营销型网站建设域名是,求职信息发布网,做网站导航栏素材图,php心水主论坛网站制作网页设计keepalived VRRP介绍 集群#xff08;cluster#xff09;技术是一种较新的技术#xff0c;通过集群技术#xff0c;可以在付出较低成本的情况下获得在性能、可靠性、灵活性方面的相对较高的收益#xff0c;其任务调度则是集群系统中的核心技术。 集群组成后#xff0c;可…keepalived VRRP介绍 集群cluster技术是一种较新的技术通过集群技术可以在付出较低成本的情况下获得在性能、可靠性、灵活性方面的相对较高的收益其任务调度则是集群系统中的核心技术。 集群组成后可以利用多个计算机和组合进行海量请求处理**负载均衡**从而获得很高的处理效率也可以用多个计算机做备份高可用使得任何一个机器坏了整个系统还是能正常运行。 keepalived工作原理 keepalived是以VRRP协议为实现基础的VRRP全称Virtual Router Redundancy Protocol即虚拟路由冗余协议。 虚拟路由冗余协议可以认为是实现路由器高可用的协议即将N台提供相同功能的路由器组成一个路由器组这个组里面有一个master和多个backupmaster上面有一个对外提供服务的vip该路由器所在局域网内其他机器的默认路由为该vipmaster会发组播当backup收不到vrrp包时就认为master宕掉了这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以保证路由器的高可用了。 keepalived主要有三个模块分别是core、check和vrrp。core模块为keepalived的核心负责主进程的启动、维护以及全局配置文件的加载和解析。check负责健康检查包括常见的各种检查方式。vrrp模块是来实现VRRP协议的。 脑裂 split barin Keepalived的BACKUP主机在收到不MASTER主机报文后就会切换成为master如果是它们之间的通信线路出现问题无法接收到彼此的组播通知但是两个节点实际都处于正常工作状态这时两个节点均为master强行绑定虚拟IP导致不可预料的后果这就是脑裂。 解决方式: 1、添加更多的检测手段比如冗余的心跳线两块网卡做健康监测ping对方等等。尽量减少裂脑发生机会。(指标不治本只是提高了检测到的概率) 2、设置仲裁机制。两方都不可靠那就依赖第三方。比如启用共享磁盘锁ping网关等。(针对不同的手段还需具体分析) 3、爆头将master停掉。然后检查机器之间的防火墙。网络之间的通信 Nginxkeepalived实现七层负载均衡
Nginx通过Upstream模块实现负载均衡
upstream支持的负载均衡算法 主机清单 主机名IP系统用途Proxy-master172.16.147.155centos7.5主负载Proxy-slave172.16.147.156centos7.5主备Real-server1172.16.147.153Centos7.5web1Real-server2172.16.147.154centos7.5Web2Vip for proxy172.16.147.100 配置安装nginx 所有的机器关闭防火墙和selinux
[rootproxy-master ~]# systemctl stop firewalld //关闭防火墙
[rootproxy-master ~]# sed -i s/^SELINUX.*/SELINUXdisabled/ /etc/sysconfig/selinux //关闭selinux重启生效
[rootproxy-master ~]# setenforce 0 //关闭selinux临时生效
安装nginx 全部4台
[rootproxy-master ~]# cd /etc/yum.repos.d/
[rootproxy-master yum.repos.d]# vim nginx.repo
[nginx-stable]
namenginx stable repo
baseurlhttp://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck0
enabled1
[rootproxy-master yum.repos.d]# yum install yum-utils -y
[rootproxy-master yum.repos.d]# yum install nginx -y 一、实施过程 1、选择两台nginx服务器作为代理服务器。 2、给两台代理服务器安装keepalived制作高可用生成VIP 3、配置nginx的负载均衡 # 两台配置完全一样
[rootproxy-master ~]# vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {worker_connections 1024;
}
http {log_format main $remote_addr - $remote_user [$time_local] $request $status $body_bytes_sent $http_referer $http_user_agent $http_x_forwarded_for;access_log /var/log/nginx/access.log main;sendfile on;tcp_nopush on;tcp_nodelay on;keepalive_timeout 65;types_hash_max_size 2048;include /etc/nginx/mime.types;default_type application/octet-stream;include /etc/nginx/conf.d/*.conf;upstream backend {server 172.16.147.154:80 weight1 max_fails3 fail_timeout20s;server 172.16.147.153:80 weight1 max_fails3 fail_timeout20s;}server {listen 80;server_name localhost;location / {proxy_pass http://backend;proxy_set_header Host $host:$proxy_port;proxy_set_header X-Forwarded-For $remote_addr;}}
}
keepalived实现调度器HA
注主/备调度器均能够实现正常调度
1. 主/备调度器安装软件
[rootproxy-master ~]# yum install -y keepalived
[rootproxy-slave ~]# yum install -y keepalived
[rootproxy-master ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
[rootproxy-master ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {router_id directory1 #辅助改为directory2
}vrrp_instance VI_1 {state MASTER #定义主还是备interface ens33 #VIP绑定接口virtual_router_id 80 #整个集群的调度器一致priority 100 #back改为50advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.16.147.100/24 # vip}
