Keepalived for High Availability

Source: Internet
Author: User
Tags haproxy

Keepalived for High Availability
Keepalived for High Availability

Reference:

1. keepaliveduser guide: http://www.keepalived.org/pdf/UserGuide.pdf

2. Installation documentation: INSTALL documentation in the source code extraction package

This article involves keepalived installation, simple configuration, and high availability for haproxy.

I. Environment preparation 1. Operating System

CentOS-7-x86_64-Everything-1511

2. Keepalived version

As of February 22, the keepalived version is 1.3.5:

Http://www.keepalived.org/software/keepalived-1.3.5.tar.gz

3. Topology

1) two servers node1/2 virtualized by VMware ESXi are used. The frontend access address is 10.11.4.151/152 and the backend address is 192.168.4.151/2;

2) The Web1 Server is a server generated using docker technology. nginx and php services have been installed and started with the IP address 192.168.4.171;

3) Web2/3 is the same as Web1 server, with the IP address 192.168.4.172/173;

4) We plan to deploy keepalive & haproxy on node1/2 and use keepalived to virtualize vip: 10.11.4.150 for high availability;

5) for more information about Haproxy configurations, see configure;

6) Take web1 as an example. Set the test page to facilitate subsequent viewing of the verification results.

Ii. install and configure Keepalived

The following process is completed at Node 1. For Node 2, see Node 1 for proper modification.

1. Dependent Software
  1. [Root @ elk-node1 ~] # Yum install openssl-devel libnl3-devel ipset-devel iptables-devel libnfnetlink-devel popt-static popt-devel gcc kernel-headers kernel-devel net-snmp-devel-y

# Upgrade or install the relevant software, not required to install once, but the general libnl3-devel ipset-develiptables-devel libnfnetlink-devel popt-static popt-devel and so on is not pre-installed to the system, net-snmp-devel is required only when related functions are enabled.

2. Download

  1. [Root @ elk-node1 ~] # Cd/usr/local/src/
  2. [Root @ elk-node1 src] # wget http://www.keepalived.org/software/keepalived-1.3.5.tar.gz

3. Compile and install

  1. [Root @ elk-node1 src] # tar-zxvf keepalived-1.3.5.tar.gz
  2. [Root @ elk-node1 src] # cd keepalived-1.3.5
  3. [Root @ elk-node1 keepalived-1.3.5] #./configure -- prefix =/usr/local/keepalived
  4. [Root @ elk-node1] # make
  5. [Root @ elk-node1] # make install

# You can use "./configure -- help" to view relevant compilation parameters before compilation;

# This compilation does not contain the "-- with-kernel-dir" parameter, which is generally considered to be "-- with-kernel-dir =/usr/src/kernels/(version) "It is better to specify the kernel. My environment may be relatively simple and there is no obvious problem after actual use. This is not specified because centos7 cannot find" linux/netlink. h "header file, even if the corresponding header file can be found in the corresponding directory, no corresponding solution is found.

4. Configure startup 1) Startup commands

  1. [Root @ elk-node1 ~] # Cd/usr/local/keepalived/
  2. [Root @ elk-node1 keepalived] # ln-s/usr/local/keepalived/etc/sysconfig/
  3. [Root @ elk-node1 keepalived] # ln-s/usr/local/keepalived/sbin/keepalived/usr/sbin/

# Soft link.

2) configuration file

  1. [Root @ elk-node1 keepalived] # mkdir-p/etc/keepalived
  2. [Root @ elk-node1 keepalived] # ln-s/usr/local/keepalived/etc/keepalived. conf/etc/keepalived/

