keepalived安装文档

LVS+Keepalived实现高可用集群一、基础介绍 (2)二、搭建配置LVS-NA T模式 (2)三、搭建配置LVS-DR模式 (4)四、另外一种脚本方式实现上面LVS-DR模式 (6)五、keepalived + LVS(DR模式) 高可用 (8)六、Keepalived 配置文件详细介绍 (11)一、基础介绍(一)根据业务目标分成三类：High Availability 高可用Load Balancing 负载均衡High Performance 高性能(二)实现集群产品：HA类：rhcs、heartbeat、keepalivedLB类：haproxy、lvs、nginx、f5、piranhaHPC类：/index/downfile/infor_id/42(三)LVS 负载均衡有三种模式：LVS-DR模式（direct router）直接路由模式进必须经过分发器，出就直接出LVS-NAT模式（network address translation）进出必须都经过分发器LVS-TUN模式（ip tunneling）IP隧道模式服务器可以放到全国各地二、搭建配置LVS-NAT模式1 、服务器IP规划：DR服务器添加一张网卡eth1，一个网卡做DIP，一个网口做VIP。

设置DIP、VIP IP地址:DIP的eth1和所有RIP相连同一个网段CIP和DIP的eth0(Vip)相连同一个网段Vip eth0 192.168.50.200Dip eth1 192.168.58.4客户机IP：Cip 192.168.50.32台真实服务器IP：Rip1 192.168.58.2Rip2 192.168.58.32 、R ealServer1配置：mount /dev/xvdd /media/vi /var/www/html/index.html写入：this is realserver1启动httpdvi /etc/sysconfig/network-scripts/ifcfg-eth0设置RIP,子网掩码必须设置成DIPIPADDR=192.168.58.2NETMASK=255.255.255.0GA TEWAY=192.168.58.43 、R ealServer2 配置：vi /var/www/html/index.html写入：this is realserver2启动httpdvi /etc/sysconfig/network-scripts/ifcfg-eth0设置RIP，子网掩码必须设置成DIPIPADDR=192.168.58.3NETMASK=255.255.255.0GA TEWAY=192.168.58.44 、在DR服务器上做以下设置：开启IP数据包转发vi /etc/sysctl.confnet.ipv4.ip_forward = 0 ##0改成1 ,此步很重要查看是否开启：sysctl -p5 、安装LVS服务：ipvsadmyum -y install ipvsadmlsmod |grep ip_vsTurbolinux系统没有带rpm包，必须下载源码安装：#ln -s /usr/src/kernels/2.6.18-164.el5-x86_64/ /usr/src/linux##如果不做连接，编译时会包错#tar zxvf ipvsadm-1.24.tar.gz#cd ipvsadm-1.24#make && make install运行下ipvsadm ，就加到ip_vs模块到内核了lsmod | grep ip 可以看到有ip_vs模块了6 、配置DR服务器,添加虚拟服务ipvsadm -L -n 查询信息ipvsadm -A -t 192.168.50.200:80 -s rr #添加集群服务、调度算法，rr为调度算法ipvsadm -a -t 192.168.50.200:80 -r 192.168.58.2 -m -w 1 # -m代表net模式，-w代表权重ipvsadm -a -t 192.168.50.200:80 -r 192.168.58.3 -m -w 2ipvsadm -L -n 再次查看是就有了realserverservice ipvsadm save 保存配置iptables -L 关闭或者清空防火墙watch -n 1 'ipvsadm -L -n' 查看访问记录的数显示如下：-> RemoteAddress:Port Forward Weight ActiveConn InActConnTCP 192.168.50.200:80 rr-> 192.168.58.2:80 Masq 1 0 13-> 192.168.58.3:80 Masq 2 0 12ActiveConn是活动连接数,也就是tcp连接状态的ESTABLISHED;InActConn是指除了ESTABLISHED以外的,所有的其它状态的tcp连接.7 、测试：http://192.168.58.200配完后若想修改算法：ipvsadm -E -t 192.168.58.200:80 -s wlc修改Rip的权重：ipvsadm -e -t 192.168.58.200:80 -r 192.168.58.2 -m -w 1ipvsadm -e -t 192.168.58.200:80 -r 192.168.58.3 -m -w 5三、搭建配置LVS-DR模式lo:1 回应客户端，lo:1上的IP跟机器有关，跟网卡没有关系arp_announce 对网络接口上本地IP地址发出的ARP回应作出相应级别的限制arp_ignore 定义对目标地址为本地IP的ARP询问不同的请求一、3台服务器IP配置规划：DIP：eth0:1 192.168.58.200/32 (VIP)eth0 192.168.58.3/24 (DIP)RIP1 lo:1 192.168.58.200/32 (VIP)eth0 192.168.58.4/24RIP2 lo:1 192.168.58.200/32 (VIP)eth0 192.168.58.5/24 .................................................................RIP n lo:1 192.168.58.200/32 (VIP)eth0 192.168.58.N/24二、每台realserver都加上下面四个步骤配置：1 、配置每台rip的IP、http,web页面2 、关闭每台rip服务器的ARP广播：echo 1 > /proc/sys/net/ipv4/conf/lo/arp_ignoreecho 2 > /proc/sys/net/ipv4/conf/lo/arp_announceecho 1 > /proc/sys/net/ipv4/conf/all/arp_ignoreecho 2 > /proc/sys/net/ipv4/conf/all/arp_announce3 、配置VIPifconfig lo:1 192.168.58.200 netmask 255.255.255.255 broadcast 192.168.58.200 up4 、配置网关route add -host 192.168.58.200 dev lo:1三、DR上的配置（DR模式下Dip不用开启转发）：1 、配置DIP，在eth0上添加一个子VIP接口：添加VIP：ifconfig eth0:1 192.168.58.200 broadcast 192.168.58.200 netmask 255.255.255.255 up2 、配置网关：route add -host 192.168.58.200 dev eth0:1route -n3 、安装ipvsadm(方法见文档上面）yum -y install ipvsadmlsmod |grep ip_vs4 、配置LVS集群：ipvsadm -A -t 192.168.58.200:80 -s rr #添加集群服务、调度算法，rr为调度算法ipvsadm -a -t 192.168.58.200:80 -r 192.168.58.3 -g -w 1 # -g代表DR模式，-w代表权重ipvsadm -a -t 192.168.58.200:80 -r 192.168.58.2 -g -w 2service ipvsadm saveipvsadm -L -n 查看信息四、测试：http://192.168.58.200四、另外一种脚本方式实现上面LVS-DR模式IP规划：Dip eth0 192.168.58.139VIP：192.168.58.200RIP1：192.168.58.2RIP2：192.168.58.31 、D R服务器上安装ipvsadm#yum -y install ipvsadm#lsmod | grep ip_vs 查看没有输出#modprobe ip_vs 安装即可2 、配置DIP服务器、LVS这里也是个写脚本为了方便vim /etc/init.d/lvsdr#!/bin/bash#lvs of DRVIP=192.168.58.200RIP1=192.168.58.2RIP2=192.168.58.3case "$1" instart)echo "start lvs of DR"/sbin/ifconfig eth0:0 $VIP broadcast $VIP netmask 255.255.255.0 up echo "1" > /proc/sys/net/ipv4/ip_forward/sbin/iptables -C/sbin/ipvsadm -A -t $VIP:80 -s rr/sbin/ipvsadm -a -t $VIP:80 -r $RIP1:80 -g/sbin/ipvsadm -a -t $VIP:80 -r $RIP2:80 -g/sbin/ipvsadm;;stop)echo "stop lvs of DR"echo "0" > /proc/sys/net/ipv4/ip_forward/sbin/ipvsadm -C/sbin/ifconfig eth0:0 down;;*)echo "Usage :$0 {start|stop}"exit1esacexit 0#chmod o+x /etc/init.d/lvsdr启动脚本：#service lvsdr start3 、2台RIP服务器都配置这里我们也都可以写成脚本开启2台RIP的httpd服务。

