**
Keepalived+nginx实现高可用方案
**
第一步、测试前关闭防火墙等功能
1、systemctl stop firewalld
systemctl disable firewalld
2、关闭selinux
sed -i “s/SELINUX=enforcing/SELINUX=disabled/g” /etc/sysconfig/selinux
第二步、安装epel源,直接通过yum安装keepalived和nginx(编译安装自行测试)
1、###安装epel源###
yum install -y epel-release
2、###安装nginx###
yum install -y nginx
systemctl restart nginx && systemctl enable nginx
3、###安装keepalived###
yum install -y keepalived
systemctl restart keepalived && systemctl enable keepalived
第三步、配置keepalived
1、主节点/etc/keepalived/keepalived.conf配置
#/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc #邮箱功能自行测试
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict #此处需要注释掉
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nginx {
script “/opt/check_nginx.sh” #修改检测脚本为存放位置
interval 2
}
vrrp_instance VI_1 {
state MASTER #此处与主节点不同
interface enp0s3 #此处为你的网卡名
virtual_router_id 51
priority 100 #主节点优先数,大于从节点
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.2.111 #修改此处IP为你设置的VIP
}
track_script {
check_nginx #检测脚本名称(给执行权限chmod +x /opt/check_nginx.sh)
}
}
2、从节点/etc/keepalived/keepalived.conf配置
#/etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_DEVEL
vrrp_skip_check_adv_addr
vrrp_strict #此处需要注释掉
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_nginx {
script “/opt/check_nginx.sh” #修改检测脚本为存放位置
interval 2
}
vrrp_instance VI_1 {
state BACKUP #此处与主节点不同
interface enp0s3 #此处为你的网卡名
virtual_router_id 51
priority 90 #从节点系数小于主节点
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
10.0.2.111 #修改此处IP为你设置的VIP
}
track_script {
check_nginx #检测脚本名称(给执行权限chmod +x /opt/check_nginx.sh)
}
}
3、检测脚本
#/opt/check_nginx.sh
#!/bin/sh
A=ps -C nginx --no-header |wc -l
if [ $A -eq 0 ];then #如果nginx没在运行
systemctl start nginx.service #启动nginx
sleep 2
if [ ps -C nginx --no-header |wc -l
-eq 0 ];then #如果无法启动
killall keepalived #杀死keepalived进程
fi
fi
#配置完后重启keepalived(systemctl restart keepalived)
注意:安装psmisc
因为脚本用到了killall命令,最小化安装的centos没有,所以要安装一下
yum -y install psmisc
第四步、修改nginx默认首页
#vim /usr/share/nginx/html/index.html
#主节点
#从节点
第五步、测试
1、在浏览器打开10.0.2.111,出现主节点上nginx首页
2、在主节点上执行systemctl stop nginx
马上刷新10.0.2.111页面,会发现服务不可用,2s后服务恢复
3、在主节点上执行systemctl stop keepalived,刷先10.0.2.111,会发现此时页面已切换 到了第二台nginx上面了
结论:由此测试,可以得出,通过keepalived可以有效避免nginx单点故障。
运维实施组
2019/8/29