In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-16 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
The purpose of HA Cluster is to prevent important servers from having force majeure factors, such as hardware failures, when providing services.
Natural disasters, power outages, software bug, operating system bug, etc., lead to downtime and crash of the host providing services, thus affecting the positive
Regular business, so the highly available solution to achieve continuous and stable provision of host services is called HA
A = available
Average time between failures of MTBF=
Average repair time of MTTR=
Conversion formula
A=MTBF/ (MTBF+MTTR)
Pay attention to the ways to increase the A value:
1. The molecule is big enough, but it's not cost-effective and the cost is too high.
two。 Reduce the denominator, that is, reduce the average repair time, low cost and excellent effect.
How to reduce the average repair time?
Set up a backup server to realize the Failover function.
Principle: when the primary server fails, quickly transfer the IP address (floating ip), and quickly transfer the application to the standby server
Need related software to transfer IP (transfer IP to reconfigure ip address), transfer service (that is, start relevant service application on standby host)
Generally speaking, HA is to realize the fast switching of the standby server when the primary server is down.
Key points: IP address transfer, data sharing
HA Cluster (ip,nginx) ip and nginx processes are commonly referred to as HA resources
The standby server uses heartbeat detection to initiate udp messages to the primary server (UDP messages do not require a three-way handshake, etc.)
Judge whether the primary server is working properly according to the response of the primary server
Key points: response time, resource contention for shared storage
If the network cable connection between the master and slave server is interrupted, it will lead to ip contention and, most importantly, storage confusion (the same file).
Increase on one side and delete on the other)
Will cause the source data damage, the damage is very big, the solution, uses the explosive head equipment (STONITH), in the repair knife, will not completely cut off the power of the running equipment
After dealing with the failure of the primary server, the server should be put online, that is, Failback
FailoverFailback
HA Cluster implementation scheme
1. The implementation of vrrp protocol.
Keepalived
2. Ais (available Interface standard): available interface standard, complete HA cluster
RHCS (cmam)
Heartbeat
Corosync
Keepalived:
Vrrp protocol: Virtual Redundant Protocol
Terminology:
Virtual routing: virtual router
Virtual Router ID: VRID (0-255)
Physical routing:
Master: master Devic
Back: standby equipment
Priority: priority
VIP:virtual Ip
VMAC:Virtual MAC (00-00-5e-00-01-VRID)
GraciousARP (free arp)
Announcement: heartbeat, priority, etc.; periodicity
Preemptive, non-preemptive
Security work:
Certification:
No authentication
Simple character authentication
MD5
Working mode
Master / standby: single virtual router
Master / master: master / standby (virtual router 1), standby / master (virtual pathfinder 2)
Features:
Software implementation of the vrrp protocol, natively designed for highly available ipvs services:
Vrrp protocol completes address flow
Generate ipvs rules for the node where the vip address is located (pre-defined in the configuration file)
Check the health status of each RS of the ipvs cluster
Based on the script call interface, the functions defined in the script are completed by executing the script, which in turn affects the cluster transaction.
Components:
Core components:
Vrrp stack
Ipvs wrapper
Checkers
Control components: profile analyzer
IO multiplexer
Memory management component
Prerequisites for HA Cluster configuration:
(1) the time of each node must be synchronized
(2) make sure that iptables and selinux do not become obstacles
(3) nodes can communicate with each other through hostname (not necessary for KA)
It is recommended to use / etc/hosts file to implement
(4) root users between nodes can communicate with each other based on ssh service authenticated by key (not necessary)
Keepalived installation configuration:
CentOS 6.4 + is provided with the base warehouse
1. Synchronization time
Configure chronyd server 172.18. 200.100
Yum install chrony and start the service
[root@localhost ~] # service chronyd start
Starting chronyd: [OK]
Use the ntpdate command to synchronize 172.18.10.10 and 172.18.10.11
[root@localhost ~] # ntpdate 172.18.200.100
2. Clear iptables and selinux
Iptables-F
Setenforce 0
3. Configure hosts file (optional)
4. Install keepalived
[root@localhost ~] # yum install keepalived
[root@localhost ~] # cd / etc/keepalived/
[root@localhost keepalived] # ls
Keepalived.conf
[root@localhost keepalived] # cp keepalived.conf keepalived.conf.bak
[root@localhost keepalived] # ls
Keepalived.conf keepalived.conf.bak
[root@localhost keepalived] # vim keepalived.conf
Main configuration file: / etc/keepalived/keepalived.conf
Explanation of profile components and related options
TOP HIERACHY
GLOBAL CONFIGURATION
Global definitions
Static routes/addresses
VRRPD CONFIGURATION
VRRP synchronization group (s): vrrp synchronization group
VRRP instance (s): each vrrp instance is a vrrp router
LVS CONFIGURATION
Virtual server group (s)
Virtual server (s): vs and rs of ipvs cluster
Global_defs {# Global definition
Notification_email {
Acassen@firewall.loc
Failover@firewall.loc # define the address of the mailbox to be sent after a problem occurs
Sysadmin@firewall.loc
}
Notification_email_from Alexandre.Cassen@firewall.loc # # where did it come from?