使用KeepAlived实现服务进程HA的安装配置使用HA方案的背景对于可以实现集群的服务，我们可以将同一功能的多个实例部署在不同的机器上，避免设备单点故障。

但是，有些系统级别的进程，却不允许运行多实例，例如一个普通的统计服务，这个服务的功能是主动轮询规则后进行统计。

在这种情况下，如果不进行规则适配改造，运行多个统计服务实例，那么，每个实例都将统计一遍数据，暂且不考虑对服务器的消耗，多个实例将产生多份数据，造成统计结果错误。

特别的，对于很多已经存在的服务进程，都无法实现多实例部署。

在这种情况下，这种服务只能是单进程的，如果这台机器由于硬件故障的话，服务将中断。

因此，有必要研究另外一种方案，实现服务进程的异地备份，在服务机器出现故障时，能够最快速的在另外一台备份机器上运行起来。

这种方案就属于冷备方案，也叫HA方案。

对于冷备方案，将不可避免的中断服务，但是，中断服务的时间长短是整个方案的关键，使用KeepAlived，配合增加进程的守护，将极大的缩短故障恢复时间。

故障的时长基本上等于服务进程的启动时长。

HA方案流程1.在主机和备机上安装好KeepAlived软件，服务对外使用虚拟IP。

2.在主机和备机上安装好能正常使用的程序。

3.在主机和备机上安装好进程监控程序，在主备机切换时，监控程序将服务启动起来。

4.实现主机和备机的程序同步功能，防止日常维护造成两边程序文件的不一致。

在本方案中，KeepAlived只提供主机的虚拟IP自动映射功能，不提供任何业务逻辑。

所有的业务逻辑都是通过自己编写的进程监控程序来实现，也就是说，监控程序一直在运行中，当发现虚拟IP切换后，将相关的服务进行启动或停止操作。

KeepAlived的安装配置KeepAlived的安装、启动、停止都是在root用户下，因此，本章节的所有操作都是在root用户下操作。

另外，本安装包都是针对linux x64机器，如果是其他操作系统，原理相同，但安装包要自行解决。

目录1.1 Keepallived 高可用集群介绍 (1)1.1.1 keepalived服务介绍 (1)1.1.2 keepalived 服务两大用途：healthcheck & failover (1)1.1.2.1 LVS directors failover 功能 (1)1.1.3 keepalived故障切换转义原理介绍 (1)1.1.4 VRRP协议简单介绍 (2)1.2 部署安装keepalived服务 (3)1.2.1 下载keepalived安装包 (3)1.2.2 安装keepalived实践 (3)1.2.3 配置keepalived规范启动 (4)1.2.4 配置keepalived.conf文件 (4)1.3 配置keepalived日志 (6)1.1 Keepallived 高可用集群介绍1.1.1 keepalived服务介绍keepalived 起初是专为LVS设计的，专门用来监控LVS集群系统中各个服务节点的状态，后来又加入了VRRP的功能，因此除了配合LVS服务外，也可以作为其他服务（nginx,haproxy）的高可用软件，VRRP是virtual Router Redundancy Protocol（虚拟路由器冗余协议）的缩写，VRRP 出现的目的就是为了解决静态路由出现的单点故障问题，它能够保证网络的不间断、稳定的运行。

