Shulou(Shulou.com)06/02 Report--

1. Cluster introduction

It is divided into two categories according to their functions: high availability and load balancing.

A high availability cluster usually consists of two servers, one working and the other serving as redundancy. When the machine providing the service goes down, the redundancy will continue to provide the service.

High availability cluster, High Availability Cluster, or HACluster for short, is simply a group of computers that provide users with a set of network resources as a whole. These individual computer systems are the node of the cluster.

HA (High Available), high availability clustering is measured by the reliability (reliability) and maintainability (maintainability) of the system. In engineering, the mean time between failures (MTTF) is usually used to measure the reliability of the system, and the mean maintenance time (MTTR) is used to measure the maintainability of the system. So usability is defined as: HA=MTTF/ (MTTF+MTTR) * 100%

= = specific HA metrics:

99% of the downtime is no more than 4 days a year

99.9% no more than 10 hours of downtime a year

99.99% of the downtime is no more than 1 hour a year

99.999% of the downtime in a year is no more than 6 minutes

The open source software to achieve high availability are: heartbeat, keepalived

In a load balancing cluster, a server is required as a dispatcher, which is responsible for distributing users' requests to the back-end servers for processing. In this cluster, in addition to the distributor, it is the server that provides services to users. The number of these servers is at least 2.

Open source software to achieve load balancing are LVS, keepalived, haproxy, nginx, while commercial ones are F5 and Netscaler.

2keepalived introduction

Here we use keepalived to implement highly available clusters, because heartbeat has some problems on centos6, which affect the experimental results.

Keepalived achieves high availability through VRRP (Virtual Router Redundancy Protocl).

Keepalived should have three modules, namely core, check and vrrp. The core module is the core of keepalived, which is responsible for the startup and maintenance of the main process and the loading and parsing of the global configuration file, the check module is responsible for health check, and the vrrp module is to implement the VRRP protocol.

3. Configure highly available clusters with keepalived (summary)

Environment: a [root@chy01], B [root@chy] #

There are two servers, An is the primary server and B is the standby server. First, both servers need to have keepalived installed. The specific configuration is as follows:

Configuration Master:

[root@chy01 ~] # yum install-y keepalived (A machine installation keepalived) [root@chy ~] # yum install-y keepalived (B machine installation keepalived) [root@chy01 ~] # ps aux | grep nginxroot 2485 0.0 45484 1280? Ss 05:15 0:00 nginx: master process / usr/local/nginx/sbin/nginx-c / usr/local/nginx/conf/nginx.confnobody 2492 0.00.2 47972 4172? S 05:15 0:00 nginx: worker processnobody 2493 0.0 0.2 47972 3916? S 05:15 0:00 nginx: worker processroot 3041 0.0 112664 976 pts/0 R + 05:28 0:00 grep-- color=auto nginx (machine A has nginx installed Need to use nginx as a load balancer) [root@chy ~] # yum install-y nginx (nginx installed with yum on B machine Because it has not been installed before) [root@chy01 ~] # >! $> / etc/keepalived/keepalived.conf (clear the keepalived configuration file for master) [root@chy01 ~] # vim / etc/keepalived/keepalived.conf global_defs {notification_email {chy@chy.com} notification_email_from root@chy.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL} vrrp_script chk_nginx { Script "/ usr/local/sbin/check_ng.sh" interval 3} vrrp_instance VI_1 {state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication {auth_type PASS auth_pass chylinux > com} virtual_ipaddress {192.168.212.1} track_script {chk_nginx}} as above is the main configuration file: details 1 Global definition (global definition) configuration example global_defs {notification_email {chy@chy.com} notification_email_from root@chy.com smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_DEVEL} global_defs global configuration identity. On the surface, this area {} is a global configuration, indicating that keepalived needs to send email notifications when switching operations such as switching, and to which email addresses email is sent. You can have multiple email addresses. One notification_email_from per line indicates who the email source address is when sending notification messages. Smtp_server 127.0.0.1 indicates the smtp server address used when sending email. You can use local sendmail to implement mtp_connect_timeout 30 connection smtp connection timeout router_id node1 machine identification vrrp_script chk_nginx {script "/ usr/local/sbin/check_ng.sh" interval 3} vrrp_instance VI_1 {state MASTER state specifies the initial state of instance (Initial), that is, after configuration, the initial state of this server is specified here, but what is specified here does not count. It still has to be determined through the priority of the election. If this is set to master, but if its priority is lower than the other, then this one will send its own priority when sending a notice, and the other one will find that the priority is not as high as its own, then he will preempt the network card bound to the master interface ens33 instance. Because when configuring the virtual IP, it is necessary to set the VRID here in the virtual_router_id 51 added to the existing network card, here is very important, the same VRID is a group, he will decide the multicast MAC priority 100th to set the VRID here, here is very important, the same VRID is a group, he will determine the multicast MAC address advert_int 1 check interval Default is 1 second authentication {here set authentication auth_type PASS authentication method, can be PASS or AH authentication method auth_pass chylinux > com} virtual_ipaddress {192.168.212.1} what is set here is VIP, that is, virtual IP address, which is added and deleted with the change of state, added when state is master, deleted when state is backup It is mainly determined by priority, which has little to do with the value set by state. Here you can set multiple IP addresses track_script {chk_nginx}} [root@chy01 ~] # vim / usr/local/sbin/check_ng.sh (edit script) #! / bin/bashd= `date-- date today +% Y%m%d_%H:%M:% S` # calculate the number of nginx processes n = `ps-C nginx-- no-heading | wc-l` # if the process is 0, start nginx and detect the number of nginx processes again, # if it is still 0 Indicates that nginx cannot be started, and keepalivedif needs to be shut down [$n-eq "0"] Then / etc/init.d/nginx start N2 = `ps-C nginx-- no-heading | wc-l`if [$N2-eq "0"] Then echo "$d nginx down,keepalived will stop" > > / var/log/check_ng.log systemctl stop keepalived fifi [root@chy01 ~] # chmod 755 / usr/local/sbin/check_ng.sh (increase script permissions) [root@chy01 ~] # systemctl start keepalived [root@chy01 ~] # ps aux | grep keeproot 3225 0.0 111708 1308? Ss 06:13 0:00 / usr/sbin/keepalived-Droot 3226 0.00.1 111708 2560? S 06:13 0:00 / usr/sbin/keepalived-Droot 3227 0.00.1 111708 1624? S 06:13 0:00 / usr/sbin/keepalived-Droot 3254 0.0 112664 972 pts/0 S + 06:13 0:00 grep-- color=auto keep [root@chy01 ~] # ps aux | grep nginxroot 2485 0.0 45484 1280? Ss 05:15 0:00 nginx: master process / usr/local/nginx/sbin/nginx-c / usr/local/nginx/conf/nginx.confnobody 2492 0.00.2 47972 4172? S 05:15 0:00 nginx: worker processnobody 2493 0.0 0.2 47972 3916? S 05:15 0:00 nginx: worker processroot 3274 0.0 112668 972 pts/0 S+ 06:13 0:00 grep-- color=auto nginx (start the keepalive service and see if it is started) [root@chy01 ~] # less / var/log/messages (keepalive's log log) [root@chy01 ~] # ip add 1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 0000 pts/0 00 brd 00: 00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6:: 1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:13:b3:3b brd ff:ff:ff:ff:ff:ff inet 192.168.212.11/24 brd 192.168.212.255 scope global ens33 Valid_lft forever preferred_lft forever inet 192.168.100.1 valid_lft forever preferred_lft forever inet 32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::243b:ddac:7a2b:a5b/64 scope link valid_lft forever preferred_lft forever (check the virtual ip address Need to check with ipadd) (after that, you need to check whether the firewall is turned off on both the primary server and the slave server, and both sides need to be turned off)

