大致分两层结构:用户空间 user space和内核空间 kernel space
Keepalived里面所有对LVS的相关操作并不直接使用ipvsadm这样的用户端程序,而是直接使用IPVS提供的函数进程操作,该代码都在check/ipwrapper.c中
1)先实施Master->Slave的主主同步。主主是数据双向同步,主从是数据单向同步。一般情况下,主库宕机后,需要手动将连接切换到从库上。(但是用keepalived就可以自动切换)2)再结合Keepalived的使用,通过VIP实现Mysql双主对外连接的统一接口。即客户端通过Vip连接数据库;当其中一台宕机后,VIP会漂移到另一台上,这个过程对于客户端的数据连接来说几乎无感觉,从而实现高可用。MySQL主从与双主搭建请参考:http://www.cnblogs.com/wade-lt/p/9008058.html 环境描述: mysql的安装可以参考:http: //www .cnblogs.com /kevingrace/p/6109679 .html Centos7.4版本 Master:192.168.0.103 安装mysql和keepalived Slave : 192.168.0.104 安装mysql和keepalived VIP:192.168.0.102 要实现主主同步,可以先实现主从同步,即master1->master2的主从同步,然后master2->master1的主从同步. 这样,双方就完成了主主同步。 配置Mysql+Keepalived故障转移的高可用环境 1)安装keepalived并将其配置成系统服务。master和salve两台机器上同样进行如下操作:[root@master ~]# yum install -y openssl-devel #安装依赖[root@master ~]# cd /tmp[root@master src]# tar -zvxf keepalived-1.4.3.tar.gz #官网下载并上传至服务器:http://www.keepalived.org/software/(官网)[root@master src]# cd keepalived-1.4.3[root@master keepalived-1.4.3]# ./configure --prefix=/usr/local/keepalived[root@master keepalived-1.4.3]# make && make install [root@master keepalived-1.4.3]# cp /usr/local/src/keepalived-1.4.3/keepalived/etc/init.d/keepalived /etc/rc.d/init.d/[root@master keepalived-1.4.3]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/[root@master keepalived-1.4.3]# mkdir /etc/keepalived/[root@master keepalived-1.4.3]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/[root@master keepalived-1.4.3]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/[root@master keepalived-1.4.3]# echo "/etc/init.d/keepalived start" >> /etc/rc.local #centos 7 /etc/rc.local ---> /etc/rc.d/rc.local 未能开启自启,修改文件2)配置master机器上的keepalived.conf配置。(下面配置中没有使用lvs的负载均衡功能,所以不需要配置虚拟服务器virtual server)注:keepalive.conf文件不能添加多余的字符如“#”注释等,“{}”与标识之间要空一个字符,keepalive.conf详解参考:https://www.cnblogs.com/along1226/p/5027838.html[root@master ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak[root@master ~]# vim /etc/keepalived/keepalived.conf #清空默认内容,直接采用下面配置: ! Configuration File for keepalivedglobal_defs { notification_email { #指定keepalived在发生切换时需要发送email到的对象,一行一个 acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc #指定发件人 smtp_server 127.0.0.1 #指定smtp服务器地址 smtp_connect_timeout 30 #指定smtp连接超时时间 router_id MASTER-HA #运行keepalived机器的一个标识}vrrp_script chk_mysql_port { #检测mysql服务是否在运行。有很多方式,比如进程,用脚本检测等等 script "/opt/chk_mysql.sh" #这里通过脚本监测 interval 2 #脚本执行间隔,每2s检测一次 weight -5 #脚本结果导致的优先级变更,检测失败(脚本返回非0)则优先级 -5 fall 2 #检测连续2次失败才算确定是真失败。