Keepalived如何实现Nginx高可用
Keepalived实现Nginx高可用
Master上的keepalived.conf
global_defs {
router_id LVS_LEVEL1 #主服务器名称
}
vrrp_script check_run {
script "/usr/local/src/check_nginx.sh"
interval 5 #5秒执行一次脚本
}
vrrp_instance VI_1 {
state MASTER #主服务器
interface eth0 #承载VIP地址到物理接口
virtual_router_id 51 #虚拟路由器ID号,每个热播组保持一致
priority 100 #优先级,数值越大优先级越高
advert_int 1 #检查间隔,默认为1s
authentication { #认证信息,每个热播组保持一致
auth_type PASS #认证类型
auth_pass 1111 #密码字串
}
virtual_ipaddress {
192.168.0.200 #VIP地址(内网地址)
}
track_script {
check_run
}
}Backup上的keepalived.conf
global_defs {
router_id LVS_LEVEL2 #备份服务器名称
}
vrrp_script check_run {
script "/usr/local/src/check_nginx.sh"
interval 5 #5秒执行一次脚本
}
vrrp_instance VI_1 {
state BACKUP #备份服务器
interface eth0 #承载VIP地址到物理接口
virtual_router_id 51 #虚拟路由器ID号,每个热播组保持一致
priority 50 #优先级,数值越大优先级越高
advert_int 1 #检查间隔,默认为1s
authentication { #认证信息,每个热播组保持一致
auth_type PASS #认证类型
auth_pass 1111 #密码字串
}
virtual_ipaddress {
192.168.0.200 #VIP地址(和主服务器设置一样)
}
track_script {
check_run
}
}Nginx检测脚本check_nginx.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
#判断nginx是否宕机,如果宕机,尝试重启
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
#等待一会再次检查nginx,如果没有启动成功,则停止keepalived,使其启动备用机
sleep 5
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fichmod +x /etc/keepalived/nginx_check.shKeepalived+Nginx高可用集群
实验环境
准备2台设备
设备1 192.168.217.11 nginx +keepalived
设备2 192.168.217.12 nginx +keepalived
虚拟ip 192.168.217.3
设备1、2 安装nginx keepalived
(此处设备已安装nginx)
我们在此基础上直接利用yum安装keepalived
更新网络yum源
[root@localhost ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
[root@localhost ~]# wget -O /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo
--2022-06-11 17:56:31-- http://mirrors.aliyun.com/repo/epel-7.repo安装keepalived
[root@localhost ~]# yum -y install keepalived.x86_64 启动nginx
[root@localhost ~]# cd /usr/src/nginx-1.12.2/
[root@localhost nginx-1.12.2]# killall -9 nginx
[root@localhost nginx-1.12.2]# nginx修改keepalived配置文件
[root@localhost nginx-1.12.2]# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP #主调度器的初始角色(本实验主备MASTER 从BACKUP)
interface ens33 #修改网卡名称
virtual_router_id 52 #主id 与从id 不要重复
priority 90 #主调度器的选举优先级 (本实验 主备100 从90 数据越大 优先级越高)
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.217.3 #虚拟ip (本实验需设置 同网段 主从一样)
}
}查看ip
[root@localhost ~]# ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:c2:15:cf brd ff:ff:ff:ff:ff:ff
inet 192.168.217.11/24 brd 192.168.217.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.217.3/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::1e6f:d3ee:5554:1f34/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::ac8:77ad:9154:7983/64 scope link noprefixroute
valid_lft forever preferred_lft forever重启keepalived
[root@localhost ~]# systemctl start keepalived.service
[root@localhost ~]# systemctl restart keepalived.service关闭防火墙 内核
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# setenforce 0验证
[root@localhost ~]# curl 192.168.217.11
‘nginx1'
[root@localhost ~]# curl 192.168.217.12
‘nginx2'
[root@localhost ~]# curl 192.168.217.3
‘nginx1'
[root@localhost ~]# curl 192.168.217.3
‘nginx1'实验环境
准备2台设备 双主keepalived
设备1 192.168.217.11 nginx +keepalived
设备2 192.168.217.12 nginx +keepalived
虚拟ip 192.168.217.3
虚拟ip 192.168.217.6
在以上实验基础上
设备1
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 { #修改模块名字
state MASTER #主调度器的初始角色(本实验主备MASTER 从BACKUP)
interface ens33 #修改网卡名称
virtual_router_id 51 #主id 与从id 不要重复
priority 100 #主调度器的选举优先级 (本实验 主备100 从90 数据越大 优先级越高)
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.217.3 #虚拟ip
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 53
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.217.6
}
I}设备2
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.217.3
}
}
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 53
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.217.6
}
}xshell同时开启 命令模式 重启keepalived
[root@localhost ~]# systemctl start keepalived.service
[root@localhost ~]# systemctl restart keepalived.service查看ip
设备1 飘逸Ip正常
[root@localhost ~]# ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:c2:15:cf brd ff:ff:ff:ff:ff:ff
inet 192.168.217.11/24 brd 192.168.217.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.217.3/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::1e6f:d3ee:5554:1f34/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::ac8:77ad:9154:7983/64 scope link noprefixroute
valid_lft forever preferred_lft forever设备2
[root@localhost ~]# ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:49:b3:a1 brd ff:ff:ff:ff:ff:ff
inet 192.168.217.12/24 brd 192.168.217.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.217.6/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::1e6f:d3ee:5554:1f34/64 scope link noprefixroute
valid_lft forever preferred_lft forever设备1、设备2验证 (此问题暂未解决)
[root@localhost ~]# curl 192.168.217.11
curl: (7) Failed connect to 192.168.217.11:80; 拒绝连接
[root@localhost ~]# curl 192.168.217.12
‘nginx2'
[root@localhost ~]# curl 192.168.217.3
curl: (7) Failed connect to 192.168.217.3:80; 连接超时
[root@localhost ~]# curl 192.168.217.6
curl: (7) Failed connect to 192.168.217.6:80; 连接超时