Smtp_server 192.168.200.1 # email server address
Smtp_connect_timeout 3pm timeout
Router_id LVS_DEVEL### router IP
Vrrp_mcast_group4 224.0.100.5###ipv4 Multicast address
}
Vrrp_instance VI_1 {# # vrrp configuration segment
State MASTER### indicates whether the master or the master is displayed here, and the other is the slave.
Interface eth0### indicates the network card from which the work sends out "multi-wave heartbeat message"
Virtual_router_id 51 routing # Virtual routing ID
Priority 100 priority of the master
Advert_int 1 # # advertisement interval
Authentication### certification
Auth_type PASS#### authentication type: simple key authentication
Auth_pass 111 authentication password: no more than 8 digits at most
}
Virtual_ipaddress {# # Virtual IP address on which network card
192.168.200.16Uniple 24 dev eth0 # # defines which network card is configured on the alias
192.168.200.17
192.168.200.18
}
}
Track_interface {# # configure the network interface to be monitored. Once the interface fails, it changes to FAULT state; that is, interface tracking
Eth0
Eth2
...
}
Nopreempt: define the working mode as non-preemptive mode
Preempt_delay 300: the delay of triggering a new election operation after the node goes online in preemptive mode
5. Modify the configuration file
[root@localhost keepalived] # vim keepalived.conf
Global_defs {
Notification_email {
Root@localhost
}
Notification_email_from keepalived@localhost
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id node1
Vrrp_mcast_group4 224.0.100.50
}
Vrrp_instance myroute {
State MASTER
Interface eth2
Virtual_router_id 50
Priority 100
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123456
}
Virtual_ipaddress {
172.18.50.50/16 dev eth2
}
}
6. Send the configuration file to another machine 10
[root@localhost keepalived] # scp keepalived.conf 172.18.10.10:/etc/keepalived/
Modify the configuration file
[root@localhost keepalived] # vim keepalived.conf
Global_defs {
Notification_email {
Root@localhost
}
Notification_email_from keepalived@localhost
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id node2
Vrrp_mcast_group4 224.0.100.50
}
Vrrp_instance myroute {
State BACKUP
Interface eth2
Virtual_router_id 50
Priority 98
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123456
}
Virtual_ipaddress {
172.18.50.50/16 dev eth2
}
}
7. Start the service
Start standby server 11
[root@localhost ~] # service keepalived start
View address
[root@localhost ~] # ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
Inet 127.0.0.1/8 scope host lo
Inet6:: 1/128 scope host
Valid_lft forever preferred_lft forever
2: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
Link/ether 00:0c:29:07:27:ff brd ff:ff:ff:ff:ff:ff
Inet 172.18.10.10/16 brd 172.18.255.255 scope global eth2
Inet 172.18.50.50/16 scope global secondary eth2
Inet6 fe80::20c:29ff:fe07:27ff/64 scope link
Valid_lft forever preferred_lft forever
It is found that the address has been added. If the master server is turned on, it will be stolen immediately because there is no preemptive delay.