会用weight减少优先级(1-255之间 rise 1 #检测1次成功就算成功。但不修改优先级}vrrp_instance VI_1 { state MASTER #指定那个为master,那个为backup,如果设置了nopreempt这个值不起作用,主备由priority决定 interface ens33 #设置实例绑定的网卡 mcast_src_ip 192.168.0.103 #发送多播包的地址,如果不设置默认使用绑定网卡的primary ip virtual_router_id 51 #路由器标识,MASTER和BACKUP必须是一致的 priority 101 #定义优先级,数字越大,优先级越高,在同一个vrrp_instance下,MASTER的优先级必须大于BACKUP的优先级。这样MASTER故障恢复后,就可以将VIP资源再次抢回来 advert_int 1 #检查间隔,默认1秒 authentication {#设置认证 auth_type PASS #认证方式 auth_pass 1111 #认证密码 } virtual_ipaddress {#设置vip 192.168.0.102/24 #与绑定的网卡实ip掩码相同 } track_script { #mysql脚本检测 chk_mysql_port }}
3)编写切换脚本。KeepAlived做心跳检测,如果Master的MySQL服务挂了(3306端口挂了),那么它就会选择自杀。Slave的KeepAlived通过心跳检测发现这个情况,就会将VIP的请求接管[root@master ~]# vim /opt/chk_mysql.sh#!/bin/bashcounter=$(netstat -na|grep "LISTEN"|grep "3306"|wc -l)if [ "${counter}" -eq 0 ]; then /etc/init.d/keepalived stopfi [root@master ~]# chmod 755 /opt/chk_mysql.sh 启动keepalived服务[root@master ~]# /etc/init.d/keepalived start正在启动 keepalived: [确定]
4)slave机器上的keepalived配置。slave机器上的keepalived.conf文件只修改priority为99、nopreempt不设置、real_server设置本地IP。
[root@slave ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak[root@slave ~]# vim /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id MASTER-HA}vrrp_script chk_mysql_port { script "/opt/chk_mysql.sh" interval 2 weight -5 fall 2 rise 1}vrrp_instance VI_1 { state BACKUP interface ens33 mcast_src_ip 192.168.0.104 virtual_router_id 51 priority 99 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.0.102/24 } track_script { chk_mysql_port } } [root@slave ~]# cat /opt/chk_mysql.sh#!/bin/bashcounter=$(netstat -na|grep "LISTEN"|grep "3306"|wc -l)if [ "${counter}" -eq 0 ]; then /etc/init.d/keepalived stopfi [root@slave ~]# chmod 755 /opt/chk_mysql.sh [root@slave ~]# /etc/init.d/keepalived start正在启动 keepalived: [确定]注:如有防火墙,请开放相关权限,如:两台主机之间的通信,vrrp通信以及mysql的3306端口,关闭selinux /etc/selinux/conf ,修改后并使之生效Mysql+keepalived故障转移的高可用测试1)通过Mysql客户端通过VIP连接,看是否连接成功。比如,在远程一台测试机上连接,通过vip地址可以正常连接(下面的连接权限要是在服务端提前授权的)[root@dev-new-test ~]# mysql -h192.168.0.103 -uroot -p1234562)默认情况下,vip是在master上的。使用"ip a"命令查看vip切换情况 [root@master ~]# ip a停止master机器上的mysql服务,根据配置中的脚本,mysql服务停了,keepalived也会停,从而vip资源将会切换到slave机器上。(mysql服务没有起来的时候,keepalived服务也无法顺利启动!)