首页 Keepalived教程Keepalived实现master/slave的单主架构
Keepalived教程 白天夜间 目录
高可用集群介绍入门以及实现技术
VRRP 原理介绍
Keepalived 经典入门教程
Keepalived安装详解
Keepalived-配置虚拟路由器
Keepalived实现master/slave的单主架构
实战案例: 实现Keepalived 状态切换的通知脚本
实战案例:实现master/master的Keepalivde 双主架构
实战案例: 实现IPVS的高可用性
实战案例: 实现单主的LVS-DR模式
实战案例: 实现双主的LVS-DR模式
实战案例:实现双主的,LVS-DR模式利用FWM绑定成一个双主集群服务
实战案例:实现其它应用的高可用性
实战案例: 实现 VIP高可用
实战案例: 实现单主模式的Nginx反向代理的高可用
实战案例: 实现双主模式Nginx反向代理的高可用
实战案例:实现HAProxy高可用
实战案例:实现MySQL双主模式的高可用

Keepalived-配置虚拟路由器

实战案例: 实现Keepalived 状态切换的通知脚本

干货资料

运维派隶属马哥教育旗下专业运维社区,是国内成立最早的IT运维技术社区,欢迎关注公众号:yunweipai
领取学习更多免费Linux云计算、Python、Docker、K8s教程关注公众号:马哥linux运维

实现master/slave的Keepalived 单主架构

MASTER配置
[root@ka1-centos8 ~]#vim /etc/keepalived/keepalived.conf 
global_defs {
  notification_email {
  root@localhost #keepalived 发生故障切换时邮件发送的对象,可以按行区分写多个
  }
  notification_email_from keepalived@localhost
  smtp_server 127.0.0.1
  smtp_connect_timeout 30
  router_id ka1.example.com
  vrrp_skip_check_adv_addr #所有报文都检查比较消耗性能,此配置为如果收到的报文和上一个报文是同一个路由器则跳过检查报文中的源地址
  #vrrp_strict #严格遵守VRRP协议,禁止状况:1.无VIP地址,2.配置了单播邻居,3.在VRRP版本2中有IPv6地址
  vrrp_garp_interval 0 #ARP报文发送延迟
  vrrp_gna_interval 0 #消息发送延迟
  vrrp_mcast_group4 224.0.0.18 #默认组播IP地址,224.0.0.0到239.255.255.255
 }
vrrp_instance VI_1 {
  state MASTER           #在另一个结点上为BACKUP
  interface eth0
  virtual_router_id 66   #每个虚拟路由器必须唯一,同属一个虚拟路由器的多个keepalived节点必须相同
  priority 100           #在另一个结点上为80
  advert_int 1
  authentication {
    auth_type PASS       #预共享密钥认证,同一个虚拟路由器的keepalived节点必须一样
    auth_pass 12345678
  }
  virtual_ipaddress {
    10.0.0.10 dev eth0 label eth0:0
  }
}
BACKUP配置
#配置文件和master基本一致,只需修改三行
[root@ka2-centos8 ~]#vim /etc/keepalived/keepalived.conf 
global_defs {
  notification_email {
  root@localhost
  }
  notification_email_from keepalived@localhost
  smtp_server 127.0.0.1
  smtp_connect_timeout 30
  router_id ka2.example.com         #修改此行
  vrrp_skip_check_adv_addr 
  #vrrp_strict          
  vrrp_garp_interval 0 
  vrrp_gna_interval 0
  vrrp_mcast_group4 224.0.0.18
}
vrrp_instance VI_1 {
  state BACKUP               #修改此行
  interface eth0
  virtual_router_id 66       
  priority 80               #修改此行
  advert_int 1
  authentication {
    auth_type PASS
    auth_pass 12345678
  }
  virtual_ipaddress {
    10.0.0.10 dev eth0 label eth0:0
  }
}

抓包观察

tcpdump -i eth0 -nn host 224.0.0.18

抢占模式和非抢占模式

非抢占模式

默认为抢占模式,即当高优先级的主机恢复在线后,会抢占低先级的主机的master角色,造成网络抖动,建议设置为非抢占模式 nopreempt ,即高优级主机恢复后,并不会抢占低优先级主机的master角色

