高可用
传统高可用
image.png
问题: 两台主机为高可用时,当B主机认为A主机宕机了。但是B自己出的问题,或者网络出了问题。此时A还没有宕机,就会出现资源争夺问题
仲裁机制的高可用
大于半数的主机,BC认为A宕机了。A就是宕机了。主机应为基数个
image.png
为了防止A,没有完全宕机。应采取隔离机制,给A补上一枪
隔离机制
- SIONTH:断A的电源,A,B,C都是通过电源交换机连接,电源交换机可以接收由leader发出的信息,给A进行断电源
- FENCE:隔离,中断A对外通信的信号信息。
keepalive
采用不同以上的高可用,而是VRRP协议 虚拟冗余路由协议
vrrp 协议的实现,原生设计的目的为了高可用ipvs服务
基于VRRP吸引完成地质流动
为VIP地址所在的节点生成ipvs规则(在配置文件中预先定义)
为ipvs集群的RS做健康状态检查
基于脚本调用接口通过执行脚本完成脚本中定义的功能,进而影响集群事务
组件
核心组件
- vrrp stack vrrp组件
- ipvs wrapper ipvs配置组件
- checkers ipvs健康检查组件
控制组件 - 配置文件分析器
IO复用器
内存管理组件
keepalive 配置前提
- 各节点时间必须同步
ntp,chrony - 确保iptables和selinux不会成为阻碍
- 各节点之间可用过主机名互相通信(对KA并非必须),建议使用/etc/hosts文件实现
- 确保各节点的用于集群服务的接口支持MULTICAST通信(组播通信)D类地址
224-239
keepalive 安装配置
keepalive主配置文件 /etc/keepalived/keepalived.conf
keepalive 环境配置文件 /etc/sysconfig/keepalived
unti file 文件 /usr/lib/systemd/system/keepalived.service
主程序 /usr/sbin/keepalived
--------------------------------------------------------------------------------------------------------------------------------
TOP HIERACHY
GLOBAL CONFIGURATION
Global definitions
Static routes/addresses/rules
VRRPD CONFIGURATION
VRRP synchronization group(s) 同步组,LVS做nat模式使用
VRRP instance(s)
LVS CONFIGURATION
Virtual server group(s)
Virtual server(s) ipvs的VS和RS
配置keepalive的VIP漂移和邮件通知
MASTER
[root@mysql keepalived]# cat keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
vrrp_mcast_group4 224.0.0.18
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id mysql
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.1.101/24 dev ens33 label ens33:1
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
-------------------------------------------------------------------------------------------------------------
[root@mysql keepalived]# cat notify.sh
#!/bin/bash
contact='root@localhost'
notify(){
mailsubject="$(hostname) to be $1"
mailbody="$(date) vrrp tranisition,$(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" "$contact"
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage:master|backup|fault"
exit 1
;;
esac
tcpdump -i ens33 host 224.0.0.18
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
17:19:17.663974 IP db01 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
17:19:18.665246 IP db01 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
17:19:19.666747 IP db01 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
17:19:20.668326 IP db01 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
BACKUP
[root@ceshi ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
vrrp_mcast_group4 224.0.0.18
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id mysql1
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 96
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.1.101/24 dev ens33 label ens33:2
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
--------------------------------------------------------------------------------------------------------------------------------
[root@mysql keepalived]# cat notify.sh
#!/bin/bash
contact='root@localhost'
notify(){
mailsubject="$(hostname) to be $1"
mailbody="$(date) vrrp tranisition,$(hostname) changed to be $1"
echo "$mailbody" | mail -s "$mailsubject" "$contact"
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage:master|backup|fault"
exit 1
;;
esac
[root@ceshi ~]# tcpdump -i ens33 host 224.0.0.18
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens33, link-type EN10MB (Ethernet), capture size 262144 bytes
18:34:33.386612 IP 10.0.0.11 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
18:34:34.387876 IP 10.0.0.11 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
18:34:35.389109 IP 10.0.0.11 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
18:34:36.390451 IP 10.0.0.11 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
18:34:37.391968 IP 10.0.0.11 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
18:34:38.393955 IP 10.0.0.11 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
18:34:39.395785 IP 10.0.0.11 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
配置keepalive ipvs及健康检查
MASTER
[root@mysql ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id mysql
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.14/24 dev ens33 label ens33:1
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 10.0.0.14 80 {
delay_loop 2
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 10.0.0.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
}
}
real_server 10.0.0.13 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
}
}
}
}
BACKUP
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id mysql1
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 96
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.14/24 dev ens33 label ens33:1
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
virtual_server 10.0.0.14 80 {
delay_loop 2
lb_algo rr
lb_kind DR
protocol TCP
sorry_server 127.0.0.1 80
real_server 10.0.0.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
}
}
real_server 10.0.0.13 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
}
}
}
}
高可用nginx服务
MASTER
[root@mysql ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id mysql
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id mysql
vrrp_skip_check_adv_addr
# vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_ngx {
script "killall -0 nginx && exit 0 || exit 1"
interval 1
weight -10
fall 1
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.14/24 dev ens33 label ens33:1
}
track_script {
chk_ngx
}
}
BACKUP
[root@ceshi ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
vrrp_mcast_group4 224.0.0.18
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id mysql1
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_ngx {
script "killall -0 nginx && exit 0 || exit 1"
interval 1
weight -10
fall 1
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 96
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.1.101/24 dev ens33 label ens33:2
}
track_script {
chk_ngx
}
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}
网友评论