keepalived实现nginx负载均衡机高可用
环境说明
| 系统信息 | 主机名 | IP |
|---|---|---|
| redhat7 | hxdserver | 192.168.225.128 |
| redhat7 | localhost | 192.168.225.129 |
keepalived安装
//关闭防火墙和selinux
[root@hxdserver ~]# systemctl stop firewalld
[root@hxdserver ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@hxdserver ~]# setenforce 0
setenforce: SELinux is disabled
[root@hxdserver ~]# sed -ri 's/^(SELINUX=).*/\1disabled/g' /etc/selinux/config
//安装keepalived
[root@hxdserver ~]# yum -y install epel-release vim wget gcc gcc-c++
[root@hxdserver ~]# yum -y install keepalived
在备机上做以上相同操作
//在主备机上分别安装nginx
[root@hxdserver ~]# yum -y install nginx
[root@hxdserver ~]# cd /usr/share/nginx/html/
[root@hxdserver html]# ls
404.html 50x.html index.html nginx-logo.png poweredby.png
[root@hxdserver html]# mv index.html{,.bak}
[root@hxdserver html]# echo 'master'>index.html
[root@hxdserver html]# ls
404.html 50x.html index.html index.html.bak nginx-logo.png poweredby.png
[root@hxdserver html]# systemctl start nginx
[root@hxdserver html]# systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@hxdserver html]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
192.168.225.129
//安装keepalived和nginx
[root@localhost ~]# yum -y install epel-release vim wget gcc gcc-c++
[root@localhost ~]# yum -y install keepalived
[root@localhost ~]# yum -y install nginx
[root@localhost ~]# cd /usr/share/nginx/html/
[root@localhost html]# ls
404.html 50x.html index.html nginx-logo.png poweredby.png
[root@localhost html]# mv index.html{,.bak}
[root@localhost html]# echo 'slave' > index.html
[root@localhost html]# ls
404.html 50x.html index.html index.html.bak nginx-logo.png poweredby.png
[root@localhost html]# systemctl start nginx
[root@localhost html]# systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
分别访问两台服务器的测试页面
- 配置主keepalived
192.168.225.128
//修改配置文件
[root@hxdserver html]# cd /etc/keepalived/
[root@hxdserver keepalived]# ls
keepalived.conf
[root@hxdserver keepalived]# mv keepalived.conf{,.bak}
[root@hxdserver keepalived]# ls
keepalived.conf.bak
[root@hxdserver keepalived]# vim keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass dubai
}
virtual_ipaddress {
192.168.225.250
}
}
virtual_server 192.168.225.250 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.225.128 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.225.129 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
//启动服务
[root@hxdserver ~]# systemctl start keepalived
[root@hxdserver ~]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
- 配置备keepalived
192.168.225.129
//修改配置文件
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass dubai
}
virtual_ipaddress {
192.168.225.250
}
}
virtual_server 192.168.225.250 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.225.128 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.225.129 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
//开启服务
[root@localhost ~]# systemctl start keepalived
[root@localhost ~]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
- 查看VIP在哪
192.168.225.128
[root@hxdserver ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:4b:7c:b8 brd ff:ff:ff:ff:ff:ff
inet 192.168.225.128/24 brd 192.168.225.255 scope global dynamic ens33
valid_lft 1517sec preferred_lft 1517sec
inet 192.168.225.250/32 scope global ens33 //这个就是我所设置的VIP
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe4b:7cb8/64 scope link
valid_lft forever preferred_lft forever
- 在192.168.225.129上查看
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:b8:f7:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.225.129/24 brd 192.168.225.255 scope global dynamic ens33
valid_lft 1325sec preferred_lft 1325sec
inet6 fe80::20c:29ff:feb8:f710/64 scope link
valid_lft forever preferred_lft forever
让keepalived监控nginx负载均衡机
keepalived通过脚本来监控nginx负载均衡机的状态
在master(192.168.225.128)上编写脚本
[root@hxdserver ~]# mkdir /scripts
[root@hxdserver ~]# cd /scripts/
[root@hxdserver scripts]# vim check_n.sh
#!/bin/bash
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl stop keepalived
fi
[root@hxdserver scripts]# chmod +x check_n.sh
[root@hxdserver scripts]# vim notify.sh
#!/bin/bash
VIP=$2
sendmail (){
subject="${VIP}'s server keepalived state is translate"
content="`date +'%F %T'`: `hostname`'s state change to master"
echo $content | mail -s "$subject" 182026@qq.com
}
case "$1" in
