美文网首页
Keepalived基础

Keepalived基础

作者: 古巷挂青灯 | 来源:发表于2019-06-16 15:49 被阅读0次

keepalived for lvs

涉及的协议:
VRRP协议
给企业路由器高可用
功能:
高可用
管理lvs 给lvs高可用

原理:


keepalived原理.png

实际配置
第一个里程:在lb01,lb02两台负载均衡上下载Keepalived服务

[root@lb01 ~]#  yum install -y keepalived

第二个里程:keepalived的配置文件详解
分为三个部分:
GLOBAL CONFIGURATION(全局定义不部分)
VRRPD CONFIGURATION (vrrp实列:类似于rsync的模块)
LVS CONFIGURATION (通过keepalived配置文件控制lvs)

[root@lb01 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {                  ---全局定义                  
    router_id lb01             ---每个keepalived软件的标记/名称
}

vrrp_instance VI_1 {           ---vrrp_instance vrrp实列部分
                               ---vrrp_instance    名字  同一对主备之间要一致
    state MASTER               --- state   状态     MASTER 主     BACKUP备
    interface eth0             ---哪块网卡
    virtual_router_id 51       ---虚拟路由id号  同一对主备之间要一致
    priority 150               --- 优先级   主备之间  50   主150   备100
    advert_int 1               ---广告间隔   1s  心跳间隔

    简单认证
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    virtual_ipaddress {                  ---虚拟ip
     10.0.0.3/24 dev eth0 label eth0:1   ---dev网卡   label:标签  给网卡启个小名
    }
}

第三个里程:配置文件如何设置
需要修改的内容
router_id state priority
主配置

[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
    router_id lb01
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
     10.0.0.3/24 dev eth0 label eth0:1  
    }
}

备配置文件

[root@lb02 ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
    router_id lb02
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
     10.0.0.3/24 dev eth0 label eth0:1  
    }
}

第四个里程:进行测试,实现vip的漂移


image.png

一、如何实时监控nginx,nginx服务停掉keepalived服务也要停掉。

1.如果nginx挂掉,keepalived也停掉,VIP漂移到另一台负载上

编写一个脚本
[root@lb01 /server/scripts]# vim chk_ngx.sh 
#!/bin/sh
count=` ps -ef |grep nginx |grep -v grep |wc -l `

if [ $count -eq 0 ] ; then
   systemctl stop keepalived
fi

2.利用keepalived进行监控nginx的状态

首先要给执行的脚本一个执行的权限
[root@lb01 /server/scripts]# chmod +x /server/scripts/chk_ngx.sh 
然后在编写配置文件
[root@lb01 /server/scripts]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
    router_id lb01
}
添加以下5行
vrrp_script chk_ngx {
  script "/server/scripts/chk_ngx.sh" 
  interval 2
  weight   1
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
     10.0.0.3/24 dev eth0 label eth0:1
    }
添加以下3行
    track_script {
   chk_ngx
    }
}

3.然后进行测试,停掉nginx,vip漂移到另一台负载上面
在lb01上执行

[root@lb01 /server/scripts]# systemctl  restart nginx 
[root@lb01 /server/scripts]# ip a |grep 0.3

vip出现在lb02上

[root@lb02 ~]# ip  a|grep 0.3
    inet 10.0.0.3/24 scope global secondary eth0:1

二、keepalived双主设置

作用:减轻负载均衡的压力

1.如何设置双主

lb01上面

! Configuration File for keepalived

global_defs {
    router_id lb01
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
     10.0.0.3/24 dev eth0 label eth0:1
    }
}

vrrp_instance VI_2 {
    state BACKUP
    interface eth0
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
     10.0.0.4/24 dev eth0 label eth0:1
    }
}

修改完配置文件,查看ip


10.0.0.3.png

lb02上面

[root@lb02 ~]# vim /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
    router_id lb02
}

vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
     10.0.0.3/24 dev eth0 label eth0:1
    }
}

vrrp_instance VI_2 {
    state MASTER
    interface eth0
    virtual_router_id 52
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
     10.0.0.4/24 dev eth0 label eth0:2
    }
}

修改完配置文件,查看ip


10.0.0.4.png

2、然后修改nginx的配置文件,两台负载均衡配置文件保持一致。

[root@root]# vim /etc/nginx/nginx.conf

user  nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    upstream web_pools {
   # ip_hash;
    server   10.0.0.7:80   weight=2   max_fails=3  fail_timeout=10s;
    server   10.0.0.8:80    weight=1   max_fails=3  fail_timeout=10s;
    }

    #include /etc/nginx/conf.d/*.conf;
     server {
     listen   80;
     server_name  www.oldboy.com;
     location / {
     if ( $remote_addr ~  "^192.168.22.") {
     return 403 "biedaoluan\n";
      }
     proxy_pass  http://web_pools;
     proxy_set_header   Host  $host;
     proxy_set_header   X-Forwarded-For   $remote_addr;
     }
}
     server {
     listen   80;
     server_name  blog.oldboy.com;
     location / {
     proxy_pass  http://web_pools;
     proxy_set_header   Host  $host;
     proxy_set_header   X-Forwarded-For   $remote_addr;
     }
}
}

配置好本地hosts解析

10.0.0.3  www.oldboy.com  
10.0.0.4  status.oldboy.com   blog.oldboy.com

停掉一台负载,在浏览器测试还能是显示
在浏览器分别测试 blog.oldboy.com www.oldboy.com

如何指定某个ip访问指定的网站

在nginx的配置文件中指定ip

    #include /etc/nginx/conf.d/*.conf;
     server {
     listen   10.0.0.3:80;    (指定ip)
     server_name  www.oldboy.com;
     location / {
     proxy_pass  http://web_pools;
     proxy_set_header   Host  $host;
     proxy_set_header   X-Forwarded-For   $remote_addr;
     }
}
     server { 
     listen  10.0.0.4:80;   (指定ip)
     server_name  blog.oldboy.com;
     location / {
     proxy_pass  http://web_pools;
     proxy_set_header   Host  $host;
     proxy_set_header   X-Forwarded-For   $remote_addr;
     }
}

检查语法是报错:

[root@lb01 /etc/nginx]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: [emerg] bind() to 10.0.0.4:80 failed (99: Cannot assign requested address)
nginx: configuration file /etc/nginx/nginx.conf test failed
nginx无法把不存在的ip进行绑定

如何解决:修改内核参数,两台负载都得修改

[root@lb01 ]   vim /etc/sysctl.conf  (在最后一行追加)
net.ipv4.ip_nonlocal_bind = 1

#生效
sysctl -p

此时 ,检查语法就不会报错了

[root@lb01 ~]# nginx -t 
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

然后进行测试
内核参数存放的路径

[root@lb01 ~]# #net.ipv4.ip_nonlocal_bind
[root@lb01 ~]# # /proc/sys/ 
[root@lb01 ~]# #net.ipv4.ip_nonlocal_bind
[root@lb01 ~]# cat /proc/sys/net/ipv4/ip_nonlocal_bind 
1
[root@lb01 ~]# echo 0  >/proc/sys/net/ipv4/ip_nonlocal_bind

如何防止脑裂
什么是脑裂:负载均衡同时出现多个VIP

相关文章

网友评论

      本文标题:Keepalived基础

      本文链接:https://www.haomeiwen.com/subject/uglgfctx.html

      延伸阅读

      深度阅读

      • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

      栏目导航

      热点阅读

      关于我们|服务条款|联系我们|Keepalived基础|投稿指南|网站地图|RSS订阅|排版工具|手机版

      提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

      Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

      备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

      本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

      所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!