8. Start the master server
[root@localhost keepalived] # service keepalived start
Starting keepalived: [OK]
[root@localhost keepalived] # ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
Inet 127.0.0.1/8 scope host lo
Inet6:: 1/128 scope host
Valid_lft forever preferred_lft forever
2: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
Link/ether 00:0c:29:99:76:84 brd ff:ff:ff:ff:ff:ff
Inet 172.18.10.11/16 brd 172.18.255.255 scope global eth2
Inet 172.18.50.50/16 scope global secondary eth2
Inet6 fe80::20c:29ff:fe99:7684/64 scope link
Valid_lft forever preferred_lft forever
Found that the address has been added
And from the server 11
[root@localhost ~] # ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
Inet 127.0.0.1/8 scope host lo
Inet6:: 1/128 scope host
Valid_lft forever preferred_lft forever
2: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
Link/ether 00:0c:29:07:27:ff brd ff:ff:ff:ff:ff:ff
Inet 172.18.10.10/16 brd 172.18.255.255 scope global eth2
Inet6 fe80::20c:29ff:fe07:27ff/64 scope link
Valid_lft forever preferred_lft forever
IP address has been deleted
9. Use the tcpdump package grab tool to view the corresponding heartbeat test of the master-slave server.
[root@localhost keepalived] # tcpdump-I eth2 host 224.0.100.50 # grab the packet on the master server
Tcpdump: verbose output suppressed, use-v or-vv for full protocol decode
Listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
16RV 39 IP 33.357307 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 vrid 39 IP 34.358905 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 Advertisement 39 IP 35.360605 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16RV 39 IP 36.362301 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 Advertisement 39GV 37.363904 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 Advertisement 39 IP 38.365658 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 vrid 39 IP 39.367266 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16VUR 39 vrid 40.368921 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16RV 39 IP 41.370599 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
[root@localhost ~] # tcpdump-I eth2-nn host 224.0.100.50 # grabbing packets from the server
Tcpdump: verbose output suppressed, use-v or-vv for full protocol decode
Listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
16 Advertisement 39 IP 40.367044 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16RV 39 IP 41.368741 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 Advertisement 39 IP 42.370289 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16vv39 IP 43.371983 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 Advertisement 39 IP 44.373750 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 Advertisement 39 IP 45.375413 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
16 Advertisement 39 IP 46.377092 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
Analysis and explanation. Implement simple vrrp
That is, the slave server sends a notification message to the master server every other second. Detect whether the master server is alive, and implement the specific implementation software keepalived
#
Double master model
1. We have configured the master server configuration on 172.18.10.11. The two master services can be added below the configuration file as follows.
[root@localhost keepalived] # vim keepalived.conf
Vrrp_instance myroute2 {
State BACKUP
Interface eth2
Virtual_router_id 51
Priority 98
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123457
}
Virtual_ipaddress {
172.18.51.51/16 dev eth2
}
}
2. Paste the content service into the keepalived.conf configuration file of the 172.18.10.10 server, and then modify it on state and priority accordingly
Vrrp_instance myroute2 {
State MASTER
Interface eth2
Virtual_router_id 51
Priority 100
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123457
}
Virtual_ipaddress {
172.18.51.51/16 dev eth2
}
}
Save and exit to realize the setting of the double master model
3. Start the service and test it
Service keepalived restart
Stopping keepalived: [OK]
Starting keepalived: [OK]
Using tcpdump to grab the package, the result is as follows
172.18.10.11 terminal
[root@localhost keepalived] # tcpdump-I eth2-nn host 224.0.100.50
Tcpdump: verbose output suppressed, use-v or-vv for full protocol decode
Listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
00RV 50 IP 20.150330 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00RV 50 IP 20.521639 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
00Advertisement 50 IP 21.151175 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00RV 50 IP 21.522539 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
00Advertisement 50 IP 22.152517 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00Advertisement 50 IP 22.523232 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
00Advertisement 50 IP 23.154334 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00Advertisement 50 IP 23.524046 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
172.18.10.10 terminal
[root@localhost keepalived] # tcpdump-I eth2 host 224.0.100.50
Tcpdump: verbose output suppressed, use-v or-vv for full protocol decode
Listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
01.436075 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
01.437266 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
02.437295 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
02.438831 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
03.438695 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
03.439205 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
The analysis receives two messages each time, one to send and one to receive.
