目录
一、高可用集群
1、集群类型
2、系统可用性
3、系统故障
4、实现高可用
5、VRRP:Virtual Router Redundancy Protoco
二、实验环境配置及测试
1、准备四台主机分别是ka1、ka2、realserver1、realserver2
2、在realserver1和realserver2中下载httpd服务并测试
(1)下载httpd服务
(2)测试
keepalived%E6%9C%8D%E5%8A%A1-toc" style="margin-left:40px;">3、在ka1和ke2主机中下载keepalived服务
keepalived%E8%99%9A%E6%8B%9F%E8%B7%AF%E7%94%B1%E7%AE%A1%E7%90%86-toc" style="margin-left:40px;">4、keepalived虚拟路由管理
(1)ka1
(2)ka2
(3)用ifconfig查看——eth0:1: 172.25.254.100
(4)用抓包查看
三、开启通信功能以及实现独立日志
(1)ka1
(2)ka1查看日志
(3)ka2
(4)ka2查看日志
四、独立子配置文件
1、将主配置文件的部分先注释掉
2、 新建子配置文件
五、抢占模式和非抢占模式
1、非抢占式模式
keepalived%2Fkeepalived.conf-toc" style="margin-left:80px;">(1)ka1——下面的 /etc/keepalived/keepalived.conf
keepalived%2Fkeepalived.conf-toc" style="margin-left:80px;">(2)ka2——下面的 /etc/keepalived/keepalived.conf
2、非抢占模式——延迟抢占
keepalived%2Fkeepalived.conf-toc" style="margin-left:80px;">(1)ka1——下面的 /etc/keepalived/keepalived.conf
keepalived%2Fkeepalived.conf-toc" style="margin-left:80px;">(2)ka2——下面的 /etc/keepalived/keepalived.conf
(3)测试结果
六、VIP组播变单播
(1)实验前提
(2)设置单播
(3)测试结果
七、邮件通知
(1)先去qq邮箱生成一个自己邮箱的授权码
(2)发送邮件尝试
(3)脚本邮件发送
(4)脚本发送邮箱测试结果
八、实现 master/master 的 Keepalived 双主架构
keepalived%E4%B8%BB%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6%E4%BF%AE%E6%94%B9-toc" style="margin-left:40px;">1、ka1,keepalived主配置文件修改
keepalived%E4%B8%BB%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6%E4%BF%AE%E6%94%B9-toc" style="margin-left:40px;">2、ka2,keepalived主配置文件修改
3、关闭ka1服务;开启ka2服务
4、关闭ka2服务;开启ka1服务;
keepalived%E5%AE%9E%E7%8E%B0HAProxy%E9%AB%98%E5%8F%AF%E7%94%A8-toc" style="margin-left:0px;">九、结合keepalived实现HAProxy高可用
1、下载haproxy服务
2、修改内核参数
3、修改haproxy主配置文件
4、创建判断脚本,并赋予执行权限
keepalived%E4%B8%BB%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6-toc" style="margin-left:40px;"> 5、修改keepalived主配置文件
6、测试
一、高可用集群
1、集群类型
- LB:Load Balance 负载均衡 LVS/HAProxy/nginx(http/upstream, stream/upstream)
- HA:High Availability 高可用集群 数据库、Redis
- SPoF: Single Point of Failure,解决单点故障
- HPC:High Performance Computing 高性能集群
2、系统可用性
SLA:Service-Level Agreement 服务等级协议(提供服务的企业与客户之间就服务的品质、水准、性能 等方面所达成的双方共同认可的协议或契约)
A = MTBF / (MTBF+MTTR)
99.95%:(60*24*30)*(1-0.9995)=21.6分钟 #一般按一个月停机时间统计
3、系统故障
硬件故障:设计缺陷、wear out(损耗)、非人为不可抗拒因素
软件故障:设计缺陷 bug
4、实现高可用
提升系统高用性的解决方案:降低MTTR- Mean Time To Repair(平均故障时间)
解决方案:建立冗余机制
- active/passive 主/备
- active/active 双主
- active --> HEARTBEAT --> passive
- active HEARTBEAT active
5、VRRP:Virtual Router Redundancy Protoco
虚拟路由冗余协议,解决静态网关单点风险
- 物理层:路由器、三层交换机
- 软件层:keepalived
二、实验环境配置及测试
1、准备四台主机分别是ka1、ka2、realserver1、realserver2
(1)ka1
ip:172.25.254.10
(2)ka2
ip:172.25.254.20
(3)realserver1
ip:172.25.254.110
(4)realserver1
ip:172.25.254.120
2、在realserver1和realserver2中下载httpd服务并测试
(1)下载httpd服务
(2)测试
keepalived%E6%9C%8D%E5%8A%A1">3、在ka1和ke2主机中下载keepalived服务
4
keepalived%E8%99%9A%E6%8B%9F%E8%B7%AF%E7%94%B1%E7%AE%A1%E7%90%86">4、keepalived虚拟路由管理
(1)ka1
(2)ka2
可以直接去ka2里面修改文件,也可以将ka1里面修改后的文件复制过去后,再修改
(3)用ifconfig查看——eth0:1: 172.25.254.100
ka1能看到eth0:1——ka2不能看到eth0:1 ——ka1优先级大于ke2(priority 100 > priority 80 )
(4)用抓包查看
因为ka1优先级大于ka2,所以抓包只能抓取到ka1
当ka1的keepalived停止时,就能抓取到ke2了
三、开启通信功能以及实现独立日志
(1)ka1
(2)ka1查看日志
(3)ka2
(4)ka2查看日志
四、独立子配置文件
1、将主配置文件的部分先注释掉
2、 新建子配置文件
[root@ka1 ~]# vim /etc/keepalived/conf.d/172.25.254.100.conf
#ka1vrrp_instance VI_1 {state BACKUPinterface eth0virtual_router_id 100priority 80advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.25.254.100/24 dev eth0 label eth0:1}
}
[root@ka2 ~]# vim /etc/keepalived/conf.d/172.25.254.100.conf#ka2vrrp_instance VI_1 {state BACKUPinterface eth0virtual_router_id 100priority 80advert_int 1authentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.25.254.100/24 dev eth0 label eth0:1}
