目录
展开
HA Cluster的配置前提
-
1.各节点时间必须同步;
ntp、chrony
-
2.确保iptables及selinux不会成为阻碍;
-
3.各节点之间可通过主机名互相通信(对KA并非必须);
建议使用
/etc/hosts文件实现; -
4.确保各节点的用户集群服务的接口支持MULTICAST通信;
D类:224 – 239;
一、使用chrony同步时间
client :
$ apt install chrony
$ vim /etc/chrony/chrony.conf
#pool 2.debian.pool.ntp.org iburst
server 192.168.1.99 iburst
$ systemctl restart chronyd
$ systemctl enable chronydserver :
$ apt install chrony
$ vim /etc/chrony/chrony.conf
pool 2.debian.pool.ntp.org iburst
$ systemctl restart chronyd
$ systemctl enable chronyd查看同步情况:
$ chronyc sources
210 Number of sources = 1
MS Name/IP address Stratum Poll Reach LastRx Last sample
===============================================================================
^? 192.168.1.99 0 8 0 - +0ns[ +0ns] +/- 0ns
$二、同步/etc/hosts
node1、node2的hosts:
$ cat /etc/hosts
192.168.1.197 node1
192.168.1.84 node2
$ ping node
PING node1 (192.168.1.197) 56(84) bytes of data.
64 bytes from node1 (192.168.1.197): icmp_seq=1 ttl=64 time=0.574 ms
$三、keepalived安装配置
$ ifconfig
ens192: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 ##确保网卡开启了多播,MULTICAST
inet 192.168.1.84 netmask 255.255.255.0 broadcast 192.168.1.255
inet6 fe80::20c:29ff:fe92:26bb prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:92:26:bb txqueuelen 1000 (Ethernet)
RX packets 740858 bytes 103968391 (99.1 MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 76246 bytes 4665418 (4.4 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
开启/关闭方法:
$ ip link set multicast on dev ens192
$ ip link set multicast off dev ens1921.安装
$ apt install keepalived
$ yum install keepalived配置文件路径:/etc/keepalived/keepalived.conf
Debian系下的/etc/keepalived/没有keepalived.conf文件,可以从
/usr/share/doc/keepalived/samples/keepalived.conf.sample复制一份过来
配置文件组成部分:
TOP HIERACHY
GLOBAL CONFIGURATION
Global definitions
Static routers/addresses
VRRPD CONFIGURATION
VRRP synchronization group(s): vrrp同步组;
VRRP Instance(s): 每个vrrp Instance即一个vrrp路由器;
LVS CONFIGURATION
Virtual server group(s)
Virtual server(s): Ipvs集群的vs和rs;2.配置
node1:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp_mcast_group4 224.1.101.33 ! 组播地址,只要是224开头即可
}
vrrp_instance VI_1 {
state MASTER !`主节点`
priority 100 !`优先级`
interface ens192
virtual_router_id 33
nopreempt !非抢占模式
advert_int 1
authentication {
auth_type PASS
auth_pass RT3SKUI2 ! 随机字符串即可
}
virtual_ipaddress {
192.168.1.198/24 dev ens192 label ens192:0 !vip地址
}
}node2:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node2
vrrp_mcast_group4 224.1.101.33
}
vrrp_instance VI_1 {
state BACKUP
priority 96
interface ens192
virtual_router_id 33
nopreempt
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass RT3SKUI2 ! 随机字符串即可
}
virtual_ipaddress {
192.168.1.198/24 dev ens192 label ens192:0
}
}先在node2开启keepalive,ifconfig/ip addr可以发现vip漂移到了node2上:
在node1上启动keepalived,vip被node1抢占过去,node2进入备节点状态
优先级与抢占、非抢占模式:
1.State(Master/Backup)的优先级低于priority定义的优先级(数字越大越优先)
2.只有当所有节点的STATE都是BACKUP并且priority一样时,这时候设置nopreempt才会起到作用
即任意一个节点挂了,之后重新启动,不会抢占vip过来;
这样配置后,我们要注意启动服务的顺序,优先启动的获取master权限,与优先级没有关系了
如图,node1停止后,优先级置为0,重新选举master:
3.双主节点
node1:
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp_mcast_group4 224.1.101.33
}
vrrp_instance VI_1 {
state MASTER
priority 100
interface ens192
virtual_router_id 33
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass RT3SKUI2 ! 随机字符串即可
}
virtual_ipaddress {
192.168.1.198/24 dev ens192 !把之前的` label ens192:0`删掉了;别名网卡可有可无,一个网卡配置多个辅助IP也没问题
}
}
vrrp_instance VI_2 {
state BACKUP
priority 96
interface ens192
virtual_router_id 34
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass Ra3S7Uy2 ! 随机字符串即可
}
virtual_ipaddress {
192.168.1.199/24 dev ens192 !别名网卡可有可无,一个网卡配置多个辅助IP也没问题
}
}node2的vrrp_instance VI_2配置:
vrrp_instance VI_2 {
state MASTER ! Master节点
priority 100 ! 优先级大于node1
interface ens192
virtual_router_id 34
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass Ra3S7Uy2 ! 随机字符串即可
}
virtual_ipaddress {
192.168.1.199/24 dev ens192
}
}node1拿到的vip:
node2拿到的vip:
node2 down后,node1接管vip2(192.168.1.199)
四、keepalived配置及演练
切换时执行指定脚本(如邮件通知脚本等)
node如下,node2脚本配置一样 :
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from keepalived@localhost
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id node1
vrrp_mcast_group4 224.1.101.33
}
vrrp_instance VI_1 {
state MASTER
priority 100
interface ens192
virtual_router_id 33
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass RT3SKUI2 ! 随机字符串即可
}
virtual_ipaddress {
192.168.1.198/24 dev ens192 label ens192:0
}
notify_master "/etc/keepalived/notify.sh master" !脚本一定要存在并且有执行权限,脚本和脚本入参用引号引起来
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"
}示例脚本:
#!/bin/bash
contact='root@localhost'
notify() {
local mailsubject="$(hostname) to be $1,vip floating"
local mailbody="$(date +'%F %T'):vrrp transltion,$(hostname) changed to be $1"
echo "$mailbody"|mail -s "$mailsubject" $contact
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage:$(basename $0){master|backup|fault}"
exit 1
;;
esac重启服务并查看状态:
Opening script说明脚本执行成功,执行报错的可查看系统日志/var/log/syslog