[root@master ~]# /etc/init.d/mysql stopShutting down MySQL.. SUCCESS![root@master ~]# ps -ef|grep mysqlroot 25812 21588 0 17:30 pts/0 00:00:00 grep mysql[root@master ~]# ps -ef|grep keepalivedroot 25814 21588 0 17:30 pts/0 00:00:00 grep keepalived[root@master ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:3c:25:42 brd ff:ff:ff:ff:ff:ff inet 192.168.0.103/24 brd 192.168.0.255 scope global ens33 inet6 fe80::5054:ff:fe3c:2542/64 scope link valid_lft forever preferred_lft forever 如上结果,发现vip没有了,说明此时vip资源已不在master机器上了查看下master的系统日志,如下,会发现vip资源已经切换走了[root@master ~]# tail -f /var/log/messages
再到slave机器上,发现vip资源的确切换过来了[root@slave ~]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:95:1f:6d brd ff:ff:ff:ff:ff:ff inet 192.168.0.104/24 brd 192.168.0.255 scope global ens33 inet 192.168.0.102/24 scope global ens33 inet6 fe80::5054:ff:fe95:1f6d/64 scope link valid_lft forever preferred_lft forever 查看slave的系统日志[root@slave ~]# tail -f /var/log/messages 3)再次启动master的mysql和keepalived服务。(注意:如果restart重启mysql,那么还要启动下keepalived,因为mysql重启,根据脚本会造成keepalived关闭)注意:一定要先启动mysql服务,然后再启动keepalived服务。如果先启动keepalived服务,按照上面的配置,mysql没有起来,就会自动关闭keepalived。[root@master ~]# /etc/init.d/mysql startStarting MySQL.. SUCCESS! [root@master ~]# /etc/init.d/keepalived start正在启动 keepalived: [确定] 启动这两个服务器后,稍微等过一会儿,注意观察会发现vip资源再次从slave机器上切换回来了。[root@master ~]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:3c:25:42 brd ff:ff:ff:ff:ff:ff inet 192.168.0.103/24 brd 192.168.0.255 scope global ens33 inet 192.168.0.102/24 scope global ens33 inet6 fe80::5054:ff:fe3c:2542/64 scope link valid_lft forever preferred_lft forever [root@master ~]# tail -f /var/log/messages 再看看slave机器,发现vip资源又被恢复后的master抢过去了[root@slave ~]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 52:54:00:95:1f:6d brd ff:ff:ff:ff:ff:ff inet 192.168.0.104/24 brd 192.168.0.255 scope global ens33 inet6 fe80::5054:ff:fe95:1f6d/64 scope link valid_lft forever preferred_lft forever [root@slave ~]# tail -f /var/log/messages 4)同样,关闭master1机器的keepalived服务,vip资源会自动切换到master2机器上。当master1的keepalived服务恢复后,会将vip资源再次切回来。以上在vip资源切换过程中,对于客户端连接mysql(使用vip连接)来说几乎是没有任何影响的。------------------------------------温馨提示(Keepalived的抢占和非抢占模式)---------------------------------------keepalive是基于vrrp协议在linux主机上以守护进程方式,根据配置文件实现健康检查。VRRP是一种选择协议,它可以把一个虚拟路由器的责任动态分配到局域网上的VRRP路由器中的一台。控制虚拟路由器IP地址的VRRP路由器称为主路由器,它负责转发数据包到这些虚拟IP地址。一旦主路由器不可用,这种选择过程就提供了动态的故障转移机制,这就允许虚拟路由器的IP地址可以作为终端主机的默认第一跳路由器。 keepalive通过组播,单播等方式(自定义),实现keepalive主备推选。工作模式分为抢占和非抢占(通过参数nopreempt来控制)。1)抢占模式:主服务正常工作时,虚拟IP会在主上,备不提供服务,当主服务优先级低于备的时候,备会自动抢占虚拟IP,这时,主不提供服务,备提供服务。也就是说,工作在抢占模式下,不分主备,只管优先级。 如上配置,不管keepalived.conf里的state配置成master还是backup,只看谁的priority优先级高(一般而言,state为MASTER的优先级要高于BACKUP)。