keepalived高可用
1.什么是高可用
什么是高可用双机热备, 一般指2台机器启动着相同的业务系统,当有一台机器 down 机了, 另外一台服务器
能快速的接管, 对于访问的用户是无感知的。
2.高可用使用场景
那么高可用使用在什么场景,业务系统需要保证 7x24 小时不 DOWN 机, 作为业务来说随时都可用, 让你的
业务系统更顽强
配置keepalived
通过keepalived实现负载均衡的高可用
keepalived+nginx,访问知乎和博客要求考虑裂脑及基于nginx服务判定的主从切换脚本的实现
环境 内网 外网
lb01 ens33 10.0.0.5/24 ens36 172.16.1.5/24
lb02 ens33 10.0.0.6/24 ens36 172.16.1.6/24
虚拟IP 172.16.1.3
实验拓扑图
项目分析
在web01上部署php和nginx
在web02上部署php和nginx
在nfs上存放静态资源
在lb01上部署nginx 负载均衡 keepalived
在lb02上部署keepalived
在nfs上部署页面
[nfs]
先创建下载软件
yum install -y nfs-util
创建用户
groupadd -g666 www
useradd -u666 -g666 -M -s /sbin/nologin www
修改配置文件
cat /etc/exports
/web 10.0.0.0/24(rw,all_squash,anonuid=666,anongid=666)
创建目录
mkdir -p /web/{blog,zhihu}
把站点文件上传到nfs上
解压文件
unzip WeCenter_3-2-2.zip
tar xf wordpress-5.7-zh_CN.tar.gz
把文件移动到/web/对应的目录下 因为文件是带目录的,所以要把文件的内容移动过去 wordpress/*
mv /web/wordpress/* /web/blog
mv /web/WeCenter322/* /web/zhihu
修改归属
chown -R www.www /web/
启动服务
systemctl start nfs
systemctl enable nfs
验证是否挂载
[root@nfs ~]# showmount -e
Export list for nfs:
/web 10.0.0.0/24
部署web服务器
[web01]
安装nginx php
本地安装nginx
yum localinstall -y nginx-1.20.1-1.el7.ngx.x86_64.rpm
解压
tar xf php72.tar.gz
本地安装php
yum localinstall -y php72/*
修改PHP的配置
sed -ri '/^(user|group)/s#apache#nginx#' /etc/php-fpm.d/www.conf
sed -ri '/^upload/c upload_max_filesize = 20M' /etc/php.ini
sed -ri '/^post/c post_max_size = 20M' /etc/php.ini
创建文件
mkdir -p /etc/nginx/logs /web/{blog,zhihu}
rm -f /etc/nginx/conf.d/default.conf
编写配置文件
cd /etc/nginx/conf.d
vim zmj.conf
server {
server_name blog.zmj.com;
listen 80;
charset utf-8,gbk;
client_max_body_size 20M;
location / {
root /web/blog/;
index index.php index.html;
access_log logs/blog_access.log main;
error_log logs/blog_error.log;
}
location ~ \.php$ {
root /web/blog/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
server{
server_name blog.zmj.com
listen 80;
root /web/blog;
index index.php index.html;
access_log /etc/nginx/logs/blog_access.log main;
error_log /etc/nginx/logs/blog_error.log;
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
挂载目录
mkdir -p /web{blog,zhihu}
showmount -e 10.0.0.31
mount 10.0.0.31:/web/blog /web/blog
mount 10.0.0.31:/web/zhihu /web/zhihu
查看
ls /web/blog/
ls /web/zhihu
启动服务
systemctl restart nginx php-fpm
设为开机自启
systemctl enable nginx php-fpm
[lb01]
在lb01上安装nginx
设置代理
[root@lb01 ~]# vim /etc/nginx/proxy_params
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 30;
proxy_send_timeout 60;
proxy_read_timeout 60;
proxy_buffering on;
proxy_buffer_size 32k;
proxy_buffers 4 128k;
设置负载均衡
[root@lb01 ~]# vim /etc/nginx/conf.d/proxy.conf
upstream web {
server 10.0.0.7:80;
server 10.0.0.8:80;
}
server {
server_name blog.zmj.com;
listen 80;
location / {
proxy_pass http://web;
include proxy_params;
}
}
server {
server_name zhihu.zmj.com;
listen 80;
location / {
proxy_pass http://web;
include proxy_params;
}
}
启动nginx服务 并设为开机自启
systemctl restart nginx
systemctl enable nginx
修改本地hosts文件
C:\Windows\System32\drivers\etc/hosts
·····
172.16.1.5 blog.zmj.com zhihu.zmj.com
验证
