keepalived应用

发布于:2025-03-20 ⋅ 阅读:(20) ⋅ 点赞:(0)

Keepalived 是一个基于 VRRP(虚拟路由冗余协议)实现的高可用解决方案,常用于构建高可用性的服务器集群,特别是在负载均衡场景中,可确保服务的不间断运行。以下为你详细介绍它:

0主要功能

  • 高可用性:借助 VRRP 协议,Keepalived 能在多台服务器间自动切换,当主服务器出现故障时,备用服务器可迅速接替工作,保障服务的持续可用。
  • 负载均衡:Keepalived 可与 LVS(Linux 虚拟服务器)集成,实现对多台服务器的负载均衡,依据预设的算法将客户端请求分发到不同的服务器上。
  • 健康检查:它能对服务器的健康状况进行检查,实时监测服务器的服务状态,一旦发现服务器异常,就会将其从服务列表中移除,待恢复正常后再添加回来。

Keepalived 的工作原理主要基于 VRRP 协议。VRRP 将多台路由器(或服务器)组成一个虚拟路由器,这个虚拟路由器有一个唯一的虚拟 IP 地址(VIP)。在这个虚拟路由器中,有一个主路由器(Master)和多个备用路由器(Backup)。

  • 主路由器:承担处理客户端请求的任务,同时定期发送 VRRP 通告给备用路由器,告知它们自己的存活状态。
  • 备用路由器:处于监听状态,接收主路由器发送的 VRRP 通告。若在一定时间内未收到通告,备用路由器会认为主路由器出现故障,然后通过选举机制选出新的主路由器,并接管虚拟 IP 地址,继续提供服务。

1环境准备

IP地址 主机名 软件 节点
192.168.72.30 master keepalived, nginx 主节点
192.168.72.32 backup keepalived, nginx 从节点
192.168.72.100 Vip地址

1.1前期准备

1.1.1修改IP

#master

[root@master ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.33.30/24 ipv4.gateway 192.168.33.30 ipv4.dns 223.5.5.5 connection.autoconnect yes
[root@master ~]# nmcli c up ens160
 

#backup

[root@master ~]# nmcli c modify ens160 ipv4.method manual ipv4.addresses 192.168.33.30/24 ipv4.gateway 192.168.33.30 ipv4.dns 223.5.5.5 connection.autoconnect yes
[root@master ~]# nmcli c up ens160

1.1.2关闭防火墙

[root@master ~]# systemctl stop firewalld

[root@backup ~]# systemctl stop firewalld

1.1.3安装nginx服务

#master

[root@master ~]# systemctl stop firewalld
[root@master ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@master ~]# dnf install nginx -y
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

BaseOS           757 kB/s | 2.7 kB     00:00    
AppStream        1.3 MB/s | 3.2 kB     00:00    
baseos           2.7 MB/s | 2.7 kB     00:00    
appstream        3.1 MB/s | 3.2 kB     00:00    
Dependencies resolved.
=================================================
 Package  Arch   Version         Repo       Size
=================================================
Installing:
 nginx    x86_64 2:1.20.1-20.el9 AppStream  40 k
Installing dependencies:
 nginx-core
          x86_64 2:1.20.1-20.el9 AppStream 574 k

Transaction Summary
=================================================
Install  2 Packages

Total size: 614 k
Installed size: 1.7 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                         1/1 
  Installing       : nginx-core-2:1.20.1-2   1/2 
  Installing       : nginx-2:1.20.1-20.el9   2/2 
  Running scriptlet: nginx-2:1.20.1-20.el9   2/2 
  Verifying        : nginx-2:1.20.1-20.el9   1/2 
  Verifying        : nginx-core-2:1.20.1-2   2/2 
Installed products updated.

Installed:
  nginx-2:1.20.1-20.el9.x86_64                   
  nginx-core-2:1.20.1-20.el9.x86_64              

Complete!


 

#backup

[root@backup ~]# mount /dev/sr0 /mnt
mount: /mnt: WARNING: source write-protected, mounted read-only.
[root@backup ~]# dnf install nginx -y
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

BaseOS       1.4 MB/s | 2.7 kB     00:00    
AppStream    1.4 MB/s | 3.2 kB     00:00    
baseos       2.7 MB/s | 2.7 kB     00:00    
appstream    3.1 MB/s | 3.2 kB     00:00    
Dependencies resolved.
=============================================
 Package
      Arch   Version         Repo       Size
=============================================
Installing:
 nginx
      x86_64 2:1.20.1-20.el9 AppStream  40 k
Installing dependencies:
 nginx-core
      x86_64 2:1.20.1-20.el9 AppStream 574 k

Transaction Summary
=============================================
Install  2 Packages

Total size: 614 k
Installed size: 1.7 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                     1/1 
  Installing       : nginx-core-2:1.20   1/2 
  Installing       : nginx-2:1.20.1-20   2/2 
  Running scriptlet: nginx-2:1.20.1-20   2/2 
  Verifying        : nginx-2:1.20.1-20   1/2 
  Verifying        : nginx-core-2:1.20   2/2 
Installed products updated.

