准备工作 1、设备分配
192.168.137.100 master
192.168.137.150 backup
192.168.137.254 vip
2、两台设备均安装keepalived
1
| yum install -y keepalived
|
3、两台设备均安装nginx
主设备配置
1、编辑keepalived配置文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| [iyunv@juispan ~]# > /etc/keepalived/keepalived.conf
[iyunv@juispan ~]# vi /etc/keepalived/keepalived.conf
global_defs {
notification_email { ##出现问题后接收提示的邮箱
test@test.com
}
notification_email_from root@test2.com ##发件人
smtp_server 127.0.0.1 ##邮件服务器
smtp_connect_timeout 30 ##延时
router_id LVS_DEVEL
}
vrrp_script chk_nginx { ##检查服务状态
script "/usr/local/sbin/check_ng.sh"
interval 3
}
vrrp_instance VI_1 { ##定义master相关配置
state MASTER ##设定角色
interface ens33 ##指定发送vrrp包的网卡
virtual_router_id 51 ##定义VRRP RID,要和从设备一致
priority 100 ##优先级,越大越优
advert_int 1
authentication {
auth_type PASS ##定义认证类型
auth_pass 123456 ##认证口令
}
virtual_ipaddress { ##VIP
192.168.137.254
}
track_script {
chk_nginx ##加载定义的chk_nginx脚本
}
}
|
2、编辑监控脚本
如果进程里面没发现nginx那就代表着服务宕机了,然后脚本自动的再次启动nginx服务。 如果服务还是不可以启动,就把启动报错日志输入到指定的位置,然后为防止“脑裂”就把keepalived也关闭。
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
| [iyunv@juispan ~]# vi /usr/local/sbin/check_ng.sh
#!/bin/bash
#时间变量,用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading|wc -l`
#如果进程为0,则启动nginx,并且再次检测nginx进程数量,
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
/etc/init.d/nginx start
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
[iyunv@juispan ~]# chmod 755 /usr/local/sbin/check_ng.sh
|
3、启动服务
1
2
3
4
5
6
| [iyunv@juispan ~]# systemctl start keepalived
[iyunv@juispan ~]# ps aux | grep keep
root 2416 0.0 0.1 111708 1316 ? Ss 19:29 0:00 /usr/sbin/keepalived -D
root 2417 0.0 0.2 111708 2560 ? S 19:29 0:00 /usr/sbin/keepalived -D
root 2418 0.0 0.1 111708 1616 ? S 19:29 0:00 /usr/sbin/keepalived -D
root 2479 0.0 0.0 112664 976 pts/0 S+ 19:29 0:00 grep --color=auto keep
|
4、清空策略并验证
1
2
3
4
5
6
7
8
9
10
11
12
13
| [iyunv@juispan ~]# systemctl stop firewalld
[iyunv@juispan ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[iyunv@juispan ~]# setenforce 0
[iyunv@juispan ~]# less /var/log/messages ##查看日志
[iyunv@juispan ~]# ip addr
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:0c:4d:a8 brd ff:ff:ff:ff:ff:ff
inet 192.168.137.100/24 brd 192.168.137.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.137.254/32 scope global ens33 ##已加载VIP
valid_lft forever preferred_lft forever
|
从设备配置
1、关闭防火墙
1
2
3
4
5
| [iyunv@localhost ~]# systemctl stop firewalld
[iyunv@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service.
[iyunv@localhost ~]# setenforce 0
|
2、配置keepalived文件
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
| [iyunv@localhost ~]# > /etc/keepalived/keepalived.conf
[iyunv@localhost ~]# vi /etc/keepalived/keepalived.conf
global_defs {
notification_email {
test@test.com
}
notification_email_from root@test.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh"
interval 3
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 123456
}
virtual_ipaddress {
192.168.137.254
}
track_script {
chk_nginx
}
}
|
3、编写启动脚本
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
| [iyunv@localhost ~]# vi /usr/local/sbin/check_ng.sh
#时间变量,用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading|wc -l`
#如果进程为0,则启动nginx,并且再次检测nginx进程数量,
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
systemctl start nginx
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
[iyunv@localhost ~]# chmod 755 /usr/local/sbin/check_ng.sh
|
4、启动服务
1
2
3
4
5
6
| [iyunv@localhost ~]# systemctl start keepalived
[iyunv@localhost ~]# ps aux | grep keepalived
root 3266 0.0 0.1 111708 1308 ? Ss 21:30 0:00 /usr/sbin/keepalived -D
root 3267 0.0 0.2 111708 2548 ? S 21:30 0:00 /usr/sbin/keepalived -D
root 3268 0.1 0.1 111708 1620 ? S 21:30 0:00 /usr/sbin/keepalived -D
root 3321 0.0 0.0 112664 976 pts/1 S+ 21:30 0:00 grep --color=auto keepalived
|
测试高可用
1、编辑nginx主页
1
| [iyunv@juispan ~]# echo "this is master" > /usr/share/nginx/html/index.html
|
1
| [iyunv@localhost ~]# echo "this is backup" > /usr/share/nginx/html/index.html
|
2、客户端测试
3、主设备模拟宕机,关闭keepalived服务 除了配置nginx的高可用,也可以配置其他服务的高可用,比如mysql的高可用,但前提是一定要保证双方的数据是一致的。如果主mysql宕机,从mysql的数据一定会和主设备不一致。
|