基于keepalived的redis系统master双机热备(读数据负载均衡)设
更新时间:2024-07-04 07:16:01 阅读量: 综合文库 文档下载
基于keepalived的redis系统master双机热备,读数据负载均衡设置方案
==========================================================================================
硬件:
机器 ip 作用
master 192.168.0.2 redis系统的master主机
slave1 192.168.0.3 redis系统的slave机器,和master组成双机热备 slave2 192.168.0.4
redis系统的slave机器,和slave1构成读数据的负载均衡系统
软件:
keepalived,下载地址:www.keepalived.org
lvs,下载地址:http://www.linuxvirtualserver.org
redis,下载地址:www.redis.io
centos 6.4版本
安装:
不采用编译安装的方式,使用yum安装
1.安装kernel-devel:yum install kernel-devel.这是ipvsadm需要的
2.安装lvs:yum install ipvsadm
3.安装keepalived:yum install keepalived
如果无法联网,请去这里考古寻找自己需要的rpm文件
base:http://tel.mirrors.163.com/centos/6/os/x86_64/Packages/
update:http://tel.mirrors.163.com/centos/6/updates/x86_64/Packages/
下面是需要的rpm文件列表截图
kernel-devel需要的文件
以及需要的证书
lvs需要的文件
keepalived需要的文件
注意,三台机器都需要安装keepalived
配置keepalived:
1.centos必要配置:
/etc/sysctl.conf文件
net.ipv4.ip_forward=1#转发开启
2.keepalived必要配置:
master修改/etc/keepalived/keepalived.conf为如下
[plain] view plaincopy 1. ! Configuration File for keepalived 2.
3. global_defs {
4. notification_email { 5. 邮箱 6. }
7. notification_email_from 邮箱 8. smtp_server 邮箱服务器地址 9. smtp_connect_timeout 30 10. router_id LVS_DEVEL 11. }
12. vrrp_instance VI_1 { 13. state MASTER
14. interface eth0 #eth0是要绑定的网卡
15. virtual_router_id 100 #同一个vrrp_instance中的值必须一样 16. priority 160 #master的值要高于backup的 17. advert_int 1 18. authentication { 19. auth_type PASS 20. auth_pass 1111 21. }
22. virtual_ipaddress {
23. 192.168.0.5 #用于双机热备的虚拟ip 24. } 25. 26. }
27. virtual_server 192.168.0.5 6379 { 28. delay_loop 3 29. lb_algo wrr 30. lb_kind DR
31. persistence_timeout 30 32. protocol TCP
33. real_server 192.168.0.2 6379 { 34. weight 8
35. notify_down redis服务失败后要执行的脚本的路径/脚本名 #服务失败后要执行的
脚本
36. TCP_CHECK { 37. connect_timeout 1 38. nb_get_retry 3 39. delay_before_retry 3 40. connect_port 6379 41. } 42. } 43. }
slave1修改/etc/keepalived/keepalived.conf为如下
[plain] view plaincopy 1. ! Configuration File for keepalived 2.
3. global_defs {
4. notification_email { 5. 邮箱 6. }
7. notification_email_from 邮箱 8. smtp_server 邮箱服务器地址 9. smtp_connect_timeout 30 10. router_id LVS_DEVEL 11. } 12.
13. vrrp_instance VI_1 { 14. state MASTER
15. interface eth0 #eth0是要绑定的网卡
16. virtual_router_id 100 #同一个vrrp_instance中的值必须一样 17. priority 160 #master的值要高于backup的 18. advert_int 1 19. authentication { 20. auth_type PASS 21. auth_pass 1111 22. }
23. virtual_ipaddress {
24. 192.168.0.5 #用于双机热备的虚拟ip 25. }
26. notify_master 将slave重新转换为slave的脚本 27. }
28. vrrp_instance VI_2 {
29. state MASTER #将此slave作为读数据的master
30. interface eth0 31. virtual_router_id 101 32. priority 151 33. advert_int 1 34. authentication { 35. auth_type PASS 36. auth_pass 1111 37. }
38. virtual_ipaddress {
39. 192.168.0.6 #用于读取数据的负载均衡的虚拟ip 40. } 41. }
42. virtual_server 192.168.0.5 6379 { 43. delay_loop 3 44. lb_algo wrr 45. lb_kind DR
46. persistence_timeout 30 47. protocol TCP
48. real_server 192.168.0.2 6379 { 49. weight 1
50. notify_down redis服务失败后要执行的脚本的路径/脚本名 #服务失败后
要执行的脚本
51. TCP_CHECK { 52. connect_timeout 1 53. nb_get_retry 2 54. delay_before_retry 1 55. connect_port 6379 56. } 57. }
58. real_server 192.168.0.3 6379 { 59. weight 8 60. TCP_CHECK { 61. connect_timeout 10 62. nb_get_retry 3 63. delay_before_retry 3 64. connect_port 6379 65. } 66. } 67. }
68. virtual_server 192.168.0.6 6379 { 69. delay_loop 3 70. lb_algo wrr 71. lb_kind DR
72. persistence_timeout 30
73. protocol TCP
74. real_server 192.168.0.2 6379 { 75. weight 8 76. TCP_CHECK { 77. connect_timeout 10 78. nb_get_retry 3 79. delay_before_retry 3 80. connect_port 6379 81. } 82. }
83. real_server 192.168.0.3 6379 { 84. weight 7 85. TCP_CHECK { 86. connect_timeout 10 87. nb_get_retry 3 88. delay_before_retry 3 89. connect_port 6379 90. } 91. } 92. }
slave2修改/etc/keepalived/keepalived.conf为如下
[plain] view plaincopy 1. ! Configuration File for keepalived 2.
3. global_defs {
4. notification_email { 5. 邮箱 6. }
7. notification_email_from 邮箱 8. smtp_server 邮箱服务器地址 9. smtp_connect_timeout 30 10. router_id LVS_DEVEL 11. }
12. vrrp_instance VI_2 { 13. state BACKUP 14. interface eth0 15. virtual_router_id 101 16. priority 149 17. advert_int 1 18. authentication {
19. auth_type PASS 20. auth_pass 1111 21. }
22. virtual_ipaddress { 23. 192.168.0.6 24. } 25. }
26. virtual_server 192.168.0.6 6379 { 27. delay_loop 3 28. lb_algo wrr 29. lb_kind DR
30. persistence_timeout 30 31. protocol TCP
32. real_server 192.168.0.2 6379 { 33. weight 8 34. TCP_CHECK { 35. connect_timeout 10 36. nb_get_retry 3 37. delay_before_retry 3 38. connect_port 6379 39. } 40. }
41. real_server 192.168.0.3 6379 { 42. weight 7 43. TCP_CHECK { 44. connect_timeout 10 45. nb_get_retry 3 46. delay_before_retry 3 47. connect_port 6379 48. } 49. } 50. }
配置redis:
master无需特殊配置 slave1则设置为master的从机 slave2则需要设置为192.168.0.5的从机,否则在master失效后slave2会无法继续读取数据
需要的脚本: 在master执行的脚本:
[plain] view plaincopy 1. #!/usr/bin/env bash
2. ervice keepalived stop #需要用户具有权限,不中断keepalived服务虚拟ip无法转移
在slave1执行的脚本: [plain] view plaincopy 1. #!/usr/bin/env bash 2.
3. /usr/local/bin/redis-cli -h 127.0.0.1 -p 6379 slaveof NO ONE #将slave1转换为
redis的
slave1第二个脚本,在master服务重启后将slave1重新转换为slave状态
最终效果: 192.168.0.5 提供了redis的双机热备服务,192.168.0.6则提供了数据读取的负载均衡 [plain] view plaincopy 1. #!/usr/bin/env bash 2.
3. /usr/local/bin/redis-cli slaveof 192.168.0.2 6379 #将slave1重新转换为redis的
slave
需要注意,master每次需要先启动redis服务然后再启动keepalived
==========================================================================================
基于keepalived、redis sentinel的高可用redis集群【修改版】
2013年12月12日 ? 综合 ? 共 5289字 ? 字号 小 中 大 ? 评论关闭 原方案地址原方案
硬件
机器名 IP master 192.168.0.2 slave1 192.168.0.3 slave2 192.168.0.4 作用 redis的master服务器 redis的slave服务器 redis的slave服务器 keepalived和redis sentinel服务器,承载192.168.0.5【虚拟IP:route1 写redis的VIP【虚拟ip】,做写的双机热备192.168.0.7】 的主master指定 keepalived和redis sentinel服务器,承载192.168.0.6【虚拟IP:route2 读redis的VIP,做读的负载均衡和写的双机192.168.0.8】 热备的master备份路由指定 详细的keepalived配置,route1
! Configuration File for keepalived
global_defs {
notification_email { 邮箱 }
notification_email_from 邮箱@bitauto.com smtp_server 邮箱服务器地址 smtp_connect_timeout 30 router_id LVS_DEVEL }
vrrp_instance VI_1 { state MASTER interface eth1 virtual_router_id 100 priority 150 advert_int 1 authentication { auth_type PASS auth_pass 1111 }
virtual_ipaddress { 192.168.0.7 } }
vrrp_instance VI_2 { state BACKUP interface eth1 virtual_router_id 101 priority 101 advert_int 1 authentication { auth_type PASS auth_pass 1111 }
virtual_ipaddress { 192.168.0.8 } }
virtual_server 192.168.0.7 6379 { delay_loop 3 lb_algo rr lb_kind DR
persistence_timeout 15 protocol TCP
real_server 192.168.0.4 6379 { weight 4
notify_up /home/wind/redis_up.sh MISC_CHECK {
misc_path \ misc_timeout 5
} }
real_server 192.168.0.2 6379 { weight 3
notify_up /home/wind/redis_up.sh MISC_CHECK {
misc_path \ misc_timeout 5 } }
real_server 192.168.0.3 6379 { weight 3
notify_up /home/wind/redis_up.sh MISC_CHECK {
misc_path \ misc_timeout 5 } } }
virtual_server 192.168.0.8 6379 { delay_loop 3 lb_algo wrr lb_kind DR
persistence_timeout 30 protocol TCP
real_server 192.168.0.2 6379 { weight 8 TCP_CHECK { connect_timeout 10 nb_get_retry 3
delay_before_retry 3 connect_port 6379 } }
real_server 192.168.0.3 6379 { weight 2 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 6379 } }
real_server 192.168.0.4 6379 { weight 2 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 6379 } } }
route2的配置文件
! Configuration File for keepalived
global_defs {
notification_email {
# xieqj@bitauto.com #shanghq@bitauto.com }
notification_email_from xieqj@bitauto.com smtp_server mail.bitauto.com smtp_connect_timeout 30 router_id LVS_DEVEL }
vrrp_instance VI_1 { state BACKUP interface eth1 virtual_router_id 100 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 }
virtual_ipaddress { 192.168.87.89 }
#notify_master \}
vrrp_instance VI_2 { state MASTER interface eth1 virtual_router_id 101 priority 151 advert_int 1 authentication {
auth_type PASS auth_pass 1111 }
virtual_ipaddress { 192.168.87.90 } }
virtual_server 192.168.87.89 6379 { delay_loop 3 lb_algo rr lb_kind DR
persistence_timeout 15 protocol TCP
real_server 192.168.87.103 6379 { weight 4
notify_up /home/wind/redis_up.sh MISC_CHECK {
misc_path \ misc_timeout 5 } }
real_server 192.168.87.104 6379 { weight 4
notify_up /home/wind/redis_up.sh MISC_CHECK {
misc_path \ misc_timeout 5 } }
real_server 192.168.87.105 6379 {
weight 4
notify_up /home/wind/redis_up.sh MISC_CHECK {
misc_path \ misc_timeout 5 } } }
virtual_server 192.168.87.90 6379 { delay_loop 3 lb_algo wrr lb_kind DR
persistence_timeout 30 protocol TCP
real_server 192.168.87.104 6379 { weight 8 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 6379 } }
real_server 192.168.87.105 6379 { weight 2 TCP_CHECK { connect_timeout 10 nb_get_retry 3 delay_before_retry 3 connect_port 6379
} } }
keepalived的master的MISCH_CHECK监测脚本
#!/usr/bin/python import sys,commands
cmd=\info\是输入的参数,sys.argv[0]是需要执行的命令,以后才是参数。1是ip,2是端口 str=commands.getoutput(cmd) ismaster=-100
ismaster=str.count(\原来是使用index方法,但是找不到字符串时会报错 zero=0
if ismaster>zero:
sys.exit(0) #返回0在keepalived表示健康 else:
sys.exit(1) #返回1表示keepalived检测端口不健康
更多MISC_CHECK参考见http://bbs.ywlm.net/thread-845-1-1.html
redis维护脚本redis_up.sh用在检测到服务启动时
#!/usr/bin/env bash
/usr/local/bin/redis-cli -h $argv[1] -p 6379 config set appendonly no
redis设置与sentinel设置无变化
需要特别注意的配置,如果没有这个配置就会发生keepalived不转发的的问题,而且是如果redis和keepalive是同一台机器,会转发,但是如果相互间独立,则realserver收不到转发包
配置master
vim /etc/sysctl.conf,添加内容如下
net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2
执行命令
sysctl -p
ip addr add 192.168.0.7/32 dev lo ip addr add 192.168.0.8/32 dev lo
ip add list
lo环上出现了指定的ip即可
配置slave1
vim /etc/sysctl.conf,添加内容如下
net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2
执行命令
sysctl -p
ip addr add 192.168.0.7/32 dev lo ip addr add 192.168.0.8/32 dev lo
ip add list
配置slave2
vim /etc/sysctl.conf,添加内容如下
net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2
执行命令 sysctl -p
ip addr add 192.168.0.7/32 dev lo ip addr add 192.168.0.8/32 dev lo
ip add list
========================================================================================== 硬件 机器名 IP master 192.168.0.2 slave1 192.168.0.3 slave2 192.168.0.4 route1 作用 redis的master服务器 redis的slave服务器 redis的slave服务器 192.168.0.5【虚拟IP:keepalived和redis sentinel服务器,承载写redis的192.168.0.7】 VIP【虚拟ip】,做写的双机热备的主master指定 route2 192.168.0.6【虚拟IP:keepalived和redis sentinel服务器,承载读redis的192.168.0.8】 VIP,做读的负载均衡和写的双机热备的master备份路由指定
安装与配置见此文安装与配置 详细的keepalived配置,route1
[plain] view plaincopy 1. ! Configuration File for keepalived 2.
3. global_defs {
4. notification_email { 5. 邮箱 6. }
7. notification_email_from 邮箱 8. smtp_server 邮箱服务器地址 9. smtp_connect_timeout 30 10. router_id LVS_DEVEL 11. }
12. vrrp_instance VI_1 { 13. state MASTER
14. interface eth0 #eth0是要绑定的网卡
15. virtual_router_id 100 #同一个vrrp_instance中的值必须一样 16. priority 160 #master的值要高于backup的 17. advert_int 1 18. authentication { 19. auth_type PASS 20. auth_pass 1111 21. }
22. virtual_ipaddress {
23. 192.168.0.7 #用于双机热备的虚拟ip 24. } 25. 26. }
27. virtual_server 192.168.0.7 6379 { 28. delay_loop 3 29. lb_algo wrr 30. lb_kind DR
31. persistence_timeout 30 32. protocol TCP
33. real_server 192.168.0.2 6379 { 34. weight 8
35. notify_down redis服务失败后要执行的脚本的路径/脚本名 #服务失败后要执行的
脚本
36. TCP_CHECK { 37. connect_timeout 1 38. nb_get_retry 3 39. delay_before_retry 3 40. connect_port 6379 41. } 42. } 43. }
route2的配置文件 [plain] view plaincopy 1. ! Configuration File for keepalived 2.
3. global_defs {
4. notification_email { 5. 邮箱 6. }
7. notification_email_from 邮箱 8. smtp_server 邮箱服务器地址 9. smtp_connect_timeout 30 10. router_id LVS_DEVEL 11. } 12.
13. vrrp_instance VI_1 { 14. state MASTER
15. interface eth0 #eth0是要绑定的网卡
16. virtual_router_id 100 #同一个vrrp_instance中的值必须一样 17. priority 160 #master的值要高于backup的 18. advert_int 1 19. authentication { 20. auth_type PASS 21. auth_pass 1111 22. }
23. virtual_ipaddress {
24. 192.168.0.7 #用于双机热备的虚拟ip 25. }
26. notify_master \ 27. }
28. vrrp_instance VI_2 {
29. state MASTER #将此slave作为读数据的master 30. interface eth0 31. virtual_router_id 101
32. priority 151 33. advert_int 1 34. authentication { 35. auth_type PASS 36. auth_pass 1111 37. }
38. virtual_ipaddress {
39. 192.168.0.8 #用于读取数据的负载均衡的虚拟ip 40. } 41. }
42. virtual_server 192.168.0.7 6379 { 43. delay_loop 3 44. lb_algo wrr 45. lb_kind DR
46. persistence_timeout 30 47. protocol TCP
48. real_server 192.168.0.3 6379 { 49. weight 8 50. TCP_CHECK { 51. connect_timeout 10 52. nb_get_retry 3 53. delay_before_retry 3 54. connect_port 6379 55. } 56. } 57. }
58. virtual_server 192.168.0.8 6379 { 59. delay_loop 3 60. lb_algo wrr 61. lb_kind DR
62. persistence_timeout 30 63. protocol TCP
64. real_server 192.168.0.3 6379 { 65. weight 5 66. TCP_CHECK { 67. connect_timeout 10 68. nb_get_retry 3 69. delay_before_retry 3 70. connect_port 6379 71. } 72. }
73. real_server 192.168.0.4 6379 { 74. weight 5 75. TCP_CHECK {
76. connect_timeout 10 77. nb_get_retry 3 78. delay_before_retry 3 79. connect_port 6379 80. } 81. } 82. }
redis维护脚本redis.sh
[plain] view plaincopy 1. #!/usr/bin/env bash
2. /usr/local/bin/redis-cli -h 192.168.0.2 -p 6379 shutdown
3. /usr/local/bin/redis-cli -h 192.168.0.3 -p 6379 config set appendonly no
此脚本用在route2的notify_master,即当route2进入master时执行 设置redis的主从关系
设置redis的sentinel,配置文件
[plain] view plaincopy 1. # Example sentinel.conf 2.
3. # port
4. # The port that this sentinel instance will run on 5. port 26379 6.
7. # sentinel monitor
9. # Tells Sentinel to monitor this slave, and to consider it in O_DOWN 10. # (Objectively Down) state only if at least
12. # Note: master name should not include special characters or spaces. 13. # The valid charset is A-z 0-9 and the three characters \
14. sentinel monitor mymaster 192.168.0.2 6379 2 #此处的意思是需要两个哨兵来确认服务
是否挂掉 15.
16. # sentinel auth-pass
18. # Set the password to use to authenticate with the master and slaves.
19. # Useful if there is a password set in the Redis instances to monitor. 20. #
21. # Note that the master password is also used for slaves, so it is not 22. # possible to set a different password in masters and slaves instances 23. # if you want to be able to monitor these instances with Sentinel. 24. #
25. # However you can have Redis instances without the authentication enabled 26. # mixed with Redis instances requiring the authentication (as long as the 27. # password set is the same for all the instances requiring the password) as 28. # the AUTH command will have no effect in Redis instances with authentication 29. # switched off. 30. #
31. # Example: 32. #
33. # sentinel auth-pass mymaster MySUPER--secret-0123passw0rd 34.
35. # sentinel down-after-milliseconds
37. # Number of milliseconds the master (or any attached slave or sentinel) should 38. # be unreachable (as in, not acceptable reply to PING, continuously, for the 39. # specified period) in order to consider it in S_DOWN state (Subjectively 40. # Down). 41. #
42. # Default is 30 seconds.
43. sentinel down-after-milliseconds mymaster 5000 44.
45. # sentinel can-failover
47. # Specify if this Sentinel can start the failover for this master. 48. sentinel can-failover mymaster yes 49.
50. # sentinel parallel-syncs
52. # How many slaves we can reconfigure to point to the new slave simultaneously 53. # during the failover. Use a low number if you use the slaves to serve query 54. # to avoid that all the slaves will be unreachable at about the same 55. # time while performing the synchronization with the master. 56. sentinel parallel-syncs mymaster 1 57.
58. # sentinel failover-timeout
60. # Specifies the failover timeout in milliseconds. When this time has elapsed 61. # without any progress in the failover process, it is considered concluded by 62. # the sentinel even if not all the attached slaves were correctly configured
63. # to replicate with the new master (however a \ 64. # is sent to all the slaves before). 65. #
66. # Also when 25% of this time has elapsed without any advancement, and there 67. # is a leader switch (the sentinel did not started the failover but is now 68. # elected as leader), the sentinel will continue the failover doing a 69. # \ 70. #
71. # Default is 15 minutes.
72. sentinel failover-timeout mymaster 90000 73.
74. # SCRIPTS EXECUTION 75. #
76. # sentinel notification-script and sentinel reconfig-script are used in order 77. # to configure scripts that are called to notify the system administrator 78. # or to reconfigure clients after a failover. The scripts are executed 79. # with the following rules for error handling: 80. #
81. # If script exists with \ 82. # number of times currently set to 10). 83. #
84. # If script exists with \ 85. # not retried. 86. #
87. # If script terminates because it receives a signal the behavior is the same 88. # as exit code 1. 89. #
90. # A script has a maximum running time of 60 seconds. After this limit is 91. # reached the script is terminated with a SIGKILL and the execution retried. 92.
