Keepalived是一个免费开源的,用C编写的类似于layer3, 4 & 7交换机制软件,具备我们平时说的第3层、第4层和第7层交换机的功能。主要提供loadbalancing(负载均衡)和high-availability(高可用)功能,负载均衡实现需要依赖Linux的虚拟服务内核模块(ipvs),而高可用是通过VRRP协议实现多台机器之间的故障转移服务。
上图是Keepalived的功能体系结构,大致分两层:用户空间(user space)和内核空间(kernel space)。 内核空间:主要包括IPVS(IP虚拟服务器,用于实现网络服务的负载均衡)和NETLINK(提供高级路由及其他相关的网络功能)两个部份。
用户空间:
WatchDog:负载监控checkers和VRRP进程的状况VRRP Stack:负载负载均衡器之间的失败切换FailOver,如果只用一个负载均稀器,则VRRP不是必须的。Checkers:负责真实服务器的健康检查healthchecking,是keepalived最主要的功能。换言之,可以没有VRRP Stack,但健康检查healthchecking是一定要有的。IPVS wrapper:用户发送设定的规则到内核ipvs代码Netlink Reflector:用来设定vrrp的vip地址等。http://www.keepalived.org/download.html
cd /usr/local/srcwget http://www.keepalived.org/software/keepalived-1.2.0.tar.gz tar xf keepalived-2.0.0.tar.gz cd keepalived-2.0.0 ./configure --prefix=/application/keepalived-2.0.0checking for a BSD-compatible install... /usr/bin/install -cchecking whether build environment is sane... configure: error: newly created file is older than distributed files!Check your system clock
”此报错是由于系统时间与硬件时间不一致导致的。
**************************************************************
linux系统的时间分为系统时间 和 硬件时间。 硬件时间 就是指RTC中的时间,hwclock命令就是对这个时间操作。 系统时间 是系统开机时读取硬件时间作为系统的时间,此后系统时钟独立运作,在系统关机时再将系统时间写回RTC。
date命令只操作系统时间,hwclock操作硬件时钟,在date 修改时间后 最好用hwclock 同步一下,以免系统非正常关机造成时间不同步。
[root@Web01 src]# date Sun Mar 19 09:35:08 CST 2017 [root@Web01 src]# hwclock Tue 03 Jul 2018 10:19:17 PM CST -0.458468 seconds同步时间,写入CMOS:
[root@Web01 src]# ntpdate ntp1.aliyun.com 3 Jul 14:28:12 ntpdate[79878]: step time server 120.25.115.20 offset 40711428.938760 sec [root@Web01 src]# date Tue Jul 3 14:28:19 CST 2018 [root@Web01 src]# hwclock Tue 03 Jul 2018 10:28:23 PM CST -0.860282 seconds [root@Web01 src]# hwclock Tue 03 Jul 2018 10:28:36 PM CST -0.641474 seconds问题解决!!!!!!! OpenSSL is not properly installed on your system. !!!!!! Can not include OpenSSL headers files. !!!
解决方法:
[root@Web01 keepalived-2.0.0]# yum install -y openssl openssl-devel“*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.”,具体日志如下:
Keepalived configuration ------------------------ Keepalived version : 2.0.0 Compiler : gcc Preprocessor flags : Compiler flags : -Wall -Wunused -Wstrict-prototypes -Wextra -Winit-self -g -O2 -D_GNU_SOURCE -fPIE -Wformat -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -fexceptions --param=ssp-buffer-size=4 Linker flags : -pie Extra Lib : -lcrypto -lssl Use IPVS Framework : Yes IPVS use libnl : No IPVS syncd attributes : No IPVS 64 bit stats : No fwmark socket support : Yes Use VRRP Framework : Yes Use VRRP VMAC : Yes Use VRRP authentication : Yes With ip rules/routes : Yes Use BFD Framework : No SNMP vrrp support : No SNMP checker support : No SNMP RFCv2 support : No SNMP RFCv3 support : No DBUS support : No SHA1 support : No Use Json output : No libnl version : None Use IPv4 devconf : No Use libiptc : No Use libipset : No init type : upstart Build genhash : Yes Build documentation : No *** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.解决方法:执行yum命令yum -y install libnl libnl-devel解决上述警告问题
[root@Web01 keepalived-2.0.0]# yum -y install libnl libnl-devel“configure: error: libnfnetlink headers missing”,具体日志如下:
checking for nl_socket_modify_cb in -lnl... yes checking for linux/rtnetlink.h... yes checking libnfnetlink/libnfnetlink.h usability... no checking libnfnetlink/libnfnetlink.h presence... no checking for libnfnetlink/libnfnetlink.h... no configure: error: libnfnetlink headers missing解决方法: yum install -y libnfnetlink-devel
安装完成以后,重新执行configure命令
[root@Web01 keepalived-2.0.0]# ./configure --prefix=/application/keepalived-2.0.0这样就可以执行service keepalived [start | stop | reload | restart ]命令。(/etc/init.d/ [start | stop | reload | restart ])
启动报“Starting keepalived: /bin/bash: keepalived: command not found”错误,具体日志如下:
[root@yoodb /]# service keepalived start 正在启动 keepalived:/bin/bash: keepalived: command not found [失败]解决方法:
cp /usr/local/src/keepalived-2.0.0/bin/keepalived /usr/sbin 重新执行如下输出后,表示启动成功 [root@m01 keepalived-2.0.0]# /etc/init.d/keepalived start Starting keepalived: [root@m01 keepalived-2.0.0]# /etc/init.d/keepalived stop Stopping keepalived: [ OK ] [root@m01 keepalived-2.0.0]# /etc/init.d/keepalived start Starting keepalived: [ OK ] [root@m01 keepalived-2.0.0]# /etc/init.d/keepalived restart Stopping keepalived: [ OK ] Starting keepalived: [ OK ] [root@m01 keepalived-2.0.0]# /etc/init.d/keepalived reload Reloading keepalived: [ OK ] 加入开机启动 [root@m01 keepalived-2.0.0]# chkconfig keepalived on [root@m01 keepalived-2.0.0]# chkconfig --list keepalived keepalived 0:off 1:off 2:on 3:on 4:on 5:on 6:off使用service keepalived start命令启动服务时,默认会将/etc/sysconfig/keepalived文件中KEEPALIVED_OPTIONS参数作为keepalived服务启动时的参数,并从/etc/keepalived/目录下加载keepalived.conf配置文件,或用-f参数指定配置文件的位置。
# Options for keepalived. See `keepalived --help' output and keepalived(8) and # keepalived.conf(5) man pages for a list of all options. Here are the most # common ones : # # --vrrp -P Only run with VRRP subsystem. # --check -C Only run with Health-checker subsystem. # --dont-release-vrrp -V Dont remove VRRP VIPs & VROUTEs on daemon stop. # --dont-release-ipvs -I Dont remove IPVS topology on daemon stop. # --dump-conf -d Dump the configuration data. # --log-detail -D Detailed log messages.日志默认输出在/var/log/message文件中 # --log-facility -S 0-7 Set local syslog facility (default=LOG_DAEMON) # KEEPALIVED_OPTIONS="-D运行keepalived --help可以查看启动时的可选参数,这些可选参数都可以配置在/etc/sysconfig/keepalived文件中的KEEPALIVED_OPTIONS选项中,作为服务启动时的参数。
keepalived正常运行后,会启动3个进程,其中一个是父进程,负责监控其子进程。一个是vrrp子进程,另外一个是checkers子进程。
[root@m01 keepalived-2.0.0]# /application/keepalived/sbin/keepalived -f /application/keepalived/etc/keepalived/keepalived.conf #检查配置参数[root@m01 keepalived-2.0.0]# ps -ef |grep keep root 22642 1 0 16:55 ? 00:00:00 keepalived -D root 22644 22642 0 16:55 ? 00:00:00 keepalived -D root 22645 22642 0 16:55 ? 00:00:00 keepalived -D到此keepalived就安装完成了。
keepalived服务安装完成之后,后面的主要工作就是在keepalived.conf文件中配置HA和负载均衡。
完整的keepalived配置文件,主要包含三块:全局定义块、VRRP实例定义块和虚拟服务器定义块。全局定义块是必须的,如果keepalived只用来做ha,虚拟服务器是可选的。
#全局定义块 global_defs { # 邮件通知配置 notification_email { email1 email2 } notification_email_from email smtp_server host smtp_connect_timeout num lvs_id string router_id string ## 标识本节点的字条串,通常为hostname } #VRRP 实例定义块 vrrp_sync_group string { group { string string } } vrrp_instance string { state MASTER|BACKUP virtual_router_id num interface string mcast_src_ip @IP priority num advert_int num nopreempt smtp_alert lvs_sync_daemon_interface string authentication { auth_type PASS|AH auth_pass string } virtual_ipaddress { # Block limited to 20 IP addresses @IP @IP @IP } } #虚拟服务器定义块 virtual_server (@IP PORT)|(fwmark num) { delay_loop num lb_algo rr|wrr|lc|wlc|sh|dh|lblc lb_kind NAT|DR|TUN persistence_timeout num protocol TCP|UDP real_server @IP PORT { weight num notify_down /path/script.sh TCP_CHECK { connect_port num connect_timeout num } } real_server @IP PORT { weight num MISC_CHECK { misc_path /path_to_script/script.sh(or misc_path “/path_to_script/script.sh <arg_list>”) } } real_server @IP PORT { weight num HTTP_GET|SSL_GET { url { # You can add multiple url block path alphanum digest alphanum } connect_port num connect_timeout num nb_get_retry num delay_before_retry num } } }
1、email通知(notification_email、smtp_server、smtp_connect_timeout):用于服务有故障时发送邮件报警,可选项,不建议用。需要系统开启sendmail服务,建议用第三独立监控服务,如用Zabbix全面监控代替。 2、lvs_id:lvs负载均衡器标识,在一个网络内,它的值应该是唯一的。 3、router_id:用户标识本节点的名称,通常为hostname 4、花括号{}:用来分隔定义块,必须成对出现。如果写漏了,keepalived运行时不会得到预期的结果。由于定义块存在嵌套关系,因此很容易遗漏结尾处的花括号,这点需要特别注意。
转载于:https://www.cnblogs.com/tvkzy/p/9259664.html
相关资源:JAVA上百实例源码以及开源项目