本文介绍如何使用Keepalived实现Apache的高可用集群部署,包括配置虚拟IP、健康检查脚本、通知脚本及状态切换过程,确保服务在主备节点间无缝迁移。
keepalived+nginx
//环境:
VIP IP 主机名 Nginx(apache)端口
192.168.100.200 192.168.100.89 master 80
192.168.100.200 192.168.100.90 backup 80
//主keepalived配置:
[root@master ~]# systemctl stop firewalld;systemctl disable firewalld //关闭防火墙
[root@master ~]# getenforce
Disabled
//下载163网络源
curl -o /etc/yum.repos.d/CentOS7-Base-163.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo
[root@master ~]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@master ~]# yum -y install epel-release gcc gcc-c++
[root@master ~]# yum -y install keepalived //安装keepalived
[root@master ~]# systemctl start keepalived;systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@master ~]# yum -y install nginx //安装nginx
[root@master ~]# cd /usr/share/nginx/html/
[root@master html]# ls
404.html en-US img nginx-logo.png
50x.html icons index.html poweredby.png
[root@master html]# mv index.html{,.bak}
[root@master html]# echo 'master' > index.html
[root@master html]# ls
404.html en-US img index.html.bak poweredby.png
50x.html icons index.html nginx-logo.png
[root@master ~]# systemctl start nginx;systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@master ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id nginx
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 21
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass peiyf
}
virtual_ipaddress {
192.168.100.200
}
}
virtual_server 192.168.100.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.100.89 80 {
weight 1
TCP_CHECK {
connect_Port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.100.90 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
//备keepalived配置:
[root@backup ~]# getenforce
Disabled
[root@backup ~]# systemctl stop firewalld;systemctl disable firewalld
[root@backup ~]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS7-Base-163.repo
[root@backup ~][root@backup ~]# curl -o /etc/yum.repos.d/CentOS7-Base-163.repo http://mirrors.163.com/.help/CentOS7-Base-163.repo# yum -y install epel-release gcc gcc-c++
[root@backup ~]# yum -y install keepalived //安装keepalived
[root@backup ~]# systemctl start keepalived;systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@backup ~]#
[root@backup ~]# yum -y install nginx //安装nginx
[root@backup ~]# cd /usr/share/nginx/html/
[root@backup html]# ls
404.html en-US img nginx-logo.png
50x.html icons index.html poweredby.png
[root@backup html]# mv index.html{,.bak}
[root@backup html]# echo 'backup' > index.html
[root@backup html]# ls
404.html en-US img index.html.bak poweredby.png
50x.html icons index.html nginx-logo.png
[root@backup ~]# systemctl start nginx;systemctl enable nginx
Created symlink from /etc/systemd/system/multi-user.target.wants/nginx.service to /usr/lib/systemd/system/nginx.service.
[root@master ~]# systemctl restart keepalived
[root@backup ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id backup
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 21
priority 60
advert_int 1
authentication {
auth_type PASS
auth_pass peiyf
}
virtual_ipaddress {
192.168.100.200
}
}
virtual_server 192.168.100.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.100.89 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@backup ~]# systemctl restart keepalived
//查看网卡信息
[root@master ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:99:4a:a1 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.89/24 brd 192.168.100.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.100.200/32 scope global ens33
valid_lft forever preferred_lft forever
[root@backup ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:e2:64:8a brd ff:ff:ff:ff:ff:ff
inet 192.168.100.90/24 brd 192.168.100.255 scope global ens33
valid_lft forever preferred_lft forever
//在master上添加脚本
[root@master ~]# vim /scripts/check_n.sh
[root@master ~]# cat /scripts/check_n.sh
#!/bin/bash
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl stop keepalived
fi
[root@master ~]# chmod +x /scripts/check_n.sh
[root@master ~]# vim /scripts/notify.sh
[root@master ~]# cat /scripts/notify.sh
#!/bin/bash
VIP=$2
sendmail (){
subject="${VIP}'s server keepalived state is translate"
content="`date +'%F %T'`: `hostname`'s state change to master"
