文章目次
Pre
双机热备是指两台呆板都在运行,但并不是两台呆板都同时在提供服务。
环境信息
节点软件IP节点Akeepalived + tomcat192.168.126.137节点Bkeepalived + tomcat192.168.126.138虚拟IP-192.168.126.200 官网
https://keepalived.readthedocs.io/en/latest/#
原理
keepalived用于包管环境高可用,防止单点故障。
keepalived主要有三个模块,分别是core、check和VRRP。
- core核心模块,负责主进程的启动、维护以及全局设置文件的加载和分析
- check负责健康查抄,包罗常见的各种查抄方式
- VRRP模块实现VRRP协议
VRRP(Virtual Router Redundancy Protocol) 即虚拟路由冗余协议,实现路由器高可用的协议,即将N台提供相同功能的路由器组成一个路由器组,这个组内里有一个master和多个backup,master上面有一个对外提供服务的vip(该路由器所在局域网内其他呆板的默认路由为该vip),master会发组播,当backup收不到VRRP包时就认为master宕掉了,这时就需要根据VRRP的优先级来选举一个backup当master。这样的话就可以包管路由器的高可用了。
keepalived 安装
两个节点均需要安装, 在137 和 138 节点上安装 ,执行 yum install keepalived
137 安装 keepalived
- [root@localhost ~]# yum install keepalivedLoaded plugins: fastestmirror.............. Complete![root@localhost ~]#
- [root@localhost ~]# yum install keepalivedLoaded plugins: fastestmirror.............. Complete![root@localhost ~]#
CentOS 7 yum安装与设置 Tomcat 写的挺不错,没有的话可以参考
设置keepalived的设置文件/etc/keepalived/keepalived.conf
关键参数解读
- state 主服务器为MASTER,其他服务器均为BACKUPinterface 通信用的网卡,ip addr可以查察,以实际为准virtual_router_id 主从服务器此ID必须一致priority 优先级,主服务器必须大于其他服务器,数值越大优先级越高authentication 主从服务器必须一致virtual_ipaddress 虚拟IP地点,主从服务器必须一致,该VIP为客户端访问时使用的IP
- ! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from example@example.com smtp_server mail.example.com smtp_connect_timeout 30 router_id LVS_DEVEL}vrrp_script chk_tomcat { script "/etc/keepalived/tomcat_check.sh" interval 5 weight -5 fall 3 rise 2}vrrp_instance VI_1 { state MASTER interface ens33 mcast_src_ip 192.168.126.137 virtual_router_id 51 priority 101 advert_int 2 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.126.200 } track_script { chk_tomcat }}
- ! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from example@example.com smtp_server mail.example.com smtp_connect_timeout 30 router_id LVS_DEVEL}vrrp_script chk_tomcat { script "/etc/keepalived/tomcat_check.sh" interval 5 weight -5 fall 3 rise 2}vrrp_instance VI_1 { state BACKUP interface ens33 mcast_src_ip 192.168.126.138 virtual_router_id 51 priority 99 advert_int 2 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.126.200 } track_script { chk_tomcat }}
state 体现一个是主机一个是备机,mcast_src_ip 当前服务器的ip,priority 主机密比备机的要高
检测脚本
- !/bin/bashJAVA_PROCESS=`ps -C java --no-heading| wc -l`if [ $JAVA_PROCESS -eq 0 ];then echo "tomcat is stop" sleep 2 if [ `ps -C java --no-heading| wc -l` -eq 0 ];then systemctl stop keepalived.service fifi
检测是否有tomcat在运行,如果没有的话,等2秒,如果还没有就把keepalived给停止掉,这样vip就能从主机master切换到备机BACKUP上了。
日志
可以查察 /var/log/messages 日志 观察切换和选主的过程。
状态发生变动,触发脚本
https://keepalived.readthedocs.io/en/latest/configuration_synopsis.html
- ! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from example@example.com smtp_server mail.example.com smtp_connect_timeout 30 router_id LVS_DEVEL}vrrp_script chk_tomcat { script "/etc/keepalived/tomcat_check.sh" interval 5 weight -5 fall 3 rise 2}vrrp_instance VI_1 { state MASTER interface ens33 mcast_src_ip 192.168.126.137 virtual_router_id 51 priority 101 advert_int 2 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.126.200 } track_script { chk_tomcat } notify_master /etc/keepalived/a.sh notify_backup /etc/keepalived/b.sh
当节点从MASTER 转为 BACKUP的时候 ,执行 /etc/keepalived/b.sh
小结
MASTER和 BACKUP,预先分配好, 通过priority 来确定, 当MASTER宕机以后,BACKUP 没有收到 MASTER的 VRRP消息,BACKUP就认为 MASTER宕机了,这个时候就把自己选举为MASTER。
MASTER宕机,本节点的日志
- Dec 30 01:40:01 localhost Keepalived[6784]: StoppingDec 30 01:40:01 localhost systemd: Stopping LVS and VRRP High Availability Monitor...Dec 30 01:40:01 localhost Keepalived_vrrp[6786]: VRRP_Instance(VI_1) sent 0 priorityDec 30 01:40:01 localhost Keepalived_vrrp[6786]: VRRP_Instance(VI_1) removing protocol VIPs.Dec 30 01:40:01 localhost Keepalived_healthcheckers[6785]: StoppedDec 30 01:40:02 localhost Keepalived_vrrp[6786]: StoppedDec 30 01:40:02 localhost Keepalived[6784]: Stopped Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2Dec 30 01:40:02 localhost systemd: Stopped LVS and VRRP High Availability Monitor.