# Soft link.

3) boot

  1. [Root @ elk-node1 keepalived] # touch/etc/rc. d/init. d/keepalived
  2. [Root @ elk-node1 keepalived] # chmod + x/etc/rc. d/init. d/keepalived
  3. [Root @ elk-node1 keepalived] # vim/etc/rc. d/init. d/keepalived
  4. #! /Bin/sh
  5. #
  6. # Keepalived High Availability monitor built upon LVS and VRRP
  7. #
  8. # Chkconfig:-86 14
  9. # Description: Robust keepalive facility to the Linux Virtual Server project \
  10. # With multilayer TCP/IP stack checks.
  11. ### BEGIN INIT INFO
  12. # Provides: keepalived
  13. # Required-Start: $ local_fs $ network $ named $ syslog
  14. # Required-Stop: $ local_fs $ network $ named $ syslog
  15. # Shocould-Start: smtpdaemon httpd
  16. # Shocould-Stop: smtpdaemon httpd
  17. # Default-Start:
  18. # Default-Stop: 0 1 2 3 4 5 6
  19. # Short-Description: High Availability monitor built upon LVS and VRRP
  20. # Description: Robust keepalive facility to the Linux Virtual Server
  21. # Project with multilayer TCP/IP stack checks.
  22. ### END INIT INFO
  23. # Source function library.
  24. ./Etc/rc. d/init. d/functions
  25. Exec = "/usr/sbin/keepalived"
  26. Prog = "keepalived"
  27. Config = "/etc/keepalived. conf"
  28. [-E/etc/sysconfig/$ prog] &./etc/sysconfig/$ prog
  29. Lockfile =/var/lock/subsys/keepalived
  30. Start (){
  31. [-X $ exec] | exit 5
  32. [-E $ config] | exit 6
  33. Echo-n $ "Starting $ prog :"
  34. Daemon $ exec $ KEEPALIVED_OPTIONS
  35. Retval =$?
  36. Echo
  37. [$ Retval-eq 0] & touch $ lockfile
  38. Return $ retval
  39. }
  40. Stop (){
  41. Echo-n $ "Stopping $ prog :"
  42. Killproc $ prog
  43. Retval =$?
  44. Echo
  45. [$ Retval-eq 0] & rm-f $ lockfile
  46. Return $ retval
  47. }
  48. Restart (){
  49. Stop
  50. Start
  51. }
  52. Reload (){
  53. Echo-n $ "Reloading $ prog :"
  54. Killproc $ prog-1
  55. Retval =$?
  56. Echo
  57. Return $ retval
  58. }
  59. Force_reload (){
  60. Restart
  61. }
  62. Rh_status (){
  63. Status $ prog
  64. }
  65. Rh_status_q (){
  66. Rh_status &>/dev/null
  67. }
  68. Case "$1" in
  69. Start)
  70. Rh_status_q & exit 0
  71. $1
  72. ;;
  73. Stop)
  74. Rh_status_q | exit 0
  75. $1
  76. ;;
  77. Restart)
  78. $1
  79. ;;
  80. Reload)
  81. Rh_status_q | exit 7
  82. $1
  83. ;;
  84. Force-reload)
  85. Force_reload
  86. ;;
  87. Status)
  88. Rh_status
  89. ;;
  90. Condrestart | try-restart)
  91. Rh_status_q | exit 0
  92. Restart
  93. ;;
  94. *)
  95. Echo $ "Usage: $0 {start | stop | status | restart | condrestart | try-restart | reload | force-reload }"
  96. Exit 2
  97. Esac
  98. Exit $?
  99. [Root @ elk-node1 keepalived] # chkconfig -- add keepalived
  100. [Root @ elk-node1 keepalived] # chkconfig -- level 35 keepalived on

# In the centos7 compilation and installation directory, no "etc/rc. d/init. d/keepalived file, that is, the self-starting script, must be manually configured, provided that the startup commands, configuration files, and other directories defined by the script are placed.