echo $content | mail -s "$subject" 123456789@qq.com
}
case "$1" in
master)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl start nginx
fi
sendmail
;;
backup)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -gt 0 ];then
systemctl stop nginx
fi
;;
*)
echo "Usage:$0 master|backup VIP"
;;
esac
[root@master ~]# chmod +x /scripts/notify.sh
[root@master ~]# ll /scripts/
total 8
-rwxr-xr-x 1 root root 142 Jan 9 22:44 check_n.sh
-rwxr-xr-x 1 root root 662 Jan 9 22:48 notify.sh
//在backup上添加脚本
[root@backup ~]#vim /scripts/notify.sh
[root@backup ~]#cat /scripts/notify.sh
VIP=$2
sendmail (){
subject="${VIP}'s server keepalived state is translate"
content="`date +'%F %T'`: `hostname`'s state change to master"
echo $content | mail -s "$subject" 123456789@qq.com
}
case "$1" in
master)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl start nginx
fi
sendmail
;;
backup)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -gt 0 ];then
systemctl stop nginx
fi
;;
*)
echo "Usage:$0 master|backup VIP"
;;
esac
[root@backup ~]# chmod +x /scripts/notify.sh
[root@backup ~]# ll /scripts/
total 4
-rwxr-xr-x 1 root root 650 Jan 9 22:51 notify.sh
//master修改配置文件
[root@master ~]# vim /etc/keepalived/keepalived.conf
[root@master ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id nginx
}
vrrp_script nginx_check {
script "/scripts/check_n.sh"
interval 1
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 21
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass peiyf
}
virtual_ipaddress {
192.168.100.200
}
track_script {
nginx_check
}
notify_master "/scripts/notify.sh master 172.16.100.200"
notify_backup "/scripts/notify.sh backup 172.16.100.200"
}
virtual_server 192.168.100.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.100.89 80 {
weight 1
TCP_CHECK {
connect_Port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.100.90 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
//backup修改配置文件
! Configuration File for keepalived
global_defs {
router_id backup
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 21
priority 60
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass peiyf
}
virtual_ipaddress {
192.168.100.200
}
notify_master "/scripts/notify.sh master 192.168.100.200"
notify_backup "/scripts/notify.sh backup 192.168.100.200"
}
virtual_server 192.168.100.200 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.100.89 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.100.90 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@backup ~]# systemctl restart keepalived
//测试:
//当master端keepalived服务是启动时:
[root@master ~]# ip a //vip在master端
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:99:4a:a1 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.89/24 brd 192.168.100.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.100.200/32 scope global ens33
valid_lft forever preferred_lft forever
backup端的nginx服务是自动关闭的
[root@master ~]# systemctl restart keepalived
[root@backup ~]# ss -natl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
访问VIP192.168.100.200时:
//当master端关闭keepalived服务:
[root@master ~]# systemctl stop keepalived
[root@backup ~]# ss -natl //backup端的nginx服务自动启动
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::80 :::*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
//查看master端的网卡发现VIP已经没有了
[root@master ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:99:4a:a1 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.89/24 brd 192.168.100.255 scope global ens33
valid_lft forever preferred_lft forever
//查看backup端的网卡
//VIP已经在backup端了
[root@backup ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:e2:64:8a brd ff:ff:ff:ff:ff:ff
inet 192.168.100.90/24 brd 192.168.100.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.100.200/32 scope global ens33
valid_lft forever preferred_lft forever
//访问VIP192.168.100.200
keepalived+apahce
基于以上内容的基础上修改以下内容:
首先卸载掉nginx
[root@master ~]# yum remove nginx
[root@backup ~]# yum remove nginx
//master端
//安装apache软件包
[root@master ~]# yum -y install httpd
[root@master ~]# cd /var/www/html/
[root@master html]# ls
[root@master html]# echo 'sister' > index.html
[root@master html]# systemctl start httpd;systemctl enable httpd //启动服务
[root@master html]# ss -natl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