Use iptable to set the rule to deny 172.18.10.11 to send a notification message to 224.0.100.50
[root@localhost keepalived] # iptables-An OUTPUT-s 172.18.10.11-d 224.0.100.50-j REJECT
Use tcpdump to grab packets at 172.18.10.10
[root@localhost keepalived] # tcpdump-I eth2-nn host 224.0.100.50
Tcpdump: verbose output suppressed, use-v or-vv for full protocol decode
Listening on eth2, link-type EN10MB (Ethernet), capture size 65535 bytes
00RV 50 IP 20.150330 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00RV 50 IP 20.521639 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
00Advertisement 50 IP 21.151175 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00RV 50 IP 21.522539 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
00Advertisement 50 IP 22.152517 IP 172.18.10.10 > 224.0.100.50: VRRPv2, Advertisement, vrid 51, prio 100, authtype simple, intvl 1s, length 20
00Advertisement 50 IP 22.523232 IP 172.18.10.11 > 224.0.100.50: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
The analysis found that two announcements were sent, and because 172.18.10.11 was not notified, it was thought that 172.18.10.11 was dead, so it was stolen and made itself a host. That is, if other people don't announce it, they think the other person is dead.
You can use ip a l to view the corresponding ip address acquisition:
[root@localhost keepalived] # ip al
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
Inet 127.0.0.1/8 scope host lo
Inet6:: 1/128 scope host
Valid_lft forever preferred_lft forever
2: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
Link/ether 00:0c:29:07:27:ff brd ff:ff:ff:ff:ff:ff
Inet 172.18.10.10/16 brd 172.18.255.255 scope global eth2
Inet 172.18.51.51/16 scope global secondary eth2
Inet 172.18.50.50/16 scope global secondary eth2
Inet6 fe80::20c:29ff:fe07:27ff/64 scope link
Valid_lft forever preferred_lft forever
On the 172.18.10.11 server again, clear the iptables rule
[root@localhost keepalived] # iptables-F
Go back to the 172.18.10.10 server and use ip a l query
[root@localhost keepalived] # ip al
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
Inet 127.0.0.1/8 scope host lo
Inet6:: 1/128 scope host
Valid_lft forever preferred_lft forever
2: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
Link/ether 00:0c:29:07:27:ff brd ff:ff:ff:ff:ff:ff
Inet 172.18.10.10/16 brd 172.18.255.255 scope global eth2
Inet 172.18.51.51/16 scope global secondary eth2
Inet6 fe80::20c:29ff:fe07:27ff/64 scope link
Valid_lft forever preferred_lft forever
It is found that the address has been taken back immediately because the work is in preemption mode. Preempt_delay 300preemption delay time is not set
Conclusion: the experiment of double master model is realized.
#
How to implement a custom notification script
First, add a script to the 172.18.10.11 server to send mail automatically.
1. Write mail scripts
Vim notify.sh
#! / bin/bash
#
Contact='root@localhost'
Notify () {
Mailsubject= "vrrp: $(hostname) to be $1"
Mailbody= "$(hostname) to be $1 Magi VRRP transition, $(date)"
Echo "$mailbody" | mail-s "$mailsubject" $contact
}
Case $1 in
Master)
Notify master
Backup)
Notify backup
Fault)
Notify fault
*)
Echo "Usage: $(basename $0) master | backup | fault"
Exit 1
Esac
2. Test script
Grammar detection
[root@localhost keepalived] # bash-n notify.sh
Run a script test
[root@localhost keepalived] # bash-x notify.sh master
+ contact=root@localhost
+ case $1 in
+ notify master
+ + hostname
+ mailsubject='localhost.localdomain to be master'
+ + hostname
+ + date
+ mailbody='localhost.localdomain to be master,vrrp transition, Mon May 15 01:36:33 CST 2017'
+ echo 'localhost.localdomain to be master,vrrp transition, Mon May 15 01:36:33 CST 2017.'
+ mail-s mailsubject root@localhost
[root@localhost keepalived] # vim notify.sh
You have mail in / var/spool/mail/root
3. Check the emails received
[root@localhost keepalived] # mail
Heirloom Mail version 12.4 7-29-08. Type? For help.
"/ var/spool/mail/root": 1 message 1 new
N 1 root Mon May 15 01:36 18amp 696 "mailsubject"
&
Message 1:
From root@localhost.localdomain Mon May 15 01:36:34 2017
Return-Path:
X-Original-To: root@localhost
Delivered-To: root@localhost.localdomain
Date: Mon, 15 May 2017 01:36:33 + 0800
To: root@localhost.localdomain
Subject: mailsubject
User-Agent: Heirloom mailx 12.4 7-29-08
Content-Type: text/plain; charset=us-ascii
From: root@localhost.localdomain (root)
Status: R
Localhost.localdomain to be master,vrrp transition, Mon May 15 01:36:33 CST 2017.
