keepalive+nginx集群架构文档
1.准备两台机器A机器:192.168.232.132
B机器:192.168.232.131
A级器作为master,B机器作为backup
2.两台机器都安装:keepalived
A机器
# yum install -y keepalived
B机器
# yum install -y keepalived
3.两台机器上都安装nginx
若是A、B机器没有装nginx服务,可以直接 yum安装
因为我A机器上已经源码包安装编译过nginx了所以就不用再安装了
B机器安装完之后启动nginx
# yum install -y nginx
# service nginx start
Redirecting to /bin/systemctl start nginx.service
# ps aux|grep nginx
root 166870.00.046364 964 ? Ss 11:51 0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx 166880.00.1467641924 ? S 11:51 0:00 nginx: worker process
root 166900.00.0 112676 980 pts/0 R+ 11:51 0:00 grep --color=auto nginx
注意:有时直接yum安装不了,需要安装yum扩展源:yum install -y epel-release
下面是在A机器上操作的
1.更改A机器上的更改keepalived配置文件
默认的配置文件路径在/etc/keepalived/keepalived.conf 清空文件内容
> /etc/keepalived/keepalived.conf 编辑配置文件
vim /etc/keepalived/keepalived.conf 添加加以下内容:
global_defs {
notification_email {
aming@aminglinux.com
}
notification_email_from root@aminglinux.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh"
interval 3
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass aminglinux>com
}
virtual_ipaddress {
192.168.232.100
}
track_script {
chk_nginx
}
}
这里需要注意的是:"virtual_ipaddress"也就是所谓的vip我们设置为192.168.232.100
2.定义监控脚本
脚本路径在keepalived配置文件中有定义,路径为/usr/local/sbin/check_ng.sh
编辑配置文件:
vim /usr/local/sbin/check_ng.sh 增加以下内容:
#!/bin/bash
#时间变量,用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading|wc -l`
#如果进程为0,则启动nginx,并且再次检测nginx进程数量,
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
/etc/init.d/nginx start
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0"]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
3.脚本创建完之后,还需要改变脚本的权限(不更改权限,就无法自动加载脚本,那就无法启动keepalived服务)
# chmod 755 /usr/local/sbin/check_ng.sh 4.启动keepalived服务,并查看是否启动成功
# systemctl start keepalived
# ps aux |grep keepalived
root 346530.00.1 1186521400 ? Ss 12:16 0:00 /usr/sbin/keepalived -D
root 346540.00.2 1228522392 ? S 12:16 0:00 /usr/sbin/keepalived -D
root 346550.00.2 1228522448 ? S 12:16 0:00 /usr/sbin/keepalived -D
root 346610.00.0 112720 988 pts/1 S+ 12:16 0:00 grep --color=auto keepalived
启动不成功,有可能是防火墙未关闭或者规则限制导致的
systemctl stop firewalld 关闭firewalld
iptables -nvL查看防火墙
setenforce 0 临时关闭selinux
getenforce命令查看是否为Permissive
这时再来启动keepalived,就会看到keepalived进程服务了
5.这时停止nginx服务
/etc/init.d/nginx stop 再来查看nginx服务进程,会看到自动加载了
# /etc/init.d/nginx stop
Stopping nginx (via systemctl): [确定]
# ps aux |grep nginx
root 348130.00.020548 628 ? Ss 12:17 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf
nobody 348170.00.3229923216 ? S 12:17 0:00 nginx: worker process
nobody 348180.00.3229923216 ? S 12:17 0:00 nginx: worker process
root 348320.00.0 112720 984 pts/1 R+ 12:17 0:00 grep --color=auto nginx
6.查看ip地址,使用 ip add 命令,可以查看到vip192.168.232.100
# ip add
1: lo:mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:c2:05:5a brd ff:ff:ff:ff:ff:ff
inet 192.168.232.132/24 brd 192.168.232.255 scope global dynamic ens33
valid_lft 1559sec preferred_lft 1559sec
