keepalived工作原理和配置说明

一、keepalived是什么

keepalived是集群管理中保证集群高可用的一个服务软件，其功能类似于heartbeat，用来防止单点故障。

二、keepalived工作原理

keepalived是以VRRP协议为实现基础的，VRRP全称Virtual Router Redundancy Protocol，即虚拟路由冗余协议。
虚拟路由冗余协议，可以认为是实现路由器高可用的协议，即将N台提供相同功能的路由器组成一个路由器组，这个组里面有一个master和多个backup，master上面有一个对外提供服务的vip（该路由器所在局域网内其他机器的默认路由为该vip），master会发组播，当backup收不到vrrp包时就认为master宕掉了，这时就需要根据VRRP的优先级来选举一个

三、keepalived的安装和配置

安装

1. 解压到指定路径

   tar -zxvf keepalived-1.2.19.tar.gz -C /usr/local/src

2. 切换目录

   cd /usr/local/src/keepalived-1.2.19

3. 配置环境

   ./configure –prefix=/apps/keepalived

4. 编译并且安装

   make && make install

将keepalived添加到系统服务中

• 拷贝执行文件

  cp /apps/keepalived/sbin/keepalived /usr/sbin/

• 将init.d文件拷贝到etc下,加入开机启动项

  cp /apps/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/keepalived

• 将keepalived文件拷贝到etc下

  cp /apps/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

• 创建keepalived文件夹

  mkdir -p /etc/keepalived

• 将keepalived配置文件拷贝到etc下

  cp /apps/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf

• 添加可执行权限

  chmod +x /etc/init.d/keepalived

• 添加keepalived到开机启动

  chkconfig –add keepalived
  chkconfig keepalived on

配置keepalived虚拟IP

修改MASTER配置文件： /etc/keepalived/keepalived.conf

global_defs {
}
vrrp_instance VI_1 {
 state MASTER 
 interface eth0 
 virtual_router_id 51 
 priority 100 
 advert_int 1 
 authentication { 
 auth_type PASS
 auth_pass 1111
 }
    virtual_ipaddress { #指定虚拟IP, 两个节点设置必须一样
 192.168.0.250/24
 }
}

修改BACKUP配置文件： /etc/keepalived/keepalived.conf

global_defs {
}
vrrp_instance VI_1 {
 state BACKUP
 interface eth0
 virtual_router_id 51
 priority 99
 advert_int 1
 authentication {
 auth_type PASS
 auth_pass 1111
 }
    virtual_ipaddress {
 192.168.0.250/24
 }
}

测试

• 启动MASTER和BACKUP的keepalived服务

service keepalived start

* 注意：在MASTER的主机未宕机之前，BACKUP主机网卡地址就出现两个ip地址，可能是BACKUP方主机防火墙未关闭，导致主从之间无法通信*

配置keepalived心跳检查

原理：
Keepalived并不跟nginx耦合，它俩完全不是一家人
但是keepalived提供一个机制：让用户自定义一个shell脚本去检测用户自己的程序，返回状态给keepalived就可以了

MASTER节点

global_defs {
}

vrrp_script chk_health {
 script "[[ `ps -ef | grep nginx | grep -v grep | wc -l` -ge 2 ]] && exit 0 || exit 1"
 interval 1 #每隔1秒执行上述的脚本，去检查用户的程序ngnix
 weight -2
}

vrrp_instance VI_1 {
 state MASTER
 interface eth0
 virtual_router_id 1
 priority 100
 advert_int 2
 authentication {
 auth_type PASS
 auth_pass 1111
 }

    track_script {
 chk_health
 }

    virtual_ipaddress {
 10.0.0.10/24
 }

    notify_master "/usr/local/keepalived/sbin/notify.sh master"
    notify_backup "/usr/local/keepalived/sbin/notify.sh backup"
    notify_fault "/usr/local/keepalived/sbin/notify.sh fault"
}

添加切换通知脚本

vi /usr/local/keepalived/sbin/notify.sh

#!/bin/bash

case "$1" in
    master)
        /usr/local/nginx/sbin/nginx
exit 0
    ;;
backup)
        /usr/local/nginx/sbin/nginx -s stop
        /usr/local/nginx/sbin/nginx
exit 0
    ;;
    fault)
        /usr/local/nginx/sbin/nginx -s stop
exit 0
    ;;
    *)
echo 'Usage: notify.sh {master|backup|fault}'
exit 1
    ;;
esac

添加执行权限

chmod +x /usr/local/keepalived/sbin/notify.sh

global_defs {
}

vrrp_script chk_health {
 script "[[ `ps -ef | grep nginx | grep -v grep | wc -l` -ge 2 ]] && exit 0 || exit 1"
 interval 1
 weight -2
}

vrrp_instance VI_1 {
 state BACKUP
 interface eth0
 virtual_router_id 1
 priority 99
 advert_int 1
 authentication {
 auth_type PASS
 auth_pass 1111
 }

    track_script {
 chk_health
 }

    virtual_ipaddress {
 10.0.0.10/24
 }

    notify_master "/usr/local/keepalived/sbin/notify.sh master"
    notify_backup "/usr/local/keepalived/sbin/notify.sh backup"
    notify_fault "/usr/local/keepalived/sbin/notify.sh fault"
}