&
4. Send the script to 172.18.10.10
[root@localhost keepalived] # scp notify.sh 172.18.10.10:/etc/keepalived/
Root@172.18.10.10's password:
Notify.sh 100% 367 0.4KB/s 00:00
5. Call the script
[root@localhost keepalived] # vim keepalived.conf
Add the following under vrrp_instance myrouter1 on 172.18.10.11, note that the call is made in the context of vrrp_instance myrouter1
Notify_master "/ etc/keepalived/notify.sh master"
Notify_backup "/ etc/keepalived/notify.sh backup"
Notify_fault "/ etc/keepalived/notify.sh fault"
Add the following under vrrp_instance myrouter2 on 172.18.10.10
Notify_master "/ etc/keepalived/notify.sh master"
Notify_backup "/ etc/keepalived/notify.sh backup"
Notify_fault "/ etc/keepalived/notify.sh fault"
6. To achieve the test results, delete the previously defined double master model and stop the service (do the same on 10.10 and 10.11)
:. $d means to delete all from the last line of the current line
[root@localhost keepalived] # service keepalived stop
Stopping keepalived: [OK]
7. Add execution permission to the previously written script
[root@localhost keepalived] # chmod + x notify.sh
[root@localhost keepalived] # ll
Total 8
-rw-r--r-- 1 root root 658 May 15 02:01 keepalived.conf
-rwxr-xr-x 1 root root 367 May 15 01:41 notify.sh
8. Start the service
At 172.18.10.11
[root@localhost keepalived] # service keepalived start
Starting keepalived: [OK]
[root@localhost keepalived] # ip al
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
Inet 127.0.0.1/8 scope host lo
Inet6:: 1/128 scope host
Valid_lft forever preferred_lft forever
2: eth2: mtu 1500 qdisc pfifo_fast state UP qlen 1000
Link/ether 00:0c:29:99:76:84 brd ff:ff:ff:ff:ff:ff
Inet 172.18.10.11/16 brd 172.18.255.255 scope global eth2
Inet 172.18.50.50/16 scope global secondary eth2
Inet6 fe80::20c:29ff:fe99:7684/64 scope link
Valid_lft forever preferred_lft forever
[root@localhost keepalived] # mail
Heirloom Mail version 12.4 7-29-08. Type? For help.
"/ var/spool/mail/root": 3 messages 2 unread
1 root Mon May 15 01:36 19amp 707 "mailsubject"
U 2 root Mon May 15 11:03 19amp 735 "vrrp: localhost.localdomain to be master"
&
9. Start the keepalived on the 172.18.10.10 side, and check the email on the 172.18.10.11 side again
[root@localhost ~] # mail
Heirloom Mail version 12.4 7-29-08. Type? For help.
"/ var/spool/mail/root": 7 messages 5 new 7 unread
U 1 root Mon May 15 11:09 19amp 735 "vrrp: localhost.localdomain to be backup"
U 2 root Mon May 15 11:11 19amp 735 "vrrp: localhost.localdomain to be backup"
> N 3 root Mon May 15 11:11 18 amp 725 "vrrp: localhost.localdomain to be master"
N 4 root Mon May 15 11:11 18 amp 725 "vrrp: localhost.localdomain to be backup"
N 5 root Mon May 15 11:26 18 amp 725 "vrrp: localhost.localdomain to be backup"
N 6 root Mon May 15 11:26 18 amp 725 "vrrp: localhost.localdomain to be master"
N 7 root Mon May 15 11:26 18 amp 725 "vrrp: localhost.localdomain to be backup"
&
Conclusion: the function of notification script is realized.
#
How to achieve keepalived High availability LVS (focus)
Experiment preparation: 4 virtual hosts
Among them, 172.18.10.10 and 172.18.10.11 as vs end are VS2 and VS1 respectively.
172.18.200.100 and 172.18.249.57 as RS are RS1 and RS2, respectively.
First, install httpd on RS1 and RS2 respectively.