5. Keepalived configuration file

  1. [Root @ elk-node1 ~] # Vim/usr/local/keepalived/etc/keepalived. conf
  2. #===================================================== ====================
  3. # Keepalived. conf configuration
  4. #------------------------------------------------------------
  5. #1. The Keepalived configuration file is organized as a block. Each block content is included in {}
  6. #2. "#", "!" Initial behavior comment
  7. #3. keepalived is configured in three types:
  8. # (1) Global configuration: configuration that takes effect for the entire keepalived
  9. # (2) VRRPD configuration: Core configuration, mainly to achieve high availability of keepalived
  10. # (3) LVS Configuration
  11. #===================================================== ====================
  12. ! Configuration File for keepalived
  13. ########################
  14. # Global configuration
  15. ########################
  16. # Global_defs global configuration identifier;
  17. Global_defs {
  18. # Icationication_email is used to set alarm email addresses. You can set multiple email addresses and one email address per line. To set mail alarms, enable the Sendmail service on the local machine.
  19. Notification_email {
  20. Root@localhost.local
  21. }
  22. # Set the mail sending Address, smtp server address, and smtp sever connection timeout
  23. Notification_email_from root@localhost.local
  24. Smtp_server 10.11.4.151
  25. Smtp_connect_timeout 30
  26. # Indicates the ID of the running keepalived server. The information displayed in the topic during mail sending
  27. Router_id Haproxy_DEVEL
  28. }
  29. ######################
  30. # Service detection Configuration
  31. ######################
  32. # Service detection. If che_haproxy returns 0 for the service name, the service is normal.
  33. Vrrp_script chk_haproxy {
  34. Script "/usr/local/keepalived/etc/chk_haproxy.sh"
  35. # Test once every 1 second
  36. Interval 1
  37. # Haproxy online, weighted by 2
  38. # Weight 2
  39. }
  40. ######################
  41. # VRRPD Configuration
  42. ######################
  43. # VRRPD configuration identifier. VI_1 is the Instance name.
  44. Vrrp_instance VI_1 {
  45. # Specify the Keepalvied role. The MASTER (in uppercase) indicates that the host is the MASTER server, and the BACKUP indicates the BACKUP server;
  46. # Because the non-preemptible mode is configured, nopreempt only applies to BACKUP, and both hosts are configured as BACKUP
  47. State BACKUP
  48. # Specify the HA Monitoring Network Interface
  49. Interface eth0
  50. # Virtual route ID, which must be 1;
  51. # The same VRRP instance uses a unique identifier, MASTER_ID = BACKUP_ID
  52. Virtual_router_id 51
  53. # Define the node priority. A larger number indicates a higher node priority;
  54. # MASTE_PRIORITY> BACKUP_PRIORITY under one VRRP_instance
  55. Priority100
  56. # Interval between the MASTER and BACKUP hosts for synchronization check, in seconds
  57. Advert_int 1
  58. # From the Perspective of actual application, we recommend that you configure the non-preemption mode to prevent frequent network switching and fluctuation.
  59. Nopreempt
  60. # Set the Communication Verification type and password between nodes. The verification types include PASS and AH;
  61. # The same vrrp_instance, MASTER verification password and BACKUP are consistent
  62. Authentication {
  63. Auth_type PASS
  64. Auth_pass 987654
  65. }
  66. # Set a virtual IP address (VIP), also known as a drifting IP address;
  67. # You can set multiple entries in one line;
  68. # Keepalived add the VIP to the system using the "ip address add" command
  69. Virtual_ipaddress {
  70. 10.11.4.150
  71. }
  72. # Script tracking, corresponding service detection
  73. Track_script {
  74. Chk_haproxy
  75. }
  76. }
  77. ######################################## ######
  78. # LVS configuration. Here, keepalived only performs High Availability instead of lvs.
  79. ######################################## ######
  80. # Virtual_server LVS configuration ID
  81. # Format: virtual_server VIP port [separated by spaces between IP addresses and ports]
  82. # Virtual_server 10.11.4.150 443 {
  83. # Set the Health Check Interval in seconds
  84. # Delay_loop 6
  85. # Set the load scheduling algorithm. Common scheduling algorithms include rr, wlc, and lc, lblc, sh, and dh.
  86. # Lb_algo rr
  87. # Set LVS to implement load balancing. Three modes are available: NAT, TUN, and DR.
  88. # Lb_kind NAT
  89. # Session persistence time, which is very useful for dynamic web pages and provides a good solution for seesion sharing in the cluster system;
  90. # Your requests are distributed to a service node until the session persistence time is exceeded (maximum no response timeout time ),
  91. # That is, if the user's operation dynamic page does not perform any operation within 50 s, it will be distributed to another node
  92. # Persistence_timeout 50
  93. # Forwarding protocol type
  94. # Protocol TCP
  95. # Set the identification starting from the real server segment [IP address as the real IP address]
  96. # Format: real_server realIP port [IP and port are separated by spaces]
  97. # Real_server 192.168.201.100 443 {
  98. # The value of the real server node. The value size is represented by a number. The larger the number, the higher the weight.
  99. # Weight 1
  100. # Health Check SSL_GET
  101. # SSL_GET {
  102. # Specify the URL Information for the SSL check. You can specify multiple
  103. # Url {
  104. # Detailed URL path
  105. # Path/index.html
  106. # The summary information after the SSL check can be obtained using the genhash command tool. The command is as follows:
  107. # [Root @ elk-node1 bin] #/usr/local/keepalived/bin/genhash-s 192.168.4.171-p 80-u/index.html
  108. # Digest ff20ad2481f97b1754ef3e12ecd3a9cc
  109. #}
  110. # Url {
  111. # Path/mrtg/
  112. # Digest 9b3a0c85a887a256d6939da88aabd8cd
  113. #}
  114. # No response timeout time, in seconds
  115. # Connect_timeout 3
  116. # Number of Retries
  117. # Nb_get_retry 3
  118. # Retry Interval
  119. # Delay_before_retry 3
  120. #}
  121. #}
  122. #}

