keepalived实现nginx高可用

最新推荐文章于 2018-12-16 10:56:48 发布

Empty_city_dreams

最新推荐文章于 2018-12-16 10:56:48 发布

阅读量170

点赞数

分类专栏：作业文章标签： keepalived nginx

本文链接：https://blog.csdn.net/Empty_city_dreams/article/details/83620059

版权

作业专栏收录该内容

30 篇文章 0 订阅

订阅专栏

keepalived实现nginx高可用

环境

设备	ip地址
centos7	192.168.89.130
centos7	192.168.89.129

1.两台设备都安装keepalived

[root@localhost ~]# yum -y install epel-release vim wget gcc gcc-c++
[root@localhost ~]# yum install keepalived -y
[root@localhost ~]# rpm -ql keepalived
/etc/keepalived/keepalived.conf     keepalived服务主配置文件
/etc/rc.d/init.d/keepalived         服务启动脚本
/etc/sysconfig/keepalived
/usr/bin/genhash
/usr/lib/systemd/system/keepalived.service    服务控制文件
/usr/libexec/keepalived
/usr/sbin/keepalived

2.两台设备都安装nginx

2.1MASTER端

[root@localhost ~]# yum -y install nginx
[root@localhost ~]#  cd /usr/share/nginx/html/
[root@localhost html]# mv index.html /root/
[root@localhost html]# echo 'master:192.168.89.130' > index.html
[root@localhost html]# systemctl start nginx
[root@localhost html]# systemctl enable nginx
[root@localhost html]# curl http://192.168.89.130
master:192.168.89.130

2.2SLAVE端

[root@localhost ~]# yum -y install nginx
[root@localhost ~]#  cd /usr/share/nginx/html/
[root@localhost html]# mv index.html /root/
[root@localhost html]# echo 'slave:192.168.89.129' > index.html
[root@localhost html]# systemctl start nginx
[root@localhost html]# systemctl enable nginx
[root@localhost html]# curl http://192.168.89.130
master:192.168.89.130

3.keepalived配置

##3.1 配置master端keepalived

[root@localhost html]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
   router_id lb01
}  

vrrp_instance VI_1 {
    state MASTER
    virtual_router_id 51
    priority 100
    advert_int 1
        auth_type PASS
        auth_pass 1111
    }   
    virtual_ipaddress {
        192.168.89.150
    }
}   
virtual_server 192.168.89.150 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 50
    protocol TCP
    
    real_server 192.168.89.130 80 {
        weight 1
        TCP_CHECK {
	    connect_port 80
 	    connect_timeout 3
 	    nb_get_retry 3
 	    delay_before_retry 3
        }
    }
    real_server 192.168.89.129 80 {
        weight 1
        TCP_CHECK {
 	    connect_port 80
 	    connect_timeout 3
 	    nb_get_retry 3
 	    delay_before_retry 3
       }
    }
}
[root@localhost html]# systemctl start keepalived
[root@localhost html]# systemctl enable keepalived

3.2 备用段配置keepalived

[root@localhost html]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id lb02
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
	192.168.89.150
    }
}

virtual_server 192.168.89.150 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 50
    protocol TCP
    
    real_server 192.168.89.130 80 {
        weight 1
        TCP_CHECK {
	    connect_port 80
 	    connect_timeout 3
 	    nb_get_retry 3
 	    delay_before_retry 3
        }
    }
    real_server 192.168.89.129 80 {
        weight 1
        TCP_CHECK {
 	    connect_port 80
 	    connect_timeout 3
 	    nb_get_retry 3
 	    delay_before_retry 3
       }
    }
}
[root@localhost html]# systemctl start keepalived
[root@localhost html]# systemctl enable keepalived

3.3master端查看

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:e1:46:7d brd ff:ff:ff:ff:ff:ff
    inet 192.168.89.130/24 brd 192.168.89.255 scope global noprefixroute dynamic ens33
       valid_lft 1185sec preferred_lft 1185sec
    inet 192.168.89.150/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::ed9:2153:d66f:1db9/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

3.4slave端查看

[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 00:0c:29:47:80:d4 brd ff:ff:ff:ff:ff:ff
    inet 192.168.89.129/24 brd 192.168.89.255 scope global noprefixroute dynamic ens33
       valid_lft 1302sec preferred_lft 1302sec
    inet6 fe80::87d5:9fca:fb19:7de0/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

4.修改内核参数，开启监听VIP功能

4.1master端设置

[root@localhost ~]#  echo 'net.ipv4.ip_nonlocal_bind = 1' >>/etc/sysctl.conf
[root@localhost ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
[root@localhost ~]# cat /proc/sys/net/ipv4/ip_nonlocal_bind
1

4.2slave端设置

[root@localhost ~]# echo 'net.ipv4.ip_nonlocal_bind = 1' >>/etc/sysctl.conf
[root@localhost ~]# sysctl -p
net.ipv4.ip_nonlocal_bind = 1
[root@localhost ~]# cat /proc/sys/net/ipv4/ip_nonlocal_bind
1

