當(dāng)前位置：首頁(yè) > 编程资源 > 编程问答 >内容正文

编程问答

keepalived实现haproxy高可用详解

發(fā)布時(shí)間：2024/1/17 编程问答 28 豆豆

生活随笔收集整理的這篇文章主要介紹了 keepalived实现haproxy高可用详解小編覺(jué)得挺不錯(cuò)的,現(xiàn)在分享給大家,幫大家做個(gè)參考.

一，keepalived介紹

keepalived是一個(gè)可以實(shí)現(xiàn)某些資源高可用的開(kāi)源軟件，其主要的組件包括core，check，vrrp，libipfwc，libipvs，這里說(shuō)下各個(gè)組件的功能。

core：keepalived的核心組件，負(fù)責(zé)主進(jìn)程的啟動(dòng)和維護(hù)以及加載解析配置文件等。

check：負(fù)責(zé)healthchecker,負(fù)責(zé)各種健康檢查方式，和對(duì)應(yīng)的配置解析以及LVS的配置解析。

vrrp：vrrpd的子進(jìn)程。

libipfwc：結(jié)合iptables的ipchains庫(kù)來(lái)使用。

libipvs：結(jié)合LVS使用。

keepalived啟動(dòng)后會(huì)生成3個(gè)進(jìn)程，master主進(jìn)程，VRRP子進(jìn)程，healthchecker子進(jìn)程。

VRRP協(xié)議是實(shí)現(xiàn)keepalived高可用的一個(gè)基礎(chǔ)，下面說(shuō)一下VRRP的實(shí)現(xiàn)原理：

VRRP虛擬路由(VRRP router)，VRRP是一個(gè)“選舉”協(xié)議，它能夠動(dòng)態(tài)地將一個(gè)虛擬路由器的責(zé)任指定至同一個(gè)VRRP組中的其它路由器上，VRRP的優(yōu)勢(shì)：

冗余：可以使用多個(gè)路由器設(shè)備作為L(zhǎng)AN客戶端的默認(rèn)網(wǎng)關(guān)，大大降低了默認(rèn)網(wǎng)關(guān)成為單點(diǎn)故障的可能性；

負(fù)載共享：允許來(lái)自LAN客戶端的流量由多個(gè)路由器設(shè)備所共享；

多VRRP組：在一個(gè)路由器物理接口上可配置多達(dá)255個(gè)VRRP組；

多IP地址：基于接口別名在同一個(gè)物理接口上配置多個(gè)IP地址，從而支持在同一個(gè)物理接口上接入多個(gè)子網(wǎng)；

搶占：在master故障時(shí)允許優(yōu)先級(jí)更高的backup成為master；

通告協(xié)議：使用IANA所指定的組播地址224.0.0.18進(jìn)行VRRP通告；

VRRP追蹤：基于接口狀態(tài)來(lái)改變其VRRP優(yōu)先級(jí)來(lái)確定最佳的VRRP路由器成為master；

二，實(shí)驗(yàn)環(huán)境：

192.168.30.116 OS：Centos 6.4 x86_64 ? master.luojianlong.com

192.168.30.117 OS：Centos 6.4 x86_64 ? backup.luojianlong.com

keepalived版本：keepalived-1.2.7

首先，分別在2臺(tái)服務(wù)器上，安裝keepalived,haproxy，由于系統(tǒng)版本是Centos 6.4，這2個(gè)軟件已經(jīng)被整合在內(nèi)部了，所以使用yum來(lái)安裝

[root@master ~]# yum -y install keepalived haproxy [root@backup ~]# yum -y install keepalived haproxy

接下來(lái)，先配置master與backup服務(wù)器的優(yōu)先級(jí)，virtual_router_id（同一個(gè)實(shí)例2臺(tái)服務(wù)器必須相同），編輯配置文件:

[root@master ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak [root@backup ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak [root@master ~]# vi /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_DEVEL } vrrp_instance VI_1 {state MASTERinterface eth0virtual_router_id 51priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.30.230} } [root@backup ~]# vi /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs {notification_email {acassen@firewall.locfailover@firewall.locsysadmin@firewall.loc}notification_email_from Alexandre.Cassen@firewall.locsmtp_server 192.168.200.1smtp_connect_timeout 30router_id LVS_DEVEL } vrrp_instance VI_1 {state BACKUPinterface eth0virtual_router_id 51priority 99advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.30.230} }