所以，keepalived一方面具有LVS cluster nodes healthchecks功能，另一方面也具有LVS directors failover功能。

1.1.2 keepalived 服务两大用途：healthcheck & failover1.1.2.1 LVS directors failover 功能ha failover 功能：实现LB master 主机和Backup 主机之间故障转移和自动切换。

安装与配置两台负载均衡器：Lvs1:192.168.1.10Lvs2:192.168.1.11漂移地址(虚拟IP，VIP)：Vip：192.168.1.169Real Server：RS1：192.168.1.102RS2：192.168.1.103LVS配置及ipvsadm和keepalived的安装在lvs master和lvs backup主机上安装。

1．首先安装一些辅助package如下：e2fsprogs-devel-1.41.12-18.el6.x86_64.rpmkernel-devel-2.6.32-642.el6.x86_64.rpmkeyutils-libs-devel-1.4-4.el6.x86_64.rpmkrb5-devel-1.10.3-10.el6_4.6.x86_64.rpmlibcom_err-devel-1.41.12-18.el6.x86_64.rpmlibnl-1.1.4-2.el6.x86_64.rpmlibnl-devel-1.1.4-2.el6.x86_64.rpmlibselinux-devel-2.0.94-5.3.el6_4.1.x86_64.rpmlibsepol-devel-2.0.41-4.el6.x86_64.rpmzlib-devel-1.2.3-29.el6.x86_64.rpmopenssl-devel-1.0.1e-15.el6.x86_64.rpmpkgconfig-0.23-9.1.el6.x86_64.rpmpopt-devel-1.13-7.el6.x86_64.rpmpopt-static-1.13-7.el6.i686.rpm安装时可能出现缺少什么package，去iso中找或者网上下载然后安装就可以了rpm –ivh XXXXXXXX.rpm2．然后安装ipvsadm将ipvsadm-1.26.tar.gz压缩文件复制到/usr/local/src/lvs/文件夹下，然后运行tar zxvf ipvsadm-1.26.tar.gz 命令。

keepalived安装文档1.安装环境su - rootyum -y install kernel-devel*yum -y install openssl-*yum -y install popt-develyum -y install lrzszyum -y install openssh-clientsyum -y install libnl libnl-devel popt2.安装keepalived2.1.上传keepalived安装文件1、cd /usr/local/src/2、mkdir keepalived3、cd keepalived/4、wget /software/keepalived-1.2.15.tar.gz或者rz 上传2.2.解压1、tar -xvf keepalived-1.2.15.tar.gz2、cd keepalived-1.2.152.3.安装keepalived1、cd keepalived2、执行配置命令./configure3、编译make4、安装make install5、拷贝执行文件cp /usr/local/sbin/keepalived /usr/sbin/6、将init.d文件拷贝到etc下,加入开机启动项cp /usr/local/etc/rc.d/init.d/keepalived /etc/init.d/keepalived 7、将keepalived文件拷贝到etc下，加入网卡配置cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/8、创建keepalived文件夹mkdir -p /etc/keepalived9、将keepalived配置文件拷贝到etc下cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf 10、添加可执行权限chmod +x /etc/init.d/keepalived2.4.加入开机启动：chkconfig --add keepalivedchkconfig keepalived on3.配置日志文件1.将keepalived日志输出到local0：vi /etc/sysconfig/keepalivedKEEPALIVED_OPTIONS="-D -d -S 0"2.在/etc/rsyslog.conf里添加:local0.* /var/log/keepalived.log3.重新启动keepalived和rsyslog服务：service rsyslog restartservice keepalived restart4.打开防火墙的通讯地址iptables -A INPUT -d 224.0.0.18 -j ACCEPT/etc/rc.d/init.d/iptables save。