1. Configure as follows
[root@localhost ~] # cat / var/www/html/index.html
RS1:172.18.200.100
[root@localhost ~] # cat / var/www/html/index.html
RS2:172.18.249.57
2. Write VIP configuration script
Vim setparam.sh
#! / bin/bash
#
Vip='172.18.50.50'
Netmask='255.255.255.255'
Iface='lo:0'
Case $1 in
Start)
Echo 1 > / pro/sys/net/ipv4/conf/all/arp_ignore
Echo 1 > / pro/sys/net/ipv4/conf/lo/arp_ignore
Echo 2 > / pro/sys/net/ipv4/conf/all/arp_ignore
Echo 2 > / pro/sys/net/ipv4/conf/lo/arp_ignore
Ifconfig $iface $vip netmask $netmask broadcast $vip up
Route add-host $vip dev $iface
Stop)
Ifconfig $iface down
Echo 0 > / pro/sys/net/ipv4/conf/all/arp_ignore
Echo 0 > / pro/sys/net/ipv4/conf/lo/arp_ignore
Echo 0 > / pro/sys/net/ipv4/conf/all/arp_ignore
Echo 0 > / pro/sys/net/ipv4/conf/lo/arp_ignore
Esac
3. Test script
[root@localhost] # bash-n setparam.sh
[root@localhost ~] # bash-x setparam.sh start
+ vip=172.18.50.50
+ netmask=255.255.255.255
+ iface=lo:0
+ case $1 in
+ echo 1
Setparam.sh: line 9: / pro/sys/net/ipv4/conf/all/arp_ignore: No such file or directory
+ echo 1
Setparam.sh: line 10: / pro/sys/net/ipv4/conf/lo/arp_ignore: No such file or directory
+ echo 2
Setparam.sh: line 11: / pro/sys/net/ipv4/conf/all/arp_announce: No such file or directory
+ echo 2
Setparam.sh: line 12: / pro/sys/net/ipv4/conf/lo/arp_announce: No such file or directory
+ ifconfig lo:0 172.18.50.50 netmask 255.255.255.255 broadcast 172.18.50.50 up
+ route add-host 172.18.50.50 dev lo:0
4. Use scp to distribute scripts to RS2
[root@localhost ~] # scp setparam.sh 172.18.249.57:/root
Root@172.18.249.57's password:
Setparam.sh 100% 610 0.6KB/s 00:00
5. Execute the script on the RS2 side and check whether VIP is generated
[root@localhost ~] # bash-x setparam.sh start
+ vip=172.18.50.50
+ netmask=255.255.255.255
+ iface=lo:0
+ case $1 in
+ echo 1
Setparam.sh: line 9: / pro/sys/net/ipv4/conf/all/arp_ignore: No such file or directory
+ echo 1
Setparam.sh: line 10: / pro/sys/net/ipv4/conf/lo/arp_ignore: No such file or directory
+ echo 2
Setparam.sh: line 11: / pro/sys/net/ipv4/conf/all/arp_announce: No such file or directory
+ echo 2
Setparam.sh: line 12: / pro/sys/net/ipv4/conf/lo/arp_announce: No such file or directory
