Nginx+Keepalived实现高可用

麻辣头马头

于 2024-08-14 20:33:20 发布

阅读量849

点赞数 20

文章标签： nginx 运维服务器网络

本文链接：https://blog.csdn.net/qq_63652578/article/details/141199854

版权

1.1 环境准备

这里Rocky有点问题，就换成openEuler

Server Name	IP Address with Subnet Mask	发行版
keepalived-01	192.161.110.41/24	openEuler
keepalived-02	192.161.110.42/24	openEuler
web-01	192.161.110.33/24	Rocky Linux 8
web-01	192.161.110.34/24	Rocky Linux 8

[root@keepalived-01 ~]# yum install nginx keepalived -y

[root@keepalived-02 ~]# yum install nginx keepalived -y

[root@web-01 ~]# yum install nginx -y

[root@web-02 ~]# yum install nginx -y

1.2 后端web配置

1.2.1 web-01配置

[root@web-01 ~]# mkdir -p /nginx/web
[root@web-01 ~]# echo "This is web-01 page IP=`hostname -I`" >> /nginx/web/index.html
[root@web-01 ~]# vim /etc/nginx/conf.d/VirtualHost.conf
server {
        listen 192.161.110.33:80;
        server_name www.web-01.com;

        location / {
                root /nginx/web;
                index index.html;
        }
}

[root@web-01 ~]# systemctl start nginx
[root@web-01 ~]# curl 192.161.110.33
This is web-01 page IP=192.161.110.33

1.2.2 web-02配置

[root@web-02 ~]# mkdir -p /nginx/web
[root@web-02 ~]# echo "This is web-02 page IP=`hostname -I`" >> /nginx/web/index.html
[root@web-02 ~]# vim /etc/nginx/conf.d/VirtualHost.conf
server {
        listen 192.161.110.34:80;
        server_name www.web-02.com;

        location / {
                root /nginx/web;
                index index.html;
        }
}

[root@web-02 ~]# systemctl start nginx
[root@web-02 ~]# curl 192.161.110.34
This is web-02 page IP=192.161.110.34

1.3 代理服务器Nginx配置

1.3.1 keepalived-01配置

[root@keepalived-01 ~]# vim /etc/nginx/conf.d/proxy.conf
upstream wwwPools {
        server 192.161.110.33:80;
        server 192.161.110.34:80;
}

server {
        listen 80;
        server_name www.proxy-01.com;

        location / {
                proxy_pass http://wwwPools;
        }
}

[root@keepalived-01 ~]# systemctl start nginx.service
 
[root@client ~]# for ((i=1;i<=6;i++)) do curl http://192.161.110.41; done  #客户端测试
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34 
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34 
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34

1.3.2 keepalived-02配置

[root@keepalived-02 ~]# vim /etc/nginx/conf.d/proxy.conf
upstream wwwPools {
        server 192.161.110.33:80;
        server 192.161.110.34:80;
}

server {
        listen 80;
        server_name www.proxy-02.com;

        location / {
                proxy_pass http://wwwPools;
        }
}

[root@keepalived-02 ~]# systemctl start nginx

[root@client ~]# for ((i=1;i<=6;i++)) do curl http://192.161.110.42; done
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34 
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34 
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34

1.4 代理服务器Keepalived配置

1.4.1 keepalived-01配置

[root@keepalived-01 ~]# vim /etc/keepalived/keepalived.conf    #打开文件后把里面内容全删了，然后自己写
! Configuration File for keepalived

global_defs {
   router_id nginx_web-01
}

vrrp_script chk_nginx {
    script "killall -0 nginx"
}
vrrp_instance nginx {
    state MASTER
    interface ens160
    virtual_router_id 51  #id为51
    priority 100     #优先级为100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    track_script {
      chk_nginx
    }

    virtual_ipaddress{    #VIP
    192.161.110.10/24
    }
}

[root@keepalived-01 ~]# systemctl start keepalived.service
[root@keepalived-01 ~]# ip address show ens160    #VIP为192.161.110.10/24
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:69:8e:29 brd ff:ff:ff:ff:ff:ff
    inet 192.161.110.41/24 brd 192.161.110.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet 192.161.110.10/24 scope global secondary ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe69:8e29/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

1.4.2 keepalived-02配置

[root@keepalived-02 ~]# vim /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
   router_id nginx_web-02
}

vrrp_script chk_haproxy {
    script "killall -0 nginx"
}
vrrp_instance nginx {
    state BACKUP
    interface ens160
    virtual_router_id 51
    priority 80    #优先级为80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    track_script {
      chk_nginx
    }

    virtual_ipaddress{
    192.161.110.10/24
    }
}

[root@keepalived-02 ~]# systemctl start keepalived.service 
[root@keepalived-02 ~]# ip address show ens160   #没有VIP
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:90:3f:85 brd ff:ff:ff:ff:ff:ff
    inet 192.161.110.42/24 brd 192.161.110.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe90:3f85/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

1.5 访问VIP测试

[root@client ~]# for ((i=1;i<=6;i++)) do curl http://192.161.110.10; done
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34 
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34 
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34

1.6 模拟keepalived异常

[root@keepalived-01 ~]# systemctl stop keepalived.service
root@keepalived-01 ~]# ip address show ens160   #VIP发生漂移
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:69:8e:29 brd ff:ff:ff:ff:ff:ff
    inet 192.161.110.41/24 brd 192.161.110.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe69:8e29/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
       
[root@keepalived-02 ~]# ip address show ens160 #VIP到keepalived-02
2: ens160: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:0c:29:90:3f:85 brd ff:ff:ff:ff:ff:ff
    inet 192.161.110.42/24 brd 192.161.110.255 scope global noprefixroute ens160
       valid_lft forever preferred_lft forever
    inet 192.161.110.10/24 scope global secondary ens160
       valid_lft forever preferred_lft forever
    inet6 fe80::20c:29ff:fe90:3f85/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever
        
[root@client ~]# for ((i=1;i<=6;i++)) do curl http://192.161.110.10; done   #访问正常
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34 
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34 
This is web-01 page IP=192.161.110.33 
This is web-02 page IP=192.161.110.34

1.7 后端web故障

[root@web-01 ~]# systemctl stop nginx.service 

[root@client ~]# for ((i=1;i<=6;i++)) do curl http://192.161.110.10; done  #都有web-02提供服务
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34

1.8 Nginx故障

[root@keepalived-01 ~]# systemctl stop nginx.service 

[root@client ~]# for ((i=1;i<=6;i++)) do curl http://192.161.110.10; done
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34 
This is web-02 page IP=192.161.110.34