HAproxy指南之haproxy双机热备(案例篇)转载2017年03月06日14:28:56•487haproxy的出现正是弥补nginx一些应用上不足，比如session会话保持，健康监控检测机制，负载算法等等，在很多应用环境中，nginx的代理性能会haproxy稍逊一些，不过在一些实际案例中，keepalive+nginx与keepalive+nginx往往会根据业务去选择，比如nginx有着haproxy没有的代理缓存的功能等等，如果需要用到缓存就可以使用nginx，总之:根据业务来选择这两者！Keepalive+haproxy双机热备如图所示为整体的拓扑图：(3)相关中间件信息keepalive版本信息: keepalived-1.2.15nginx版本信息: haproxy-1.5.15 （提供proxy代理）二.部署操作：haproxy部署分别在Master_DR和backup_DR上安装haproxy，操作如下：1.1 到haproxy官网下载haproxy源码包如下cd ~wget /download/1.5/src/haproxy-1.5.15.tar.gz1.2 创建haproxy运行用户groupadd -r haproxyuseradd -r -g haproxy -M -s /sbin/nologin haproxy1.3 编译安装haproxy：cd ~tar zxvf haproxy-1.5.15.tar.gz -C /usr/local/srccd /usr/local/src/haproxy-1.5.15make TARGET=linux26 PREFIX=/usr/local/haproxymake install PREFIX=/usr/local/haproxy注意：TARGET=Linux26 是通过uname -a 来查看Linux内核版本的1.4 创建haproxy主配置文件：mkdir /etc/haproxy/vim /etc/haproxyhaproxy.cfg配置代码内容如下：（注意主备server上haproxy.cfg配置要一致）#--------------------------------------------------------------------- # Global settings#---------------------------------------------------------------------globallog 127.0.0.1 local3maxconn 204800chroot /usr/local/haproxyuser haproxygroup haproxydaemonnbproc 1pidfile /var/run/haproxy.pidstats socket /usr/local/haproxy/statsdescription haproxy server#--------------------------------------------------------------------- # common defaults that all the 'listen' and 'backend' sections will# use if not designated in their block#--------------------------------------------------------------------- defaultslog globalmode httpmaxconn 10000option httplogoption httpcloseoption dontlognulloption forwardfor except 127.0.0.0/8retries 3option redispatchoption abortonclosebalance roundrobintimeout http-request 10stimeout queue 1mtimeout connect 10stimeout client 1mtimeout server 1mtimeout http-keep-alive 10stimeout check 10s#--------------------------------------------------------------------- # use listen setting the haproxy status for site#--------------------------------------------------------------------- listen admin_statusbind *:3030mode httplog 127.0.0.1 local3 errstats refresh 5sstats uri /statusstats realm stats auth admin:adminstats hide-versionstats admin if TRUE#--------------------------------------------------------------------- # main listen which proxys to the backends#---------------------------------------------------------------------listen wwwbind *:80maxconn 5000mode httplog globaloption httplogoption httpcloseoption forwardforlog globaldefault_backend default#<----------------------default site for listen and frontend------------------------------------>backend defaultmode httpoption httpchk GET /index.htmlserver default 127.0.0.1:81 cookie id1 check inter 2000 rise 2 fall 3 maxconn 50001.5 创建haproxy系统服务启动脚本：关于haproxy服务脚本代码请访问:/6170059/17505731.6 启动haproxy服务：server haproxy restartK eepalive部署(1)分别在Master_DR和backup_DR上安装keepalive，操作如下：1. 安装Keepalive所需要的相关依赖包:yum install openssl-devel popt-devel libnl-devel kernel-devel -y2. 编译安装keepalive1.1 keepalived的源码获取keepalived源码包我们可以到keepalived的官网:/去下载，相关说明文档亦可在其官网查看，比如keepalived的使用，相关配置说明，这里演示的版本为:1.2.15cd ~wget /software/keepalived-1.2.15.tar.gz 1.2 编译安装keepalived<--编译安装keepalived-->ln -s /usr/src/kernels/2.6.32-573.18.1.el6.x86_64/ /usr/src/linux tar zxvf keepalived-1.2.15.tar.gz -C /usr/local/srccd /usr/local/src/keepalived-1.2.15/./configure \--prefix=/usr/local/keepalived \--with-kernel-dir=/usr/src/kernels/2.6.32-573.18.1.el6.x86_64#2.6.32-573.18.1.el6.x86_64 这个需要根据kernel来匹配，一般安装了kernel-devel即可查看make make install<--对keepalived进行相关路径优化调整--><---拷贝keepalived相关启动命令--->cp /usr/local/keepalived/sbin/keepalived /usr/sbin/cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/<---将keepalived启动脚本添加到系统服务--->cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/ chkconfig --add keepalivedchkconfig --level 2345 keepalived on<---创建keepalived相关配置文件--->mkdir -p /etc/keepalivedcp /usr/local/keepalived/etc/keepalived/keepalived.conf/etc/keepalived(3)分别配置Master_DR以及Backup_DR上的keepalive实例，如下所示:1. master_dr配置代码示例（主调度器）vim /etc/keepalived/keepalived.conf内容如下! Configuration File for keepalivedglobal_defs {notification_email {admin@}notification_email_from lvs_admin@smtp_server 127.0.0.1smtp_connect_timeout 30router_id DR_MASTER}vrrp_script check_haproxy { #表示创建一个脚本check_haproxyscript "/etc/keepalived/scripts/check_haproxy.sh" #引用的脚本路径interval 2weight 2 #表示检测时间的间隔为3s }vrrp_instance http {state BACKUPinterface eth0dont_track_primarynopreempt #不抢占mastertrack_interface { #表示需要检测的网卡eth0eth1}mcast_src_ip 172.51.96.105 #表示设置组播的源地址garp_master_delay 6virtual_router_id 60priority 110advert_int 1authentication {auth_type PASSauth_pass 1234}virtual_ipaddress {172.51.96.175/24 brd 172.51.96.255 dev eth0 label eth0:1 }virtual_routes {172.51.96.175/24 dev eth0}track_script {check_haproxy}notify_master /etc/keepalived/scripts/state_master.sh notify_backup /etc/keepalived/scripts/state_backup.sh notify_fault /etc/keepalived/scripts/state_fault.sh }2. backup_dr配置示例（备调度器）vim /etc/keepalived/keepalived.conf内容如下! Configuration File for keepalivedglobal_defs {notification_email {admin@}notification_email_from admin@smtp_server 127.0.0.1smtp_connect_timeout 30router_id DR_BACKUP}vrrp_script check_haproxy {script "/etc/keepalived/scripts/check_haproxy.sh"interval 2weight 2}vrrp_instance http {state BACKUPinterface eth0dont_track_primarytrack_interface {eth0eth1}mcast_src_ip 172.51.96.119garp_master_delay 6virtual_router_id 60priority 105advert_int 1authentication {auth_type PASSauth_pass 1234}virtual_ipaddress {172.51.96.175/24 brd 172.51.96.255 dev eth0 label eth0:1 }virtual_routes {172.51.96.175/24 dev eth0}track_script {check_haproxy}notify_master /etc/keepalived/scripts/state_master.shnotify_backup /etc/keepalived/scripts/state_backup.shnotify_fault /etc/keepalived/scripts/state_fault.sh}3.分别在主调度server和备调度server编写以下脚本，如下：i 当调度器为切换master server时，记录切换时间日志vim /etc/keepalived/scripts/state_master.sh代码如下:#!/bin/bashecho -e >> $LOGFILEhost=CN-SH-DR01 #设置当前的主机名LOGFILE="/var/log/keepalived-state.log"echo "[Master]" >> $LOGFILEdate >> $LOGFILEecho "The ${host} Starting to become master server...." >> $LOGFILE 2>&1echo "Please run the “ipvsadm -Ln” check the keepalived state ..." >> $LOGFILEecho "...................................................................... ...!">> $LOGFILEecho >>$LOGFILEii 当调度器为切换backup server时，记录切换时间日志vim /etc/keepalived/scripts/state_backup.sh代码如下:#!/bin/bashecho -e >> $LOGFILEhost=CN-SH-DR01 #设置当前的主机名LOGFILE="/var/log/keepalived-state.log"echo "[Backup]" >> $LOGFILEdate >> $LOGFILEecho "The ${host} Starting to become Backup server...." >> $LOGFILE 2>&1echo "Please run the “ipvsadm -Ln” check the state ..." >> $LOGFILEecho "...................................................................... ..!">> $LOGFILEecho >> $LOGFILEiii 当调度器出现错误时，记录错误时间日志vim /etc/keepalived/scripts/state_fault.sh代码如下:#!/bin/bashecho -e >> $LOGFILEhost=CN-SH-DR01 #设置当前的主机名LOGFILE="/var/log/keepalived-state.log"echo "[fault errot ]" >> $LOGFILEdate >> $LOGFILEecho "The ${host} is fault error...." >> $LOGFILE 2>&1echo "Please check the server state ..." >> $LOGFILEecho "...................................................................... ..!">> $LOGFILEecho >> $LOGFILEiiii 服务状态健康监测脚本,比如当haproxy不可用时，及时切换到backup调度器上主机上：#vi /etc/keepalived/check_haproxy.sh#!/bin/bashA=`ps -C haproxy --no-header | wc -l`if [ $A -eq 0 ];then/usr/local/haproxy/sbin/haproxy -f/usr/local/haproxy/conf/haproxy.cfg echo "haproxy start"sleep 3if [ `ps -C haproxy --no-header | wc -l`-eq 0 ];then/etc/init.d/keepalived stopecho "keepalived stop"fifi备机上：#!/bin/bashA=`ip a | grep 10.1.77.200 | wc -l`B=`ps -ef | grep haproxy | grep -v grep| awk '{print $2}'`if [ $A -gt 0 ];then/usr/local/haproxy/sbin/haproxy -f/usr/local/haproxy/conf/haproxy.cfg elsekill -9 $Bfi#两台机器分别执行：chmod 755 /etc/keepalived/check_haproxy.sh 增加执行权限，注意别忘记了chmod u+x check_haproxy.sh重启keepalived即可(4)依次重启master_dr,backup-dr上keepalive服务# service keepalived restarttail -f /var/log/messages查看运行日志三.测试验证：在两台调度器安装web服务并创建相关测试页，如下：master-dr主调度服务器的测试页面[root@master-dr www]# curl 172.51.96.105:81this is master server[root@master-dr www]#backup-dr备调度服务器的测试页面[root@backup-dr htdocs]# curl 172.51.96.119:81this is backup server[root@backup-dr htdocs]#通过messages查看vip抢夺情况，如下所示:述上发现vip已经被master-dr抢夺，通过ifconfig看到master-dr已经存在vip地址，如下在客户端通过:http://vip 就可以访问到页面，此时访问的是master-dr的页面：我们在master-dr将keepalived服务停止掉，来模仿主调度器宕机情形：[root@master-dr scripts]# service keepalived stopStoppingkeepalived: [ OK ] [root@master-dr scripts]#分别查看master-dr和backup-dr的keepalive日志：此时vip已经由backup-dr接管了，因为master-dr上nginx服务异常，而keepalive会定时触发引用的检查脚本“check_nginx”检查nginx状态，发现nginx可用就停止了keepalive服务，从而使vip顺利的飘逸到backup-dr上；查看keepalive-state.log,可以看到master-dr和backup-dr会记录每个状态的的信息：同时日志记录脚本也会记录相关信息：[root@master-dr sbin]# tail -10 /var/log/keepalived-state.logThe CN-SH-DR01 Starting to become Backup server....Please run the “ipvsadm -Ln” check the state ............................................................................... ...![fault errot ]Fri Mar 11 15:28:48 CST 2016The CN-SH-DR01 is fault error....Please check the server state ............................................................................... ...![root@backup-dr htdocs]# tail -10 /var/log/keepalived-state.log[Backup]Fri Mar 11 14:42:56 CST 2016The CN-SH-DR02 Starting to become Backup server....Please run the “ipvsadm -Ln” check the state ............................................................................... ...![Master]Fri Mar 11 15:06:58 CST 2016The CN-SH-DR02 Starting to become master server....Please run the “ipvsadm -Ln” check the state ............................................................................... ...!再次访问http://vip 发现页面为backup-dr的页面：到这里，整个keepalive+haproxy双机热备就部署完成了总结:关于keepalive+haproxy双机热备适合很多web前端高可用集群应用，相对于keepalive+lvs案例应用，配置起来更方便，更简单，与它同样的经典应用案例：keepalive+nginx也是一个不错的双机热备方案，通常在需要高性能高可用反向代理场合，keepalive+haproxy是一个不错的选择方案。