+ ifconfig lo:0 172.18.50.50 netmask 255.255.255.255 broadcast 172.18.50.50 up
+ route add-host 172.18.50.50 dev lo:0
[root@localhost ~] # ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN
Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
Inet 127.0.0.1/8 scope host lo
Inet 172.18.50.50/32 brd 172.18.50.50 scope global lo:0
Inet6:: 1/128 scope host
Valid_lft forever preferred_lft forever
2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000
Link/ether 00:0c:29:b2:ca:ea brd ff:ff:ff:ff:ff:ff
Inet 172.18.249.57/16 brd 172.18.255.255 scope global eth0
Inet6 fe80::20c:29ff:feb2:caea/64 scope link
Valid_lft forever preferred_lft forever
6. Start the httpd service of RS1 and RS2, and check the port. Check both ends. Here, only the one end is demonstrated.
[root@localhost ~] # service httpd start
[root@localhost ~] # ss-tnl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128: 80: *
LISTEN 0 128:: 22: *
LISTEN 0 128 *: 22 *: *
LISTEN 0 100:: 1:25: *
LISTEN 0 100 127.0.0.1:25
7. Generate ipvs rules on two front nodes
At the VS2 end
Stop the keepalived service
Configure the sorry server page
Vim / var/www/html/index.html
Director2 sorry server2
Start the httpd service
[root@localhost ~] # service httpd start
At the VS1 end
First stop the keepalived service
[root@localhost ~] # service keepalived stop
Vim / var/www/html/index.html
Director1
Start the httpd service
[root@localhost ~] # service httpd start
Edit the keepalived configuration file on the VS1 side and add the following:
Virtual_server 172.18.50.50 80 {
Delay_loop 6
Lb_algo wrr
Lb_kind DR
Persistence_timeout 0
Protocol TCP
Real_server 172.18.10.11 80 {
Weight 1
HTTP_GET {
Persistence_timeout 0
Protocol TCP
Sorry_server 127.0.0.1 80
Real_server 172.18.10.11 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
Real_server 172.18.10.10 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}
On the VS2 side, also edit the keepalived.conf file and add the following
Virtual_server 172.18.50.50 80 {
Delay_loop 6
Lb_algo wrr
Lb_kind DR
Persistence_timeout 0
Protocol TCP
Sorry_server 127.0.0.1 80
Real_server 172.18.10.11 80 {
Weight 1
HTTP_GET {
Persistence_timeout 0
Protocol TCP
Real_server 172.18.10.11 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
Real_server 172.18.10.10 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}
Start the keepalived service on VS2
[root@localhost ~] # service keepalived start
Starting keepalived: [OK]
[root@localhost ~] # ipvsadm-ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.18.50.50:80 wrr
-> 172.18.200.100 Route 80
-> 172.18.249.57 Route 80 0 0
Use curl on the client side for access testing (there is a delay after configuration, wait a moment for access)
[root@localhost ~] # curl http://172.18.50.50
RS2:172.18.249.57
[root@localhost ~] # curl http://172.18.50.50
RS1:172.18.200.100
[root@localhost ~] # curl http://172.18.50.50
RS2:172.18.249.57
[root@localhost ~] # curl http://172.18.50.50
RS1:172.18.200.100
[root@localhost ~] # curl http://172.18.50.50
RS2:172.18.249.57
[root@localhost ~] # curl http://172.18.50.50
RS1:172.18.200.100
[root@localhost ~] # curl http://172.18.50.50
RS2:172.18.249.57
[root@localhost ~] # curl http://172.18.50.50
RS1:172.18.200.100
Stop the httpd service at 172.18.200.100
[root@localhost ~] # service httpd stop
Stopping httpd: [OK]
Use ipvsadm to observe on VS2
[root@localhost keepalived] # ipvsadm-ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.18.50.50:80 wrr
-> 172.18.249.57 Route 80 1 0 2
Stop the httpd service at 172.18.200.100
[root@localhost ~] # service httpd start
Use ipvsadm to observe on VS2
[root@localhost keepalived] # ipvsadm-ln
IP Virtual Server version 1.2.1 (size=4096)
Prot LocalAddress:Port Scheduler Flags
-> RemoteAddress:Port Forward Weight ActiveConn InActConn
TCP 172.18.50.50:80 wrr
-> 172.18.200.100 Route 80
-> 172.18.249.57 Route 80 0 0
Start the keepalived service on VS1 and turn off VS2. The client tests using curl and finds that it can still access
[root@localhost keepalived] # curl http://172.18.50.50
RS2:172.18.249.57
[root@localhost keepalived] # curl http://172.18.50.50
RS1:172.18.200.100
[root@localhost keepalived] # curl http://172.18.50.50
RS2:172.18.249.57
[root@localhost keepalived] # curl http://172.18.50.50
RS1:172.18.200.100
Change the configuration file to add the previously deleted double main content
VS1 end
Vrrp_instance myroute2 {
State BACKUP
Interface eth2
Virtual_router_id 51
Priority 98
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123457
}
Virtual_ipaddress {
172.18.51.51/16 dev eth2
}
}
VS2 end
Vrrp_instance myroute2 {
State MASTER
Interface eth2
Virtual_router_id 51
Priority 98
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123457
}
Virtual_ipaddress {
172.18.51.51/16 dev eth2
}
}
It is very important to restart the keepalived service. It will not be effective if you do not restart it. This is a pit.