inet 192.168.232.100/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fec2:55a/64 scope link
valid_lft forever preferred_lft forever
以下是B机器上的配置
1.自定义B机器keepalived配置文件,更改虚拟IP和主一样的,首先清空B机器keepalived里面自带的配置文件
配置文件路径:/etc/keepalived/keepalived.conf
清空:> /etc/keepalived/keepalived.conf
编辑配置文件:
# vim /etc/keepalived/keepalived.conf 增加以下内容:
global_defs {
notification_email {
aming@aminglinux.com
}
notification_email_from root@aminglinux.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh"
interval 3
}
vrrp_instance VI_1 {
state BACKUP //这里 和master不一样的名字
interface eno16777736 //网卡和当前机器一致,否则无法启动keepalived服务
virtual_router_id 51 //和主机器 保持一致
priority 90 //权重,要比主机器小的数值
advert_int 1
authentication {
auth_type PASS
auth_pass aminglinux>com
}
virtual_ipaddress {
192.168.74.100 //这里更改为192.168.232.100
}
track_script {
chk_nginx
}
}
2.定义监控脚本,路径再keepalived里面已定义过
# vim /usr/local/sbin/check_ng.sh 增加以下内容:
#时间变量,用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading|wc -l`
#如果进程为0,则启动nginx,并且再次检测nginx进程数量,
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
systemctl start nginx
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0"]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
3.改动脚本的权限,设置为755权限
# chmod 755 /usr/local/sbin/check_ng.sh 4.启动keepalived服务:
# systemctl start keepalived
# ps aux |grep keep
root 191340.00.1 1186081384 ? Ss 12:33 0:00 /usr/sbin/keepalived -D
root 191350.00.2 1228042384 ? S 12:33 0:00 /usr/sbin/keepalived -D
root 191360.00.2 1228042424 ? S 12:33 0:00 /usr/sbin/keepalived -D
root 191430.00.0 112676 984 pts/0 R+ 12:33 0:00 grep --color=auto keep
区分主和从上的nginx
1.A机器,是源码包安装的nginx(PS:这是lnmp配置好的环境虚拟主机内容)
# cat /usr/local/nginx/conf/vhost/aaa.com.conf
server
{
listen 80 default_server;
server_name aaa.com;
index index.html index.htm index.php;
root /data/wwwroot/default;
}
2.索引页:
# cat /data/wwwroot/default/index.html
This is the default sete.
# vim /data/wwwroot/default/index.html #增加内容
master This is the default sete.
3.用网页查看
B机器是yum安装的nginx
默认的索引页在 /usr/share/nginx/html/index.html
# vim /usr/share/nginx/html/index.html #增加内容
backup backup.
网页查看
访问192.168.132.100这个VIP会看到和主机器(即A机器相同的内容),说明现在访问到的是机器master,VIP在master上
测试高可用
1.模拟线上生产环境,主机器宕机环境,最简单直接的方法,就是直接关闭keepalived服务
关闭master机器(即A机器)上的keepalived服务关闭
查看A机器上的VIP被已经释放掉了
# systemctl start keepalived
# ip add
1: lo:mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:c2:05:5a brd ff:ff:ff:ff:ff:ff
inet 192.168.232.132/24 brd 192.168.232.255 scope global dynamic ens33
valid_lft 1532sec preferred_lft 1532sec
inet6 fe80::20c:29ff:fec2:55a/64 scope link
valid_lft forever preferred_lft forever
2.查看backup机器(即B机器)发现它在监听VIP
# ip add
1: lo:mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:fb:fc:6f brd ff:ff:ff:ff:ff:ff
inet 192.168.232.131/24 brd 192.168.232.255 scope global dynamic ens33
valid_lft 1179sec preferred_lft 1179sec
inet 192.168.232.100/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fefb:fc6f/64 scope link
valid_lft forever preferred_lft forever
3.浏览器访问vip,会看到已经变成backup机器上的了
这证明成功了,当A机器出现问题B机器就顶了上去
页:
[1]