测试:http:192.168.100.89
//backup端
[root@backup ~]# yum -y install httpd
[root@backup ~]# cd /var/www/html/
[root@backup html]# ls
[root@backup html]# echo 'brother' > index.html
[root@backup html]# systemctl start httpd;systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@backup html]# ss -natl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
测试:http:192.168.100.90
//master端脚本
[root@master scripts]# vim check_h.sh
[root@master scripts]# cat check_h.sh
#!/bin/bash
httpd_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bhttpd\b'|wc -l)
if [ $httpd_status -lt 1 ];then
systemctl stop keepalived
fi
[root@master scripts]# chmod +x check_h.sh
//master端修改notify.sh脚本
[root@master scripts]# vim notify.sh
[root@master scripts]# cat notify.sh
#!/bin/bash
VIP=$2
sendmail (){
subject="${VIP}'s server keepalived state is translate"
content="`date +'%F %T'`: `hostname`'s state change to master"
echo $content | mail -s "$subject" 123456789@qq.com
}
case "$1" in
master)
httpd_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bhttpd\b'|wc -l)
if [ $httpd_status -lt 1 ];then
systemctl start httpd
fi
sendmail
;;
backup)
httpd_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bhttpd\b'|wc -l)
if [ $httpd_status -gt 0 ];then
systemctl stop httpd
fi
;;
*)
echo "Usage:$0 master|backup VIP"
;;
esac
//backup端不需要修改脚本,用原来的脚本
//当master上keepalived启动时
[root@master ~]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; enabled; vendor preset: disabled)
Active: active (running) since Fri 2020-01-10 00:20:54 EST; 49s ago
Process: 21701 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 21702 (keepalived)
CGroup: /system.slice/keepalived.service
├─21702 /usr/sbin/keepalived -D
├─21703 /usr/sbin/keepalived -D
└─21704 /usr/sbin/keepalived -D
Jan 10 00:20:55 master Keepalived_vrrp[21704]: Sending gratuitous ARP on ens...0
Jan 10 00:20:55 master Keepalived_vrrp[21704]: Sending gratuitous ARP on ens...0
Jan 10 00:20:55 master Keepalived_vrrp[21704]: Sending gratuitous ARP on ens...0
Jan 10 00:20:55 master Keepalived_vrrp[21704]: Opening script file /scripts/...h
Jan 10 00:21:00 master Keepalived_vrrp[21704]: Sending gratuitous ARP on ens...0
Jan 10 00:21:00 master Keepalived_vrrp[21704]: VRRP_Instance(VI_1) Sending/q...0
Jan 10 00:21:00 master Keepalived_vrrp[21704]: Sending gratuitous ARP on ens...0
Jan 10 00:21:00 master Keepalived_vrrp[21704]: Sending gratuitous ARP on ens...0
Jan 10 00:21:00 master Keepalived_vrrp[21704]: Sending gratuitous ARP on ens...0
Jan 10 00:21:00 master Keepalived_vrrp[21704]: Sending gratuitous ARP on ens...0
Hint: Some lines were ellipsized, use -l to show in full.
//VIP在master端
[root@master ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:99:4a:a1 brd ff:ff:ff:ff:ff:ff
inet 192.168.100.89/24 brd 192.168.100.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.100.200/32 scope global ens33
valid_lft forever preferred_lft forever
//而backup端的apache服务时关闭状态
[root@backup scripts]# systemctl status httpd
● httpd.service - The Apache HTTP Server
Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled)
Active: inactive (dead) since Fri 2020-01-10 00:24:59 EST; 23s ago
Docs: man:httpd(8)
man:apachectl(8)
Process: 21139 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=0/SUCCESS)
Process: 21118 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=0/SUCCESS)
Main PID: 21118 (code=exited, status=0/SUCCESS)
Status: "Total requests: 0; Current requests/sec: 0; Current traffic: 0 B/sec"
Jan 10 00:24:35 backup systemd[1]: Starting The Apache HTTP Server...
Jan 10 00:24:35 backup httpd[21118]: AH00558: httpd: Could not reliably determine the server's fully qual...ssage
Jan 10 00:24:35 backup systemd[1]: Started The Apache HTTP Server.
Jan 10 00:24:58 backup systemd[1]: Stopping The Apache HTTP Server...
Jan 10 00:24:59 backup systemd[1]: Stopped The Apache HTTP Server.
Hint: Some lines were ellipsized, use -l to show in full.
访问测试:
//当master端的keepalived挂掉之后,backup端的apache自动启动
[root@master ~]# systemctl stop keepalived
[root@backup scripts]# ss -natl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:80 *:*
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
访问测试:
扫一扫
780
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
