Highly available keepalived

Posted by tmed on Mon, 10 Jan 2022 12:06:49 +0100

1, Introduction to high availability

What is high availability

Generally, it means that two machines start the same business system. When one machine goes down, the other server can quickly take over, which is insensitive to the accessed users.

High Availability HA (High Availability) is one of the factors that must be considered in the architecture design of distributed systems. It usually refers to reducing the time when the system cannot provide services through design.

Assuming that the system can always provide services, we say that the availability of the system is 100%.

If the system runs every 100 time units, one time unit cannot provide service. We say that the availability of the system is 99%.

The high availability target of many companies is 4 9s, or 99.99%, which means that the annual downtime of the system is 8.76 hours.

 

 

Highly available common tools

① F5 is usually used for hardware

② software is usually kept alive

How to achieve automatic failover

VRRP protocol

How can we achieve automatic failover? At this time, VRRP appears. Our VRRP actually adds a virtual MAC address (VMAC) and virtual IP address (VIP) outside the Master and Backup in the form of software or hardware. In this case, when the PC requests VIP, whether it is processed by the Master or Backup, PC will only record VMAC and VIP information in ARP cache table.

VRRP protocol will broadcast in a LAN. When one machine fails, it will automatically start the service on another machine.

 

 

 

 

II. Deploy keepalived

① install keepalived

[root@lb01 conf.d]# yum install keepalived -y

② modify the keepalived configuration (several sets are set, and pay attention to modifying the identification name and status of each set)

# modify lb01 to configure
[root@lb01 keepalived]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived # Global configuration global_defs { # Unique identifier of the current keepalived router_id lb01 } # Detection script vrrp_script check_nginx { # Specify script path script "/etc/keepalived/checkNG.sh" # Execution interval interval 5 } # Configure VRRP protocol vrrp_instance VI_1 { # Status, MASTER and BACKUP state MASTER # Binding network card interface eth0 # Virtual route marking can be understood as grouping virtual_router_id 50 # priority priority 100 # Monitor heartbeat interval advert_int 1 # Configuration authentication authentication { # Certification Type auth_type PASS # Password for authentication auth_pass 1111 } # Set up VIP virtual_ipaddress { # Virtual VIP address 192.168.15.3 } # Call check track_script { check_nginx } }
# Modify lb02 configuration
[root@lb02 keepalived]# vim /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

# Global configuration
global_defs {
   # Unique identifier of the current keepalived
   router_id lb02
}

# Detection script
vrrp_script check_nginx {
	# Specify script path
    script "/etc/keepalived/checkNG.sh"
    # Execution interval
    interval 5
}

# Configure VRRP protocol
vrrp_instance VI_1 {
    # Status, MASTER and BACKUP
    state BACKUP
    # Binding network card
    interface eth0
    # Virtual route marking can be understood as grouping
    virtual_router_id 50
    # priority
    priority 90
    # Monitor heartbeat interval
    advert_int 1
    # Configuration authentication
    authentication {
        # Certification Type
        auth_type PASS
        # Password for authentication
        auth_pass 1111
    }
    # Set up VIP
    virtual_ipaddress {
        # Virtual VIP address
        192.168.15.3
    }
    # Call check
    track_script {
        check_nginx
    }
}

  

③ enable the keepalived service

[root@lb01 ~]# systemctl enable --now keepalived

 

 

3, Solve the brain crack problem of keepalive

When nginx goes down, how to solve it

① edit script file

[root@lb01 ~]# vim checkNG.sh 
#!/bin/bash

# Solve the problem that Nginx cannot start normally
ps -ef | grep -q [n]ginx 

if [ $? -ne 0 ];then
	# It means that Nginx is not started normally
	systemctl start nginx &>/dev/null
	sleep 2
	ps -ef | grep -q [n]ginx
	if [ $? -ne 0 ];then
		systemctl stop keepalived 
	fi
fi

② write the script file into the keepalived configuration file (both the primary machine and the standby machine should be added)

 

③ restart the keepalived service

[root@lb01 conf.d]# systemctl restart keepalived
[root@lb02 conf.d]# systemctl restart keepalived

  

 

4, keepalived non preemptive

Principle: to turn off the VIP preemption mode, all VIP state s need to be BACKUP. At this time, which keepalived server has the highest priority and which keepalived server is occupied first. When the occupied server is down, another BACKUP host will occupy it. Even if the server with high priority is restored, preemption cannot be carried out, unless the server with low priority is down, Will continue to occupy the high priority keepalived server.

① all States are set to backup

② add nopreempt

Set the keepalived setting on the machine with high priority

      [root@lb01 conf.d]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived

# Global configuration
global_defs {
   # Unique identifier of the current keepalived
   router_id lb01
}

# Detection script
vrrp_script check_nginx {
        # Specify script path
    script "/etc/keepalived/checkNG.sh"
    # Execution interval
    interval 5
}

# Configure VRRP protocol
vrrp_instance VI_1 {
    # Status, MASTER and BACKUP
    state BACKUP
    # Enable non preemptive mode
    nopreempt
    # Binding network card
    interface eth0
    # Virtual route marking can be understood as grouping
    virtual_router_id 50
    # priority
    priority 100
    # Monitor heartbeat interval
    advert_int 1
    # Configuration authentication
    authentication {
        # Certification Type
        auth_type PASS
        # Password for authentication
        auth_pass 1111
    }
    # Set up VIP
    virtual_ipaddress {
        # Virtual VIP address
        192.168.15.3
    }
    # Call check
    track_script {
        check_nginx
    }
}

      

Set on low priority machines

      [root@lb02 conf.d]# vim /etc/keepalived/keepalived.conf

! Configuration File for keepalived
# Global configuration
global_defs {
   # Unique identifier of the current keepalived
   router_id lb02
}

# Detection script
vrrp_script check_nginx {
        # Specify script path
    script "/etc/keepalived/checkNG.sh"
    # Execution interval
    interval 5
}

# Configure VRRP protocol
vrrp_instance VI_1 {
    # Status, MASTER and BACKUP
    state BACKUP
    # Open non preemptive
    nopreempt
    # Binding network card
    interface eth0
    # Virtual route marking can be understood as grouping
    virtual_router_id 50
    # priority
    priority 90
    # Monitor heartbeat interval
    advert_int 1
    # Configuration authentication
    authentication {
        # Certification Type
        auth_type PASS
        # Password for authentication
        auth_pass 1111
    }
    # Set up VIP
    virtual_ipaddress {
        # Virtual VIP address
        192.168.15.3
    }
    # Call check
    track_script {
        check_nginx
    }
}