1.Keepalived简介
Keepalived的作用是检测web服务器的状态,如果有一台web服务器死机,或工作出现故障,Keepalived将检测到,并将有故障的web服务器从系统中剔除,当web服务器工作正常后Keepalived自动将web服务器加入到服务器群中,这些工作全部自动完成,不需要人工干涉,需要人工做的只是修复故障的web服务器。
2.KeepAlived实现Nginx反向代理高可用
实验环境:
lab1:172.16.21.101 OS:CentOS6.5 已安装Nginx
lab2:172.16.21.102 OS:CentOS6.5 已安装Nginx
lab3:172.16.21.103 OS:CentOS6.5 已安装Httpd,运行www.stu21.com网站
lab4:172.16.21.104 OS:CentOS6.5 已安装Httpd,运行bbs.stu21.com网站
在nginx实现将www.stu21.com/bbs重定向到bbs.stu21.com网站,同时配置Kepppalived在lab1和lab2上,实现Nginx的高可用,以避免其发生单点故障而影响整个站点的访问
设置Nginx为反向代理:
在lab1和lab2的nginx的配置文件中的http段中添加如下内容
server { listen 80; server_name test.stu21.com; location / { proxy_pass http://172.16.21.103; } location /bbs { rewrite /bbs/?(.*)$ /$1 break; proxy_pass http://172.16.21.104; }
现在访问效果如下:
[root@lab1 nginx-1.6.1]# curl www.stu21.com www.stu21.com [root@lab1 nginx-1.6.1]# curl www.stu21.com/bbs bbs.stu21.com
配置KeepAlived实现Nginx高可用:
前提:
两台主机分别可以基于密钥连接到对方,并且在对方主机的已知主机列表中
lab1和lab2的keepalived配置如下
lab1:
[root@lab1 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { root@localhost.com } notification_email_from keepalived@localhost.com smtp_server localhost smtp_connect_timeout 30 } vrrp_script chk_nginx { script "if killall -0 nginx; then exit 0;else ssh lab2 '/etc/init.d/nginx start'; exit 1;fi" interval 1 weight -2 fall 3 rise 1 } vrrp_instance VI_1 { state MASTER interface eth0 virtual_router_id 21 priority 100 authentication { auth_type PASS auth_pass nginxabc } virtual_ipaddress { 172.16.21.200/16 } track_script { chk_nginx } notify_master "/etc/keepalived/nginx.sh master" notify_backup "/etc/keepalived/nginx.sh backup" notify_fault "/etc/keepalived/nginx.sh fault" }
lab2:
[root@lab2 ~]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { root@localhost.com } notification_email_from keepalived@localhost.com smtp_server localhost smtp_connect_timeout 30 } vrrp_script chk_nginx { script "if killall -0 nginx; then exit 0;else ssh lab2 '/etc/init.d/nginx start'; exit 1;fi" interval 1 weight -2 fall 3 rise 1 } vrrp_instance VI_1 { state BACKUP interface eth0 virtual_router_id 21 priority 99 authentication { auth_type PASS auth_pass nginxabc } virtual_ipaddress { 172.16.21.200/16 } track_script { chk_nginx } notify_master "/etc/keepalived/nginx.sh master" notify_backup "/etc/keepalived/nginx.sh backup" notify_fault "/etc/keepalived/nginx.sh fault" }
两边所使用监控脚本内容如下
[root@lab2 ~]# cat /etc/keepalived/nginx.sh #!/bin/bash vip=172.16.21.200 contact='root@localhost' mail() { mailsubject="`hostname` to be $1: $vip floating" mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1" echo $mailbody | mail -s "$mailsubject" $contact } case "$1" in master) mail master /etc/rc.d/init.d/nginx start exit 0 ;; backup) mail backup /etc/rc.d/init.d/nginx stop exit 0 ;; fault) mail fault /etc/rc.d/init.d/nginx stop exit 0 ;; *) echo 'Usage: `basename $0` {master|backup|fault}' exit 1 ;; esac 保证两边使用同样的Nginx配置
测试:
可见lab2已经成功添加了172.16.21.200的地址,访问,仍然可以得到如下页面
3.双主模型Keepalived实现LVS高可用
配置文件:
#lab1的配置 ! Configuration File for keepalived global_defs { notification_email { root@localhost } notification_email_from keepalived@localhost smtp_server 172.16.21.101 smtp_connect_timeout 30 router_id LVS_2121 } vrrp_script chk_schedown{ script "[[ -f /etc/keepalived/down ]] && exit 1 || exit 0" interval 2 weight -2 } vrrp_instance VI_1 { state MASTER #另一台为SLAVE interface eth0 virtual_router_id 121 priority 100 #另一台为99 garp_master_delay 1 authentication { auth_type PASS auth_pass lvsablvs } track_script { chk_schedown } virtual_ipaddress { 172.16.21.200/16 } } vrrp_instance VI_2 { state SLAVE #另一台为MASTER interface eth0 virtual_router_id 122 priority 99 #另一台为100 garp_master_delay 1 authentication { auth_type PASS auth_pass lvslvsv2 } track_script { chk_schedown } virtual_ipaddress { 172.16.21.201/16 } } virtual_server 172.16.21.200 80 { #定义虚拟主机 delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.0.0 # persistence_timeout 50 #定义持续连接时间,此处测试,故被注释掉 protocol TCP sorry_server 127.0.0.1 80 real_server 172.16.21.103 80 { #定义RealServer weight 10 #定义权重 HTTP_GET { #定义健康检测机制 url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 172.16.21.104 80 { weight 5 HTTP_GET { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } virtual_server 172.16.21.201 80 { delay_loop 6 lb_algo wrr lb_kind DR nat_mask 255.255.0.0 # persistence_timeout 50 protocol TCP sorry_server 127.0.0.1 80 real_server 172.16.21.103 80 { weight 10 HTTP_GET { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 172.16.21.104 80 { weight 5 HTTP_GET { url { path / status_code 200 } connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } }
在lab3和lab4上,需要进行如下设置
#阻止VIP的arp请求
[root@lab3 ~]# echo 1 >/proc/sys/net/ipv4/conf/all/arp_ignore [root@lab3 ~]# echo 1 >/proc/sys/net/ipv4/conf/lo/arp_ignore [root@lab3 ~]# echo 2 >/proc/sys/net/ipv4/conf/all/arp_announce [root@lab3 ~]# echo 2 >/proc/sys/net/ipv4/conf/lo/arp_announce
#给lo口设置VIP
[root@lab3 ~]# ip addr add 172.16.21.201/32 broadcast 172.16.21.200 dev lo [root@lab3 ~]# ip addr add 172.16.21.201/32 broadcast 172.16.21.201 dev lo
其次我们还需要为各RealServer提供网页服务器和网页文件,此时我们的一个双主模型,高可用的LVS服务器便搭建成功了
转载于:https://blog.51cto.com/dddbk/1555532