Centos7中KeepAlived&Nginx高可用
一.部署前规划
| 角色 | 操作系统 | IP |
|---|---|---|
| master | Centos7.8 | 192.168.56.101 |
| backup | Centos7.8 | 192.168.56.102 |
二.keepalived安装
在两台机器上执行安装
yum install -y keepalived
三.master角色配置(192.168.56.101)
/etc/keepalived/keepalived.conf
注意这里:interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。
cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/etc/keepalived/scripts/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface enp0s3
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.56.140
}
}
EOF
编写nginx进程检查的脚本
/etc/keepalived/scripts/nginx_check.sh
##
mkdir /etc/keepalived/scripts/
##
cat > /etc/keepalived/scripts/nginx_check.sh <<EOF
#!/bin/bash
result=\`pidof nginx\`
if [ ! -z "\${result}" ];
then
exit 0
else
exit 1
fi
EOF
##
chmod +x /etc/keepalived/scripts/nginx_check.sh
四.backup角色配置(192.168.56.102)
/etc/keepalived/keepalived.conf
注意这里:interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。
cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/etc/keepalived/scripts/nginx_check.sh"
interval 2
weight -20
}
vrrp_instance VI_1 {
state BACKUP
interface enp0s3
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_nginx
}
virtual_ipaddress {
192.168.56.140
}
}
EOF
/etc/keepalived/scripts/nginx_check.sh
##
mkdir /etc/keepalived/scripts/
##
cat > /etc/keepalived/scripts/nginx_check.sh <<EOF
#!/bin/bash
result=\`pidof nginx\`
if [ ! -z "\${result}" ];
then
exit 0
else
exit 1
fi
EOF
##
chmod +x /etc/keepalived/scripts/nginx_check.sh
五.防火墙开放
注:如果你的防火墙是开放的,一定需要进行vrrp组播的开放,否则因为防火墙不通会两台机器都存在VIP导致keepalived分配vip失败
注意这里:–in-interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。
##开启nginx的端口
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --reload
##开启vrrp组播
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface enp0s3 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --reload
# 查看规则是否生效
firewall-cmd --permanent --direct --get-all-rules
六.启动keepalived
##设置为系统服务
systemctl enable keepalived
##启动
systemctl start keepalived
##停止
systemctl stop keepalived
##重启
systemctl restart keepalived
七.测试
1.将master和backup的keepalived和nginx都启动,可看到master上存在vip
[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:f7:cc:0c brd ff:ff:ff:ff:ff:ff
inet 192.168.56.101/24 brd 192.168.56.255 scope global noprefixroute enp0s3
valid_lft forever preferred_lft forever
inet 192.168.56.140/32 scope global enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::2603:d512:e7f1:a498/64 scope link noprefixroute
valid_lft forever preferred_lft forever
2.而backup上没有,说明当前vip在master上
[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:6c:d4:90 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::2603:d512:e7f1:a498/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::e801:dd62:96e3:cf2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3.将master上的nginx停止后,vip飘移到backup(192.168.56.102)上,由backup进行服务提供
[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:6c:d4:90 brd ff:ff:ff:ff:ff:ff
inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute enp0s3
valid_lft forever preferred_lft forever
inet 192.168.56.140/32 scope global enp0s3
valid_lft forever preferred_lft forever
inet6 fe80::2603:d512:e7f1:a498/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::e801:dd62:96e3:cf2b/64 scope link noprefixroute
valid_lft forever preferred_lft forever
4.然后重新启动master上的nginx,此时Vip又会切换到master
从以上步骤演示看,说明keepalived和nginx高可用配置成功~
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
