基于keepalived、redis sentinel的高可用redis集群

硬件

机器名IP作用master192.168.0.2redis的master服务器slave1192.168.0.3redis的slave服务器slave2192.168.0.4redis的slave服务器route1192.168.0.5【虚拟IP：192.168.0.7】keepalived和redis sentinel服务器，承载写redis的VIP【虚拟ip】，做写的双机热备的主master指定route2192.168.0.6【虚拟IP：192.168.0.8】keepalived和redis sentinel服务器，承载读redis的VIP，做读的负载均衡和写的双机热备的master备份路由指定

安装与配置见此文安装与配置

详细的keepalived配置，route1

! Configuration File for keepalivedglobal_defs {   notification_email {     邮箱   }   notification_email_from 邮箱   smtp_server 邮箱服务器地址   smtp_connect_timeout 30   router_id LVS_DEVEL}vrrp_instance VI_1 {    state MASTER    interface eth0 #eth0是要绑定的网卡    virtual_router_id 100 #同一个vrrp_instance中的值必须一样      priority 160   #master的值要高于backup的    advert_int 1      authentication {        auth_type PASS        auth_pass 1111    }        virtual_ipaddress {        192.168.0.7  #用于双机热备的虚拟ip    }   }virtual_server 192.168.0.7 6379 {    delay_loop 3    lb_algo wrr    lb_kind DR    persistence_timeout 30    protocol TCP    real_server 192.168.0.2 6379 {        weight 8        notify_down redis服务失败后要执行的脚本的路径/脚本名  #服务失败后要执行的脚本        TCP_CHECK {        connect_timeout 1        nb_get_retry 3        delay_before_retry 3        connect_port 6379        }    }}

route2的配置文件

! Configuration File for keepalivedglobal_defs {   notification_email {    邮箱   }   notification_email_from 邮箱   smtp_server 邮箱服务器地址   smtp_connect_timeout 30   router_id LVS_DEVEL}vrrp_instance VI_1 {    state MASTER    interface eth0 #eth0是要绑定的网卡    virtual_router_id 100 #同一个vrrp_instance中的值必须一样      priority 160   #master的值要高于backup的    advert_int 1      authentication {        auth_type PASS        auth_pass 1111    }        virtual_ipaddress {        192.168.0.7  #用于双机热备的虚拟ip    }   notify_master "/etc/script/redis.sh"}vrrp_instance VI_2 {    state MASTER  #将此slave作为读数据的master    interface eth0    virtual_router_id 101    priority 151    advert_int 1    authentication {    auth_type PASS    auth_pass 1111    }    virtual_ipaddress {    192.168.0.8  #用于读取数据的负载均衡的虚拟ip    }}virtual_server 192.168.0.7 6379 {    delay_loop 3    lb_algo wrr    lb_kind DR    persistence_timeout 30    protocol TCP        real_server 192.168.0.3 6379 {        weight 8        TCP_CHECK {        connect_timeout 10        nb_get_retry 3        delay_before_retry 3        connect_port 6379        }    }}virtual_server 192.168.0.8 6379 {    delay_loop 3    lb_algo wrr    lb_kind DR    persistence_timeout 30    protocol TCP    real_server 192.168.0.3 6379 {        weight 5        TCP_CHECK {        connect_timeout 10        nb_get_retry 3        delay_before_retry 3        connect_port 6379        }    }    real_server 192.168.0.4 6379 {        weight 5        TCP_CHECK {        connect_timeout 10        nb_get_retry 3        delay_before_retry 3        connect_port 6379        }    }}

redis维护脚本redis.sh

#!/usr/bin/env bash/usr/local/bin/redis-cli -h 192.168.0.2 -p 6379 shutdown/usr/local/bin/redis-cli -h 192.168.0.3 -p 6379 config set appendonly no