keepalive编译安装keepalived-2.0.6下载keepalived-2.0.6.tar.gz到/home/abc并解压(解压后的源码⽬录后⾯配置会⽤到)：tar -zxvf keepalived-2.0.6.tar.gz安装前检查了ipvsadm、popt-devel、openssl-devel、libnfnetlink-devel是否存在，结果如下：libnfnetlink-devel安装的是libnfnetlink。

Package ipvsadm-1.26-2.el6.x86_64 already installed and latest version执⾏编译：[root@abc keepalived-2.0.6]#[root@abc keepalived-2.0.6]# ./configure --prefix=/use/local/keepalivedchecking for a BSD-compatible install... /usr/bin/install -cchecking whether build environment is sane... yeschecking for a thread-safe mkdir -p... /bin/mkdir -pchecking for gawk... gawkchecking whether make sets $(MAKE)... yeschecking whether make supports nested variables... yeschecking whether make supports nested variables... (cached) yeschecking for pkg-config... /usr/bin/pkg-configchecking pkg-config is at least version 0.9.0... yeschecking for gcc... gccchecking whether the C compiler works... noconfigure: error: in `/home/vie61jiexiang/lwj/keepalived-2.0.6':configure: error: C compiler cannot create executablesSee `config.log' for more details[root@abc keepalived-2.0.6]#[root@abc keepalived-2.0.6]#报错了，查看⽇志：[root@abc keepalived-2.0.6]# more config.logThis file contains any messages produced by compilers whilerunning configure, to aid debugging if configure makes a mistake.It was created by Keepalived configure 2.0.6, which wasgenerated by GNU Autoconf 2.69. Invocation command line was$ ./configure --prefix=/use/local/keepalived## --------- #### Platform. #### --------- ##hostname = i-33D24D56uname -m = x86_64uname -r = 2.6.32-431.el6.x86_64uname -s = Linuxuname -v = #1 SMP Sun Nov 1022:19:54 EST 2013## ----------- #### Core tests. #### ----------- ##configure:2711: checking for a BSD-compatible installconfigure:2779: result: /usr/bin/install -cconfigure:2790: checking whether build environment is saneconfigure:2845: result: yesconfigure:2996: checking for a thread-safe mkdir -pconfigure:3035: result: /bin/mkdir -pconfigure:3042: checking for gawkconfigure:3058: found /bin/gawkconfigure:3069: result: gawkconfigure:3080: checking whether make sets $(MAKE)configure:3102: result: yesconfigure:3131: checking whether make supports nested variablesconfigure:3148: result: yesconfigure:3302: checking whether make supports nested variablesconfigure:3319: result: yesconfigure:3385: checking for pkg-configconfigure:3403: found /usr/bin/pkg-configconfigure:3415: result: /usr/bin/pkg-configconfigure:3440: checking pkg-config is at least version 0.9.0configure:3443: result: yesconfigure:3768: checking for gccconfigure:3784: found /usr/local/bin/gccconfigure:3795: result: gccconfigure:4024: checking for C compiler versionconfigure:4033: gcc --version >&5gcc (GCC) 7.3.0Copyright (C) 2017 Free Software Foundation, Inc.This is free software; see the source for copying conditions. There is NOwarranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.configure:4044: $? = 0configure:4033: gcc -v >&5Using built-in specs.COLLECT_GCC=gccCOLLECT_LTO_WRAPPER=/usr/local/libexec/gcc/x86_64-pc-linux-gnu/7.3.0/lto-wrapperTarget: x86_64-pc-linux-gnuConfigured with: ./configure --prefix=/usr/local/ --disable-multilib --enable-languages=c,c++Thread model: posixgcc version 7.3.0 (GCC)configure:4044: $? = 0configure:4033: gcc -V >&5gcc: error: unrecognized command line option '-V'gcc: fatal error: no input filescompilation terminated.configure:4044: $? = 1configure:4033: gcc -qversion >&5gcc: error: unrecognized command line option '-qversion'; did you mean '--version'?gcc: fatal error: no input filescompilation terminated.configure:4044: $? = 1configure:4064: checking whether the C compiler worksconfigure:4086: gcc conftest.c >&5/usr/local/libexec/gcc/x86_64-pc-linux-gnu/7.3.0/cc1: error while loading shared libraries: libmpc.so.3: cannot open shared object file: No such file or directory configure:4090: $? = 1configure:4128: result: noconfigure: failed program was:| /* confdefs.h */| #define PACKAGE_NAME "Keepalived"| #define PACKAGE_TARNAME "keepalived"| #define PACKAGE_VERSION "2.0.6"| #define PACKAGE_STRING "Keepalived 2.0.6"| #define PACKAGE_BUGREPORT "keepalived-devel@"| #define PACKAGE_URL "/"| #define PACKAGE "keepalived"| #define VERSION "2.0.6"| /* end confdefs.h. */|| int| main ()| {|| ;| return 0;| }configure:4133: error: in `/home/vie61jiexiang/lwj/keepalived-2.0.6':configure:4135: error: C compiler cannot create executablesSee `config.log' for more details然后检查gcc都是正常的：[root@abc ~]#[root@abc ~]# gcc -v使⽤内建 specs。

