通过keepalived实现多主集群方案

一、 环境说明:
1、服务器列表：
proxy01:
eth0: 192.168.56.11 eth2: 192.168.156.11

proxy02:
eth0: 192.168.56.12 eth2: 192.168.156.12

proxy03:
eth0: 192.168.56.13 eth2: 192.168.156.13

 

2、拓扑图:

 

二、 实验步骤
1、 在所有节点上操作

# yum install –y keepalived haproxy

2、 proxy01节点配置

[root@proxy01 ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalivedglobal_defs {router_id LVS_DEVELvrrp_skip_check_adv_addr
#   vrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_sync_group VG1 {group {VI_1VI_11}
}vrrp_sync_group VG2 {group {VI_2VI_12}
}vrrp_sync_group VG3 {group {VI_3VI_13}
}vrrp_instance VI_1 {state BACKUPinterface eth0virtual_router_id 51##nopreempt 启用抢占模式priority 10advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmac #启用vmac模式，会创建虚拟机接口，vip绑定到虚拟接口上vmac_xmit_base #发送和接收VRRP包的虚拟MAC地址unicast_src_ip 192.168.56.11unicast_peer {192.168.56.12192.168.56.13}virtual_ipaddress {192.168.56.101}
}vrrp_instance VI_2 {state BACKUPinterface eth0virtual_router_id 52priority 20##nopreemptadvert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.56.11unicast_peer {192.168.56.12192.168.56.13
}virtual_ipaddress {192.168.56.102}
}vrrp_instance VI_3 {state BACKUPinterface eth0virtual_router_id 53priority 30advert_int 1##nopreemptauthentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.56.11unicast_peer {192.168.56.12192.168.56.13}virtual_ipaddress {192.168.56.103}
}vrrp_instance VI_11 {state BACKUPinterface eth2virtual_router_id 51##nopreemptpriority 10advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.11unicast_peer {192.168.156.12192.168.156.13}virtual_ipaddress {192.168.156.101}
}vrrp_instance VI_12 {state BACKUPinterface eth2virtual_router_id 52priority 20#nopreemptadvert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.11unicast_peer {192.168.156.12192.168.156.13}virtual_ipaddress {192.168.156.102}
}vrrp_instance VI_13 {state BACKUPinterface eth2virtual_router_id 53priority 30advert_int 1#nopreemptauthentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.11unicast_peer {192.168.156.12192.168.156.13}virtual_ipaddress {192.168.156.103}
}

 

　　

 

3、 proxy02节点配置

[root@proxy02 ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalivedglobal_defs {router_id LVS_DEVELvrrp_skip_check_adv_addr
#   vrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_sync_group VG1 {group {VI_1VI_11}
}vrrp_sync_group VG2 {group {VI_2VI_12}
}vrrp_sync_group VG3 {group {VI_3VI_13}
}vrrp_instance VI_1 {state BACKUPinterface eth0virtual_router_id 51#nopreemptpriority 20advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.56.12unicast_peer {192.168.56.11192.168.56.13}virtual_ipaddress {192.168.56.101}
}vrrp_instance VI_2 {state BACKUPinterface eth0virtual_router_id 52#nopreemptpriority 30advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.56.12unicast_peer {192.168.56.11192.168.56.13}virtual_ipaddress {192.168.56.102}
}vrrp_instance VI_3 {state BACKUPinterface eth0virtual_router_id 53#nopreemptpriority 10advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.56.12unicast_peer {192.168.56.11192.168.56.13}virtual_ipaddress {192.168.56.103}
}vrrp_instance VI_11 {state BACKUPinterface eth2virtual_router_id 51#nopreemptpriority 20advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.12unicast_peer {192.168.156.11192.168.156.13}virtual_ipaddress {192.168.156.101}
}vrrp_instance VI_12 {state BACKUPinterface eth2virtual_router_id 52#nopreemptpriority 30advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.12unicast_peer {192.168.156.11192.168.156.13}virtual_ipaddress {192.168.156.102}
}vrrp_instance VI_13 {state BACKUPinterface eth2virtual_router_id 53#nopreemptpriority 10advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.12unicast_peer {192.168.156.11192.168.156.13}virtual_ipaddress {192.168.156.103}
}

 

　　

 

4、 proxy03节点配置

[root@proxy03 ~]# cat /etc/keepalived/keepalived.conf 
! Configuration File for keepalivedglobal_defs {
#   notification_email {
#     acassen@firewall.loc
#     failover@firewall.loc
#     sysadmin@firewall.loc
#   }
#   notification_email_from Alexandre.Cassen@firewall.loc
#   smtp_server 192.168.200.1
#   smtp_connect_timeout 30router_id LVS_DEVELvrrp_skip_check_adv_addr
#   vrrp_strictvrrp_garp_interval 0vrrp_gna_interval 0
}vrrp_sync_group VG1 {group {VI_1VI_11}
}vrrp_sync_group VG2 {group {VI_2VI_12}
}vrrp_sync_group VG3 {group {VI_3VI_13}
}vrrp_instance VI_1 {state BACKUPinterface eth0virtual_router_id 51#nopreemptpriority 30advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.56.13unicast_peer {192.168.56.11192.168.56.12}virtual_ipaddress {192.168.56.101}
}vrrp_instance VI_2 {state BACKUPinterface eth0virtual_router_id 52#nopreemptpriority 10advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.56.13unicast_peer {192.168.56.11192.168.56.12}virtual_ipaddress {192.168.56.102}
}vrrp_instance VI_3 {state BACKUPinterface eth0virtual_router_id 53#nopreemptpriority 20advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.56.13unicast_peer {192.168.56.11192.168.56.12}virtual_ipaddress {192.168.56.103}
}vrrp_instance VI_11 {state BACKUPinterface eth2virtual_router_id 51#nopreemptpriority 30advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.13unicast_peer {192.168.156.11192.168.156.12}virtual_ipaddress {192.168.156.101}
}vrrp_instance VI_12 {state BACKUPinterface eth2virtual_router_id 52#nopreemptpriority 10advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.13unicast_peer {192.168.156.11192.168.156.12}virtual_ipaddress {192.168.156.102}
}vrrp_instance VI_13 {state BACKUPinterface eth2virtual_router_id 53#nopreemptpriority 20advert_int 1authentication {auth_type PASSauth_pass 1111
}use_vmacvmac_xmit_baseunicast_src_ip 192.168.156.13unicast_peer {192.168.156.11192.168.156.12}virtual_ipaddress {192.168.156.103}
}

