keepalived实现nginx高可用

环境说明

系统信息 主机名 IP
rhel7 master 192.168.102.11
rhel7 slave 192.168.102.12

高可用虚拟ip暂定为192.168.102.100

Keepalived安装

配置主keepalived
配置网络源

//关闭防火墙、selinux
[[email protected] ~]# systemctl stop firewalld
[[email protected] ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[[email protected] ~]# setenforce 0
[[email protected] ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//安装epel源和gcc等工具
[[email protected] ~]# yum -y install epel-release vim wget gcc gcc-c++
//安装Keepalived
[[email protected] ~]# yum -y install keepalived
//查看安装生成的文件
[[email protected] ~]# rpm -ql keepalived
/etc/keepalived			//配置目录
/etc/keepalived/keepalived.conf			//此为主配置文件
/etc/sysconfig/keepalived
/usr/bin/genhash
/usr/lib/systemd/system/keepalived.service			//此为服务控制文件
/usr/libexec/keepalived
/usr/sbin/keepalived
...

用同样的方法在备服务器上安装Keepalived

配置网络源

[[email protected] ~]# systemctl stop firewalld
[[email protected] ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[[email protected] ~]# setenforce 0
[[email protected] ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
[[email protected] ~]# yum -y install epel-release vim wget gcc gcc-c++
[[email protected] ~]# yum -y install keepalived

在主备机上分别安装nginx

在master上安装nginx

[[email protected] ~]# yum -y install nginx
[[email protected] ~]# cd /usr/share/nginx/html/
[[email protected] html]# ls
404.html  50x.html  index.html  nginx-logo.png  poweredby.png
[[email protected] html]# mv index.html{,.bak}
[[email protected] html]# echo 'master' > index.html
[[email protected] html]# ls
404.html  index.html      nginx-logo.png
50x.html  index.html.bak  poweredby.png
[[email protected] html]# systemctl start nginx
[[email protected] html]# systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[[email protected] html]# ss -antl
State       Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN      0      128     *:80                  *:*                  
LISTEN      0      128     *:22                  *:*                  
LISTEN      0      100    127.0.0.1:25                  *:*                  
LISTEN      0      128    :::80                 :::*                  
LISTEN      0      128    :::22                 :::*                  
LISTEN      0      100       ::1:25                 :::*

在slave上安装nginx

[[email protected] ~]# yum -y install nginx
[[email protected] ~]# cd /usr/share/nginx/html/
[[email protected] html]# ls
404.html  50x.html  index.html  nginx-logo.png  poweredby.png
[[email protected] html]# mv index.html{,.bak}
[[email protected] html]# echo 'slave' > index.html
[[email protected] html]# ls
404.html  index.html      nginx-logo.png
50x.html  index.html.bak  poweredby.png
[[email protected] html]# systemctl start nginx
[[email protected] html]# systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.

在游览器上访问试试,确保master上的nginx服务能够正常访问

Keepalived配置

配置主Keepalived

//备份
[[email protected] html]# cd /etc/keepalived/
[[email protected] keepalived]# ls
keepalived.conf
[[email protected] keepalived]# mv keepalived.conf{,20181101}
[[email protected] keepalived]# ls
keepalived.conf20181101
[[email protected] keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
 router_id lb01
}
vrrp_instance VI_1 {
 state MASTER
 interface ens33
 virtual_router_id 51
 priority 100
 advert_int 1
 authentication {
 auth_type PASS
 auth_pass lishuai!
 }
 virtual_ipaddress {
 192.168.102.100
 }
}
virtual_server 192.168.102.100 80 {
 delay_loop 6
 lb_algo rr
 lb_kind DR
 persistence_timeout 50
 protocol TCP
 real_server 192.168.102.11 80 {
 weight 1
 TCP_CHECK {
 connect_port 80
 connect_timeout 3
 nb_get_retry 3
 delay_before_retry 3
 }
 }
 real_server 192.168.102.12 80 {
 weight 1
 TCP_CHECK {
 connect_port 80
 connect_timeout 3
 nb_get_retry 3
 delay_before_retry 3
 }
 }
}
[[email protected] keepalived]# systemctl start keepalived.service 
[[email protected] keepalived]# systemctl enable keepalived.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[[email protected] keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:6e:33:ed brd ff:ff:ff:ff:ff:ff
    inet 192.168.102.11/24 brd 192.168.102.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.102.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::964e:1803:187a:e45a/64 scope link 
       valid_lft forever preferred_lft forever

配置备Keepalived

[[email protected] html]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
 router_id lb02
}
vrrp_instance VI_1 {
 state BACKUP
 interface ens33
 virtual_router_id 51
 priority 90
 advert_int 1
 authentication {
 auth_type PASS
 auth_pass lishuai!
 }
 virtual_ipaddress {
 192.168.102.100
 }
}
virtual_server 192.168.102.100 80 {
 delay_loop 6
 lb_algo rr
 lb_kind DR
 persistence_timeout 50
 protocol TCP
 real_server 192.168.102.11 80 {
 weight 1
 TCP_CHECK {
 connect_port 80
 connect_timeout 3
 nb_get_retry 3
 delay_before_retry 3
 }
 }
 real_server 192.168.102.12 80 {
 weight 1
 TCP_CHECK {
 connect_port 80
 connect_timeout 3
 nb_get_retry 3
 delay_before_retry 3
 }
 }
}
[[email protected] html]# systemctl start keepalived.service 
[[email protected] html]# systemctl restart keepalived.service