93. # NOTIFICATION SCRIPT 94. #
95. # sentinel notification-script
97. # Call the specified notification script for any sentienl event that is 98. # generated in the WARNING level (for instance -sdown, -odown, and so forth). 99. # This script should notify the system administrator via email, SMS, or any 100. # other messaging system, that there is something wrong with the monitored 101. # Redis systems. 102. #
103. # The script is called with just two arguments: the first is the event type 104. # and the second the event description. 105. #
106. # The script must exist and be executable in order for sentinel to start if
107. # this option is provided. 108. #
109. # Example: 110. #
111. # sentinel notification-script mymaster /var/redis/notify.sh 112.
113. # CLIENTS RECONFIGURATION SCRIPT 114. #
115. # sentinel client-reconfig-script
117. # When the failover starts, ends, or is aborted, a script can be called in 118. # order to perform application-specific tasks to notify the clients that the 119. # configuration has changed and the master is at a different address. 120. #
121. # The script is called in the following cases: 122. #
123. # Failover started (a slave is already promoted)
124. # Failover finished (all the additional slaves already reconfigured) 125. # Failover aborted (in that case the script was previously called when the 126. # failover started, and now gets called again with swapped 127. # addresses). 128. #
129. # The following arguments are passed to the script: 130. #
131. #
133. #
136. # The arguments from-ip, from-port, to-ip, to-port are used to communicate 137. # the old address of the master and the new address of the elected slave 138. # (now a master) in the case state is \ 139. #
140. # For abort instead the \ 141. # \ 142. # was aborted. 143. #
144. # This script should be resistant to multiple invocations. 145. #
146. # Example: 147. #
148. # sentinel client-reconfig-script mymaster /var/redis/reconfig.sh
需要特别注意的配置,如果没有这个配置就会发生keepalived不转发的的问题,而且是如果redis和keepalive是同一台机器,会转发,但是如果相互间独立,则realserver收不到转发包 配置master
vim /etc/sysctl.conf,添加内容如下
[plain] view plaincopy 1. net.ipv4.conf.lo.arp_ignore = 1 2. net.ipv4.conf.lo.arp_announce = 2 3. net.ipv4.conf.all.arp_ignore = 1 4. net.ipv4.conf.all.arp_announce = 2
执行命令 [plain] view plaincopy 1. sysctl -p
2. ip addr add 192.168.0.7/32 dev lo 3. ip add list
lo环上出现了指定的ip即可 配置slave1
vim /etc/sysctl.conf,添加内容如下
[plain] view plaincopy 1. net.ipv4.conf.lo.arp_ignore = 1 2. net.ipv4.conf.lo.arp_announce = 2 3. net.ipv4.conf.all.arp_ignore = 1 4. net.ipv4.conf.all.arp_announce = 2
执行命令 [plain] view plaincopy 1. sysctl -p
2. ip addr add 192.168.0.7/32 dev lo
3.
list
配置slave2
vim /etc/sysctl.conf,添加内容如下
[plain] view plaincopy 1. net.ipv4.conf.lo.arp_ignore = 1 2. net.ipv4.conf.lo.arp_announce = 2 3. net.ipv4.conf.all.arp_ignore = 1 4. net.ipv4.conf.all.arp_announce = 2
执行命令 [plain] view plaincopy 1. sysctl -p
2. ip addr add 192.168.0.8/32 dev lo 3. ip add list
设置sentinel
redis 的sentinel在配置文件中设定为2,所以route1和route2两台机器都需要配置 启动redis的sentinel
[plain] view plaincopy 1. /usr/local/bin/redis-server /etc/redis/sentinel.conf --sentinel 2.
==========================================================================================
Keepalived原理与实战精讲
gotop&FinalBSD
什么是Keepalived呢,keepalived观其名可知,保持存活,在网络里面就是保持在线了,也就是所谓的高可用来防止单点故障(单点故障是指一旦某一点出现故障就会导致整个系统架构的不可用)的发生,那说到keepalive的一个协议就是VRRP协议,可以说这个协议就是keepalived实现的基础,那么首先我们来看看VRRP协议
注:搞运维的要有足够的耐心哦,不理解协议就很难透彻的掌握keepalived的了
一,VRRP协议
VRRP协议
学过网络的朋友都知道,网络在设计的时候必须考虑到冗余容灾,包括线路冗余,设备冗余等,防止网络存在单在路由器或三层交换机处实现冗余就显得尤为重要,在网络里面有个协议就是来做这事的,这个协议就是VRRPKeepalived就是巧用VRRP协议来实现高可用性(HA)的
VRRP协议有一篇文章写的非常好,大家可以直接看这里(记得认真看看哦,后面基本都已这个为基础的了) 帖子地址:http://bbs.ywlm.net/thread-790-1-1.html 只需要把服务器当作路由器即可!