}[rootproxy-slave ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
[rootproxy-slave ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalivedglobal_defs {router_id directory2
}vrrp_instance VI_1 {state BACKUP #设置为backupinterface ens33nopreempt #设置到back上面不抢占资源virtual_router_id 80priority 50 #辅助改为50advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.16.147.100/24}
} 启动KeepAlived主备均启动
[rootproxy-master ~]# systemctl enable keepalived
[rootproxy-slave ~]# systemctl start keepalived
[rootproxy-master ~]# ip a
1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet 172.16.147.100/32 scope global lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens33: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:ec:8a:fe brd ff:ff:ff:ff:ff:ffinet 172.16.147.155/24 brd 172.16.147.255 scope global noprefixroute dynamic ens33valid_lft 1115sec preferred_lft 1115secinet 172.16.147.101/24 scope global secondary ens33valid_lft forever preferred_lft forever 可以解决心跳故障keepalived 不能解决Nginx服务故障 扩展对调度器Nginx健康检查可选两台都设置 思路 让Keepalived以一定时间间隔执行一个外部脚本脚本的功能是当Nginx失败则关闭本机的Keepalived (1) script
[rootproxy-master ~]# vim /etc/keepalived/check_nginx_status.sh
#!/bin/bash
/usr/bin/curl -I http://localhost /dev/null
if [ $? -ne 0 ];then
# /etc/init.d/keepalived stopsystemctl stop keepalived
fi
[rootproxy-master ~]# chmod ax /etc/keepalived/check_nginx_status.sh
(2). keepalived使用script
! Configuration File for keepalivedglobal_defs {router_id director1
}
vrrp_script check_nginx {script /etc/keepalived/check_nginx_status.shinterval 5
}vrrp_instance VI_1 {state MASTERinterface ens33virtual_router_id 80priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.246.16/24}track_script {check_nginx}
} 注必须先启动nginx再启动keepalived 客户端访问的是虚拟VIP由虚拟vip去连接负载均衡的ip让负载均衡去访问后端的nginx页面。而keepalived是提供VIP的服务器分为主备当主服务器的keepalived开启时 那么VIP就会在主服务器上。只有当主服务器的keepalived关闭时VIP才会飘向备服务器客户端访问的才是备负载均衡服务器的内容。 但是当主负载均衡服务器的nginx关闭时不会影响vip的存在他还会在主负载均衡服务器上但是客户端访问的 时候会显示拒绝连接因为vip是与负载均衡服务器的IP连接的他是去找她的。 MySQLKeepalived 项目环境 IP1192.168.231.185 keepalivedmaster IP2192.168.231.187 keepalivedsalve VIP192.168.231.66 俩台机器都做相同的操作
安装MySQL
# yum -y install mysql-server mysql启动myslqd
# systemctl start mysqld查看密码修改密码
grep password /var/log/mysqld.log修改密码
mysqladmin -uroot -p旧密码 password 新密码登录MySQL
mysql -ppassword创建远程登录这俩台mysql的用户grant all on *.* to root% identified by Qianfeng123!; 为了体现实验结果
在IP1的数据库上创建数据库db1IP2不创建数据库。
IP1创建新数据库
create database db1;mysql show databases;
--------------------
| Database |
--------------------
| information_schema |
| db1 |
| mysql |
| performance_schema |
| sys |
--------------------
5 rows in set (0.00 sec)安装keepalived
俩台机器安装keepalived
[rootmysql-keepalived-master ~]# yum -y install keepalived
[rootmysql-keepalived-slave ~]# yum -y install keepalived
修改配置文件
192.168.231.185的配置文件
# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived
global_defs {router_id master
}
vrrp_instance VI_1 {state MASTER #定义主还是备interface ens33 #VIP绑定接口virtual_router_id 89 #整个集群的调度器一致priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.231.66/24 #定义的虚拟ip VIP}
}192.168.231.187配置文件
! Configuration File for keepalivedglobal_defs {router_id backup
}
vrrp_instance VI_1 {state BACKUP #设置成backupnopreempt #设置到back上面不抢占资源interface ens33virtual_router_id 89priority 50advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.231.66/24 #虚拟VIP}
}
主备同时启动keepalived