查看VIP在哪里

在master上查看
[[email protected] keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:6e:33:ed brd ff:ff:ff:ff:ff:ff
    inet 192.168.102.11/24 brd 192.168.102.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.102.100/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::964e:1803:187a:e45a/64 scope link 
       valid_lft forever preferred_lft forever
在slave上查看
[[email protected] html]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:d7:55:24 brd ff:ff:ff:ff:ff:ff
    inet 192.168.102.12/24 brd 192.168.102.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::8e9a:25f7:4078:a18d/64 scope link 
       valid_lft forever preferred_lft forever

让Keepalived监控nginx负载均衡机

Keepalived通过脚本来监控nginx负载均衡机的状态

在master上编写脚本

[[email protected] ~]# mkdir /scripts
[[email protected] ~]# cd /scripts/
[[email protected] scripts]# vim check_n.sh
#!/bin/bash
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
 systemctl stop keepalived
fi
[[email protected] scripts]# chmod +x check_n.sh 
[[email protected] scripts]# ll
total 4
-rwxr-xr-x. 1 root root 139 Oct 23 10:03 check_n.sh
[[email protected] scripts]# vim notify.sh
#!/bin/bash
VIP=$2
sendmail (){
 subject="${VIP}'s server keepalived state is translate"
 content="`date +'%F %T'`: `hostname`'s state change to master"
 echo $content | mail -s "$subject" [email protected]
}
case "$1" in
 master)
 nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
 if [ $nginx_status -lt 1 ];then
 systemctl start nginx
 fi
 sendmail
 ;;
 backup)
 nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
 if [ $nginx_status -gt 0 ];then
 systemctl stop nginx
 fi
 ;;
 *)
 echo "Usage:$0 master|backup VIP"
 ;;
esac
[[email protected] scripts]# chmod +x notify.sh 
[[email protected] scripts]# ll
total 8
-rwxr-xr-x. 1 root root 139 Oct 23 10:03 check_n.sh
-rwxr-xr-x. 1 root root 544 Oct 23 10:08 notify.sh

把脚本notify.sh拷贝一份到备服务器

备
[[email protected] ~]# mkdir /scripts
主
[[email protected] scripts]# scp notify.sh 192.168.102.12:/scripts/

配置Keepalived加入监控脚本的配置

配置主Keepalived

[[email protected] ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
 router_id lb01
}
vrrp_script nginx_check {
 script "/scripts/check_n.sh"
 interval 1
 weight -20
}
vrrp_instance VI_1 {
 state MASTER
 interface ens33
 virtual_router_id 51
 priority 100
 advert_int 1
 authentication {
 auth_type PASS
 auth_pass lishuai!
 }
 virtual_ipaddress {
 192.168.102.100
 }
 track_script {
 nginx_check
 }
 notify_master "/scripts/notify.sh master 192.168.102.100"
 notify_backup "/scripts/notify.sh backup 192.168.102.100"
}
virtual_server 192.168.102.100 80 {
 delay_loop 6
 lb_algo rr
 lb_kind DR
 persistence_timeout 50
 protocol TCP
 real_server 192.168.102.11 80 {
 weight 1
 TCP_CHECK {
 connect_port 80
 connect_timeout 3
 nb_get_retry 3
 delay_before_retry 3
 }
 }
 real_server 192.168.102.12 80 {
 weight 1
 TCP_CHECK {
 connect_port 80
 connect_timeout 3
 nb_get_retry 3
 delay_before_retry 3
 }
 }
}
[[email protected] ~]# systemctl restart keepalived.service

配置Keepalived

backup无需检测nginx是否正常,当升级为master时启动nginx,当降级为backup时关闭

[[email protected] ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
 router_id lb02
}
vrrp_instance VI_1 {
 state BACKUP
 interface ens33
 virtual_router_id 51
 priority 90
 nopreempt
 advert_int 1
 authentication {
 auth_type PASS
 auth_pass lishuai!
 }
 virtual_ipaddress {
 192.168.102.100
 }
 notify_master "/scripts/notify.sh master 192.168.102.100"
 notify_backup "/scripts/notify.sh backup 192.168.102.100"
}
virtual_server 192.168.102.100 80 {
 delay_loop 6
 lb_algo rr
 lb_kind DR
 persistence_timeout 50
 protocol TCP
 real_server 192.168.102.11 80 {
 weight 1
 TCP_CHECK {
 connect_port 80
 connect_timeout 3
 nb_get_retry 3
 delay_before_retry 3
 }
 }
 real_server 192.168.102.12 80 {
 weight 1
 TCP_CHECK {
 connect_port 80
 connect_timeout 3
 nb_get_retry 3
 delay_before_retry 3
 }
 }
}
[[email protected] ~]# systemctl restart keepalived.service

测试

用游览器访问虚拟ip

keepalived实现nginx高可用
将主的nginx停掉

[[email protected] ~]# systemctl stop nginx
[[email protected] ~]# ss -antl
State      Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN     0      128     *:22                  *:*                  
LISTEN     0      100    127.0.0.1:25                  *:*                  
LISTEN     0      128    :::22                 :::*                  
LISTEN     0      100       ::1:25                 :::*

收到邮件说明脚本邮件报警没问题
keepalived实现nginx高可用
刷新一下游览器
keepalived实现nginx高可用
先把主的nginx启动再启动Keepalived,然后刷新一下游览器
keepalived实现nginx高可用
收到邮件
keepalived实现nginx高可用

相关文章:

猜你喜欢
相关资源
相似解决方案
热门标签
Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode