nginx+keepalived高可用

目录

1 keepalived的安装

2.场景演练

3 高可用验证

---

之前写过nginx核keeaplived的相关部署，以及nginx的负载均衡。那么当nginx服务器挂了的时候，再完美的负载均衡也起不到作用了，下面介绍keepalived实现nginx高可用

1 keepalived的安装

之前有写keepalived的编译安装，centos系统已经把keepalived集成了，直接可以yum install安装

2.场景演练

机器	组件
192.168.52.128	nginx  keepalived
192.168.52.128	nginx  keepalived

首先我们搭建好nginx服务，如下所示：

然后配置keepalived.conf文件，如下所示

128机器上的keepalived.conf文件（master节点）

! Configuration File for keepalived

vrrp_script check_nginx_alived {
        #script "/etc/keepalived/scripts/check_nginx.sh"
        script "killall -0 nginx"
        interval 2
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 51
    nopreempt
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    virtual_ipaddress {
        192.168.52.200
    }

   track_script {
       check_nginx_alived
   }

}

129机器上的keepalived的配置文件

! Configuration File for keepalived

vrrp_script check_nginx_alived {
        #script "/etc/keepalived/scripts/check_nginx.sh"
        script "killall -0 nginx"
        interval 2
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 51
    nopreempt
    priority 80
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }

    virtual_ipaddress {
        192.168.52.200
    }

   track_script {
       check_nginx_alived
   }
}

启动keepalived服务，128上的keepalived日志

[root@wyl01 scripts]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2020-02-28 15:41:09 CST; 1s ago
  Process: 49007 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 49008 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─49008 /usr/sbin/keepalived -D
           ├─49009 /usr/sbin/keepalived -D
           └─49010 /usr/sbin/keepalived -D

Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: Opening file '/etc/keepalived/keepalived.conf'.
Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: WARNING - default user 'keepalived_script' for script e...ate.
Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: (VI_1): Warning - nopreempt will not work with initial ...STER
Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: WARNING - script `killall` resolved by path search to `...ath.
Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: SECURITY VIOLATION - scripts are being executed but scr...led.
Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: VRRP_Instance(VI_1) removing protocol VIPs.
Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: Using LinkWatch kernel netlink reflector...
Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Feb 28 15:41:09 wyl01 Keepalived_vrrp[49010]: VRRP_Script(check_nginx_alived) succeeded
Feb 28 15:41:10 wyl01 Keepalived_vrrp[49010]: VRRP_Instance(VI_1) Transition to MASTER STATE
Feb 28 15:41:11 wyl01 Keepalived_vrrp[49010]: VRRP_Instance(VI_1) Entering MASTER STATE
Feb 28 15:41:11 wyl01 Keepalived_vrrp[49010]: VRRP_Instance(VI_1) setting protocol VIPs.
Feb 28 15:41:11 wyl01 Keepalived_vrrp[49010]: Sending gratuitous ARP on ens33 for 192.168.52.200
Feb 28 15:41:11 wyl01 Keepalived_vrrp[49010]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on....200
Feb 28 15:41:11 wyl01 Keepalived_vrrp[49010]: Sending gratuitous ARP on ens33 for 192.168.52.200
Feb 28 15:41:11 wyl01 Keepalived_vrrp[49010]: Sending gratuitous ARP on ens33 for 192.168.52.200
Feb 28 15:41:11 wyl01 Keepalived_vrrp[49010]: Sending gratuitous ARP on ens33 for 192.168.52.200
Feb 28 15:41:11 wyl01 Keepalived_vrrp[49010]: Sending gratuitous ARP on ens33 for 192.168.52.200
Hint: Some lines were ellipsized, use -l to show in full.

129上的keepalived的启动日志

[root@wyl2 html]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
   Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
   Active: active (running) since Fri 2020-02-28 15:42:55 CST; 19s ago
  Process: 116712 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 Main PID: 116713 (keepalived)
   CGroup: /system.slice/keepalived.service
           ├─116713 /usr/sbin/keepalived -D
           ├─116714 /usr/sbin/keepalived -D
           └─116715 /usr/sbin/keepalived -D

Feb 28 15:42:55 wyl2 Keepalived_vrrp[116715]: Registering gratuitous ARP shared channel
Feb 28 15:42:55 wyl2 Keepalived_vrrp[116715]: Opening file '/etc/keepalived/keepalived.conf'.
Feb 28 15:42:55 wyl2 Keepalived_vrrp[116715]: WARNING - default user 'keepalived_script' for script e...ate.
Feb 28 15:43:00 wyl2 Keepalived_vrrp[116715]: WARNING - script `killall` resolved by path search to `...ath.
Feb 28 15:43:00 wyl2 Keepalived_vrrp[116715]: SECURITY VIOLATION - scripts are being executed but scr...led.
Feb 28 15:43:00 wyl2 Keepalived_vrrp[116715]: VRRP_Instance(VI_1) removing protocol VIPs.
Feb 28 15:43:00 wyl2 Keepalived_vrrp[116715]: Using LinkWatch kernel netlink reflector...
Feb 28 15:43:00 wyl2 Keepalived_vrrp[116715]: VRRP_Instance(VI_1) Entering BACKUP STATE
Feb 28 15:43:00 wyl2 Keepalived_vrrp[116715]: VRRP sockpool: [ifindex(2), proto(112), unicast(0), fd(10,11)]
Feb 28 15:43:00 wyl2 Keepalived_vrrp[116715]: VRRP_Script(check_nginx_alived) succeeded
Hint: Some lines were ellipsized, use -l to show in full.

启动后，我们查看vip的绑定情况，是在128的机器上

在浏览器上输入虚ip进行访问

3 高可用验证

停止128上的nginx服务

发现vip已经飘到129的机器上了。

再次在浏览器上验证

可以看到服务依然是可用的。生产环境我们只要把两个nginx配置一样的情况即可。

注意：如果nginx用到本地文件，则还需要注意要做存储的高可用。如glusterfs，nfs等。否则会找本地文件，找不到的。