}
五、抢占模式和非抢占模式
1、非抢占式模式
keepalived%2Fkeepalived.conf">(1)ka1——下面的 /etc/keepalived/keepalived.conf
keepalived%2Fkeepalived.conf">(2)ka2——下面的 /etc/keepalived/keepalived.conf
2、非抢占模式——延迟抢占
(1)ka1——下面的 /etc/keepalived/keepalived.conf
(2)ka2——下面的 /etc/keepalived/keepalived.conf
(3)测试结果
当停止ka1主机的keeplived服务,才能测试出ke2
六、VIP组播变单播
(1)实验前提
(2)设置单播
(3)测试结果
停掉ka1中的keepalived服务,再去ka2中测试
七、邮件通知
(1)先去qq邮箱生成一个自己邮箱的授权码
(2)发送邮件尝试
(3)脚本邮件发送
(4)脚本发送邮箱测试结果
八、实现 master/master 的 Keepalived 双主架构
keepalived%E4%B8%BB%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6%E4%BF%AE%E6%94%B9">1、ka1,keepalived主配置文件修改
vrrp_instance VI_1 {state MASTERinterface eth0virtual_router_id 100priority 100advert_int 1#preemt_delay 5sauthentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.25.254.100/24 dev eth0 label eth0:1}unicast_src_ip 172.25.254.10unicast_peer {172.25.254.20}track_script {check_haproxy}
}
vrrp_instance VI_2 {state BACKUPinterface eth0virtual_router_id 200priority 80advert_int 1#preemt_delay 5sauthentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.25.254.200/24 dev eth0 label eth0:2}unicast_src_ip 172.25.254.10unicast_peer {172.25.254.20}
}
keepalived%E4%B8%BB%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6%E4%BF%AE%E6%94%B9" style="margin-left:0px;">2、ka2,keepalived主配置文件修改
vrrp_instance VI_1 {state BACKUPinterface eth0virtual_router_id 100priority 80advert_int 1#preemt_delay 5sauthentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.25.254.100/24 dev eth0 label eth0:1}unicast_src_ip 172.25.254.20unicast_peer {172.25.254.10}
}
vrrp_instance VI_2 {state MASTERinterface eth0virtual_router_id 200priority 100advert_int 1#preemt_delay 5sauthentication {auth_type PASSauth_pass 1111}virtual_ipaddress {172.25.254.200/24 dev eth0 label eth0:2}unicast_src_ip 172.25.254.20unicast_peer {172.25.254.10}
}
3、关闭ka1服务;开启ka2服务
#关闭ka1服务;开启ka2服务
[root@ka1 ~]# systemctl stop keepalived.service
[root@ka2 ~]# systemctl restart keepalived.service
[root@ka2 ~]# ifconfig
4、关闭ka2服务;开启ka1服务;
#关闭ka2服务;开启ka1服务;
[root@ka2 ~]# systemctl stop keepalived.service
[root@ka1 ~]# systemctl restart keepalived.service
[root@ka1 ~]# ifconfig
keepalived%E5%AE%9E%E7%8E%B0HAProxy%E9%AB%98%E5%8F%AF%E7%94%A8" style="background-color:transparent;">九、结合keepalived实现HAProxy高可用
1、下载haproxy服务
[root@ka1 ~]# yum install haproxy
[root@ka1 ~]# systemctl restart --enable haproxy
[root@ka2 ~]# yum install haproxy
[root@ka2 ~]# systemctl restart --enable haproxy
2、修改内核参数
#ka1
[root@ka1 ~]# vim /etc/sysctl.conf#生效
[root@ka1 ~]sysctl -p#ka2
[root@ka2 ~]# vim /etc/sysctl.conf#生效
[root@ka2 ~]sysctl -p
net.ipv4.ip_nonlocal_bind=1
3、修改haproxy主配置文件
#ka1
[root@ka1 ~]# vim /etc/haproxy/haproxy.cfg
#ka2
[root@ka2 ~]# vim /etc/haproxy/haproxy.cfg
listen webclusterbind 172.25.254.100:80mode httpserver web1 172.25.254.110:80 check inter 3 fall 2 rise 5server web2 172.25.254.120:80 check inter 3 fall 2 rise 5
4、创建判断脚本,并赋予执行权限
[root@ka1 ~]# vim /etc/keepalived/test.sh#!/bin/bash
killall -0 haproxy[root@ka1 ~]# chmod +x /etc/keepalived/test.sh
[root@ka2 ~]# vim /etc/keepalived/test.sh#!/bin/bash
killall -0 haproxy[root@ka2 ~]# chmod +x /etc/keepalived/test.sh
keepalived%E4%B8%BB%E9%85%8D%E7%BD%AE%E6%96%87%E4%BB%B6"> 5、修改keepalived主配置文件
6、测试
先重启一下服务
[root@ka1 ~]# systemctl restart keepalived.service
[root@ka1 ~]# systemctl restart haproxy.service [root@ka2 ~]# systemctl restart keepalived.service
[root@ka2 ~]# systemctl restart haproxy.service