priority优先级高的那一个在故障恢复后,会自动将VIP资源再次抢占回来!! 2)非抢占模式:这种方式通过参数nopreempt(一般设置在advert_int的那一行下面)来控制。不管priority优先级,只要MASTER机器发生故障,VIP资源就会被切换到BACKUP上。并且当MASTER机器恢复后,也不会去将VIP资源抢占回来,直至BACKUP机器发生故障时,才能自动切换回来。 千万注意:nopreempt这个参数只能用于state为backup的情况,所以在配置的时候要把master和backup的state都设置成backup,这样才会实现keepalived的非抢占模式! 也就是说:a)当state状态一个为master,一个为backup的时候,加不加nopreempt这个参数都是一样的效果。即都是根据priority优先级来决定谁抢占vip资源的,是抢占模式!b)当state状态都设置成backup,如果不配置nopreempt参数,那么也是看priority优先级决定谁抢占vip资源,即也是抢占模式。c)当state状态都设置成backup,如果配置nopreempt参数,那么就不会去考虑priority优先级了,是非抢占模式!即只有vip当前所在机器发生故障,另一台机器才能接管vip。 即使优先级高的那一台机器恢复 后也不会主动抢回vip,只能等到对方发生故障,才会将vip切回来。---------------------------------mysql状态检测脚本优化---------------------------------案例一:上面的mysql监测脚本有点过于简单且粗暴,即脚本一旦监测到Master的mysql服务关闭,就立刻把keepalived服务关闭,从而实现vip转移! 下面对该脚本进行优化,优化后,当监测到Master的mysql服务关闭后,就会将vip切换到Backup上(但此时Master的keepalived服务不会被暴力kill)当Master的mysql服务恢复后,就会再次将VIP资源切回来! [root@master ~]# cat /opt/chk_mysql.sh#!/bin/bashMYSQL=/usr/bin/mysqlMYSQL_HOST=localhostMYSQL_USER=rootMYSQL_PASSWORD=rootCHECK_TIME=3 #mysql is working MYSQL_OK is 1 , mysql down MYSQL_OK is 0 MYSQL_OK=1 function check_mysql_helth (){ $MYSQL -h $MYSQL_HOST -u $MYSQL_USER -p${MYSQL_PASSWORD} -e "show status;" >/dev/null 2>&1 if [ $? = 0 ] ;then MYSQL_OK=1 else MYSQL_OK=0 fi return $MYSQL_OK}while [ $CHECK_TIME -ne 0 ]do let "CHECK_TIME -= 1" check_mysql_helthif [ $MYSQL_OK = 1 ] ; then CHECK_TIME=0 exit 0fiif [ $MYSQL_OK -eq 0 ] && [ $CHECK_TIME -eq 0 ]then pkill keepalived exit 1fisleep 1done
案例二:
[root@master opt]# cat chk_mysql.sh #!/bin/bashMYSQL=/usr/bin/mysqlMYSQL_HOST=localhost MYSQL_USER=root MYSQL_PASSWORD=rootCHECK_TIME=3 #mysql is working MYSQL_OK is 1 , mysql down MYSQL_OK is 0 MYSQL_OK=1 VIP=192.168.0.102function check_mysql_helth (){ $MYSQL -h $MYSQL_HOST -u $MYSQL_USER -p${MYSQL_PASSWORD} -e "show status;" >/dev/null 2>&1 if [ $? -eq 0 ] ;then MYSQL_OK=1 else MYSQL_OK=0 fi return $MYSQL_OK }while [ $CHECK_TIME -ne 0 ] do let "CHECK_TIME -= 1" check_mysql_helth if [ $MYSQL_OK = 1 ] ; then CHECK_TIME=0 exit 0 fi ip a|grep $VIP if [ $? -eq 0 ] && [ $CHECK_TIME -eq 0 ];then mount /dev/mapper/mpathb /opt/diskarray echo "vip is here,mysql is down" service mysqll restart if [ $? -ne 0 ];then echo "vip is here,but mysql is not work !" /etc/init.d/keepalived restart umount /dev/mapper/mpathb exit 1 fi exit 3 elif [ $MYSQL_OK -eq 0 ] && [ $CHECK_TIME -eq 0 ];then echo " not vip , 2th check mysql is down " exit 5 fi sleep 2done
