1.安装keeplived
在主备上安装keeplived
[root@localhost ~]# cd /etc/yum.repos.d/
[root@localhost yum.repos.d]# ls
CentOS7-Base-163.repo epel.repo epel-testing.repo redhat.repo
[root@localhost yum.repos.d]# vim my.repo
[root@localhost yum.repos.d]# cd
[root@localhost ~]#
[root@localhost ~]# yum -y install keepalived
2.配置nginx
在128的主服务器上配置
[root@localhost ~]# yum -y install nginx
已加载插件:product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
正在解决依赖关系
--> 正在检查事务
---> 软件包 nginx.x86_64.1.1.16.1-1.el7 将被 安装
--> 正在处理依赖关系 nginx-all-modules = 1:1.16.1-1.el7,它被软件包 1:nginx-1.16.1-1.el7.x86_64 需要
[root@localhost ~]# cd /usr/share/nginx/html/
[root@localhost html]# mv index.html{,-bak}
[root@localhost html]# ls
404.html 50x.html en-US icons img index.html-bak nginx-logo.png poweredby.png
[root@localhost html]# echo 'master' > index.html
[root@localhost html]# ls
404.html 50x.html en-US icons img index.html index.html-bak nginx-logo.png poweredby.png
[root@localhost html]# systemctl restart nginx
在130的备服务器配置nginx
[root@localhost ~]# yum -y install nginx
已加载插件:product-id, search-disabled-repos, subscription-manager
This system is not registered with an entitlement server. You can use subscription-manager to register.
正在解决依赖关系
--> 正在检查事务
---> 软件包 nginx.x86_64.1.1.16.1-1.el7 将被 安装
--> 正在处理依赖关系 nginx-all-modules = 1:1.16.1-1.el7,它被软件包 1:nginx-1.16.1-1.el7.x86_64 需要
[root@localhost ~]# cd /usr/share/nginx/html/
[root@localhost html]# mv index.html{,-bak}
[root@localhost html]# ls
404.html 50x.html en-US icons img index.html-bak nginx-logo.png poweredby.png
[root@localhost html]# echo 'slave' > index.html
[root@localhost html]# ls
404.html 50x.html en-US icons img index.html index.html-bak nginx-logo.png poweredby.png
[root@localhost html]# systemctl restart nginx
在web上查看128是否成功
在web上查看130是否成功
3.keepalived配置
在128配置主keepalived
[root@128 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
router_id node1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 150
advert_int 1
authentication {
auth_type PASS
auth_pass wangqing
}
virtual_ipaddress {
192.168.90.250 dev ens33
}
}
virtual_server 192.168.90.250 80 {
delay_loop 3
lvs_sched rr
lvs_method DR
protocol TCP
real_server 192.168.90.128 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.90.130 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@128 ~]# systemctl restart keepalived
[root@128 ~]# systemctl enable keepalived
在130配置备keepalvied
[root@130 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
router_id node2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass wangqing
}
virtual_ipaddress {
192.168.90.250 dev ens33
}
}
virtual_server 192.168.90.250 80 {
delay_loop 3
lvs_sched rr
lvs_method DR
protocol TCP
real_server 192.168.90.128 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.90.130 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@130 ~]# systemctl restart keepalived
[root@130 ~]# systemctl enable keepalived
4.查看vip在哪里
在128上看
[root@128 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ed:39:d9 brd ff:ff:ff:ff:ff:ff
inet 192.168.90.128/24 brd 192.168.90.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.90.250/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::a1e5:d9ba:301f:9444/64 scope link
valid_lft forever preferred_lft forever
在130上看
[root@130 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc n
link/loopback 00:00:00:00:00:00 brd 00:00:0
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu
link/ether 00:0c:29:17:eb:c4 brd ff:ff:ff:f
inet 192.168.90.130/24 brd 192.168.90.255 s
valid_lft forever preferred_lft forever
inet6 fe80::9de0:fa4d:ce5e:663d/64 scope li
valid_lft forever preferred_lft forever
测试:在web上查看
在128上停止keepalived查看vip已经在130上
[root@128 ~]# systemctl stop keepalived
[root@128 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ed:39:d9 brd ff:ff:ff:ff:ff:ff
inet 192.168.90.128/24 brd 192.168.90.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::a1e5:d9ba:301f:9444/64 scope link
valid_lft forever preferred_lft forever
[root@130 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:17:eb:c4 brd ff:ff:ff:ff:ff:ff
inet 192.168.90.130/24 brd 192.168.90.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.90.250/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::9de0:fa4d:ce5e:663d/64 scope link
valid_lft forever preferred_lft forever
测试
让keepalived监控nginx负载均衡机
在128上编写脚本
[root@128 ~]# mkdir /scripts
[root@128 ~]# cd /scripts
[root@128 scripts]# vim check_n.sh
#!/bin/bash
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl stop keepalived
fi
[root@128 scripts]# chmod +x check_n.sh