REDIS集群,KEEPALIVED+HAPROXY负载均衡,主备自动切换安装手册服务器环境:centos6.3机器1:redis主节点(172.16.8.21:6379)从节点(172.16.8.21:63791)从节点(172.16.8.21:63792)机器2:从节点172.16.8.22:63793从节点172.16.8.23:63794一、REDIS集群安装进入机器1:mkdir /usr/local/redismkdir /usr/local/redis/data1 下载redis,进入/usr/local/src目录2 wget http://download.redis.io/releases/redis-2.8.9.tar.gz3 tar xvf redis-2.8.9.tar.gz4 cd redis-2.8.95 make && make install6 cp redis.conf /usr/local/bin7 cd /usr/local/bin8 cp redis.conf redis-slave19 cp redis.conf redis-slave210 vi redis.conf11 搜索dind设为172.16.8.21dir 设为/usr/local/redis/datadaemonize 设为yes12 vi redis-slave113 搜索bind 设为172.16.8.21pidfile 设为/var/run/redis-slave1.piddbfilename设为dump-slave1.rdbdir设为/usr/local/redis/dataport 设为63791将slaveof前面的#号去掉，改为slaveof 172.16.8.21 6379 daemonize 设为yes14 vi redis-slave215 搜索bind 设为172.16.8.21pidfile 设为/var/run/redis-slave2.piddbfilename设为dump-slave2.rdbdir设为/usr/local/redis/dataport 设为63792将slaveof前面的#号去掉，改为slaveof 172.16.8.21 6379 daemonize 设为yes16redis-server redis.confredis-server redis-slave1redis-server redis-slave2进入机器2mkdir /usr/local/redismkdir /usr/local/redis/data1 下载redis,进入/usr/local/src目录2 wget http://download.redis.io/releases/redis-2.8.9.tar.gz3 tar xvf redis-2.8.9.tar.gz4 cd redis-2.8.95 make && make install6 cp redis.conf /usr/local/bin7 cd /usr/local/bin8 cp redis.conf redis-slave39 cp redis.conf redis-slave410 vi redis-slave311 搜索bind 设为172.16.8.22pidfile 设为/var/run/redis-slave3.piddbfilename设为dump-slave3.rdbdir设为/usr/local/redis/dataport 设为63793将slaveof前面的#号去掉，改为slaveof 172.16.8.21 6379daemonize 设为yes12 vi redis-slave413 搜索bind 设为172.16.8.22pidfile 设为/var/run/redis-slave4.piddbfilename设为dump-slave4.rdbdir设为/usr/local/redis/dataport 设为63794将slaveof前面的#号去掉，改为slaveof 172.16.8.21 6379daemonize 设为yes14 redis-server redis-slave315 redis-server redis-slave4到现在已完成redis集群配置,且只有172.16.8.21 6379可写数据，其余slave机器只能读数据redis-cli -h 172.16.8.21 -p 6379info可以看到这样子就是成功了二、安装haproxy进入机器1cd /usr/loca/srcwget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.25.tar.gztar xvf http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.25.tar.gzcd haproxy-1.4.25make TARGET=linux26 PREFIX=/usr/local/haproxymake install PREFIX=/usr/local/haproxycd /usr/local/haproxyvi haproxy.cfg添加下面内容# this config needs haproxy-1.1.28 or haproxy-1.2.1globallog 172.16.8.21 local0#log 172.16.8.21 local1 notice#log loghost local0 infomaxconn 4096chroot /usr/local/haproxyuid 99gid 99daemon#debugquietnbproc 2pidfile /usr/local/haproxy/haproxy.piddefaultslog globalmode httpoption httplogoption dontlognulllog 172.16.8.21 local3 inforetries 3redispatchmaxconn 3000contimeout 5000clitimeout 50000srvtimeout 50000listen cluster 0.0.0.0:63790mode tcpbalance roundrobinoption forwardforserver redis-slave1 172.16.8.21:63791 weight 100 check inter 2000 rise 2 fall 3 server redis-slave2 172.16.8.21:63792 weight 100 check inter 2000 rise 2 fall 3 server redis-slave3 172.16.8.22:63793 weight 100 check inter 2000 rise 2 fall 3 server redis-slave4 172.16.8.22:63794 weight 100 check inter 2000 rise 2 fall 3listen 172.16.8.21 *:8888mode http#transparentstats refresh 10sstats uri /haproxyadminstats realm Haproxy \ statisticstats auth admin:adminstats hide-version保存加上日志支持 vi /etc/rsyslog.conf在最下边增加local3.* /var/log/haproxy.loglocal0.* /var/log/haproxy.logvi /etc/sysconfig/rsyslog修改： SYSLOGD_OPTIONS="-r -m 0"重启日志服务service rsyslog restart进入机器2cd /usr/loca/srcwget http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.25.tar.gz tar xvf http://haproxy.1wt.eu/download/1.4/src/haproxy-1.4.25.tar.gz cd haproxy-1.4.25make TARGET=linux26 PREFIX=/usr/local/haproxymake install PREFIX=/usr/local/haproxycd /usr/local/haproxyvi haproxy.cfg添加下面内容# this config needs haproxy-1.1.28 or haproxy-1.2.1globallog 172.16.8.22 local0#log 172.16.8.22 local1 notice#log loghost local0 infomaxconn 4096chroot /usr/local/haproxyuid 99gid 99daemon#debugquietnbproc 2pidfile /usr/local/haproxy/haproxy.piddefaultslog