global_defs：全局配置標(biāo)識(shí)破；

notification_email：表示告警時(shí)發(fā)送的郵件地址；

notification_email_from：表示發(fā)送郵件的源地址；

smtp_server：發(fā)送郵件的smtp服務(wù)器地址；

router_id：機(jī)器標(biāo)識(shí)；

vrrp_instance：定義一個(gè)vrrp實(shí)例；

state：state指定instance(Initial)的初始狀態(tài)，就是說(shuō)在配置好后，這臺(tái)服務(wù)器的初始狀態(tài)就是這里指定的，但這里指定的不算，還是得要通過(guò)競(jìng)選通過(guò)優(yōu)先級(jí)來(lái)確定，里如果這里設(shè)置為master，但如若他的優(yōu)先級(jí)不及另外一臺(tái)，那么這臺(tái)在發(fā)送通告時(shí)，會(huì)發(fā)送自己的優(yōu)先級(jí)，另外一臺(tái)發(fā)現(xiàn)優(yōu)先級(jí)不如自己的高，那么他會(huì)就回?fù)屨紴閙aster；

interface：實(shí)例綁定的網(wǎng)卡，因?yàn)樵谂渲锰摂MIP的時(shí)候必須是在已有的網(wǎng)卡上添加的；

virtual router id：這里設(shè)置VRID，這里非常重要，相同的VRID為一個(gè)組，他將決定多播的MAC地址；

priority 100：設(shè)置本節(jié)點(diǎn)的優(yōu)先級(jí)，優(yōu)先級(jí)高的為master；

advert int：檢查間隔，默認(rèn)為1秒；

virtual ipaddress：這里設(shè)置的就是VIP，也就是虛擬IP地址，他隨著state的變化而增加刪除，當(dāng)state為master的時(shí)候就添加，當(dāng)state為backup的時(shí)候刪除，這里主要是有優(yōu)先級(jí)來(lái)決定的，和state設(shè)置的值沒(méi)有多大關(guān)系，這里可以設(shè)置多個(gè)IP地址；

authentication：這里設(shè)置認(rèn)證；

auth type：認(rèn)證方式，可以是PASS或AH兩種認(rèn)證方式；

auth pass：認(rèn)證密碼；

啟動(dòng)倆臺(tái)服務(wù)器的keepalived

[root@master ~]# service keepalived start Starting keepalived: [ OK ] [root@backup ~]# service keepalived start Starting keepalived: [ OK ] [root@master ~]# tail -f /var/log/messages Jan 10 11:40:56 localhost Keepalived_healthcheckers[19368]: Using LinkWatch kernel netlink reflector... Jan 10 11:40:56 localhost Keepalived_vrrp[19369]: Opening file '/etc/keepalived/keepalived.conf'. Jan 10 11:40:56 localhost Keepalived_vrrp[19369]: Configuration is using : 63019 Bytes Jan 10 11:40:56 localhost Keepalived_vrrp[19369]: Using LinkWatch kernel netlink reflector... Jan 10 11:40:56 localhost Keepalived_vrrp[19369]: VRRP sockpool: [ifindex(2), proto(112), fd(10,11)] Jan 10 11:40:57 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Transition to MASTER STATE Jan 10 11:40:58 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Entering MASTER STATE Jan 10 11:40:58 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) setting protocol VIPs. Jan 10 11:40:58 localhost Keepalived_healthcheckers[19368]: Netlink reflector reports IP 192.168.30.230 added Jan 10 11:40:58 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 Jan 10 11:41:03 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 Jan 10 11:41:14 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election Jan 10 11:41:14 localhost Keepalived_vrrp[19369]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 [root@master ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:f3:fc:ba brd ff:ff:ff:ff:ff:ffinet 192.168.30.116/24 brd 192.168.30.255 scope global eth0inet 192.168.30.230/32 scope global eth0inet6 fe80::20c:29ff:fef3:fcba/64 scope linkvalid_lft forever preferred_lft forever

