文章目录
nginx高可用
1.1 系统信息
[root@liubij183 ~]# hostnamectl
Static hostname: liubij183
Icon name: computer-vm
Chassis: vm
Machine ID: 1fbe0d8ac41d43d097f0fd36c875be05
Boot ID: 3ad019379505438faa8cf672ebc7ecec
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-1127.8.2.el7.x86_64
Architecture: x86-64
[root@liubij184 ~]# Static hostname: liubij184
Icon name: computer-vm
Chassis: vm
Machine ID: 1fbe0d8ac41d43d097f0fd36c875be05
Boot ID: 3ad019379505438faa8cf672ebc7ecec
Virtualization: vmware
Operating System: CentOS Linux 7 (Core)
CPE OS Name: cpe:/o:centos:centos:7
Kernel: Linux 3.10.0-1127.8.2.el7.x86_64
Architecture: x86-64
[root@liubij184 ~]#
1.2 服务配置说明
ip | 说明 |
---|---|
192.168.85.183 | nginx, keepalived |
192.168.85.184 | nginx, keepalived |
1.3 使用docker 安装nginx
[root@liubij183 ~]# docker run -di --name=liubijun_nginx -p 80:80 nginx
Unable to find image 'nginx:latest' locally
Trying to pull repository docker.io/library/nginx ...
latest: Pulling from docker.io/library/nginx
852e50cd189d: Pull complete
571d7e852307: Pull complete
addb10abd9cb: Pull complete
d20aa7ccdb77: Pull complete
8b03f1e11359: Pull complete
Digest: sha256:6b1daa9462046581ac15be20277a7c75476283f969cb3a61c8725ec38d3b01c3
Status: Downloaded newer image for docker.io/nginx:latest
WARNING: IPv4 forwarding is disabled. Networking will not work.
188e56181b4b97778b292ab6511ddd3f71ce64c8faeb78177b4d2678df1cf046
[root@liubij184 ~]# docker run -di --name=liubijun_nginx -p 80:80 nginx
Unable to find image 'nginx:latest' locally
Trying to pull repository docker.io/library/nginx ...
latest: Pulling from docker.io/library/nginx
852e50cd189d: Pull complete
571d7e852307: Pull complete
addb10abd9cb: Pull complete
d20aa7ccdb77: Pull complete
8b03f1e11359: Pull complete
Digest: sha256:6b1daa9462046581ac15be20277a7c75476283f969cb3a61c8725ec38d3b01c3
Status: Downloaded newer image for docker.io/nginx:latest
WARNING: IPv4 forwarding is disabled. Networking will not work.
7f65951134b34253812206b61ac876778af2f43438d40e303fe244cec4379d2d
1.4 安装keepalived
#使用yum的方式进行keepalived安装
[root@localhost ~]yum install keepalived -y
#版本的查看
[root@localhost ~]# keepalived -version
Keepalived v1.3.5 (03/19,2017), git commit v1.3.5-6-g6fa32f2
#查看安装完成后的目录路劲
[root@localhost ~]# rpm -ql keepalived
/etc/keepalived
/etc/keepalived/keepalived.conf #配置文件的路劲
/etc/sysconfig/keepalived
/usr/bin/genhash
/usr/lib/systemd/system/keepalived.service
/usr/libexec/keepalived
/usr/sbin/keepalived #应用程序的主命令存放位置
/usr/share/doc/keepalived-1.3.5
/usr/share/doc/keepalived-1.3.5/AUTHOR
/usr/share/doc/keepalived-1.3.5/CONTRIBUTORS
/usr/share/doc/keepalived-1.3.5/COPYING
/usr/share/doc/keepalived-1.3.5/ChangeLog
/usr/share/doc/keepalived-1.3.5/NOTE_vrrp_vmac.txt
/usr/share/doc/keepalived-1.3.5/README
/usr/share/doc/keepalived-1.3.5/TODO
/usr/share/doc/keepalived-1.3.5/keepalived.conf.SYNOPSIS
/usr/share/doc/keepalived-1.3.5/samples
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.HTTP_GET.port
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.IPv6
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.SMTP_CHECK
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.SSL_GET
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.fwmark
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.inhibit
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.misc_check
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.misc_check_arg
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.quorum
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.sample
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.status_code
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.track_interface
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.virtual_server_group
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.virtualhost
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.localcheck
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.lvs_syncd
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.routes
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.rules
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.scripts
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.static_ipaddress
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.sync
/usr/share/doc/keepalived-1.3.5/samples/sample.misccheck.smbcheck.sh
/usr/share/man/man1/genhash.1.gz
/usr/share/man/man5/keepalived.conf.5.gz
/usr/share/man/man8/keepalived.8.gz
/usr/share/snmp/mibs/KEEPALIVED-MIB.txt
/usr/share/snmp/mibs/VRRP-MIB.txt
/usr/share/snmp/mibs/VRRPv3-MIB.txt
[root@localhost ~]#
1.5 keepalived的配置
#主机配置文件
[root@liubj183 ~]## cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_router #这里只是一个名字,重点是主备的id需要一致
script_user root #指定执行脚本使用的角色
enable_script_security #因为没有创建执行脚本,使用root 用户执行会出现安全问题,所以这里要给与权限
}
vrrp_script check_nginx
{
script "/root/check > /root/kee.log" #输出健康检查的日志到指定的日志,这样方便我们进行日志检查
interval 3
}
vrrp_instance VI_1 {
state MASTER #角色是master
interface ens33 #使用哪一张网卡
virtual_router_id 50 #这里是虚拟路由,这个虚拟路由主备要同意
priority 100 #优先等级,谁的数值高谁就是master 0-255
advert_int 1 # 心跳间隔时间
authentication {
auth_type PASS #认证
auth_pass 1111 #密码
}
virtual_ipaddress {
192.168.85.120 #虚拟IP vip
}
track_script { #检查检查使用脚本
check_nginx
}
}
#备机配置文件
[root@liubj184 ~]## cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id LVS_router #这里只是一个名字,重点是主备的id需要一致
script_user root
enable_script_security
}
vrrp_script check_nginx
{
script "/root/check > /root/kee.log" #为脚本执行的日志记录
interval 3
}
vrrp_instance VI_1 {
state BACKUP #角色是备用机
interface ens33 #使用哪一张网卡
virtual_router_id 50 #这里是虚拟路由,这个虚拟路由主备要同意
priority 50 #优先等级,谁的数值高谁就是master 0-255
advert_int 1 # 心跳间隔时间
authentication {
auth_type PASS #认证
auth_pass 1111 #密码
}
virtual_ipaddress {
192.168.85.120 #虚拟IP vip
}
track_script {
check_nginx
}
}
1.6 使用killall 命令安装
安装这个命令是为了下一个脚本使用
[root@localhost ~]# yum install psmisc -y
已加载插件:fastestmirror, product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
Loading mirror speeds from cached hostfile
* base: mirrors.ustc.edu.cn
* extras: mirrors.ustc.edu.cn
* updates: mirrors.ustc.edu.cn
正在解决依赖关系
--> 正在检查事务
---> 软件包 psmisc.x86_64.0.22.20-17.el7 将被 安装
--> 解决依赖关系完成
1.7 配置检查nginx状态的脚本
#check-nginx 脚本的内容
nginxpid=$(ps -C nginx --no-header|wc -l)
#1.判断Nginx是否存活,如果不存活则尝试启动Nginx
if [ $nginxpid -eq 0 ];then
systemctl restart docker & docker start liubijun_nginx & exit 0
nginxpid=$(ps -C nginx --no-header|wc -l)
#3.再次进行判断, 如Nginx还不存活则停止Keepalived,让地址进行漂移,并退出脚本
if [ $nginxpid -eq 0 ];then
killall keepalived
fi
fi
1.8 配置nginx 访问页面
[root@liubj183 ~]# cat index.html
<html>
<body>
<h1>我是一号机184</h1>
</body>
</html>
[root@liubj184 ~]# cat index.html
<html>
<body>
<h1>我是一号机184</h1>
</body>
</html>
1.9 nginx 单独预览
1.10 虚拟ip 预览
因为我们183号机为master,所以虚拟ip 指向的为 183号机器的网卡 192.168.85.183.
1.11 实验计划
因为我自己在本地已经实验过了,我将几种情况写下。有兴趣的小伙伴可以去试试;
- 将183 nginx挂掉,检查脚本是否会重新启动nginx,系统正常提供服务
- 将183 docker服务关闭,检查脚本关闭keepalived,虚拟ip 指向184 ens33网卡。而该网卡绑定nginx 服务这样,最后备机提供服务
- 将183号机器keepalived 服务关闭,vip指向184。过段时间后再次启动183 keepalived服务,则vip重新指向183 ens33 网卡