Common Features of keepalived High Availability

Source: Internet
Author: User
Tags nginx server
Keepalived is used to detect the status of a Web server. If a web server crashes or fails to work, keepalived will detect it and remove the faulty web server from the system, when the Web server is working normally, keepalived automatically adds the Web server to the server group. All these tasks are completed automatically without manual interference. All you need to do is to manually repair the faulty web server. This article will introduce the installation and configuration of keepalived, as well as some scripts for keepalived. keepalived + nginx High Availability implementation and keepalived dual-host mutual master-slave implementation.

Install the keepalived environment:
The default keepalived version provided on centos6.5 is 1.2.7, but the latest version on the official website is 1.2.13. Therefore, we use the source code to install keepalived. Go to http://www.keepalived.org/software/keepalived-1.2.13.tar.gzto download the latest keepalived. Then compile and install the SDK directly. If the default development environment is not installed, some common errors will be reported during the compilation process. If any errors are encountered, install the corresponding environment package. Of course, for convenience, you can directly install the development kit provided by centos 6, so that there will be no problems during the compilation process. Yum groupinstall "desktop platform development" "development tools" "server platform development ". My compilation and installation process is as follows:
[[Email protected] ~] # Tar xf keepalived-1.2.13.tar.gz
[[Email protected] ~] # Cd keepalived-1.2.13
[[Email protected] ~] #./Configure -- prefix =/usr/local/keeaplived -- sysconfdir =/etc/
[[Email protected] ~] # Make & make install
[[Email protected] ~] # Chkconfig -- add keepalived

The keepalived installed above will report an error when using service keepalived start, because we installed the keepalived script in the/usr/local/keepalived/sbin directory, while/etc/rc. the keepalived script is directly used in keepalived under Rd. Therefore, you can add the/usr/local/keepalived/sbin directory to the path or change all the places where keepalived is called to/usr/local/keepalived/sbin/keepalived in keepalived.

To view the keepalived. conf file, you can add the following configuration in the/etc/man. config file:
Manpath/usr/local/keepalived/share/man
In this way, you can directly use man keepalived. conf to conveniently view the configuration file of keepalived.

Keepalived + S implement httpd high-availability experimental environment (centos6.5 ):
1. master node of keepalived (192.168.1.134)
2. Backup node of keepalived (192.168.1.136)
3. the addresses of the two real servers are (192.168.1.143, 192.168.1.170)
4. the VIP address is 192.168.1.200.

I. First, configure the ARP protocol, VIP address, and routing policy under two real servers:
[[Email protected] ~] # Echo 1>/proc/sys/NET/IPv4/CONF/All/arp_ignore
[[Email protected] ~] # Echo 1>/proc/sys/NET/IPv4/CONF/eth0/arp_ignore
[[Email protected] ~] # Echo 2>/proc/sys/NET/IPv4/CONF/eth0/arp_announce
[[Email protected] ~] # Echo 2>/proc/sys/NET/IPv4/CONF/All/arp_announce
[[Email protected] ~] # Ifconfig lo: 0 192.168.1.200 broadcast 192.168.1.200 netmask 255.255.255.255
[[Email protected] ~] # Route add-host 192.168.1.200 Dev lo: 0

II. Keepalived and ipvsadm are mounted on 192.168.1.134 and 192.168.1.136 nodes.
The following configuration files are provided for/etc/keepalived. conf on the master node:

! Configuration file for keepalived

Global_defs {
Notification_email {
[Email protected] # email recipient address
}
Notification_email_from [email protected] # mail sender address
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id lvs_devel
}

Vrrp_instance vi_1 {
State master
Interface eth0
Virtual_router_id 51
Priority110
Advert_int 1 # synchronization interval between two nodes
Authentication {
Auth_type pass
Auth_pass 123456
}
Virtual_ipaddress {
192.168.1.200
}
}

Virtual_server 192.168.1.200 80 {
Delay_loop 6 # delay in voting for the election Service
Lb_algo RR # Scheduling Algorithm
Lb_kind Dr # LVS type
Nat_mask 255.255.255.0
# Persistence_timeout 50 # timeout of persistent connections
Protocol TCP

Real_server 192.168.1.143 80 {
Weight 1
Http_get {
URL {
Path/
Status_code 200
}
Connect_timeout 3 # connection timeout
Nb_get_retry 3 # number of attempts
Delay_before_retry 3 # Try Delay
}
}
Real_server 192.168.1.170 80 {
Weight 1
Http_get {
URL {
Path/
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}

Copy the above content to the backup node. You only need to modify the State master to state backup and priority 110 to priority 100. Start the keepalived service and check whether the corresponding list exists in ipvsadm. If yes, it indicates that our keepalived has been configured successfully.

Keepalived supports more than http checks by default, including ssl_get, tcp_check, smtp_check, and misc_check. If you want to describe the specific usage, simply use man keepalived. conf.

Extended functions of keepalived:
1. when all the nodes in the Real Server are down, the service will not be available when they are accessed again. For user experience friendliness, You can provide an error on the master and slave nodes, when all nodes are absent, an incorrect page is provided. Therefore, the HTTPd service is installed on the master and backup hosts and the default page is provided. Modify the keepalived. conf configuration file on Master and backup.
Virtual_server 192.168.1.200 80 {
Delay_loop 6
Lb_algo rr
Lb_kind Dr
Nat_mask 255.255.255.0
# Persistence_timeout 50
Protocol TCP
Sorry_server 127.0.0.1 80 # the configuration of virtual_server is the same as above, but a new line needs to be added here.
Real_server 192.168.1.143 80 {
Weight 1
Http_get {
URL {
Path/
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
Real_server 192.168.1.170 80 {
Weight 1
Http_get {
URL {
Path/
Status_code 200
}
Connect_timeout 3
Nb_get_retry 3
Delay_before_retry 3
}
}
}

After the above configuration, when all the real servers are down, the httpd server on the master will be enabled by default, and when a real server is online, the HTTP server on the master node will go offline.

