Keepalived是使用VRRP协议的路由软件。

VRRP是一个“选举”协议,它能够动态地将一个虚拟路由器的责任指定至同一个VRRP组中的其它路由器上,从而消除了静态路由配置的单点故障。

配置keepalived为实现haproxy高可用的配置文件示例:

! Configuration File for keepalived

global_defs {
notification_email {
linuxedu@foxmail.com
mageedu@126.com
}
notification_email_from kanotify@magedu.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}

vrrp_script chk_haproxy {
script “killall -0 haproxy”
interval 1
weight 2
}

vrrp_script chk_mantaince_down {
script “[[ -f /etc/keepalived/down ]] && exit 1 || exit 0”
interval 1
weight -2
}

vrrp_instance VI_1 {
interface eth0
state MASTER # BACKUP for slave routers
priority 101 # 100 for BACKUP
virtual_router_id 51
garp_master_delay 1

authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.100.1/16 dev eth0 label eth0:0
}
track_script {
chk_haproxy
chk_mantaince_down
}

notify_master “/etc/keepalived/notify.sh master”
notify_backup “/etc/keepalived/notify.sh backup”
notify_fault “/etc/keepalived/notify.sh fault”
}

下面是一个notify.sh脚本的简单示例:
#!/bin/bash
# Author: MageEdu <linuxedu@foxmail.com>
# description: An example of notify script
#

vip=172.16.100.1
contact=’root@localhost’

notify() {
mailsubject=”`hostname` to be $1: $vip floating”
mailbody=”`date ‘+%F %H:%M:%S’`: vrrp transition, `hostname` changed to be $1″
echo $mailbody | mail -s “$mailsubject” $contact
}

case “$1” in
master)
notify master
/etc/rc.d/init.d/haproxy start
exit 0
;;
backup)
notify backup
/etc/rc.d/init.d/haproxy stop
exit 0
;;
fault)
notify fault
/etc/rc.d/init.d/haproxy stop
exit 0
;;
*)
echo ‘Usage: `basename $0` {master|backup|fault}’
exit 1
;;
esac
配置keepalived为实现haproxy高可用的双主模型配置文件示例:

说明:其基本实现思想为创建两个虚拟路由器,并以两个节点互为主从。

! Configuration File for keepalived

global_defs {
notification_email {
linuxedu@foxmail.com
mageedu@126.com
}
notification_email_from kanotify@magedu.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}

vrrp_script chk_haproxy {
script “killall -0 haproxy”
interval 1
weight 2
}

vrrp_script chk_mantaince_down {
script “[[ -f /etc/keepalived/down ]] && exit 1 || exit 0”
interval 1
weight 2
}

vrrp_instance VI_1 {
interface eth0
state MASTER # BACKUP for slave routers
priority 101 # 100 for BACKUP
virtual_router_id 51
garp_master_delay 1

authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.100.1/16 dev eth0 label eth0:0
}
track_script {
chk_haproxy
chk_mantaince_down
}

notify_master “/etc/keepalived/notify.sh master”
notify_backup “/etc/keepalived/notify.sh backup”
notify_fault “/etc/keepalived/notify.sh fault”
}

vrrp_instance VI_2 {
interface eth0
state BACKUP # BACKUP for slave routers
priority 100 # 100 for BACKUP
virtual_router_id 52
garp_master_delay 1

authentication {
auth_type PASS
auth_pass password
}
track_interface {
eth0
}
virtual_ipaddress {
172.16.100.2/16 dev eth0 label eth0:1
}
track_script {
chk_haproxy
chk_mantaince_down
}
}
说明:
1、对于VI_1和VI_2来说,两个节点要互为主从关系;

LVS + keepalived的实现:

! Configuration File for keepalived

global_defs {
notification_email {
linuxedu@foxmail.com
mageedu@126.com
}
notification_email_from kanotify@magedu.com
smtp_connect_timeout 3
smtp_server 127.0.0.1
router_id LVS_DEVEL
}

vrrp_script chk_schedown {
script “[[ -f /etc/keepalived/down ]] && exit 1 || exit 0”
interval 2
weight -2
}

vrrp_instance VI_1 {
interface eth0
state MASTER
priority 101
virtual_router_id 51
garp_master_delay 1

authentication {
auth_type PASS
auth_pass password
}

track_interface {
eth0
}

virtual_ipaddress {
172.16.100.1/16 dev eth0 label eth0:0
}

track_script {
chk_schedown
}
}
virtual_server 172.16.100.1 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP

# sorry_server 192.168.200.200 1358

real_server 172.16.100.11 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}

real_server 172.16.100.12 80 {
weight 1
HTTP_GET {
url {
path /
status_code 200
}
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
如果要使用TCP_CHECK检测各realserver的健康状态,那么,上面关于realserver部分的定义也可以替换为如下内容:
virtual_server 172.16.100.1 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 300
protocol TCP

sorry_server 127.0.0.1 80

real_server 172.16.100.11 80 {
weight 1
TCP_CHECK {
tcp_port 80
connect_timeout 3
}
}

real_server 172.16.100.12 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
}
}
}

说明:其中的sorry_server是用于定义所有realserver均出现故障时所用的服务器。