先准备好两台服务器上的nginx
更改/usr/local/nginx/html/index.html,增加ip的显示
keepalived下载及编译安装
wget http://www.keepalived.org/software/keepalived-2.0.13.tar.gz
tar -xzvf keepalived-2.0.13.tar.gz
./configure验证配置
出现提示
configure: error:
!!! OpenSSL is not properly installed on your system. !!!
!!! Can not include OpenSSL headers files. !!!
yum -y install openssl-devel解决
再次./configure验证配置
又提示
*** WARNING - this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS.
按照提示安装libnl及libnl-devel
yum -y install libnl libnl-devel
./configure没有问题
make && make install编译安装
更改配置
vim /etc/keepalived/keepalived.conf
主keepalived配置
! Configuration File for keepalived
vrrp_script check_nginx_alive {
script "/data/check_nginx_alive.sh" #检测nginx进程是否存在的脚本
interval 2 #每2s检查一次
weight -10
}
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL_1 #标识,这个需要全局唯一,其他邮件什么的默认不改
vrrp_skip_check_adv_addr
#vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER #主从设置 MASTER/BACKUP
interface ens33 #网卡名称
virtual_router_id 51 #master和slave的值需要相同
priority 101 #优先级,从节点 配置,需要小于主节点
advert_int 1
authentication { #这是主从之间的认证,需要相同
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.76.100 #设置的虚拟ip地址
}
track_script {
check_nginx_alive #调用的脚本 vrrp_script后面的名称
}
}
virtual_server 192.168.76.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
# persistence_timeout 50
protocol TCP
real_server 192.168.76.130 80 {#实际的服务地址
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
脚本check_nginx_alive.sh(检测nginx进程是否存在,若不存在关闭本机上的keepalived,切换到从服务器)
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ]
then
echo 'nginx server is died'
killall keepalived
else
echo 'nginx server is alived do nothing'
fi
重启keepalived
systemctl restart keepalived
ip addr
从keepalived配置
! Configuration File for keepalived
vrrp_script check_nginx_alive {
script "/data/check_nginx_alive.sh"
interval 2
weight -10
}
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL_2
# vrrp_skip_check_adv_addr
# vrrp_strict
# vrrp_garp_interval 0
# vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state BUCKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.76.100
}
track_script {
check_nginx_alive
}
}
virtual_server 192.168.76.100 80 {
delay_loop 6
lb_algo rr
lb_kind NAT
# persistence_timeout 50
protocol TCP
real_server 192.168.76.129 80 {
weight 1
TCP_CHECK {
connect_timeout 3
# nb_get_retry 3
delay_before_retry 3
connect_port 80
}
}
}
可以看到,已经多个虚拟ip
访问192.168.76.100看看
关闭130上的nginx
查看日志tail -100f /var/log/messages
keepalived已关闭
此时访问192.168.76.100
vip偏移到了129上。
最后总结一下错误经验
一、首先keepalived的配置文件是放在/etc/keepalived/keepalived.conf,启动失败看日志才发现
二、启动成功后,vip生成成功后,访问不了vip,也ping不通,查询发现是vrrp_strict没有注释
对于Keepalived中Master和Backup角色选举策略还不太清楚,学习完成后再来分享
##############################20190418更新
virtual_server配多个,可以支持虚拟路径映射其他的端口