adopt vrrp Protocol timing broadcast request , as long as vip When the node is disconnected, it will drift vip, Achieve high business availability , This kind of scene and CLB What's the difference? ？

• CLB It is more suitable for load sharing scenarios , More comprehensive functions
• HAVIP It is more suitable for active and standby redundancy scenarios , No device is required to forward the request , Shorter links
• CLB and HAVIP They don't offer the ability to take the initiative to go out , They all provide services passively

This article will use the mainstream high availability software keepalived To configure havip

One 、 establish havip

Location ： Private network console -> IP With the network card -> High availability virtual IP

Select the corresponding private network and subnet ,IP Address automatic or manual , Manually fill in here as 10.0.1.100, Will use this IP As VIP

Create a good state ： Unbound server

Don't misunderstand. , This is not a manual binding on the console , You need to create on the instance machine keepalived And configure the VIP, After the configuration is successful, the status here will automatically change to successful .

Two 、 install keepalived

It was used Centos and Debian Two testing machines , Install from software source keepalived that will do , If you want to compile and install, you can , But make sure keepalived Version in 1.2.24 above , Don't ask why , The official recommendation .

Here are Debian Of popcon The statistical keepalived Wrapped in Debian Trend of popularity in the Department , It can be seen from 04 It has been strong since , Up to now, it is still the mainstream high availability software .

The software source is installed directly ,redhat Series uses yum：

apt install keepalived -y #Debian system 
yum install keepalived -y #Redhat system 

Compilation and installation , Address of each version ： http://www.keepalived.org/download.html

wget https://www.keepalived.org/software/keepalived-2.2.2.tar.gz # At present, the latest official stable edition 
tar xf keepalived-2.2.2.tar.gz  # decompression 
./configure # Don't specify --prefix The path is installed in by default /usr/local
make && make install

The main difference between compiling and installing and installing from the software source is that the installation path is different , The versions are different , The former is more flexible , The latter is more convenient , Of course, if you want to use dpkg pack deb It's not impossible , Or build your own private software source ,keepalived You can highly customize the version and configuration , I won't go into details here , It mainly talks about configuration from the way of software source installation .

3、 ... and 、 To configure MASTER and BACKUP

The test environment is as follows ：

master and backup Under both configurations /etc/hosts, Make sure node Corresponding ip：

$ grep node /etc/hosts
10.0.1.4 node1
10.0.1.2 node2
$

And make sure iptables/selinux Waiting will not be an obstacle

$ iptables -F 
$ iptables -X
$ vim /etc/selinux/config
SELINUX=disabled # Modify this parameter , Effective after restart 
$ setenforce 0 # Provisional entry into force , No need to reboot 

1. To configure MASTER

First, make sure that the network card supports multicast ：

$ ifconfig eth0  
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 10.0.1.4  netmask 255.255.255.0  broadcast 10.0.1.255
        inet6 fe80::5054:ff:fe51:1628  prefixlen 64  scopeid 0x20<link>
        ether 52:54:00:51:16:28  txqueuelen 1000  (Ethernet)
        RX packets 7042  bytes 5398491 (5.1 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 3789  bytes 229307 (223.9 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

$ 

flags Yes MULTICAST Description supports multicast , Turn on / Turn off the multicast method ：

$ ip link set multicast on dev eth0  # Enable multicast 
$ ip link set multicast off dev eth0 # Turn off multicast 

Installed from the software source ,keepalived Default path of configuration file ：/etc/keepalived/keepalived.conf

meanwhile Debian Tied /etc/keepalived/ No, keepalived.conf file , It can be downloaded from /usr/share/doc/keepalived/samples/keepalived.conf.sample Copy a sample configuration ：

[email protected]:~$ cd /etc/keepalived/
[email protected]:/etc/keepalived$ cp /usr/share/doc/keepalived/samples/keepalived.conf.sample ./keepalived.conf 
# Remove the suffix and make it the main configuration file 
[email protected]:/etc/keepalived$

Edit the configuration file as follows ：

$ vim keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
        [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node1
   vrrp_mcast_group4 224.1.101.33   !  Multicast address , As long as it is 224 At the beginning 
}

vrrp_instance VI_1 {
    state MASTER      ! Master node 
    priority 100      ! priority 
    interface eth0    ！ Specify network card 
    virtual_router_id 33
    nopreempt         ！ Non preemptive mode , When vip Drift to backup after , Even if master Normal resumption of business ,vip Nor drift to master
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass Rokasvip  !  Just random strings 
}
    virtual_ipaddress {
        10.0.1.100/24 dev eth0 label eth0:0   !  Specify the requested havip Address , Configure with the network card alias 
    }
}
$

2. To configure BACKUP

Similarly, confirm whether multicast is enabled , To configure BACKUP Of keepalived file ：

$ vim keepalived.conf
! Configuration File for keepalived

global_defs {
   notification_email {
        [email protected]
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id node1
   vrrp_mcast_group4 224.1.101.33   !  Multicast address , As long as it is 224 At the beginning 
}

vrrp_instance VI_1 {
    state BACKUP     ! For the node 
    priority 96      ! priority 
    interface eth0   ！ Specify network card 
    virtual_router_id 33
    nopreempt         ！ Non preemptive mode , When vip Drift to backup after , Even if master Normal resumption of business ,vip Nor drift to master
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass Rokasvip  !  Just random strings 
}
    virtual_ipaddress {
        10.0.1.100/24 dev eth0 label eth0:0   !  Specify the requested havip Address , Configure with the network card alias 
    }
}
$

3. Start the service and test the validation

$ systemctl start keepalived
$ ip addr show eth0

You can see vip Already on the primary node node1 Yes , And keep sending ARP Probe IP If there is something wrong , At the same time, Tencent cloud console displays HAVIP The state automatically changes to normal state ：

You can see , The active and standby nodes send their own messages like broadcast addresses every second VRRP state , Negotiate drift through this interaction VIP

4.HAVIP binding EIP Provide public network capability

optional , If there is a public network demand , to HAVIP Bind one EIP that will do .