master)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl start nginx
fi
sendmail
;;
backup)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -gt 0 ];then
systemctl stop nginx
fi
;;
*)
echo "Usage:$0 master|backup VIP"
;;
esac
[root@hxdserver scripts]# chmod +x notify.sh
[root@hxdserver scripts]# ll
总用量 8
-rwxr-xr-x 1 root root 144 11月 1 15:25 check_n.sh
-rwxr-xr-x 1 root root 612 11月 1 15:20 notify.sh
- 在slave上编写脚本
[root@localhost ~]# mkdir /scripts
[root@localhost ~]# cd /scripts/
[root@localhost scripts]# vim notify.sh
#!/bin/bash
VIP=$2
sendmail (){
subject="${VIP}'s server keepalived state is translate"
content="`date +'%F %T'`: `hostname`'s state change to master"
echo $content | mail -s "$subject" 1820263@qq.com
}
case "$1" in
master)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl start nginx
fi
sendmail
;;
backup)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -gt 0 ];then
systemctl stop nginx
fi
;;
*)
echo "Usage:$0 master|backup VIP"
;;
esac
[root@localhost scripts]# vim check_n.sh
#!/bin/bash
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl stop keepalived
fi
[root@localhost scripts]# chmod +x check_n.sh
[root@localhost scripts]# ll
总用量 8
-rwxr-xr-x. 1 root root 142 11月 1 15:39 check_n.sh
-rwxr-xr-x. 1 root root 657 11月 1 15:36 notify.sh
注意:脚本的名字应避免与服务名相同,推荐用服务名的首字母代替。
- 配置keepalived加入监控脚本的配置
配置主keepalived
192.168.225.128
[root@hxdserver scripts]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_script nginx_check {
script "/scripts/check_n.sh"
interval 1
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass dubai
}
virtual_ipaddress {
192.168.225.250
}
track_script {
nginx_check
}
notify_master "/scripts/notify.sh master 192.168.225.250"
notify_backup "/scripts/notify.sh backup 192.168.225.250"
}
virtual_server 192.168.225.250 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.225.128 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.225.129 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@hxdserver ~]# systemctl restart keepalived
- 配置备keepalived
192.168.225.129
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass dubai
}
virtual_ipaddress {
192.168.225.250
}
notify_master "/scripts/notify.sh master 192.168.225.250"
notify_backup "/scripts/notify.sh backup 192.168.225.250"
}
virtual_server 192.168.225.250 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.225.128 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.225.129 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@localhost ~]# systemctl restart keepalived
访问虚拟ip192.168.225.250
[root@hxdserver ~]# curl http://192.168.225.250
master
模拟master挂了
[root@hxdserver ~]# systemctl stop nginx
[root@hxdserver ~]# curl http://192.168.225.250
slave //再次访问虚拟ip,备就接管了请求
192.168.225.129
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:b8:f7:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.225.129/24 brd 192.168.225.255 scope global dynamic ens33
valid_lft 1462sec preferred_lft 1462sec
inet 192.168.225.250/32 scope global ens33 //虚拟IP会自动跳到backup
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:feb8:f710/64 scope link
valid_lft forever preferred_lft forever
当master的服务修复起来的时候,虚拟IP会被原master抢占回来,若要其不抢占,在配置文件中添加 nopreempt。
手动将原master的nginx和keepalived开启,虚拟IP又会回到原master
[root@hxdserver ~]# systemctl start nginx.service
[root@hxdserver ~]# systemctl start keepalived.service
[root@hxdserver ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:4b:7c:b8 brd ff:ff:ff:ff:ff:ff
inet 192.168.225.128/24 brd 192.168.225.255 scope global dynamic ens33
valid_lft 1428sec preferred_lft 1428sec
inet 192.168.225.250/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe4b:7cb8/64 scope link
valid_lft forever preferred_lft forever
[root@hxdserver ~]# curl http://192.168.225.250
master
在192.168.225.128上安装邮件工具
[root@localhost ~]# yum -y install mailx
将服务都开启,看能否收到邮件通知
[root@hxdserver ~]# systemctl start nginx.service
[root@hxdserver ~]# systemctl start keepalived.service
[root@hxdserver ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:4b:7c:b8 brd ff:ff:ff:ff:ff:ff
inet 192.168.225.128/24 brd 192.168.225.255 scope global dynamic ens33
valid_lft 1406sec preferred_lft 1406sec
inet 192.168.225.250/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe4b:7cb8/64 scope link
valid_lft forever preferred_lft forever
1330
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
