keepalived+nginx双主热备(有问题私信)

本文详细介绍了如何在CentOS7.9系统上部署keepalived和nginx的双主热备环境,包括软件版本选择、安装、配置及脚本编写,确保高可用性和负载均衡。
摘要由CSDN通过智能技术生成

前言

有关keepalived和nginx的一些工作原理,简介等相关信息这里就不过多赘述了,有不了不太清楚或者不太了解的朋友可以参考我之前的文章
keepalived相关内容
nginx相关内容01
nginx相关内容02

keepalived+nginx双主热备

在配置双主热备之前,最好先弄明白双机主备
环境说明

系统版本软件版本IP地址
centos7.9keepalived-2.2.7版本 nginx-1.20.1版本192.168.182.130(master)
centos7.9keepalived-2.2.7版本 nginx-1.20.1版本192.168.182.131(backup)

keepalived官网下载地址
nginx官网下载地址

keepalived+nginx双主热备部署

安装nginx

以下操做两台主机都做

[root@130 opt]# pwd
/opt
[root@130 opt]# ls
nginx-1.20.1.tar.gz

[root@130 opt]# tar zxf nginx-1.20.1.tar.gz
// 进入解压目录
[root@130 opt]# cd nginx-1.20.1/
[root@130 nginx-1.20.1]# ./configure --with-http_ssl_module  //开始编译
说明一下不加“--prefix=“ nginx会默认安装在/usr/local目录下

./configure: error: C compiler cc is not found  //第一个报错
[root@130 nginx-1.20.1]# yum -y install gcc  //解决

./configure: error: the HTTP rewrite module requires the PCRE library  //第二个报错
[root@130 nginx-1.20.1]# yum -y install pcre pcre-devel  //解决

./configure: error: SSL modules require the OpenSSL library.  //第三个报错
[root@130 nginx-1.20.1]# yum -y install openssl openssl-devel  //解决
[root@130 nginx-1.20.1]# make && make install  //执行完成之后遍安装完成

配置nginx环境,方便使用nginx的二进制命令

[root@130 ~]# echo 'export PATH=$PATH:/usr/local/nginx/sbin' > /etc/profile.d/nginx.sh
[root@130 ~]# source /etc/profile.d/nginx.sh
// 执行完上面的命令后就不需要到sbin目录下执行nginx的二进制命令了

使用systemctl控制nginx

[root@130 ~]# cat > /usr/lib/systemd/system/nginx.service  <<EOF
[Unit]
Description=Nginx server daemon
After=network.target sshd-keygen.service

[Service]
Type=forking
ExecStart=/usr/local/nginx/sbin/nginx
ExecStop=/usr/local/nginx/sbin/nginx -s quit
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target
EOF

[root@130 ~]# systemctl daemon-reload
[root@130 ~]# systemctl start nginx
[root@130 ~]# systemctl enable nginx.service

//此处为master节点nginx

// 此处为backup节点的nginx

安装keepalived

以下操作同样也需要在两台主机上执行

[root@130 opt]# tar zxf keepalived-2.2.7.tar.gz
[root@130 opt]# cd keepalived-2.2.7/
[root@130 keepalived-2.2.7]# ./configure --prefix=/usr/local/keepalived --sysconf=/etc  //咱们安装在/usr/local命令下,不加--sysconf=/etc可能会报错

//第一次编译会出现警告信息,但其实不影响,强迫症患者会不舒服
*** WARNING  this build will not support IPVS with IPv6. Please install libnl/libnl-3 dev libraries to support IPv6 with IPVS  

[root@130 keepalived-2.2.7]# yum -y install libnl libnl-devel  //解决
[root@130 keepalived-2.2.7]# make && make install  //进行安装

配置keepalived环境变量

[root@130 ~]# echo 'export PATH=$PATH:/usr/local/keepalived/sbin' > /etc/profile.d/keepalived.sh
[root@130 ~]# source /etc/profile.d/keepalived.sh

生成keeepalived配置文件

[root@130 keepalived]# pwd
/etc/keepalived
[root@130 keepalived]# cp keepalived.conf.sample keepalived.conf
修改master节点的keepalived配置文件
[root@130 keepalived]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id HA01  //此处的id要全局唯一
}

vrrp_instance VI_1 {
    state MASTER  //因为130为master所以状态为master
    interface ens33  //此处根据你的网卡名称变化而变化
    virtual_router_id 51  //虚拟路由id,在同一组中此处保持一致,也就是主备节点都需要一样
    priority 100  //优先级
    advert_int 1  //主备间心跳检测间隔为1秒
    authentication {  //认证授权的账号和密码
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {  //此处为虚拟VIP地址
        192.168.182.100
    }
}

使用systemctl控制keepalived

[root@130 keepalived]# vim /usr/lib/systemd/system/keepalived.service //修改service文件
[Unit]
Description=keepalived
After=network-online.target syslog.target 

[Service]
Type=forking
PIDFile=/run/keepalived.pid
KillMode=process
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/local/keepalived/sbin/keepalived  $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

[root@130 keepalived]# systemctl daemon-reload
[root@130 keepalived]# systemctl start keepalived
[root@130 keepalived]# systemctl enable keepalived.service

修改backup节点的keeepalived配置文件

[root@131 ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id HA02
}

vrrp_instance VI_1 {
    state BACKUP  //备用节点改为backup
    interface ens33
    virtual_router_id 51
    priority 90  //备用节点的优先级要小于主节点
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.182.100
    }
}

使用systemctl控制keepalived

[root@131 ~]# vim /usr/lib/systemd/system/keepalived.service
[Unit]
Description=keepalived
After=network-online.target syslog.target 

[Service]
Type=forking
PIDFile=/run/keepalived.pid
KillMode=process
EnvironmentFile=-/etc/sysconfig/keepalived
ExecStart=/usr/local/keepalived/sbin/keepalived  $KEEPALIVED_OPTIONS
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

[root@131 ~]# systemctl daemon-reload
[root@131 ~]# systemctl start keepalived
[root@131 ~]# systemctl enable keepalived

配置keepalived主备

注意:VIP为192.168.182.100

我们知道此实验的目的是为让nginx能7×24小时的工作,保证用户能正常访问,所以接下来需要编写脚本让keepalived来监听并自动运行此脚本

下面的操作均在master上进行

[root@130 keepalived]# pwd
/etc/keepalived
[root@130 keepalived]# touch check-nginx.sh
[root@130 keepalived]# chmod +x check-nginx.sh
[root@130 keepalived]# vim check-nginx.sh
#!/bin/bash
process=`ps -C nginx | grep -vc PID`  //获取nginx的进程数
if [ $process -eq 0 ];then  //等于0就说明nginx挂了,先尝试启动nginx,然后等待3秒
    systemctl start nginx
    sleep 3
elif [ $process -eq 0 ];then  //如果nginx启动不了,说明出现问题了,所以需要将服务转到备用节点上
    systemctl stop keepalived
fi

// 将上面的脚本加入到keepalived的配置文件中

! Configuration File for keepalived

global_defs {
   router_id HA01
}

vrrp_script nginx-check {
     script "/etc/keepalived/check-nginx.sh"  //此处写咱们脚本的绝对路径
     interval 2  //每隔两秒执行此脚本
     weight 10  //执行脚本成功此节点的优先级+10;若写成weight -10,则反之。
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        nginx-check  //追踪咱们上面的脚本
}
    virtual_ipaddress {
        192.168.182.100
    }
}

[root@130 keepalived]# systemctl restart keepalived.service

若关闭master上的nginx,keeepalived检测到之后会在3秒内启动nginx,这里我就不做演示了。

从下图可以看到访问VIP时为master上的nginx

下面我们模拟故障情况,假设nginx挂点了,然后我们关闭keepalived,看是否能跳转到backup上

[root@130 keepalived]# systemctl stop keepalived.service //关闭

// 跳转成功

下面的操作在backup上进行

[root@131 keepalived]# pwd
/etc/keepalived
[root@131 keepalived]# touch check_nginx.sh
[root@131 keepalived]# chmod +x check_nginx.sh
[root@131 keepalived]# cat check_nginx.sh 
#!/bin/bash
process=`ps -C nginx --no-header | wc -l`
if [ $process -eq 0 ];then
    systemctl start nginx
    sleep 3
elif [ $process -eq 0 ];then
   systemctl stop keepalived.service
fi

[root@131 keepalived]# vim keepalived.conf
! Configuration File for keepalived

global_defs {
   router_id HA02
}

 vrrp_script check_nginx {
      script "/etc/keepalived/check_nginx.sh"
      weight 10
      interval 2
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    
    track_script {
        check_nginx
}
    virtual_ipaddress {
        192.168.182.100
    }
}

配置keepalived双主热备

  • 看咱们上面的主备配置都是master在提供服务只有当master宕机时backup才会接管进行工作,所以这就会导致有一台主机就会处于闲置状态
  • 双主就是两台主机都提供服务,当master上nginx宕机后,keepalived也会停掉,这时master上的VIP时便跳转到backup,而当backup节点挂掉时backup便会将请求转到master上,看下面的示例演示

在master节点上配置

[root@130 keepalived]# vim keepalived.conf  //在配置文件最后一行添加下面内容
vrrp_instance VI_2 {  //因为这是第二组,又因为这里需要全局唯一所以不能与上面的 VI_1一致
    state BACKUP  //因为双主的话,master和backup都是对方的master,上面第一组时master是backup的主,所以现在master应该为backu的备
    interface ens33
    virtual_router_id 52  //此处同一节点需保持一致,所以要修改为52
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
virtual_ipaddress {
    192.168.182.101  //因为是新的一组主备,所以需要再添加一个VIP
    }
}

[root@130 keepalived]# systemctl restart keepalived.service
[root@131 keepalived]# pwd
/etc/keepalived
[root@131 keepalived]# vim keepalived.conf  //也是在配置文件的最后一行添加下面内容
vrrp_instance VI_2 {
    state MASTER
    interface ens33
    virtual_router_id 52
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
virtual_ipaddress {
    192.168.182.101
    }
}

[root@131 keepalived]# systemctl restart keepalived.service

//访问第二组的VIP能正常访问nginx02

//这里我们关闭master节点上的keepalived

[root@130 keepalived]# systemctl stop keepalived.service

//这里发现第一组的VIP100也可以访问到nginx02,反之若backup上的keepalived挂掉,能访问到nginx01,至此双主热备成功。

  • 19
    点赞
  • 21
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值