Configure slave server

[root@chy ~] # > / etc/keepalived/keepalived.conf (empty standby configuration file) global_defs {notification_email {aming@aminglinux.com notification_email_from root@aminglinux.com smtp_server 127.0.0.1 notification_email {aming@aminglinux.com smtp_server 127.0.0.1} aming@aminglinux.com} notification_email_from root@aminglinux.com smtp_server 127.0.0.1 Smtp_connect_timeout 30 router_id LVS_DEVEL} vrrp_script chk_nginx {script "/ usr/local/sbin/check_ng.sh" interval 3} vrrp_instance VI_1 {state BACKUP interface ens33 virtual_router_id 51 priority 90 advert_int 1 authentication {auth_type PASS auth_pass chylinux > com} virtual_ipaddress {192.168.212.1} track_script { Chk_nginx}} (such as the configuration file provided above) [root@chy ~] # vim / usr/local/sbin/check_ng.sh (edit the prepared script file)! / bin/bash time variable Used to log d = `date-- date today +% Y%m%d_%H:%M:% S` # calculate the number of nginx processes n = `ps-C nginx-- no-heading | wc-l` # if the process is 0, start nginx and detect the number of nginx processes again. # if it is still 0, nginx cannot be started, and you need to shut down keepalivedif [$n-eq "0] Then systemctl start nginx N2 = `ps-C nginx-- no-heading | wc-l` if [$N2-eq "0"] Then echo "$d nginx down,keepalived will stop" > > / var/log/check_ng.log systemctl stop keepalived fifi [root@chy ~] # chmod 755 / usr/local/sbin/check_ng.sh [root@chy ~] # source / usr/local/sbin/check_ng.sh (to make the script effective) [root@chy ~] # systemctl start keepalived [root@chy ~] # ps aux | grep keepalivedroot 4484 0.0 111728 1308? Ss 06:58 0:00 / usr/sbin/keepalived-Droot 4485 0.00.1 111728 2560? S 06:58 0:00 / usr/sbin/keepalived-Droot 4486 0.00.1 111728 1644? S 06:58 0:00 / usr/sbin/keepalived-Droot 4503 0.0 112664 980 pts/0 R + 06:58 0:00 grep-- color=auto keepalived (start keepalived and see if it starts) [root@chy ~] # cat / usr/share/nginx/html/index.html (location of default host for nginx installed by yum)

Test high availability

[root@chy01 ~] # / etc/init.d/nginx stopStopping nginx (via systemctl): [OK] (Test 1 closes nginx) [root@chy01 ~] # ps aux | grep nginxroot 10942 0.0 45484 1276? Ss 07:13 0:00 nginx: master process / usr/local/nginx/sbin/nginx-c / usr/local/nginx/conf/nginx.confnobody 10944 0.00.2 47972 3912? S 07:13 0:00 nginx: worker processnobody 10945 0.0 0.2 47972 3912? S 07:13 0:00 nginx: worker processroot 10961 0.0 112664 976 pts/0 S+ 07:13 0:00 grep-- color=auto nginx (see later this automatically starts because of the written script check) Test 2: add iptabls rules [root@chy01 ~] # iptables-I OUTPUT-p vrrp-j DROP [root@chy01 ~] # iptables-nvLChain INPUT (policy ACCEPT 58 packets) to master 3974 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 36 packets 3394 bytes) pkts bytes target prot opt in out source destination 30 1200 DROP 12-- * * 0.0.0.0 DROP 0 (view the rules already iptables) Test 2 does not test whether keepvalied can be switched quickly) Test 3: when the main keepvalied service is stopped You can quickly see the speed of switching from the server. [root@chy ~] # ip addr1: lo: mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 0012 qdisc pfifo_fast state UP qlen 0000 scope host valid_lft forever preferred_lft forever2:: 1 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:70:77 : 62 brd ff:ff:ff:ff:ff:ff inet 192.168.212.10/24 brd 192.168.212.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.212.100/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::338e:589c:fa07:65e5/64 scope link valid_lft forever preferred_lft forever

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.