在《VRRP协议》里讲到了虚拟路由器的ID也就是VRID在这里比较重要
keepalived完全遵守VRRP协议,包括竞选机制等等
二,Keepalived原理
Keepalived原理
keepalived也是模块化设计,不同模块复杂不同的功能,下面是keepalived的组件 core check vrrp libipfwc libipvs-2.4 libipvs-2.6
core:是keepalived的核心,复杂主进程的启动和维护,全局配置文件的加载解析等
check:负责healthchecker(健康检查),包括了各种健康检查方式,以及对应的配置的解析包括LVS的配置解vrrp:VRRPD子进程,VRRPD子进程就是来实现VRRP协议的 libipfwc:iptables(ipchains)库,配置LVS会用到 libipvs*:配置LVS会用到
注意,keepalived和LVS完全是两码事,只不过他们各负其责相互配合而已
keepalived启动后会有三个进程 父进程:内存管理,子进程管理等等 子进程:VRRP子进程
子进程:healthchecker子进程
有图可知,两个子进程都被系统WatchDog看管,两个子进程各自复杂自己的事,healthchecker子进程复杂检查的健康程度,例如HTTP,LVS等等,如果healthchecker子进程检查到MASTER上服务不可用了,就会通知本机上子进程,让他删除通告,并且去掉虚拟IP,转换为BACKUP状态
三,Keepalived配置文件详解
keepalived配置详解
keepalived有三类配置区域(姑且就叫区域吧),注意不是三种配置文件,是一个配置文件里面三种不同类别的
全局配置(Global Configuration) VRRPD配置 LVS配置
一,全局配置
全局配置又包括两个子配置: 全局定义(global definition)
静态路由配置(static ipaddress/routes)
1,全局定义(global definition)配置范例
1. global_defs 2. {
3. notification_email 4. {
5. admin@example.com 6. }
7. notification_email_from admin@example.com 8. smtp_server 127.0.0.1 9. stmp_connect_timeout 30 10. router_id node1 11. }
复制代码
全局配置解析
global_defs全局配置标识,表面这个区域{}是全局配置
1. notification_email 2. 3. { 4.
5. admin@example.com 6. admin@ywlm.net 7. 8. }
复制代码
表示keepalived在发生诸如切换操作时需要发送email通知,以及email发送给哪些邮件地址,邮件地址可以个
notification_email_from admin@example.com 表示发送通知邮件时邮件源地址是谁
smtp_server 127.0.0.1
表示发送email时使用的smtp服务器地址,这里可以用本地的sendmail来实现
smtp_connect_timeout 30 连接smtp连接超时时间
router_id node1 机器标识
2,静态地址和路由配置范例
1. static_ipaddress 2. {
3. 192.168.1.1/24 brd + dev eth0 scope global 4. 192.168.1.2/24 brd + dev eth1 scope global 5. }
6. static_routes 7. {
8. src $SRC_IP to $DST_IP dev $SRC_DEVICE
9. src $SRC_IP to $DST_IP via $GW dev $SRC_DEVICE 10. }
复制代码
这里实际上和系统里面命令配置IP地址和路由一样例如:
192.168.1.1/24 brd + dev eth0 scope global 相当于: ip addr add 192.168.1.1/24 brd + dev eth0 scop就是给eth0配置IP地址 路由同理
一般这个区域不需要配置
这里实际上就是给服务器配置真实的IP地址和路由的,在复杂的环境下可能需要配置,一般不会用这个来配置接用vi /etc/sysconfig/network-script/ifcfg-eth1来配置,切记这里可不是VIP哦,不要搞混淆了,切记切
二,VRRPD配置
VRRPD配置包括三个类
VRRP同步组(synchroization group) VRRP实例(VRRP Instance)VRRP脚本
1,VRRP同步组(synchroization group)配置范例
1. vrrp_sync_group VG_1 { 2. group { 3. http 4. mysql 5. }
6. notify_master /path/to/to_master.sh 7. notify_backup /path_to/to_backup.sh
8. notify_fault \9. notify /path/to/notify.sh 10. smtp_alert 11. }
复制代码
其中:
1. group { 2. http 3. mysql 4. }
复制代码
http和mysql是实例名和下面的实例名一致
1. notify_master /path/to/to_master.sh:表示当切换到master状态时,要执行的脚本 2.
3. notify_backup /path_to/to_backup.sh:表示当切换到backup状态时,要执行的脚本 4.
5. notify_fault \
复制代码
notify /path/to/notify.sh:
smtp alter表示切换时给global defs中定义的邮件地址发送右键通知
2,VRRP实例(instance)配置范例
1. vrrp_instance http { 2. state MASTER 3. interface eth0 4. dont_track_primary 5. track_interface { 6. eth0 7. eth1 8. }
9. mcast_src_ip
10. garp_master_delay 10 11. virtual_router_id 51 12. priority 100 13. advert_int 1 14. authentication { 15. auth_type PASS 16. autp_pass 1234 17. }
18. virtual_ipaddress {
19. #
/ brd dev scope label 21. 192.168.200.18/24 dev eth2 label eth2:1 22. }
23. virtual_routes {
24. # src
[to] / via|gw dev scope tab 25. src 192.168.100.1 to 192.168.109.0/24 via 192.168.200.254 dev eth1 26. 192.168.110.0/24 via 192.168.200.254 dev eth1 27. 192.168.111.0/24 dev eth2 28. 192.168.112.0/24 via 192.168.100.254 29. }
30. nopreempt
31. preemtp_delay 300 32. debug 33. }
复制代码
state:state指定instance(Initial)的初始状态,就是说在配置好后,这台服务器的初始状态就是这里指定的定的不算,还是得要通过竞选通过优先级来确定,里如果这里设置为master,但如若他的优先级不及另外一台发送通告时,会发送自己的优先级,另外一台发现优先级不如自己的高,那么他会就回抢占为master
interface:实例绑定的网卡,因为在配置虚拟IP的时候必须是在已有的网卡上添加的
dont track primary:忽略VRRP的interface错误
track interface:跟踪接口,设置额外的监控,里面任意一块网卡出现问题,都会进入故障(FAULT)状态,例如做均衡器的时候,内网必须正常工作,如果内网出问题了,这个均衡器也就无法运作了,所以必须对内外网同时
mcast src ip:发送多播数据包时的源IP地址,这里注意了,这里实际上就是在那个地址上发送VRRP通告,这
一定要选择稳定的网卡端口来发送,这里相当于heartbeat的心跳端口,如果没有设置那么就用默认的绑定的网就是interface指定的IP地址
garp master delay:在切换到master状态后,延迟进行免费的ARP(gratuitous ARP)请求
virtual router id:这里设置VRID,这里非常重要,相同的VRID为一个组,他将决定多播的MAC地址
priority 100:设置本节点的优先级,优先级高的为master
advert int:检查间隔,默认为1秒
virtual ipaddress:这里设置的就是VIP,也就是虚拟IP地址,他随着state的变化而增加删除,当state为候就添加,当state为backup的时候删除,这里主要是有优先级来决定的,和state设置的值没有多大关系,这多个IP地址
virtual routes:原理和virtual ipaddress一样,只不过这里是增加和删除路由
lvs sync daemon interface:lvs syncd绑定的网卡
authentication:这里设置认证
auth type:认证方式,可以是PASS或AH两种认证方式
auth pass:认证密码
nopreempt:设置不抢占,这里只能设置在state为backup的节点上,而且这个节点的优先级必须别另外的高
preempt delay:抢占延迟
debug:debug级别
notify master:和sync group这里设置的含义一样,可以单独设置,例如不同的实例通知不同的管理人员,h网站管理员,mysql的就发邮件给DBA
3,VRRP脚本
1. vrrp_script check_running {
2. script \3. interval 10 4. weight 10 5. } 6.