 

　　

 

5、 启动服务

在所有节点操作

# systemctl enable keepalived.service && systemctl start keepalived.service

6、 结果验证

[root@proxy01 ~]# ip add 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:4b:3e:34 brd ff:ff:ff:ff:ff:ffinet 192.168.56.11/24 brd 192.168.56.255 scope global eth0valid_lft forever preferred_lft foreverinet6 fe80::a00:27ff:fe4b:3e34/64 scope link valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:17:a2:bc brd ff:ff:ff:ff:ff:ffinet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic eth1valid_lft 85732sec preferred_lft 85732secinet6 fe80::a00:27ff:fe17:a2bc/64 scope link valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:ff:0e:a8 brd ff:ff:ff:ff:ff:ffinet 192.168.156.11/24 brd 192.168.156.255 scope global eth2valid_lft forever preferred_lft foreverinet6 fe80::a00:27ff:feff:ea8/64 scope link valid_lft forever preferred_lft forever
5: vrrp.51@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
6: vrrp.52@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
7: vrrp.53@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ffinet 192.168.56.103/32 scope global vrrp.53valid_lft forever preferred_lft forever
8: vrrp1.51@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
9: vrrp1.52@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
10: vrrp1.53@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ffinet 192.168.156.103/32 scope global vrrp1.53valid_lft forever preferred_lft forever[root@proxy02 ~]# ip add
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:ee:7d:7e brd ff:ff:ff:ff:ff:ffinet 192.168.56.12/24 brd 192.168.56.255 scope global eth0valid_lft forever preferred_lft foreverinet6 fe80::a00:27ff:feee:7d7e/64 scope link valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:a4:ce:2f brd ff:ff:ff:ff:ff:ffinet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic eth1valid_lft 85717sec preferred_lft 85717secinet6 fe80::a00:27ff:fea4:ce2f/64 scope link valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:6c:16:4d brd ff:ff:ff:ff:ff:ffinet 192.168.156.12/24 brd 192.168.156.255 scope global eth2valid_lft forever preferred_lft foreverinet6 fe80::a00:27ff:fe6c:164d/64 scope link valid_lft forever preferred_lft forever
5: vrrp.51@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
6: vrrp.52@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ffinet 192.168.56.102/32 scope global vrrp.52valid_lft forever preferred_lft forever
7: vrrp.53@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff
8: vrrp1.51@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ff
9: vrrp1.52@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ffinet 192.168.156.102/32 scope global vrrp1.52valid_lft forever preferred_lft forever
10: vrrp1.53@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff[root@proxy03 ~]# ip add 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:87:1a:f0 brd ff:ff:ff:ff:ff:ffinet 192.168.56.13/24 brd 192.168.56.255 scope global eth0valid_lft forever preferred_lft foreverinet6 fe80::a00:27ff:fe87:1af0/64 scope link valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:6e:be:14 brd ff:ff:ff:ff:ff:ffinet 10.0.3.15/24 brd 10.0.3.255 scope global dynamic eth1valid_lft 85696sec preferred_lft 85696secinet6 fe80::a00:27ff:fe6e:be14/64 scope link valid_lft forever preferred_lft forever
4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000link/ether 08:00:27:b0:64:83 brd ff:ff:ff:ff:ff:ffinet 192.168.156.13/24 brd 192.168.156.255 scope global eth2valid_lft forever preferred_lft foreverinet6 fe80::a00:27ff:feb0:6483/64 scope link valid_lft forever preferred_lft forever
5: vrrp.51@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ffinet 192.168.56.101/32 scope global vrrp.51valid_lft forever preferred_lft forever
6: vrrp.52@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
7: vrrp.53@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff
8: vrrp1.51@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:33 brd ff:ff:ff:ff:ff:ffinet 192.168.156.101/32 scope global vrrp1.51valid_lft forever preferred_lft forever
9: vrrp1.52@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:34 brd ff:ff:ff:ff:ff:ff
10: vrrp1.53@eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:00:5e:00:01:35 brd ff:ff:ff:ff:ff:ff

 

7、 总结
　　之前我们用keepalived做集群时一般使用它构建服务器主从，也就是只有一个vip，并且这个vip只是在主节点上，当主节点宕机时，vip漂移到从节点上，从而实现高可用。但随着业务的发展，单个节点随之成为业务的性能瓶颈，及时我们使用的负载均衡再强大，服务器配置再高，也不可能单节点抗住所有流量。而通过这种方案，在keepalived的主从基础上扩展一下，通过配置多个vip，每个keepalived节点互为主从，正常情况下保证所有服务器都能拥有一个vip，然后通过dns负载均衡技术，将业务流量转发到每个vip。从而在一定程度上避免了单服务器的性能瓶颈。