高可用实现:Keepalived
Keepalived,即存活检测机制,是 Linux 下一个轻量级别的高可用解决方案;起初针对 LVS 进行研发,通过心跳检测检查系统中各个服务节点的健康状态,支持故障自动切换。
# 部署
yum install -y keepalive
修改配置文件vim /etc/keepalived/keepalived.conf,state 可以设置为:MASTER或BACKUP
global_defs {
router_id ka01 #标识信息
}
vrrp_instance VI_1 {
state MASTER
priority 150 #优先级
interface eth0 #绑定的网卡
virtual_router_id 50 #同一个虚拟的路由
advert_int 1 #心跳的间隔时间
authentication {
auth_type PASS #两个主机之间的密语
auth_pass 1111 #心跳密码
}
virtual_ipaddress {
10.0.0.3 #虚拟IP地址(可以绑定多个虚拟IP地址)
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
systemctl enable keepalive
systemctl start keepalive
systemctl stop keepalive
2
3
# 方式
Keepalive 高可用分为:抢占式和非抢占式
# 抢占式(默认)
BACKUP挂掉,BACKUP上台,MASTER重新启动则将 IP 抢占过去。
# 非抢占式
两台均为BACKUP,在优先级上做区分,如MASTER挂掉,BACKUP上台,则BACKUP变成MASTER,MASTER变为BACKUP。
- 两个节点的
state均为BACKUP(官方建议) - 两个节点都在
vrrp_instance中添加nopreempt - 其中一个节点的优先级要高于另外一个节点
PS.两台服务器角色都启用了nopreempt后,必须修改角色状态统一为BACKUP,唯一的区别就是优先级不同。
#Master
vrrp_instance VI_1 {
state BACKUP
priority 150
nopreempt
}
#Backup
vrrp_instance VI_1 {
state BACKUP
priority 100
nopreempt
}
2
3
4
5
6
7
8
9
10
11
12
13
# 故障
# 脑裂
当两台高可用服务器在指定的时间内,无法互相检测到对方心跳而各自启动故障转移功能,取得了资源以及服务的所有权,而此时的两台高可用服务器对都还活着并作正常运行,这样就会导致同一个服务在两端同时启动而发生冲突的严重问题,最严重的就是两台主机同时占用一个VIP的地址(类似双端导入概念),当用户写入数据的时候可能会分别写入到两端,这样可能会导致服务器两端的数据不一致或造成数据的丢失,这种情况就称为裂脑,也有的人称之为分区集群或者大脑垂直分隔。
- 服务器网线松动等网络故障
- 服务器硬件故障发生损坏现象而奔溃
- 主备服务器都开启了firewalld防火墙
# 解决方法
如果 Nginx 宕机,会导致用户请求失败,但 Keepalived 并不会进行地址漂移;所以需要编写一个脚本检测 Nginx 的存活状态,如果不存活则 kill nginx 和 keepalived
vim check_nginx.sh
#!/bin/sh
nginxpid=$(ps -C nginx --no-header|wc -l)
#1.判断 Nginx 是否存活,如果不存活则尝试启动 Nginx
if [ $nginxpid -eq 0 ];then
systemctl start nginx
sleep 3
#2.等待 3 秒后再次获取一次 Nginx 状态
nginxpid=$(ps -C nginx --no-header|wc -l)
#3.再次进行判断,如 Nginx 还不存活则停止 Keepalived,让地址进行漂移,并退出脚本
if [ $nginxpid -eq 0 ];then
systemctl stop keepalived
fi
fi
#添加执行权限
chmod +x check_ nginx.sh
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
配置 Keepalived 使用
vim /etc/keepalived/keepalived.conf
global_defs {
router_id 01
}
#定义脚本所在的位置,以及执行时间
vrrp_script check_nginx {
script "/root/check_nginx.sh"
interval 5
}
vrrp_instance VI_1 {
state BACKUP
priority 150
nopreempt
interface eth0
virtual_router_id 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3
}
#调用脚本
track_script {
check_nginx
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# Nginx 高可用
至少**两台 **Nginx 服务器、一个 VIP(虚拟 IP),服务器都安装好 Keepalived,并设置好 VIP;当主 Nginx 发生故障时,VIP 自动换绑到备用 Nginx,并运行相应的脚本。
# 编译安装
yum install -y nginx
yum install -y keepalived
rpm -q -a keepalived
#开机启动
systemctl enable keepalived
2
3
4
5
# Keepalived
MASTER 和 BACKUP 各一台,编译安装 Keepalived,因为设置绑定网卡等操作,需要使用 root 用户。
tar -zxvf keepalived-2.2.2.tar.gz -C /root && cd /root/keepalived-2.2.2
./configure
#*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
make && make install
2
3
4
# 配置文件
安装完成以后,拷贝并修改配置文件
#修改配置之前查看本机 IP 所在网卡
ip addr
mkdir /etc/keepalived
vi /etc/keepalived/keepalived.conf
# 删除以下两行,否则 VIP 绑定失败
vrrp_skip_check_adv_addr
vrrp_strict
2
3
4
5
6
7
PS.通过配置 priority 设置优先级,通过增加 nopreempt 配置非抢占式,vrrp_script 设置切换机制
! Configuration File for keepalived
global_defs {
router_id keep_xxx
}
vrrp_script check_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
check_nginx
}
virtual_ipaddress {
192.168.200.16
}
}
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# 检查脚本
创建 Nginx 检查脚本:vi /etc/keepalived/nginx_check.sh
#!/bin/bash
# 判断 nginx 是否宕机并尝试重启
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
/app/midware/nginx/sbin/nginx
# 等待 5s 再次检查 nginx,如果没能启动成功,则停止 keepalived 切换备机
sleep 5
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
2
3
4
5
6
7
8
9
10
11
增加可执行权限:chmod +x /etc/keepalived/nginx_check.sh
# 服务命令
cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/
cp /usr/local/sbin/keepalived /usr/sbin/
2
创建系统服务文件:/etc/init.d/keepalived,并赋予执行权限:chmod +x /etc/init.d/keepalived
#!/bin/sh
#
# Startup script for the Keepalived daemon
#
# processname: keepalived
# pidfile: /var/run/keepalived.pid
# config: /etc/keepalived/keepalived.conf
# chkconfig: - 21 79
# description: Start and stop Keepalived
# Source function library
. /etc/rc.d/init.d/functions
# Source configuration file (we set KEEPALIVED_OPTIONS there)
. /etc/sysconfig/keepalived
RETVAL=0
prog="keepalived"
start() {
echo -n $"Starting $prog: "
daemon keepalived ${KEEPALIVED_OPTIONS}
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
}
stop() {
echo -n $"Stopping $prog: "
killproc keepalived
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
}
reload() {
echo -n $"Reloading $prog: "
killproc keepalived -1
RETVAL=$?
echo
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
reload)
reload
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/$prog ]; then
stop
start
fi
;;
status)
status keepalived
RETVAL=$?
;;
*)
echo "Usage: $0 {start|stop|reload|restart|condrestart|status}"
RETVAL=1
esac
exit $RETVAL
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
然后 systemctl daemon-reload 重载
#查看服务状态
systemctl status keepalived
#启动服务
systemctl start keepalived
#重启服务
systemctl restart keepalived
#停止服务
systemctl stop keepalived
2
3
4
5
6
7
8