2配置
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from ka1@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_mcast_group4 224.111.111.111
}
vrrp_instance External_1 {
state BACKUP
interface eth1
virtual_router_id 171
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1402b1b5
}
virtual_ipaddress {
172.16.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance Internal_1 {
state BACKUP
interface eth2
virtual_router_id 191
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 0702f7ab
}
virtual_ipaddress {
192.168.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
内外双网络(同步)双活模式漂移配置
一个内网网络,一个外网网络,而且内网网络和外网网络要实现同步漂移,比如Keepalived+LVS-NAT模式,那么就用到vrrp_sync_group来设置同步漂移组,如果要做双活,那么就分别两端加两个vip,互为主备。
Ka1配置
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from ka1@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_mcast_group4 224.111.111.111
}
vrrp_sync_group VG_1 {
group {
External_1
Internal_1
}
}
vrrp_sync_group VG_2 {
group {
External_2
Internal_2
}
}
vrrp_instance External_1 {
state MASTER
interface eth1
virtual_router_id 171
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1402b1b5
}
virtual_ipaddress {
172.16.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance External_2 {
state BACKUP
interface eth1
virtual_router_id 172
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 9d3d15d5
}
virtual_ipaddress {
172.16.111.200
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance Internal_1 {
state MASTER
interface eth2
virtual_router_id 191
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 0702f7ab
}
virtual_ipaddress {
192.168.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance Internal_2 {
state BACKUP
interface eth2
virtual_router_id 192
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 85c9a27b
}
virtual_ipaddress {
192.168.111.200
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
Ka2配置
/etc/keepalived/keepalived.conf
global_defs {
notification_email {
root@localhost
}
notification_email_from ka1@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id ka1
vrrp_mcast_group4 224.111.111.111
}
vrrp_sync_group VG_1 {
group {
External_1
Internal_1
}
}
vrrp_sync_group VG_2 {
group {
External_2
Internal_2
}
}
vrrp_instance External_1 {
state BACKUP
interface eth1
virtual_router_id 171
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1402b1b5
}
virtual_ipaddress {
172.16.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance External_2 {
state MASTER
interface eth1
virtual_router_id 172
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 9d3d15d5
}
virtual_ipaddress {
172.16.111.200
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance Internal_1 {
state BACKUP
interface eth2
virtual_router_id 191
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 0702f7ab
}
virtual_ipaddress {
192.168.111.100
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
vrrp_instance Internal_2 {
state MASTER
interface eth2
virtual_router_id 192
priority 95
advert_int 1
authentication {
auth_type PASS
auth_pass 85c9a27b
}
virtual_ipaddress {
192.168.111.200
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用
。你还可以使用@
来通知其他用户。