[root@128 scripts]# vim check_n.sh
[root@128 scripts]# vim notify.sh
#!/bin/bash
VIP=$2
sendmail (){
subject="${VIP}'s server keepalived state is translate"
content="`date +'%F %T'`: `hostname`'s state change to master"
echo $content | mail -s "$subject" 1470044516@qq.com
}
case "$1" in
master)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl start nginx
fi
sendmail
;;
backup)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -gt 0 ];then
systemctl stop nginx
fi
;;
*)
echo "Usage:$0 master|backup VIP"
;;
esac
[root@128 scripts]# chmod +x notify.sh
在130上编写脚本
[root@slave ~]# mkdir /scripts
[root@slave ~]# cd /scripts/
[root@130 scripts]# cat notify.sh
#!/bin/bash
VIP=$2
sendmail (){
subject="${VIP}'s server keepalived state is translate"
content="`date +'%F %T'`: `hostname`'s state change to master"
echo $content | mail -s "$subject" 1470044516@qq.com
}
case "$1" in
master)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -lt 1 ];then
systemctl start nginx
fi
sendmail
;;
backup)
nginx_status=$(ps -ef|grep -Ev "grep|$0"|grep '\bnginx\b'|wc -l)
if [ $nginx_status -gt 0 ];then
systemctl stop nginx
fi
;;
*)
echo "Usage:$0 master|backup VIP"
;;
esac
[root@130 scripts]# ll
总用量 4
-rwxr-xr-x. 1 root root 662 1月 10 10:09 notify.sh
5.配置keepalived加入监控脚本的配置
配置主keepalived
[root@128 ~]# vim /etc/keepalived/keepalived.conf
global_defs {
router_id node1
}
vrrp_script nginx_check {
script "/scripts/check_n.sh"
interval 1
weight -20
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 150
nopreempt
advert_int 1
authentication {
auth_type PASS
auth_pass wangqing
}
virtual_ipaddress {
192.168.90.250 dev ens33
}
track_script{
nginx_check
}
notify_master "/scripts/notify.sh master 192.168.90.250"
notify_backup "/scripts/notify.sh backup 192.168.90.250"
}
virtual_server 192.168.90.250 80 {
delay_loop 3
lvs_sched rr
lvs_method DR
protocol TCP
real_server 192.168.90.128 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.90.130 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@128 ~]# systemctl restart keepalived
配置备keepalived
[root@130 scripts]# cat /etc/keepalived/keepalived.conf
global_defs {
router_id node2
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass wangqing
}
virtual_ipaddress {
192.168.90.250 dev ens33
}
notify_master "/scripts/notify.sh master 192.168.90.250"
notify_backup "/scripts/notify.sh backup 192.168.90.250"
}
virtual_server 192.168.90.250 80 {
delay_loop 3
lvs_sched rr
lvs_method DR
protocol TCP
real_server 192.168.90.128 80{
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.90.130 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
[root@130 ~]# systemctl restart keepalived
关闭128服务器的nginx,会自动关闭keepalived,查看ip的250已经不再了
[root@localhost ~]# systemctl stop nginx
[root@localhost ~]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 128 :::22 :::*
LISTEN 0 100 ::1:25 :::*
[root@localhost ~]# systemctl status keepalived
● keepalived.service - LVS and VRRP High Availability Monitor
Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
Active: inactive (dead)
1月 10 14:37:40 localhost.localdomain Keepalived_vrrp[46280]: Sending gratuitous ARP on...
1月 10 14:37:40 localhost.localdomain Keepalived_vrrp[46280]: Sending gratuitous ARP on...
1月 10 14:38:26 localhost.localdomain Keepalived[46278]: Stopping
1月 10 14:38:26 localhost.localdomain systemd[1]: Stopping LVS and VRRP High Availabil....
1月 10 14:38:26 localhost.localdomain Keepalived_healthcheckers[46279]: Removing servic...
1月 10 14:38:26 localhost.localdomain Keepalived_vrrp[46280]: VRRP_Instance(VI_1) sent ...
1月 10 14:38:26 localhost.localdomain Keepalived_vrrp[46280]: VRRP_Instance(VI_1) remov...
1月 10 14:38:27 localhost.localdomain Keepalived_vrrp[46280]: Stopped
1月 10 14:38:27 localhost.localdomain Keepalived[46278]: Stopped Keepalived v1.3.5 (03...2
1月 10 14:38:27 localhost.localdomain systemd[1]: Stopped LVS and VRRP High Availabili....
Hint: Some lines were ellipsized, use -l to show in full.
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:ed:39:d9 brd ff:ff:ff:ff:ff:ff
inet 192.168.90.128/24 brd 192.168.90.255 scope global dynamic ens33
valid_lft 2591316sec preferred_lft 2591316sec
inet6 fe80::a1e5:d9ba:301f:9444/64 scope link
valid_lft forever preferred_lft forever
在130的服务器查看,ip已经转过来了
[root@localhost ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:17:eb:c4 brd ff:ff:ff:ff:ff:ff
inet 192.168.90.130/24 brd 192.168.90.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.90.250/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::9de0:fa4d:ce5e:663d/64 scope link
valid_lft forever preferred_lft forever