此脚本用在route2的notify_master，即当route2进入master时执行

设置redis的主从关系

设置redis的sentinel，配置文件

# Example sentinel.conf# port <sentinel-port># The port that this sentinel instance will run onport 26379# sentinel monitor <master-name> <ip> <redis-port> <quorum>## Tells Sentinel to monitor this slave, and to consider it in O_DOWN# (Objectively Down) state only if at least <quorum> sentinels agree.## Note: master name should not include special characters or spaces.# The valid charset is A-z 0-9 and the three characters ".-_".sentinel monitor mymaster 192.168.0.2 6379 2 #此处的意思是需要两个哨兵来确认服务是否挂掉# sentinel auth-pass <master-name> <password>## Set the password to use to authenticate with the master and slaves.# Useful if there is a password set in the Redis instances to monitor.## Note that the master password is also used for slaves, so it is not# possible to set a different password in masters and slaves instances# if you want to be able to monitor these instances with Sentinel.## However you can have Redis instances without the authentication enabled# mixed with Redis instances requiring the authentication (as long as the# password set is the same for all the instances requiring the password) as# the AUTH command will have no effect in Redis instances with authentication# switched off.## Example:## sentinel auth-pass mymaster MySUPER--secret-0123passw0rd# sentinel down-after-milliseconds <master-name> <milliseconds>## Number of milliseconds the master (or any attached slave or sentinel) should# be unreachable (as in, not acceptable reply to PING, continuously, for the# specified period) in order to consider it in S_DOWN state (Subjectively# Down).## Default is 30 seconds.sentinel down-after-milliseconds mymaster 5000# sentinel can-failover <master-name> <yes|no>## Specify if this Sentinel can start the failover for this master.sentinel can-failover mymaster yes# sentinel parallel-syncs <master-name> <numslaves>## How many slaves we can reconfigure to point to the new slave simultaneously# during the failover. Use a low number if you use the slaves to serve query# to avoid that all the slaves will be unreachable at about the same# time while performing the synchronization with the master.sentinel parallel-syncs mymaster 1# sentinel failover-timeout <master-name> <milliseconds>## Specifies the failover timeout in milliseconds. When this time has elapsed# without any progress in the failover process, it is considered concluded by# the sentinel even if not all the attached slaves were correctly configured# to replicate with the new master (however a "best effort" SLAVEOF command# is sent to all the slaves before).## Also when 25% of this time has elapsed without any advancement, and there# is a leader switch (the sentinel did not started the failover but is now# elected as leader), the sentinel will continue the failover doing a# "takeover".## Default is 15 minutes.sentinel failover-timeout mymaster 90000# SCRIPTS EXECUTION## sentinel notification-script and sentinel reconfig-script are used in order# to configure scripts that are called to notify the system administrator# or to reconfigure clients after a failover. The scripts are executed# with the following rules for error handling:## If script exists with "1" the execution is retried later (up to a maximum# number of times currently set to 10).## If script exists with "2" (or an higher value) the script execution is# not retried.## If script terminates because it receives a signal the behavior is the same# as exit code 1.## A script has a maximum running time of 60 seconds. After this limit is# reached the script is terminated with a SIGKILL and the execution retried.# NOTIFICATION SCRIPT## sentinel notification-script <master-name> <script-path># # Call the specified notification script for any sentienl event that is# generated in the WARNING level (for instance -sdown, -odown, and so forth).# This script should notify the system administrator via email, SMS, or any# other messaging system, that there is something wrong with the monitored# Redis systems.## The script is called with just two arguments: the first is the event type# and the second the event description.## The script must exist and be executable in order for sentinel to start if# this option is provided.## Example:## sentinel notification-script mymaster /var/redis/notify.sh# CLIENTS RECONFIGURATION SCRIPT## sentinel client-reconfig-script <master-name> <script-path>## When the failover starts, ends, or is aborted, a script can be called in# order to perform application-specific tasks to notify the clients that the# configuration has changed and the master is at a different address.# # The script is called in the following cases:## Failover started (a slave is already promoted)# Failover finished (all the additional slaves already reconfigured)# Failover aborted (in that case the script was previously called when the#                   failover started, and now gets called again with swapped#                   addresses).## The following arguments are passed to the script:## <master-name> <role> <state> <from-ip> <from-port> <to-ip> <to-port>## <state> is "start", "end" or "abort"# <role> is either "leader" or "observer"# # The arguments from-ip, from-port, to-ip, to-port are used to communicate# the old address of the master and the new address of the elected slave# (now a master) in the case state is "start" or "end".## For abort instead the "from" is the address of the promoted slave and# "to" is the address of the original master address, since the failover# was aborted.## This script should be resistant to multiple invocations.## Example:## sentinel client-reconfig-script mymaster /var/redis/reconfig.sh

需要特别注意的配置，如果没有这个配置就会发生keepalived不转发的的问题，而且是如果redis和keepalive是同一台机器，会转发，但是如果相互间独立，则realserver收不到转发包

配置master
vim /etc/sysctl.conf,添加内容如下

net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2net.ipv4.conf.all.arp_ignore = 1net.ipv4.conf.all.arp_announce = 2

执行命令

sysctl -pip addr add 192.168.0.7/32 dev loip add list

lo环上出现了指定的ip即可

配置slave1

vim /etc/sysctl.conf,添加内容如下

net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2net.ipv4.conf.all.arp_ignore = 1net.ipv4.conf.all.arp_announce = 2

执行命令

sysctl -pip addr add 192.168.0.7/32 dev lo
ip addr add 192.168.0.8/32 dev lo
ip add list

配置slave2

vim /etc/sysctl.conf,添加内容如下

net.ipv4.conf.lo.arp_ignore = 1net.ipv4.conf.lo.arp_announce = 2net.ipv4.conf.all.arp_ignore = 1net.ipv4.conf.all.arp_announce = 2

执行命令

sysctl -pip addr add 192.168.0.8/32 dev loip add list

设置sentinel

redis 的sentinel在配置文件中设定为2，所以route1和route2两台机器都需要配置

启动redis的sentinel

/usr/local/bin/redis-server /etc/redis/sentinel.conf --sentinel