Installed:
  nginx-2:1.20.1-20.el9.x86_64               
  nginx-core-2:1.20.1-20.el9.x86_64          

Complete!

#区分页面

[root@master ~]# echo "hello master" > /usr/share/nginx/html/index.html 
[root@backup ~]# echo "hello backup" > /usr/share/nginx/html/index.html

#启动服务

[root@master ~]# systemctl start nginx

[root@backup ~]# systemctl start nginx

#测试

[root@master ~]# curl 192.168.33.30
hello master
[root@backup ~]# curl 192.168.33.32
hello backup

2keepalived配置

2.1下载keepalived

#master

[root@master ~]# dnf install keepalived -y
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

Last metadata expiration check: 0:08:59 ago on Tue 18 Mar 2025 07:25:43 PM CST.
Dependencies resolved.
=================================================
 Package    Arch   Version       Repo       Size
=================================================
Installing:
 keepalived x86_64 2.2.8-3.el9   AppStream 564 k

Transaction Summary
=================================================
Install  1 Package

Total size: 564 k
Installed size: 1.6 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                         1/1 
  Installing       : keepalived-2.2.8-3.el   1/1 
  Running scriptlet: keepalived-2.2.8-3.el   1/1 
  Verifying        : keepalived-2.2.8-3.el   1/1 
Installed products updated.

Installed:
  keepalived-2.2.8-3.el9.x86_64                  

Complete!

#backup

[root@backup ~]# dnf install keepalived -y
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered with an entitlement server. You can use "rhc" or "subscription-manager" to register.

Last metadata expiration check: 0:08:59 ago on Tue 18 Mar 2025 07:25:43 PM CST.
Dependencies resolved.
=============================================
 Package  Arch   Version     Repo       Size
=============================================
Installing:
 keepalived
          x86_64 2.2.8-3.el9 AppStream 564 k

Transaction Summary
=============================================
Install  1 Package

Total size: 564 k
Installed size: 1.6 M
Downloading Packages:
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                     1/1 
  Installing       : keepalived-2.2.8-   1/1 
  Running scriptlet: keepalived-2.2.8-   1/1 
  Verifying        : keepalived-2.2.8-   1/1 
Installed products updated.

Installed:
  keepalived-2.2.8-3.el9.x86_64              

Complete!

2.2配置keepalived

#备份配置文件

[root@master ~]# rpm -qc keepalived 
/etc/keepalived/keepalived.conf
/etc/sysconfig/keepalived
[root@master ~]# cp /etc/keepalived//keepalived.conf{,.bak}
 

[root@backup ~]# rpm -qc keepalived 
/etc/keepalived/keepalived.conf
/etc/sysconfig/keepalived
[root@backup ~]# cp /etc/keepalived//keepalived.conf{,.bak}

#master

[root@master ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id master
}

vrrp_instance VI_1 {
    state MASTER
    interface ens160
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress { 
        192.168.33.100
    }
}


#backup

[root@backup ~]# vim /etc/keepalived/keepalived.conf
[root@backup ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id master
}

vrrp_instance VI_1 {
    state MASTER
    interface ens160
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.33.100
    }
}

#启动keepalived服务

[root@master ~]# systemctl start keepalived
[root@backup ~]# systemctl start keepalived

#IP查看

[root@master ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:7b:ad:14 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 192.168.33.30/24 brd 192.168.33.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet 192.168.33.100/32 scope global ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe7b:ad14/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever


[root@backup ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:0f:fe:20 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 192.168.33.32/24 brd 192.168.33.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe0f:fe20/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
#

#暂停服务,虚拟ip消失

[root@master ~]#  systemctl stop keepalived.service 
[root@master ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:7b:ad:14 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 192.168.33.30/24 brd 192.168.33.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe7b:ad14/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

[root@backup ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:0f:fe:20 brd ff:ff:ff:ff:ff:ff
    altname enp3s0
    inet 192.168.33.32/24 brd 192.168.33.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe0f:fe20/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

实验完成!!!

网站公告

今日签到

点亮在社区的每一天
去签到

热门文章

最新发布