發(fā)現(xiàn)剛才定義的virtual ipaddress在master服務(wù)器上，因?yàn)閮?yōu)先級(jí)較高

停止master服務(wù)器的keepalived服務(wù)器，看IP會(huì)不會(huì)轉(zhuǎn)移到backup

[root@master ~]# service keepalived stop Stopping keepalived: [ OK ] [root@backup ~]# tail -f /var/log/messages Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: Opening file '/etc/keepalived/keepalived.conf'. Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: Configuration is using : 63017 Bytes Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: Using LinkWatch kernel netlink reflector... Jan 10 12:12:46 localhost Keepalived_healthcheckers[18580]: Opening file '/etc/keepalived/keepalived.conf'. Jan 10 12:12:46 localhost Keepalived_healthcheckers[18580]: Configuration is using : 7324 Bytes Jan 10 12:12:46 localhost Keepalived_healthcheckers[18580]: Using LinkWatch kernel netlink reflector... Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: VRRP sockpool: [ifindex(2), proto(112), fd(10,11)] Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Transition to MASTER STATE Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Received higher prio advert Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Entering BACKUP STATE Jan 10 12:16:27 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Transition to MASTER STATE Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Entering MASTER STATE Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) setting protocol VIPs. Jan 10 12:16:28 localhost Keepalived_healthcheckers[18580]: Netlink reflector reports IP 192.168.30.230 added Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 Jan 10 12:16:33 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 [root@backup ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:5b:50:f9 brd ff:ff:ff:ff:ff:ffinet 192.168.30.117/24 brd 192.168.30.255 scope global eth0inet 192.168.30.230/32 scope global eth0inet6 fe80::20c:29ff:fe5b:50f9/64 scope linkvalid_lft forever preferred_lft forever

發(fā)現(xiàn)IP已經(jīng)轉(zhuǎn)移到backup服務(wù)器

下面重新啟動(dòng)master的keepalived

[root@master ~]# service keepalived start Starting keepalived: [ OK ] [root@backup ~]# tail -f /var/log/messages Jan 10 12:12:46 localhost Keepalived_vrrp[18581]: VRRP sockpool: [ifindex(2), proto(112), fd(10,11)] Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Transition to MASTER STATE Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Received higher prio advert Jan 10 12:12:47 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Entering BACKUP STATE Jan 10 12:16:27 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Transition to MASTER STATE Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Entering MASTER STATE Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) setting protocol VIPs. Jan 10 12:16:28 localhost Keepalived_healthcheckers[18580]: Netlink reflector reports IP 192.168.30.230 added Jan 10 12:16:28 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 Jan 10 12:16:33 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 Jan 10 12:18:20 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Received higher prio advert Jan 10 12:18:20 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) Entering BACKUP STATE Jan 10 12:18:20 localhost Keepalived_vrrp[18581]: VRRP_Instance(VI_1) removing protocol VIPs. Jan 10 12:18:20 localhost Keepalived_healthcheckers[18580]: Netlink reflector reports IP 192.168.30.230 removed [root@master ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:f3:fc:ba brd ff:ff:ff:ff:ff:ffinet 192.168.30.116/24 brd 192.168.30.255 scope global eth0inet 192.168.30.230/32 scope global eth0inet6 fe80::20c:29ff:fef3:fcba/64 scope linkvalid_lft forever preferred_lft forever

發(fā)現(xiàn)IP已經(jīng)重新轉(zhuǎn)移到master服務(wù)器

現(xiàn)在編寫(xiě)haproxy狀態(tài)檢測(cè)腳本，來(lái)實(shí)現(xiàn)haproxy的健康檢測(cè)：

[root@master ~]# cat haproxy_pid.sh #!/bin/bash while : do haproxypid=`ps -C haproxy --no-header | wc -l` if [ $haproxypid -eq 0 ];thenservice haproxy startsleep 5haproxypid=`ps -C haproxy --no-header | wc -l`echo $haproxypidif [ $haproxypid -eq 0 ];then/etc/init.d/keepalived stopfi fi sleep 5 done # 啟動(dòng)backup的haproxy [root@backup ~]# service haproxy start Starting haproxy: [ OK ]

模擬故障，先讓httpd進(jìn)程開(kāi)啟，修改haproxy監(jiān)聽(tīng)端口為80，使得haproxy進(jìn)程無(wú)法啟動(dòng)，看資源會(huì)不會(huì)轉(zhuǎn)移到backup服務(wù)器