7. vrrp_instance http { 8. state BACKUP 9. smtp_alert 10. interface eth0 11. virtual_router_id 101 12. priority 90 13. advert_int 3 14. authentication { 15. auth_type PASS 16. auth_pass whatever 17. }
18. virtual_ipaddress { 19. 1.1.1.1 20. }
21. track_script {
22. check_running weight 20 23. } 24. }
复制代码
首先在vrrp_script区域定义脚本名字和脚本执行的间隔和脚本执行的优先级变更 vrrp_script check_running {
script \interval 10 #脚本执行间隔
weight 10 #脚本结果导致的优先级变更:10表示优先级+10;-10则表示优先级-10 }
然后在实例(vrrp_instance)里面引用,有点类似脚本里面的函数引用一样:先定义,后引用函数名 track_script {
check_running weight 20 }
注意:VRRP脚本(vrrp_script)和VRRP实例(vrrp_instance)属于同一个级别
LVS配置
如果你没有配置LVS+keepalived那么无需配置这段区域,里如果你用的是nginx来代替LVS,这无限配置这款配置是专门为keepalived+LVS集成准备的。
注意了,这里LVS配置并不是指真的安装LVS然后用ipvsadm来配置他,而是用keepalived的配置文件来代替置LVS,这样会方便很多,一个配置文件搞定这些,维护方便,配置方便是也!
这里LVS配置也有两个配置 一个是虚拟主机组配置 一个是虚拟主机配置
1,虚拟主机组配置文件详解 这个配置是可选的,根据需求来配置吧,这里配置主要是为了让一台realserver上的某个服务可以属于多个Vir并且只做一次健康检查
virtual_server_group
{ # VIP port
fwmark } 2,虚拟主机配置
virtual server可以以下面三种的任意一种来配置
1. 1. virtual server IP port 2. 2. virtual server fwmark int 3. 3. virtual server group string
复制代码
下面以第一种比较常用的方式来配详细解说一下
virtual_server 192.168.1.2 80 { #设置一个virtual server: VIP:Vport
delay_loop 3 # service polling的delay时间,即服间间隔
lb_algo rr|wrr|lc|wlc|lblc|sh|dh #LVS调度算法
lb_kind NAT|DR|TUN #LVS集群模式
persistence_timeout 120 #会话保持时间(秒为单位),即以用户在120秒同一个后端realserver
persistence_granularity
#LVS会话保持粒度,ipvsadm中的-M参数,默认是0xfff个客户端都做会话保持 protocol TCP #健康检查用的是TCP还是UDP
ha_suspend #suspendhealthchecker’s activity virtualhost
#HTTP_GET做健康检查时,检查的web服务器(即host:头) sorry_server
#备用机,就是当所有后端realserver节点都不可用时,就用 也就是临时把所有的请求都发送到这里啦
real_server
#后端真实节点主机的权重等设置,主要,后端有几台这里个 { weight 1 #给每台的权重,0表示失效(不知给他道他恢复正常),默认是1
inhibit_on_failure #表示在节点失败后,把他权重设置成0IPVS中删除
notify_up
| #检查服务器正常(UP)后,要执行的脚本 notify_down | #检查服务器失败(down)后,要执行的脚本 HTTP_GET #健康检查方式 {
url { #要坚持的URL,可以有多个 path / #具体路径 digest
status_code 200 #返回状态码 }
connect_port 80 #监控检查的端口
bindto
#健康检查的IP地址 connect_timeout 3 #连接超时时间 nb_get_retry 3 #重连次数 delay_before_retry 2 #重连间隔 } # END OF HTTP_GET|SSL_GET #下面是常用的健康检查方式,健康检查方式一共有HTTP_GET|SSL_GET|TCP_CHECK|SMTP_CHECK|MISC_CHECK这些#TCP方式 TCP_CHECK { connect_port 80 bindto 192.168.1.1 connect_timeout 4 } # TCP_CHECK
# SMTP方式,这个可以用来给邮件服务器做集群 SMTP_CHECK host {
connect_ip
connect_port
#默认检查25端口 14 KEEPALIVED bindto
}
connect_timeout
retry delay_before_retry
# \?|·-?ê§?à\ helo_name
| } #SMTP_CHECK #MISC方式,这个可以用来检查很多服务器只需要自己会些脚本即可 MISC_CHECK {
misc_path
| #外部程序或脚本 misc_timeout
#脚本或程序执行超时时间 misc_dynamic #这个就很好用了,可以非常精确的来调整权每天服务器的压力都能均衡调配,这个主要是通过执行的程序或脚本返回的状态代码来动态调整weight值,使权的后端压力来适当调整,不过这需要有过硬的脚本功夫才行哦 #返回0:健康检查没问题,不修改权重 #返回1:健康检查失败,权重设置为0
#返回2-255:健康检查没问题,但是权重却要根据返回代码修改为返回码-2,例如如果程序或脚本执行后返回的#那么权重这回被修改为 200-2 }
} # Realserver } # Virtual Server
配置文件到此就讲完了,下面是一份未加备注的完整配置文件
1. global_defs 2. {
3. notification_email 4. {
5. admin@example.com 6. }
7. notification_email_from admin@example.com 8. smtp_server 127.0.0.1 9. stmp_connect_timeout 30 10. router_id node1 11. }
12. notification_email
13. {
14. admin@example.com 15. admin@ywlm.net 16. } 17.