globalmode httpoption httplogoption dontlognulllog 172.16.8.22 local3 inforetries 3redispatchmaxconn 3000contimeout 5000clitimeout 50000srvtimeout 50000listen cluster 0.0.0.0:63790mode tcpbalance roundrobinoption forwardforserver redis-slave1 172.16.8.21:63791 weight 100 check inter 2000 rise 2 fall 3 server redis-slave2 172.16.8.21:63792 weight 100 check inter 2000 rise 2 fall 3 server redis-slave3 172.16.8.22:63793 weight 100 check inter 2000 rise 2 fall 3 server redis-slave4 172.16.8.22:63794 weight 100 check inter 2000 rise 2 fall 3 listen 172.16.8.22*:8888mode http#transparentstats refresh 10sstats uri /haproxyadminstats realm Haproxy \ statisticstats auth admin:adminstats hide-version保存加上日志支持 vi /etc/rsyslog.conf在最下边增加local3.* /var/log/haproxy.loglocal0.* /var/log/haproxy.logvi /etc/sysconfig/rsyslog修改： SYSLOGD_OPTIONS="-r -m 0"重启日志服务service rsyslog restart三、安装keepalived进入机器1cd /usr/local/srcwget /software/keepalived-1.2.12.tar.gztar xvf keepalived-1.2.12.tar.gzcd keepalived-1.2.12./configuremake&&make install注：若这里报错提示没有装openssl，则执行yum –y install openssl-devel安装，若还有其他的包没装，则执行yum命令进行安装cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/mkdir /etc/keepalivedcp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ln -s /usr/local/sbin/keepalived /usr/sbin/vi /etc/keepalived/keepalived.conf将内容改为如下! Configuration File for keepalivedvrrp_script chk_haproxy {script "/etc/keepalived/check_haproxy.sh"interval 2global_defs {router_id LVS_DEVEL}vrrp_instance VI_1 {state MASTERinterface eth0virtual_router_id 51priority 150advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {chk_haproxy}virtual_ipaddress {172.16.8.20}}}保存vi /etc/keepalived/check_haproxy.sh添加内容#!/bin/bash#A = `ps -C haproxy --no-header |wc -l`if [[ `ps -C haproxy --no-header |wc -l` -eq 0 ]];thenecho "haproxy not runing,attempt to start up."/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfgsleep 3if [[ `ps -C haproxy --no-header |wc -l` -eq 0 ]];then/etc/init.d/keepalived stopecho "haproxy start failure,stop keepalived"elseecho "haproxy started success"fifi注意`这个符号不是单引号,是esc下面那个键进入机器2cd /usr/local/srcwget /software/keepalived-1.2.12.tar.gztar xvf keepalived-1.2.12.tar.gzcd keepalived-1.2.12./configuremake&&make install注：若这里报错提示没有装openssl，则执行yum –y install openssl-devel安装，若还有其他的包没装，则执行yum命令进行安装cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d/cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ mkdir /etc/keepalivedcp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ ln -s /usr/local/sbin/keepalived /usr/sbin/vi /etc/keepalived/keepalived.conf将内容改为如下! Configuration File for keepalivedvrrp_script chk_haproxy {script "/etc/keepalived/check_haproxy.sh"interval 2global_defs {router_id LVS_DEVEL}vrrp_instance VI_1 {state BACKUPinterface eth0virtual_router_id 51priority 120advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {chk_haproxy}virtual_ipaddress {172.16.8.20}}}保存vi /etc/keepalived/check_haproxy.sh添加内容#!/bin/bash#A = `ps -C haproxy --no-header |wc -l`if [[ `ps -C haproxy --no-header |wc -l` -eq 0 ]];thenecho "haproxy not runing,attempt to start up."/usr/local/haproxy/sbin/haproxy -f /usr/local/haproxy/haproxy.cfgsleep 3if [[ `ps -C haproxy --no-header |wc -l` -eq 0 ]];then/etc/init.d/keepalived stopecho "haproxy start failure,stop keepalived"elseecho "haproxy started success"fifi注意`这个符号不是单引号,是esc下面那个键保存在机器1机器2中分别执行service keepalived start然后在浏览器上打开http://172.16.8.20:8888/haproxyadmin用户名和密码是admin只要机器1和机器2中keepalived服务没有同时挂掉，一台机器挂掉后，另一台机器就会绑定172.16.8.20地址，实现主备切换,因此都可以通过172.16.8.20:63790访问该redis 集群Vip压力测试redis-benchmark -h 172.16.8.20 -p 63790 -t get -q -r 1000 -n 100000 -c 800主机器压力测试redis-benchmark -h 172.16.8.21 -p 6379 -t get -q -r 1000 -n 100000 -c 800从节点压力测试redis-benchmark -h 172.16.8.22 -p 63793 -t get -q -r 1000 -n 100000 -c 800本文参考于百度文库地址/link?url=Wd0Z2arJ4wdspy7jw9O1mGZCy2e5GiO4hCIv36 QxoOtNGcFOMG8rPpegmRH_z72Ejc-KAP9Ld2Aieo7DPgmC_b1bXB2BZVSKPTXsoz BNNYi。