[root@master ~]# vi /etc/haproxy/haproxy.cfg frontend main *:5000 改為frontend main *:80 # 啟動(dòng)httpd進(jìn)程 [root@master ~]# scp -pr /etc/haproxy/haproxy.cfg root@192.168.30.117:/etc/haproxy/ [root@master ~]# service httpd start Starting httpd: httpd: apr_sockaddr_info_get() failed for master.luojianlong.com httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName[ OK ] [root@master ~]# netstat -antpl | grep :80 tcp 0 0 :::80 :::* LISTEN 19965/httpd #運(yùn)行狀態(tài)檢測(cè)腳本 [root@master ~]# nohup /root/haproxy_pid.sh & [root@master ~]# scp -pr haproxy_pid.sh root@192.168.30.117:/root/ [root@bakcup ~]# nohup /root/haproxy_pid.sh & [root@master ~]# tail -f /var/log/messages Jan 10 12:02:29 localhost Keepalived_vrrp[19849]: VRRP sockpool: [ifindex(2), proto(112), fd(10,11)] Jan 10 12:02:29 localhost Keepalived_vrrp[19849]: VRRP_Instance(VI_1) Transition to MASTER STATE Jan 10 12:02:30 localhost Keepalived_vrrp[19849]: VRRP_Instance(VI_1) Entering MASTER STATE Jan 10 12:02:30 localhost Keepalived_vrrp[19849]: VRRP_Instance(VI_1) setting protocol VIPs. Jan 10 12:02:30 localhost Keepalived_vrrp[19849]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 Jan 10 12:02:30 localhost Keepalived_healthcheckers[19848]: Netlink reflector reports IP 192.168.30.230 added Jan 10 12:02:35 localhost Keepalived_vrrp[19849]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.30.230 Jan 10 12:14:49 localhost Keepalived[19847]: Stopping Keepalived v1.2.7 (02/21,2013) Jan 10 12:14:49 localhost Keepalived_vrrp[19849]: VRRP_Instance(VI_1) sending 0 priority Jan 10 12:14:49 localhost Keepalived_vrrp[19849]: VRRP_Instance(VI_1) removing protocol VIPs. [root@master ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:f3:fc:ba brd ff:ff:ff:ff:ff:ffinet 192.168.30.116/24 brd 192.168.30.255 scope global eth0inet6 fe80::20c:29ff:fef3:fcba/64 scope linkvalid_lft forever preferred_lft forever [root@backup ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWNlink/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host loinet6 ::1/128 scope hostvalid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 00:0c:29:5b:50:f9 brd ff:ff:ff:ff:ff:ffinet 192.168.30.117/24 brd 192.168.30.255 scope global eth0inet 192.168.30.230/32 scope global eth0inet6 fe80::20c:29ff:fe5b:50f9/64 scope linkvalid_lft forever preferred_lft forever [root@backup ~]# ps aux | grep haproxy haproxy 19054 0.0 0.0 18688 1280 ? Ss 12:47 0:00 /usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid root 19097 0.0 0.0 103248 828 pts/0 S+ 12:58 0:00 grep haproxy

發(fā)現(xiàn)IP已經(jīng)轉(zhuǎn)移到backup服務(wù)器，實(shí)現(xiàn)了keepalived對(duì)于haproxy故障的高可用。

keepalived常見(jiàn)的啟動(dòng)報(bào)錯(cuò)：

5913 May 16 15:26:04 localhost Keepalived_vrrp: ip address associated with VRID not present in received packet : 192.168.57.75 5914 May 16 15:26:04 localhost Keepalived_vrrp: one or more VIP associated with VRID mismatch actual MASTER advert 5915 May 16 15:26:04 localhost Keepalived_vrrp: bogus VRRP packet received on eth0 !!! 5916 May 16 15:26:04 localhost Keepalived_vrrp: VRRP_Instance(VI_1) ignoring received advertisment... 5917 May 16 15:26:05 localhost Keepalived_vrrp: ip address associated with VRID not present in received packet : 192.168.57.75 5918 May 16 15:26:05 localhost Keepalived_vrrp: one or more VIP associated with VRID mismatch actual MASTER advert 5919 May 16 15:26:05 localhost Keepalived_vrrp: bogus VRRP packet received on eth0 !!! 5920 May 16 15:26:05 localhost Keepalived_vrrp: VRRP_Instance(VI_1) ignoring received advertisment.

解決方法：

在同一網(wǎng)段內(nèi)virtual_router_id 值不能相同，如果相同會(huì)在messages中收到VRRP錯(cuò)誤包，所以需要更改 virual_router_id。

轉(zhuǎn)載于:https://blog.51cto.com/luojianlong/1389249

創(chuàng)作挑戰(zhàn)賽新人創(chuàng)作獎(jiǎng)勵(lì)來(lái)咯，堅(jiān)持創(chuàng)作打卡瓜分現(xiàn)金大獎(jiǎng)

總結(jié)

以上是生活随笔為你收集整理的keepalived实现haproxy高可用详解的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。

上一篇：开源免费 java CMS - Fre
下一篇： Hadoop-MapReduce 入门