6. Keepalived detection script

  1. [Root @ elk-node1 ~] # Touch/usr/local/keepalived/etc/chk_haproxy.sh
  2. [Root @ elk-node1 ~] # Chmod 755/usr/local/keepalived/etc/chk_haproxy.sh
  3. [Root @ elk-node1 ~] # Vim/usr/local/keepalived/etc/chk_haproxy.sh
  4. #! /Bin/bash
  5. # Check haproxy process, if there isn't any process, try to start the process once,
  6. # Check it again after 3 s, if there isn't any process still, restart keepalived process, change state.
  7. #2017-03-22 v0.1
  8. If [$ (ps-C haproxy -- no-header | wc-l)-eq 0]; then
  9. /Etc/rc. d/init. d/haproxy start
  10. Sleep 3
  11. If [$ (ps-C haproxy -- no-header | wc-l)-eq 0]; then
  12. /Etc/rc. d/init. d/keepalived restart
  13. Fi
  14. Fi
  15. # Another method to check haproxy process
  16. # Killall-0 haproxy
  17. # If [[$? -Ne 0]; then
  18. #/Etc/rc. d/init. d/keepalived restart
  19. # Fi

# Check whether the haproxy service is running normally. If not, try to pull it up. If the attempt fails, restart the keepalived service and switch the keepalived vip.

Iii. Verification 1. Start

  1. [Root @ elk-node1 ~] # Service keepalived start
  2. [Root @ elk-node2 ~] # Service keepalived start

2. View logs 1) Node1

  1. [Root @ elk-node1 ~] # Tailf/var/log/messages


1) Start in BACKUP mode;

2) switch to MASTER mode;

3) Get the vip 10.11.4.150 and start sending free arp notices.

2) Node2

  1. [Root @ elk-node2 ~] # Tailf/var/log/messages


1) Start two related sub-processes;

2) Start and enter the BACKUP mode.

3. VIP

  1. [Root @ elk-node1 ~] # Ip address show eth0


The network adapter eth0 of Node1 has obtained the vip 10.11.4.150.

# The "ifconfig" command does not work because "ip address add" is used to add the vip to the system.

4. Failover 1) Haproxy fault pulling

  1. [Root @ elk-node1 ~] # Date; service haproxy stop
  2. [Root @ elk-node1 ~] # Date; service haproxy status


1) manually stop the haproxy service;

2) because the keepalived configuration file defines the script for pulling the haproxy service, we can see that the haproxy service is running again within 1 s.

2) Node1 log


1) The log shows that the haproxy service is pulled up after it is stopped;

2) Keepalived enters the FAULTSTATE and then changes to the backup state;

3) the vip address of the eth0 Nic of Node1 is deleted.

3) Node2 logs


1) Switch Node2 to MASTERSTATE;

2) Node2 receives vip10.11.4.150 and starts issuing free arp notices.

4) Node2 VIP

  1. [Root @ elk-node2 ~] # Ip address show eth0


The eth0 of Node2 has obtained the vip 10.11.4.150.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.