Summary vs side
VS2-side keepalived configuration
! Configuration File for keepalived
Global_defs {
Notification_email {
Root@localhost
}
Notification_email_from keepalived@localhost
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id node2
Vrrp_mcast_group4 224.0.100.50
}
Vrrp_instance myroute1 {
State BACKUP
Interface eth2
Virtual_router_id 50
Priority 98
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123456
}
Virtual_ipaddress {
172.18.50.50/16 dev eth2
}
Notify_master "/ etc/keepalived/notify.sh master"
Notify_backup "/ etc/keepalived/notify.sh backup"
Notify_fault "/ etc/keepalived/notify.sh fault"
}
Vrrp_instance myroute2 {
State MASTER
Interface eth2
Virtual_router_id 51
Priority 98
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123457
}
Virtual_ipaddress {
172.18.51.51/16 dev eth2
}
}
Virtual_server 172.18.50.50 80 {
Delay_loop 6
Lb_algo wrr
Lb_kind DR
Persistence_timeout 0
Protocol TCP
Sorry_server 127.0.0.1 80
Real_server 172.18.200.100 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
Real_server 172.18.249.57 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}
Virtual_server 172.18.51.51 80 {
Delay_loop 6
Lb_algo wrr
Lb_kind DR
Persistence_timeout 0
Protocol TCP
Sorry_server 127.0.0.1 80
Real_server 172.18.200.100 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
Real_server 172.18.249.57 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}
VS1-side keepalived configuration
! Configuration File for keepalived
Global_defs {
Notification_email {
Root@localhost
}
Notification_email_from keepalived@localhost
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id node1
Vrrp_mcast_group4 224.0.100.50
}
Vrrp_instance myroute1 {
State MASTER
Interface eth2
Virtual_router_id 50
Priority 100
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123456
}
Virtual_ipaddress {
172.18.50.50/16 dev eth2
}
Notify_master "/ etc/keepalived/notify.sh master"
Notify_backup "/ etc/keepalived/notify.sh backup"
Notify_fault "/ etc/keepalived/notify.sh fault"
}
Vrrp_instance myroute2 {
State BACKUP
Interface eth2
Virtual_router_id 51
Priority 98
Advert_int 1
Authentication {
Auth_type PASS
Auth_pass 123457
}
Virtual_ipaddress {
172.18.51.51/16 dev eth2
}
}
Virtual_server 172.18.50.50 80 {
Delay_loop 6
Lb_algo wrr
Lb_kind DR
Persistence_timeout 0
Protocol TCP
Sorry_server 127.0.0.1 80
Real_server 172.18.200.100 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
Real_server 172.18.249.57 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}
Virtual_server 172.18.51.51 80 {
Delay_loop 6
Lb_algo wrr
Lb_kind DR
Persistence_timeout 0
Protocol TCP
Sorry_server 127.0.0.1 80
Real_server 172.18.200.100 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
Real_server 172.18.249.57 80 {
Weight 1
HTTP_GET {
Url {
Path /
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}
VIP configuration script (by the user is a dual-master model so VIP has two)
#! / bin/bash
#
Vip='172.18.50.50'
Vip2='172.18.51.51'
Netmask='255.255.255.255'
Iface='lo:0'
Iface2='lo:1'
Case $1 in
Start)
Echo 1 > / pro/sys/net/ipv4/conf/all/arp_ignore
Echo 1 > / pro/sys/net/ipv4/conf/lo/arp_ignore
Echo 2 > / pro/sys/net/ipv4/conf/all/arp_announce
Echo 2 > / pro/sys/net/ipv4/conf/lo/arp_announce
Ifconfig $iface $vip netmask $netmask broadcast $vip up
Ifconfig $iface2 $vip2 netmask $netmask broadcast $vip2 up
Route add-host $vip dev $iface
Stop)
Ifconfig $iface down
Ifconfig $iface2 down
Echo 0 > / pro/sys/net/ipv4/conf/all/arp_ignore
Echo 0 > / pro/sys/net/ipv4/conf/lo/arp_ignore
Echo 0 > / pro/sys/net/ipv4/conf/all/arp_announce
Echo 0 > / pro/sys/net/ipv4/conf/lo/arp_announce
Esac
Experimental conclusion: to achieve load balancing of keepalived highly available lvs
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
