1.环境
nginx+keepalived
lb-01(主节点)10.0.0.10
lb-02(备节点)10.0.0.11
web服务
client-01 10.0.0.12
client-02 10.0.0.13
2.查看nginx与keepalived的配置
2.1查看lb-01主节点配置
[root@lb01 ~]# cat /application/nginx-1.6.2/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
upstream jingtai {
server 10.0.0.12:80 weight=5;
}
upstream dongtai {
server 10.0.0.13:80 weight=5;
}
upstream lbproxy {
server 10.0.0.12:80 weight=5;
server 10.0.0.13:80 weight=5;
#server 10.0.0.11:80 backup;
}
keepalive_timeout 65;
server {
listen 80;
server_name lb.liang.com;
location / {
root html;
index index.html index.htm;
proxy_pass http://lbproxy;
include proxy.conf;
}
location /jingtai/ {
proxy_pass http://jingtai;
include proxy.conf;
}
location /dongtai/ {
proxy_pass http://dongtai;
include proxy.conf;
}
}
}
keepalived配置
[root@lb01 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
notification_email {
123456-@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_01
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.100/24
}
2.2查看lb-02备节点配置
[root@lb02 ~]# cat /application/nginx-1.6.2/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
upstream jingtai {
server 10.0.0.12:80 weight=5;
}
upstream dongtai {
server 10.0.0.13:80 weight=5;
}
upstream lbproxy {
server 10.0.0.12:80 weight=5;
server 10.0.0.13:80 weight=5;
#server 10.0.0.11:80 backup;
}
keepalive_timeout 65;
server {
listen 80;
server_name lb.liang.com;
location / {
root html;
index index.html index.htm;
proxy_pass http://lbproxy;
include proxy.conf;
}
location /jingtai/ {
proxy_pass http://jingtai;
include proxy.conf;
}
location /dongtai/ {
proxy_pass http://dongtai;
include proxy.conf;
}
}
}
keepalived配置
[root@lb02 ~]# cat /etc/keepalived/keepalived.conf
global_defs {
notification_email {
123456-@qq.com
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_02
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.0.100/24
}
3.启动nginx+keepalived
[root@lb01 ~]# ansible lb -m shell -a "nginx -s reload"
[root@lb01 ~]# ansible lb -m service -a "name=keepalived state=started"
4.测试nginx反向代理
4.1lb-01主节点测试nginx反向代理
[root@lb01 ~]# curl www.liang.com
10.0.0.13 www
[root@lb01 ~]# curl www.liang.com
10.0.0.12 www
4.2lb-02备节点测试nginx反向代理
[root@lb02 ~]# curl www.liang.com
10.0.0.12 www
[root@lb02 ~]# curl www.liang.com
10.0.0.13 www
5.测试keepalived
root@lb01 ~]# ansible lb -m shell -a "ip add|grep 10.0.0.100"
10.0.0.10 | SUCCESS | rc=0 >>
inet 10.0.0.100/24 scope global secondary eth0
10.0.0.11 | FAILED | rc=1 >>
non-zero return code
===》只有主节点10有100的IP,备节点是没有的。
5.1关掉主节点的keepalived后,查看备节点是否接管
[root@lb01 ~]# ansible 10.0.0.10 -m service -a "name=keepalived state=stopped"
10.0.0.10 | SUCCESS => {
"changed": true,
"name": "keepalived",
"state": "stopped"
}
[root@lb01 ~]# ansible lb -m shell -a "ip add|grep 10.0.0.100"
10.0.0.10 | FAILED | rc=1 >>
non-zero return code
10.0.0.11 | SUCCESS | rc=0 >>
inet 10.0.0.100/24 scope global secondary eth0
5.2开启主节点,查看备节点是否释放
[root@lb01 ~]# ansible 10.0.0.10 -m service -a "name=keepalived state=started"
10.0.0.10 | SUCCESS => {
"changed": true,
"name": "keepalived",
"state": "started"
}
[root@lb01 ~]# ansible lb -m shell -a "ip add|grep 10.0.0.100"
10.0.0.11 | SUCCESS | rc=0 >>
inet 10.0.0.100/24 scope global secondary eth0
10.0.0.10 | FAILED | rc=1 >>
non-zero return code
6.网页访问测试
6.1配置本地hosts,访问
6.2关闭主节点,网页测试
[root@lb01 ~]# ansible 10.0.0.10 -m service -a “name=keepalived state=started” 10.0.0.10 | SUCCESS => {
“changed”: false,
“name”: “keepalived”,
“state”: “started”
}
[root@lb01 ~]# ansible lb -m shell -a “ip add|grep 10.0.0.100” 10.0.0.10 | SUCCESS | rc=0 >>
inet 10.0.0.100/24 scope global secondary eth0
10.0.0.11 | FAILED | rc=1 >>
non-zero return code