Linux Phase 11: Ke keepalived High Availability Cluster

Keywords: Linux Nginx curl network Web Server

11. Ke keepalived Highly Available Clusters Chapter

(1) Description of keepalived service concept

What can keepalived do?
The Keepalived software was originally designed for LVS load balancing software.
Used to manage and monitor the status of each service node in the LVS cluster system, and later added VRRP capabilities that enable high availability

Keepalived software achieves high availability mainly through the VRRP protocol.
VRRP is the abbreviation of Virtual Router Redundancy Protocol.
The purpose of VRRP is to solve the static routing single point failure problem, which can ensure that when individual nodes are down,
The entire network can run uninterrupted

How does keepalived software work?(Key)
principle 
1) VRRP protocol, full name Virtual Router Redundancy Protocol, Chinese name Virtual Routing Redundancy Protocol,
VRRP appears to resolve a single point of failure for static routing.
2) VRRP uses IP multicast (default multicast address (224.0.0.18)) to achieve highly available pair-to-pair communication.
3) When working, the primary node sends packets and the standby node receives packets. When the standby node cannot receive packets sent by the primary node,
Start the takeover to take over the resources of the primary node.There can be more than one candidate node, through a priority election,
But in general, Keepalived systems work together.

Mainly keep alived software features?
Manage LVS load balancing software
 Implement LVS cluster node health check function 
3. High Availability Functions as System Network Service

(2) Deploying keepalived high-availability services

1) Verify that the reverse proxy service is working properly

First mileage: Test whether the web server is working on lb01/lb02

 curl -H host:www.etiantian.org 10.0.0.7/oldboy.html
 curl -H host:www.etiantian.org 10.0.0.8/oldboy.html
 curl -H host:www.etiantian.org 10.0.0.9/oldboy.html
 curl -H host:bbs.etiantian.org 10.0.0.7/oldboy.html
 curl -H host:bbs.etiantian.org 10.0.0.8/oldboy.html
 curl -H host:bbs.etiantian.org 10.0.0.9/oldboy.html

Second mileage: test access to lb01/lb02 on your browser

Parse hosts file, resolve domain name to 10.0.0.5 for test access
 Parse hosts file, resolve domain name to 10.0.0.6 for test access
 Scp-rp/application/nginx/conf/nginx.conf 10.0.0.6:/application/nginx/conf/--Synchronize lb01 and lb02 profiles before testing

2) Install and deploy highly available keepalived services

First mile: install keepalived service software

   yum install -y keepalived

Second mileage: Write a keepalived configuration file

vim /etc/keepalived/keepalived.conf
man keepalived.conf   --- Profile description information
//Configuration file structure:
GLOBAL CONFIGURATION  --- Global configuration (*)
VRRPD CONFIGURATION   --- vrrp Configuration (*)
LVS CONFIGURATION     --- LVS Service-related configuration

lb01 Master Load Balancer Configuration
global_defs {
router_id lb01
}

vrrp_instance gorup01 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress { 
10.0.0.3/24 dev eth0 label eth0:1
}
}
/etc/init.d/keepalived reload

lb02 configuration information
global_defs {
router_id lb02
}

vrrp_instance group01 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.3/24 dev eth0 label eth0:1
}
}
/etc/init.d/keepalived reload

3) Test access

(3) Deployment of keepalived highly available services

At the same time, in the keepalived highly available cluster, there are two virtual IP address information, which is called a fissure

Causes of schizophrenia:
1. Heartbeat problems
   Network Card Configuration Problem
   Problem with switching equipment
   Cable connection problem
 2. There is a firewall software blocking problem
 3. The virtual_router_id configuration value is incorrect
 In summary: As long as the standby server does not receive the multicast package, it becomes the master, and if the primary resource is not released, a brain fissure will occur

Use shell scripts for monitoring management:

A VIP on a standby device means it's not working properly
 01. Really achieve primary and standby switching
 02. There is a schizophrenia

#!/bin/bash
check_info=$(ip a|grep -c 10.0.0.3)
if [ $check_info -ne 0 ]
then
   echo "keepalived server error!!!"
fi

(4) Implement nginx reverse proxy to monitor virtual IP addresses

1) Write nginx reverse proxy configuration

server {
listen      10.0.0.3:80;
server_name  www.etiantian.org;
root   html;
index  index.html index.htm;
location / {
proxy_pass http://oldboy;
proxy_set_header host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
server {
listen       10.0.0.3:80;
server_name  bbs.etiantian.org;
root   html;
index  index.html index.htm;
location / {
proxy_pass http://oldboy;
proxy_set_header host $host;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
/application/nginx/sbin/nginx -s stop
/application/nginx/sbin/nginx
netstat -lntup|grep nginx
tcp        0      0 10.0.0.3:80                 0.0.0.0:*                   LISTEN      53334/nginx    

//Implement listening for IP addresses that are not available on the local network card
echo 'net.ipv4.ip_nonlocal_bind = 1' >>/etc/sysctl.conf
sysctl -p

(5) Connect the keepalived service with the reverse proxy nginx service

The nginx reverse proxy service is stopped and the keepalived service is stopped

1) Scripting

    #!/bin/bash
    web_info=$(ps -ef|grep [n]ginx|wc -l)# [n] Filter grep's own processes.
    if [ $web_info -lt 2 ]
    then
       /etc/init.d/keepalived stop
    fi

2) Run scripts to monitor nginx services

    edit keepalived Service Profile
    vrrp_script check_web {
	    #Define a monitoring script that must have execution privileges
        script "/server/scripts/check_web.sh"    
	    #Specify script interval
        interval 2   
        #Script execution is complete, allowing priority and weight values to be computed to achieve primary-standby switching		
        weight 2                                                                            
    }

    track_script {
         check_web
    }	
	  
    chmod +x check_web.sh   --- Modify script executable permissions

(6) Implement dual primary configuration (mutual backup configuration) in highly available cluster architecture

   lb01
	vrrp_instance gorup01 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.3/24 dev eth0 label eth0:1
       }
    }
    vrrp_instance gorup02 {
        state BACKUP
        interface eth0
        virtual_router_id 52
        priority 100
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        virtual_ipaddress {
            10.0.0.4/24 dev eth0 label eth0:1
        }
    }

	lb02
	vrrp_instance gorup01 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        10.0.0.3/24 dev eth0 label eth0:1
       }
    }
    vrrp_instance gorup02 {
        state MASTER
        interface eth0
        virtual_router_id 52
        priority 150
        advert_int 1
        authentication {
            auth_type PASS
            auth_pass 1111
        }
        virtual_ipaddress {
            10.0.0.4/24 dev eth0 label eth0:1
        }
    }	 
	
	//Modify nginx reverse proxy monitoring address information

Posted by EvanMartin on Sun, 03 May 2020 07:46:07 -0700

Programmer Group