2. By default, keepalived is configured with the mail service function by default, which only sends emails when the real server goes down or recovers. In many cases, we hope to see that the email service is provided when the keepalived node fails. Keepalived provides three default parameters: yy_master, notify_backup, and notify_fault. They indicate the scripts that can be executed when the node becomes master, the node becomes backup, and the node becomes unavailable. For more information, see man. Therefore, the following configuration provides the mail function when the master node of keepalived is transferred:

Create a new script file keepalived_message.sh under/etc/keepalived/. The script receives two parameters, namely the status and VIP address. When we call the previous policy_master script and other scripts, We will automatically call the corresponding parameters of this script to implement the mail sending function. The script content is as follows:

#! /Bin/bash

VIP = $2

Usage (){
Echo "Usage: 'basename $ 0' {mater | Backup} VIP"
}

Send_message (){
Subject = "$ {VIP}'s server keepalived state is translate"
Content = "'date + '% F % t': 'hostname''s state change to $1"
Echo $ content | mail-s "$ subject" [email protected]
}

[$ #-Lt 2] & Usage & Exit

Case $1 in
Master)
Send_message master
;;
Backup)
Send_message backup
;;
Fault)
Send_message fault
;;
*)
Usage
Exit 1
;;
Esac

Add the following content to the configuration file keepalived. conf:
Vrrp_instance vi_1 {
State master
Interface eth0
Virtual_router_id 51
Priority110
Advert_int 1
Authentication {
Auth_type pass
Auth_pass qiguo139
}
Virtual_ipaddress {
192.168.1.200
}
# The following content is the newly added three rows. When the keepalived node changes to the corresponding state, execute the above script to send an email.
Notify_master "/etc/keepalived/keepalived_message.sh master 192.168.1.200"
Notify_backup "/etc/keepalived/keepalived_message.sh backup 192.168.1.200"
Notify_fault "/etc/keepalived/keepalived_message.sh fault 192.168.1.200"
}

Pass the newly added keepalived_message.sh script and the three newly added information in the master configuration file to another keepalived server. Then, the test will show that the corresponding keepalived is disabled, all emails will be sent at startup.

3. keepalived also provides the vrrp_script script to expand the current monitoring, so that we can use keepalived for nginx and haproxy high availability. The default Syntax of vrrp_script is:
Vrrp_script check_name {
Script "" location where the script content or script file to be executed is stored
How many seconds does interval 2 perform a detection?
How much weight is reduced if weight-2 fails?
Fail 2 determines the number of failed detection attempts as a true failure.
Rise 1 is considered online after a successful detection
}
The vrrp_script script is defined outside the instance.

The above just defines a vrrp_script script, and you also need to execute it. If it is executed, it can be executed through track_script. Track_script needs to be placed in the instance, so that the instance can execute this script at any time to determine the service status. Therefore, if we define vrrp_script check_name {XXX}, add the following in vrrp_instance:
Track_script {
Check_name
}

The following is a highly available script for keepalived + nginx. Here, the nginx server is still running the Server Load balancer, and the script on the master is as follows:

! Configuration file for keepalived
Global_defs {
Notification_email {
[Email protected]
}
Notification_email_from [email protected]
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id lvs_devel
}

Vrrp_script check_nginx {
Script "killall-0 nginx"
Interval 2
Weight-2
}

Vrrp_instance vi_1 {
State master
Interface eth0
Virtual_router_id 51
Priority101
Advert_int 1
Authentication {
Auth_type pass
Auth_pass qiguo139
}
Virtual_ipaddress {
192.168.1.200
}
Track_script {
Check_nginx
}
}

On the backup node, you only need to replace the value of priority with 100 and change the state to backup.

4. Sometimes it is easy to waste resources to keep a backup instance idle for a long time. Therefore, you can configure the dual-host to act as the master and slave nodes. The main idea is to create two vrouters and take the two nodes as the master and slave nodes. We modified the high-availability script of nginx + keepalived above to implement mutual master and slave:
! Configuration file for keepalived
Global_defs {
Notification_email {
[Email protected]
}
Notification_email_from [email protected]
Smtp_server 127.0.0.1
Smtp_connect_timeout 30
Router_id lvs_devel
}

Vrrp_script check_nginx {
Script "killall-0 nginx"
Interval 2
Weight-2
}

Vrrp_instance vi_1 {
State master
Interface eth0
Virtual_router_id 51
Priority101
Advert_int 1
Authentication {
Auth_type pass
Auth_pass qiguo139
}
Virtual_ipaddress {
192.168.1.200
}
Track_script {
Check_nginx
}
}

Vrrp_instance vi_2 {
State backup # For the slave
Interface eth0
Virtual_router_id 52 # when defining a new virtual route, it cannot be the same as the value of the original virtual route ID
Priority 100 # priority for another instance
Advert_int 1
Authentication {
Auth_type pass
Auth_pass qiguo139
}
Virtual_ipaddress {
192.168.1.201 # VIP defined on backup
}
Track_script {
Check_nginx
}
}

Then swap the relationship on the backup. Check again and you will find that the original master will bind the VIP address of 192.168.1.200, And the VIP address of 192.168.1.201 will be bound to the original backup.





Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.