- Dec 30 01:40:05 localhost Keepalived_vrrp[9173]: VRRP_Instance(VI_1) Entering MASTER STATEDec 30 01:40:05 localhost Keepalived_vrrp[9173]: VRRP_Instance(VI_1) setting protocol VIPs.
MASTER规复,本节点的日志
- Dec 30 01:42:09 localhost Keepalived[6915]: Starting Healthcheck child process, pid=6916Dec 30 01:42:09 localhost Keepalived[6915]: Starting VRRP child process, pid=6917Dec 30 01:42:09 localhost Keepalived_healthcheckers[6916]: Opening file '/etc/keepalived/keepalived.conf'.Dec 30 01:42:09 localhost systemd: Started LVS and VRRP High Availability Monitor.Dec 30 01:42:09 localhost Keepalived_vrrp[6917]: Registering Kernel netlink reflectorDec 30 01:42:09 localhost Keepalived_vrrp[6917]: Registering Kernel netlink command channelDec 30 01:42:09 localhost Keepalived_vrrp[6917]: Registering gratuitous ARP shared channelDec 30 01:42:09 localhost Keepalived_vrrp[6917]: Opening file '/etc/keepalived/keepalived.conf'.Dec 30 01:42:09 localhost Keepalived_vrrp[6917]: WARNING - default user 'keepalived_script' for script execution does not exist - please create.Dec 30 01:42:09 localhost Keepalived_vrrp[6917]: SECURITY VIOLATION - scripts are being executed but script_security not enabled.Dec 30 01:42:09 localhost Keepalived_vrrp[6917]: VRRP_Instance(VI_1) removing protocol VIPs.Dec 30 01:42:09 localhost Keepalived_vrrp[6917]: Using LinkWatch kernel netlink reflector...Dec 30 01:42:09 localhost Keepalived_vrrp[6917]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]Dec 30 01:42:09 localhost Keepalived_vrrp[6917]: VRRP_Script(chk_tomcat) succeededDec 30 01:42:10 localhost Keepalived_vrrp[6917]: VRRP_Instance(VI_1) Transition to MASTER STATEDec 30 01:42:12 localhost Keepalived_vrrp[6917]: VRRP_Instance(VI_1) Entering MASTER STATEDec 30 01:42:12 localhost Keepalived_vrrp[6917]: VRRP_Instance(VI_1) setting protocol VIPs.Dec 30 01:42:12 localhost Keepalived_vrrp[6917]: Sending gratuitous ARP on ens33 for 192.168.126.200
- Dec 30 01:42:09 localhost Keepalived_vrrp[9173]: /etc/keepalived/tomcat_check.sh exited with status 127Dec 30 01:42:12 localhost Keepalived_vrrp[9173]: VRRP_Instance(VI_1) Received advert with higher priority 101, ours 94Dec 30 01:42:12 localhost Keepalived_vrrp[9173]: VRRP_Instance(VI_1) Entering BACKUP STATEDec 30 01:42:12 localhost Keepalived_vrrp[9173]: VRRP_Instance(VI_1) removing protocol VIPs.
exited due to signal 15
/var/log/messages 日志提示:/etc/keepalived/check_nginx.sh exited due to signal 15
调整如下参数
- interval 5 #监控脚本的执行时间要大于advert_int advert_int 2 #心跳查抄隔断时间
查抄 getenforce
getenforce 如果 开启的话,关闭 执行 setenforce 0
来源:https://blog.csdn.net/yangshangwei/article/details/111939052
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作! |