注意:要关闭 VIP抢占,必须将各 keepalived 服务器state配置为BACKUP

#ha1主机配置
vrrp_instance VI_1 {
  state BACKUP     #都为BACKUP
  interface eth0
  virtual_router_id 66
  priority 100    #优先级高
  advert_int 1
  nopreempt         #添加此行,都为nopreempt

#ha2主机配置
vrrp_instance VI_1 {
  state BACKUP         #都为BACKUP
  interface eth0
  virtual_router_id 66
  priority 80       #优先级低
  advert_int 1
  nopreempt     #添加此行,都为nopreempt
抢占延迟模式

抢占延迟模式,即优先级高的主机恢复后,不会立即抢回VIP,而是延迟一段时间(默认300s)再抢回 VIP

preempt_delay #s 指定抢占延迟时间为#s,默认延迟300s

注意:需要各keepalived服务器state为BACKUP

范例:

#ha1主机配置
vrrp_instance VI_1 {
  state BACKUP     #都为BACKUP
  interface eth0
  virtual_router_id 66
  priority 100
  advert_int 1
  preempt_delay 60s #抢占延迟模式,默认延迟300s

#ha2主机配置
vrrp_instance VI_1 {
  state BACKUP              #都为BACKUP
  interface eth0
  virtual_router_id 66
  priority 80
  advert_int 1

VIP单播配置

默认keepalived主机之间利用多播相互通告消息,会造成网络拥塞,可以替换成单播,减少网络流量

注意:启用单播,不能启用 vrrp_strict

#分别在各个keepalived 节点设置对方主机的IP,建议设置为专用于对应心跳线网络的地址,而非使用业务网络
unicast_src_ip <IPADDR>  #指定单播的源IP
unicast_peer {
    <IPADDR>     # #指定单播的对方目标主机IP
    ......
}

范例:

#master 主机配置
[root@ka1-centos8 ~]#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id ka1.magedu.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 66
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        10.0.0.10/24 dev eth0 label eth0:1
    }
    unicast_src_ip 10.0.0.8
    unicast_peer{
        10.0.0.18
    }
}

[root@ha1-centos8 ~]#hostname -I
10.0.0.8 10.0.0.10 

#slave 主机配置
[root@ka2-centos8 ~]#cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
     acassen@firewall.loc
     failover@firewall.loc
     sysadmin@firewall.loc
   }
   notification_email_from Alexandre.Cassen@firewall.loc
   smtp_server 192.168.200.1
   smtp_connect_timeout 30
   router_id ka2.magedu.org
   vrrp_skip_check_adv_addr
   #vrrp_strict
   vrrp_garp_interval 0
   vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state SLAVE
    interface eth0
    virtual_router_id 66
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 123456
    }
    virtual_ipaddress {
        10.0.0.10/24 dev eth0 label eth0:1
    }
    unicast_src_ip 10.0.0.18
    unicast_peer {
    10.0.0.8 
    }
}
[root@ka2-centos8 ~]#hostname -I
10.0.0.18

抓包

root@centos6 ~]#tcpdump  -i eth0 -nn host 10.0.0.8 and host 10.0.0.18
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
23:37:48.069158 IP 10.0.0.8 > 10.0.0.18: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
23:37:49.070013 IP 10.0.0.8 > 10.0.0.18: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20
23:37:50.071144 IP 10.0.0.8 > 10.0.0.18: VRRPv2, Advertisement, vrid 66, prio 100, authtype simple, intvl 1s, length 20

本文链接:https://www.yunweipai.com/35371.html

点赞 0
分享到微信 分享到微博

Keepalived-配置虚拟路由器

实战案例: 实现Keepalived 状态切换的通知脚本

网友评论comments

发表回复

您的电子邮箱地址不会被公开。

暂无评论

Copyright © 2012-2022 YUNWEIPAI.COM - 运维派 京ICP备16064699号-6
扫二维码
扫二维码
返回顶部