18. static_ipaddress 19. {
20. 192.168.1.1/24 brd + dev eth0 scope global 21. 192.168.1.2/24 brd + dev eth1 scope global 22. }
23. static_routes 24. {
25. src $SRC_IP to $DST_IP dev $SRC_DEVICE
26. src $SRC_IP to $DST_IP via $GW dev $SRC_DEVICE 27. } 28.
29. vrrp_sync_group VG_1 { 30. group { 31. http 32. mysql 33. }
34. notify_master /path/to/to_master.sh 35. notify_backup /path_to/to_backup.sh 36. notify_fault \37. notify /path/to/notify.sh 38. smtp_alert 39. } 40. group { 41. http 42. mysql 43. } 44.
45.
46. vrrp_script check_running {
47. script \48. interval 10 49. weight 10 50. } 51. 52.
53. vrrp_instance http { 54. state MASTER 55. interface eth0 56. dont_track_primary 57. track_interface { 58. eth0 59. eth1 60. }
61. mcast_src_ip
62. garp_master_delay 10 63. virtual_router_id 51 64. priority 100 65. advert_int 1 66. authentication { 67. auth_type PASS 68. autp_pass 1234 69. } 70. virtual_ipaddress {
71. #
/ brd dev scope label 73. 192.168.200.18/24 dev eth2 label eth2:1 74. }
75. virtual_routes {
76. # src
[to] / via|gw dev scope tab
正在阅读:
基于keepalived的redis系统master双机热备(读数据负载均衡)设07-04
防爆电磁阀十大品牌06-07
关于市区城市基础设施建设的调研报告01-08
开题报告、文献检索账号、文献综述、外文翻译、抄袭检测软件、论04-23
河南工业大学实验报告12-01
我们都曾经有过面对林林总总的志愿选项产生的恍惚和迷茫06-12
优秀护士个人材料03-01
实验五 - 函数与编译预处理05-26
- 多层物业服务方案
- (审判实务)习惯法与少数民族地区民间纠纷解决问题(孙 潋)
- 人教版新课标六年级下册语文全册教案
- 词语打卡
- photoshop实习报告
- 钢结构设计原理综合测试2
- 2014年期末练习题
- 高中数学中的逆向思维解题方法探讨
- 名师原创 全国通用2014-2015学年高二寒假作业 政治(一)Word版
- 北航《建筑结构检测鉴定与加固》在线作业三
- XX县卫生监督所工程建设项目可行性研究报告
- 小学四年级观察作文经典评语
- 浅谈110KV变电站电气一次设计-程泉焱(1)
- 安全员考试题库
- 国家电网公司变电运维管理规定(试行)
- 义务教育课程标准稿征求意见提纲
- 教学秘书面试技巧
- 钢结构工程施工组织设计
- 水利工程概论论文
- 09届九年级数学第四次模拟试卷
- 双机
- 负载
- 均衡
- keepalived
- 基于
- 数据
- master
- 系统
- redis
- 弟子规功过格 - - - 每月版
- 成都交通投资集团有限公司招投标管理规定
- 2018-2024年中国乙烯行业市场发展战略分析及投资前景专项预测报
- 洛阳钼业钢结构
- 无机化学知识点归纳
- ansys计算-钢结构玻璃雨篷计算书
- 人体八大系统生病顺序 - 图文
- 厂房钢结构监理细则
- 九年级数学上学期期末考试试题
- 英语专业八级人文知识(题集) — 英国文学部分
- 医疗监督执法题库 卫生监督员考试题库
- 万州区城市廉租住房保障办法
- 中学生自尊与社会支持的关系研究
- 2014河北政法干警面试题泛泛而谈、无话可说困境三步
- 扬州市专业设计公司名录2018版564家
- 电气工段班长岗位标准 - 图文
- 2018-焦虑症、抑郁症采用艾司西酞普兰治疗的效果观察-范文word版
- 从黑人民俗叙事策略看《他们眼望上苍》中的政治意识
- 重装微信聊天记录怎么恢复?iPhone恢复微信聊天记录的方法
- 大学生入党积极分子思想汇报格式