5.让keepalived监控nginx负载均衡

5.1在master编写脚本

[root@localhost ~]# vim check_n.sh

#!/bin/bash
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
    systemctl stop keepalived
fi
[root@localhost ~]# vim nptofy.sh

#!/bin/bash
VIP=$2
sendmail (){
	    subject="${VIP}'s server keepalived state is translate"
        content="`date +'%F %T'`: `hostname`'s state change to master"
        echo $content | mail -s "$subject" 664506081@qq.com
}
case "$1" in
 master)
       nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
       if [ $nginx_status -lt 1 ];then
           systemctl start nginx
       fi
       sendmail
 ;;
 backup)
       nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
       if [ $nginx_status -gt 0 ];then
         systemctl stop nginx
       fi
 ;;
 *)
       echo "Usage:$0 master|backup VIP"
 ;;
esac
[root@localhost ~]# ll
总用量 16
-rw-------. 1 root root 1204 9月  27 14:48 anaconda-ks.cfg
-rw-r--r--  1 root root  140 10月 31 11:12 check_n.sh
-rw-r--r--  1 root root 3700 3月   6 2018 index.html
-rw-r--r--  1 root root  557 10月 31 11:13 nptofy.sh
[root@localhost ~]# chmod +x check_n.sh nptofy.sh 
[root@localhost ~]# ll
总用量 16
-rw-------. 1 root root 1204 9月  27 14:48 anaconda-ks.cfg
-rwxr-xr-x  1 root root  140 10月 31 11:12 check_n.sh
-rw-r--r--  1 root root 3700 3月   6 2018 index.html
-rwxr-xr-x  1 root root  557 10月 31 11:13 nptofy.sh
[root@localhost ~]# mkdir /kongbai
[root@localhost ~]# mv check_n.sh nptofy.sh /kongbai/

5.2slave编写脚本

脚本内容一致，直接将master段脚本发送过来即可

[root@localhost ~]# ll
总用量 16
-rw-------. 1 root root 1201 10月 16 19:40 anaconda-ks.cfg
-rwxr-xr-x  1 root root  140 10月 31 11:17 check_n.sh
-rw-r--r--  1 root root 3700 3月   6 2018 index.html
-rwxr-xr-x  1 root root  556 10月 31 11:17 nptofy.sh
[root@localhost ~]# mv check_n.sh nptofy.sh /etc/keepalived/

6.keepalived加入监控脚本的配置

6.1 MASTER端

[root@localhost ~]#  vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id lb01

   script nginx_check {
   script "/kongbai/check_n.sh"
   interval 1
   weight -20
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
	192.168.89.150
    }
    track_script {
    nginx_check
    }
    notify_master "/etc/keepalived/notify.sh master 192.168.89.150"
    notify_backup "/etc/keepalived/notify.sh backup 192.168.89.150"
}

virtual_server 192.168.89.150 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 50
    protocol TCP
    
    real_server 192.168.89.130 80 {
        weight 1
        TCP_CHECK {
	    connect_port 80
 	    connect_timeout 3
 	    nb_get_retry 3
 	    delay_before_retry 3
        }
    }
    real_server 192.168.89.129 80 {
        weight 1
        TCP_CHECK {
 	    connect_port 80
 	    connect_timeout 3
 	    nb_get_retry 3
 	    delay_before_retry 3
       }
    }
}

[root@localhost ~]# systemctl restart keepalived

6.2 SLAVE端

备用段不许需要检测nginx 的是否正常，升级为master是自动启动nginx，降级是关闭

[root@localhost ~]#  vim /etc/keepalived/keepalived.conf
···
vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
	192.168.89.150
    }
    track_script {
    nginx_check
    }
    notify_master "/etc/keepalived/notify.sh master 192.168.89.150"
    notify_backup "/etc/keepalived/notify.sh backup 192.168.89.150"
}
virtual_server 192.168.89.150 80 {
    delay_loop 6
    lb_algo rr
    lb_kind DR
    persistence_timeout 50
    protocol TCP
    
    real_server 192.168.89.130 80 {
        weight 1
        TCP_CHECK {
	    connect_port 80
 	    connect_timeout 3
 	    nb_get_retry 3
 	    delay_before_retry 3
        }
    }
    real_server 192.168.89.129 80 {
        weight 1
        TCP_CHECK {
 	    connect_port 80
 	    connect_timeout 3
 	    nb_get_retry 3
 	    delay_before_retry 3
       }
    }
}
    
[root@localhost ~]# systemctl restart keepalived

7.查看效果

[root@localhost ~]# curl http://192.168.89.150
master:192.168.89.130
[root@localhost ~]# curl http://192.168.89.130
master:192.168.89.130
[root@localhost ~]# curl http://192.168.89.129
slave:192.168.89.129
[root@localhost ~]# nginx -s stop
[root@localhost ~]# curl http://192.168.89.150
curl: (7) Failed connect to 192.168.89.150:80; 拒绝连接    等待一会即可
[root@localhost ~]# curl http://192.168.89.150
slave:192.168.89.129
[root@localhost ~]# nginx
[root@localhost ~]# curl http://192.168.89.150
master:192.168.89.130