在lb01与lb02上分别安装keepalived
yum install keepalived -y
在lb01上编写配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb01
}
vrrp_instance VI_1 {
state MASTER
interface ens36
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.1.3
}
}
在lb02上编写配置文件
vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id lb02
}
vrrp_instance VI_1 {
state MASTER
interface ens36
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.1.3
}
}
对比 keepalived 的 master 与 backup 配置的区别
Keepalived配置区别 Master配置 Backup节配置
route_id(唯一标识) route_id lb01 route_id lb02
state(角色状态) state Master state Backup
priority(竞选优先级) priority 100 priority 99
启动 lb01 与 lb02 的 keepalived
systemctl start keepalived
systemctl enable keepalived
验证
keepalived高可用列脑
由于某些原因,导致两台 keepalived 高可用服务器在指定时间内,无法检测到对方的心跳消息,各自取得资源及服务的所有权,而此时的两台高可用服务器又都还活着。
服务器网线松动等网络故障
服务器硬件故障发生损坏现象而崩溃
主备都开启firewalld防火墙
Nginx服务死掉等
查看网卡的虚拟IP
[root@lb01 ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:8b:80:2c brd ff:ff:ff:ff:ff:ff
inet 10.0.0.5/24 brd 10.0.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe8b:802c/64 scope link
valid_lft forever preferred_lft forever
4: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:8b:80:40 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.5/24 brd 172.16.1.255 scope global ens38
valid_lft forever preferred_lft forever
inet 172.16.1.3/32 scope global ens38
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe8b:8040/64 scope link
valid_lft forever preferred_lft forever
在lb01编写配置文件
vim /etc/keepalived/keepalived_check.sh
#!/bin/bash
backup_ip=172.16.1.6
while true
do
ping -c2 -i0.01 -W1 $backup_ip &> /dev/null
if [[ $? -ne 0 ]];then
systemctl stop keepalived
fi
sleep 1
done
手动关闭lb01的网卡
ifdown ens38
执行脚本
可以发现在lb01关闭ens38网卡后 执行脚本 ens38就没有虚拟IP了
并且lb02出现虚拟IP
[root@lb02 keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:47:b1:a8 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe47:b1a8/64 scope link
valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:47:b1:b2 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.6/24 brd 172.16.1.255 scope global ens37
valid_lft forever preferred_lft forever
inet 172.16.1.3/32 scope global ens37
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe47:b1b2/64 scope link
valid_lft forever preferred_lft forever
nginx服务停了
写一个脚本检查nginx的服务是否停止,并根据返回的$?值来判断
cd /etc/keepalived/
vim /keepalived_nginx.sh
#!bin/bash
while true
do
ps aux |grep [n]ginx &> /dev/null
if [[ $? -ne 0 ]]; then
systemctl stop keepalived
fi
sleep 1
done
在lb01上执行脚本
sh keepalived_nginx.sh
关闭nginx服务
systemctl stop nginx
查看网卡
[root@lb02 keepalived]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:47:b1:a8 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.6/24 brd 10.0.0.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe47:b1a8/64 scope link
valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:47:b1:b2 brd ff:ff:ff:ff:ff:ff
inet 172.16.1.6/24 brd 172.16.1.255 scope global ens37
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe47:b1b2/64 scope link
valid_lft forever preferred_lft forever
验证