[rootproxy-master ~]# systemctl enable keepalived
[rootproxy-slave ~]# systemctl start keepalived
查看IP
[rootlocalhost ~]# ip a
1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens33: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 00:0c:29:b5:2b:5c brd ff:ff:ff:ff:ff:ffinet 192.168.231.185/24 brd 192.168.231.255 scope global noprefixroute dynamic ens33valid_lft 1348sec preferred_lft 1348secinet 192.168.231.66/24 scope global secondary ens33valid_lft forever preferred_lft forever远程登录MySQL
在第三台拥有MySQL的服务器上进行远程登录MySQL
mysql -uroot -pQianfeng123! -h192.168.231.66 -P3306-p密码是之前在俩台服务器创建的用户
-h的IP是虚拟vip
-p是MySQL的端口3306
当IP1keepalived开启MySQL开启时此时VIP在IP1上 查询到的是MySQL1
mysql show databases;
--------------------
| Database |
--------------------
| information_schema |
| db1 |
| mysql |
| performance_schema |
| sys |
--------------------
5 rows in set (0.00 sec)当IP1keepalived关闭IP1的MySQL开启时此时VIP在IP2上 查询到的是MySQL2
mysql show databases;
ERROR 2013 (HY000): Lost connection to MySQL server during query
mysql show databases;
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id: 18
Current database: *** NONE ***--------------------
| Database |
--------------------
| information_schema |
| mysql |
| performance_schema |
| sys |
--------------------
4 rows in set (0.01 sec)###连接到IP1的数据库切换到IP2的数据库上
当IP1keepalived关闭IP1的MySQL开启时此时VIP在IP2上接着将IP1的keepalived开启那么此时vip会跑到IP1上 查询到的是 MySQL1
mysql show databases;
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
Connection id: 4
Current database: *** NONE ***--------------------
| Database |
--------------------
| information_schema |
| db1 |
| mysql |
| performance_schema |
| sys |
--------------------
5 rows in set (0.01 sec)当IP1的keepalived开启IP1的MySQL开启此时关闭IP1的MySQL那么VIP还是在IP1上那么此时查询到的数据库是 无法连接
mysql show databases;
ERROR 2013 (HY000): Lost connection to MySQL server during query
mysql show databases;
ERROR 2006 (HY000): MySQL server has gone away
No connection. Trying to reconnect...
ERROR 2003 (HY000): Cant connect to MySQL server on 192.168.231.66 (111)
ERROR:
Cant connect to the server此时将IP1的keepalived也停掉那么VIP会飘逸到IP2上此时查询到的数据库是 MySQL2
mysql show databases;
No connection. Trying to reconnect...
Connection id: 19
Current database: *** NONE ***--------------------
| Database |
--------------------
| information_schema |
| mysql |
| performance_schema |
| sys |
--------------------
4 rows in set (0.00 sec)
因此也就是说 客户端访问的是虚拟VIP由虚拟vip去连接后端的MySQL。而keepalived是提供VIP的服务器分为主备当主服务器的keepalived开启时 那么VIP就会在主服务器上。只有当主服务器的keepalived关闭时VIP才会飘向备服务器客户端访问的才是备服务器的内容。 但是当主服务器的MySQL关闭时不会影响vip的存在他还会在主服务器上但是客户端访问的 时候会显示拒绝连接因为vip是与MySQL服务器的IP连接的他是去找她的。 在企业生产环境中我们不可能一直在观察MySQL与keepalived的状态那么我们需要使用脚本但是脚本多久执行一次 回花费大量精力这时候我们可以将脚本放至keepalived的配置文件中。只要检查到服务器的MySQL关闭那么就会停止该服务器的keepalived。让其他服务器工作从而保证了高可用
脚本
vim keepalived_check_mysql.sh #!/bin/bash
/usr/bin/mysql -uroot -pQianFeng2019! -e show status /dev/null
if [ $? -ne 0 ] ;then
# service keepalived stopsystemctl stop keepalived
fi
~
在keepalived的配置文件中引用
! Configuration File for keepalivedglobal_defs {router_id master
}
vrrp_script check_run { ####定义脚本script /etc/keepalived/keepalived_chech_mysql.shinterval 5
}vrrp_instance VI_1 {state MASTERinterface ens33virtual_router_id 89priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {192.168.231.66/24}track_script { ####引用脚本}
}实验过程遇到的错误 虚拟IP是自己提供的避免虚拟ip在其他服务器上已经存在的情况 脚本的引用可以不使用引号或者使用双引号
