keppalived高可用 - wtdig/study GitHub Wiki
一、keppalived高可用环境搭建
1、安装keepalived软件
在/usr目录下新建software目录
cd /usr
mkdir software
cd software
下载keepalived软件到sortware目录下
解压该软件,出现目录keepalived-2.0.6
cd keepalived-2.0.6
安装软件包
yum install -y openssl openssl-devel
然后在该目录下编译
./configure --prefix=/usr/wt/keepalived #解压到指定的目录下/usr/wt/keepalived
然后继续make && make install
如果出现*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
安装yum -y install libnl libnl-devel
如果出现configure: error: libnfnetlink headers missing
安装yum install -y libnfnetlink-devel
没有错误和警告后,在该目录继续执行make && make install,安装完毕。
2、制作keepalived的服务命令
# 将/usr/software/keepalived-2.0.6/keepalived/etc/init.d/目录下的keepalived文件,拷贝到/etc/init.d/
cp /usr/software/keepalived-2.0.6/keepalived/etc/init.d/keepalived /etc/init.d/
cp /usr/software/keepalived-2.0.6/keepalived/etc/sysconfig/keepalived /etc/sysconfig/keepalived
#/etx目录下新建keepalived目录,将/usr/wt/keepalived/etc/keepalived/目录下的keepalived.conf文件拷贝到/etc/keepalived/
cp /usr/wt/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
cp /usr/wt/keepalived/sbin/keepalived /usr/sbin/
完成之后,可以直接使用service命令:
service keepalived start #开启keepalived软件
service keepalived stop #关闭keepalived软件
相关的日志信息,可以从/var/log/messages文件中查看启动的相关信息
3、修改配置文件keepalived.conf
修改配置文件/etc/keepalived/keepalived.conf,记得使用vim进行编辑,在windows操作下,可能出错
主节点配置文件
! Configuration File for keepalived
global_defs {
router_id rocketmq-nameserver1
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 50
mcast_src_ip 192.168.2.50
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass wtroot
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.2.10
}
}
备用节点配置文件
! Configuration File for keepalived
global_defs {
router_id rocketmq-nameserver2
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 50
mcast_src_ip 192.168.2.51
priority 90
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass wtroot
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.2.10
}
}
解释
! Configuration File for keepalived
global_defs {
router_id rocketmq-nameserver1 #填入电脑的主机名称,可以通过输入指令hostname,查看主机名
}
vrrp_script chk_nginx {
script "/etc/keepalived/nginx_check.sh" #检查nginx的脚本路径
interval 2 #每隔2s执行脚本一次
weight -20 #权重,每次执行成功,权重减去20
}
vrrp_instance VI_1 {
state MASTER # 主节点,备用节点为BACKUP
interface eth0 # 物理机使用的网卡;可以通过ifconfig查看网卡名称
virtual_router_id 50 #同一个主从节点的标志,比如该主节点填入50,那么BACKUP节点也要是50
mcast_src_ip 192.168.2.50 #真实的物理机ip地址
priority 100 #优先级,要设置的比备用节点的优先级高
advert_int 1 #MASTER节点与BACKUP节点同步检查的时间间隔为1s
nopreempt # nopreempt #设置为不抢占 注:这个配置只能设置在backup主机上,而且这个主机优先级要比另外一台高
authentication {
auth_type PASS #密码认证,主从节点需要设置的一样
auth_pass wtroot
}
track_script {
chk_nginx #调用上面的脚本,名称与上面对应
}
virtual_ipaddress {
192.168.2.10 #虚拟的ip地址,主从一致
}
}
首先nopreempt必须在state为BACKUP的节点上才生效(因为是BACKUP节点决定是否来成为MASTER的),其次要实现类似于关闭auto failback的功能需要将所有节点的state都设置为BACKUP,或者将master节点的priority设置的比BACKUP低。我个人推荐使用将所有节点的state都设置成BACKUP并且都加上nopreempt选项,这样就完成了关于autofailback功能,当想手动将某节点切换为MASTER时只需去掉该节点的nopreempt选项并且将priority改的比其他节点大,然后重新加载配置文件即可(等MASTER切过来之后再将配置文件改回去再reload一下)。
4、与nginx配和使用的脚本
nginx_check.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/wt/nginx/sbin/nginx
sleep 2
B=`ps -C nginx --no-header |wc -l`
if [ $B -eq 0 ];then
killall keepalived
fi
fi
解释
#!/bin/bash
A=`ps -C nginx --no-header |wc -l` #查看nginx的进程数
if [ $A -eq 0 ];then #如果等于0,启动nginx,nginx的启动目录/usr/wt/nginx/sbin/nginx
/usr/wt/nginx/sbin/nginx
sleep 2 #睡眠2s
B=`ps -C nginx --no-header |wc -l`
if [ $B -eq 0 ];then #nginx如果还是没有启动成功,将keepalived程序关闭
killall keepalived
fi
fi
注意:脚本需要用vi进行创建:vi nginx_check.sh;脚本写完之后,使用 sh nginx_check.sh命令,实现脚本执行是否成功;
如果出现解决执行脚本报syntax error: unexpected end of file或syntax error near unexpected token `fi'错误的问题
我们可以查看该脚本文件的格式,方法是使用命令:vim nginx_check.sh进入编辑文件界
直接输入":",然后在":"之后输入"set ff",回车即可看到脚本格式,如下图所示,可以看到当前脚本格式是dos。
我们需要把格式改为unix,方法是输入":set ff=unix",也可以输入":set fileformat=unix"
5、常见错误
- WARNING - script '/etc/keepalived/nginx_check.sh' is not executable for uid:gid 0:0 - disabling.
/etc/keepalived/nginx_check.sh 文件需要授权,不然不能执行:
chmod 777 nginx_check.sh
2)SECURITY VIOLATION - scripts are being executed but script_security not enabled. Unsafe permissions found for script '/etc/keepalived/nginx_check.sh'.
出现这种错误,没有问题,可以不用管
3)Error exec-ing command '/etc/keepalived/nginx_check.sh', error 2: No such file or directory
出现这种问题,就是脚本文件的格式有问题,采用上面的解决办法
4)可以将2个节点都设置为BACKUP,然后都加上nopreempt(不抢占),只依靠谁的优先级高,就使用谁的
5)如果发现,nginx服务挂掉,节点不能切换,可以排除下ps -ef |grep keepalived 是否真的已经杀死了,如果没有杀死,可以将sleep的时间设置的小一点