Centos7+nginx+keepalived集群及双主架构案例

一、简介

  1、用nginx做负载均衡,作为架构的最前端或中间层,随着日益增长的访问量,需要给负载均衡做高可用架构,利用keepalived解决单点风险,一旦 nginx宕机能快速切换到备份服务器

  2、keepalived原理请参考如下链接

  https://www.cnblogs.com/zhangxingeng/p/10595058.html 

  3、nginx+keepalived单主架构

 

  4、nginx+keepalived双主架构案例

 

二、部署nginx+keepalived 集群

  1、环境

    注意:本次实验没有部署负载均衡和rs,只是部署keepalived+web,主要是为了实现效果,简化了很多配置

    1.1、节点部署

nginx+keepalived架构,包含单主集群和双主集群
节点  地址 服务 单主实例VI_1 双主实例VI_1 双主实例VI_2
web1 192.168.216.51 keepalived+web服务 MASTER MASTER BAKCUP
web2 192.168.216.52 keepalived+web服务 BACKUP BACKUP MASTER
clent   物理机 浏览器      

    

 

 

 

    

    

    1.2、部署前

       1.2.1、各节点时间同步,可以是设置ntp或者手动同一时间,且不能超过1s的差距

       1.2.2、关闭防火墙及selinux

       1.2.3、节点名称对应ip地址写入hosts文件

       1.2.4、节点间root可以基于密钥认证的ssh服务完成互相通信(非必需)

    1.3、keepalived的目录机构

 1 [root@web1 keepalived]# rpm -ql keepalived
 2 /etc/keepalived
 3 /etc/keepalived/keepalived.conf    #主配置文件
 4 /etc/sysconfig/keepalived
 5 /usr/bin/genhash
 6 /usr/lib/systemd/system/keepalived.service
 7 /usr/libexec/keepalived
 8 /usr/sbin/keepalived
 9 /usr/share/doc/keepalived-1.3.5
10 /usr/share/doc/keepalived-1.3.5/AUTHOR
11 /usr/share/doc/keepalived-1.3.5/CONTRIBUTORS
12 /usr/share/doc/keepalived-1.3.5/COPYING
13 /usr/share/doc/keepalived-1.3.5/ChangeLog
14 /usr/share/doc/keepalived-1.3.5/NOTE_vrrp_vmac.txt
15 /usr/share/doc/keepalived-1.3.5/README
16 /usr/share/doc/keepalived-1.3.5/TODO
17 /usr/share/doc/keepalived-1.3.5/keepalived.conf.SYNOPSIS
18 /usr/share/doc/keepalived-1.3.5/samples
19 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.HTTP_GET.port
20 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.IPv6
21 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.SMTP_CHECK
22 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.SSL_GET
23 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.fwmark
24 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.inhibit
25 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.misc_check
26 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.misc_check_arg
27 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.quorum
28 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.sample
29 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.status_code
30 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.track_interface
31 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.virtual_server_group
32 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.virtualhost
33 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp
34 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.localcheck
35 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.lvs_syncd
36 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.routes
37 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.rules
38 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.scripts
39 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.static_ipaddress
40 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.sync
41 /usr/share/doc/keepalived-1.3.5/samples/sample.misccheck.smbcheck.sh
42 /usr/share/man/man1/genhash.1.gz
43 /usr/share/man/man5/keepalived.conf.5.gz
44 /usr/share/man/man8/keepalived.8.gz
45 /usr/share/snmp/mibs/KEEPALIVED-MIB.txt
46 /usr/share/snmp/mibs/VRRP-MIB.txt
47 /usr/share/snmp/mibs/VRRPv3-MIB.txt
48 [root@web1 keepalived]# 

    1.4、软件环境

 

1 [root@web1 keepalived]# rpm -qa nginx
2 nginx-1.12.2-2.el7.x86_64
3 [root@web1 keepalived]# rpm -qa keepalived
4 keepalived-1.3.5-8.el7_6.x86_64 
5 [root@web1 keepalived]# cat /etc/redhat-release 
6 CentOS Linux release 7.3.1611 (Core) 
7 [root@web1 keepalived]# 

 

  2、安装软件

 

    yum install nginx keepalived pcre-devel  -y

    我这里已经安装了pcre所以具体依赖如下:

 1 Dependencies Resolved
 2 
 3 ====================================================================================================================
 4  Package                           Arch                 Version                         Repository             Size
 5 ====================================================================================================================
 6 Installing:
 7  keepalived                        x86_64               1.3.5-8.el7_6                   updates               329 k
 8 Installing for dependencies:
 9  net-snmp-agent-libs               x86_64               1:5.7.2-37.el7                  base                  705 k
10 Updating for dependencies:
11  net-snmp-libs                     x86_64               1:5.7.2-37.el7                  base                  749 k
12 
13 Transaction Summary
14 ====================================================================================================================
15 Install  1 Package  (+1 Dependent package)
16 Upgrade             ( 1 Dependent package)

 

 1 Dependencies Resolved
 2 
 3 =============================================================================================================================================================================================================================================
 4  Package                                                              Arch                                            Version                                                         Repository                                        Size
 5 =============================================================================================================================================================================================================================================
 6 Installing:
 7  nginx                                                                x86_64                                          1:1.12.2-2.el7                                                  epel                                             530 k
 8 Installing for dependencies:
 9  nginx-all-modules                                                    noarch                                          1:1.12.2-2.el7                                                  epel                                              16 k
10  nginx-filesystem                                                     noarch                                          1:1.12.2-2.el7                                                  epel                                              17 k
11  nginx-mod-http-geoip                                                 x86_64                                          1:1.12.2-2.el7                                                  epel                                              23 k
12  nginx-mod-http-image-filter                                          x86_64                                          1:1.12.2-2.el7                                                  epel                                              26 k
13  nginx-mod-http-perl                                                  x86_64                                          1:1.12.2-2.el7                                                  epel                                              36 k
14  nginx-mod-http-xslt-filter                                           x86_64                                          1:1.12.2-2.el7                                                  epel                                              26 k
15  nginx-mod-mail                                                       x86_64                                          1:1.12.2-2.el7                                                  epel                                              54 k
16  nginx-mod-stream                                                     x86_64                                          1:1.12.2-2.el7                                                  epel                                              76 k
17 Updating for dependencies:
18  openssl                                                              x86_64                                          1:1.0.2k-16.el7_6.1                                             updates                                          493 k
19  openssl-libs                                                         x86_64                                          1:1.0.2k-16.el7_6.1                                             updates                                          1.2 M
20 
21 Transaction Summary
22 =============================================================================================================================================================================================================================================
23 Install  1 Package  (+8 Dependent packages)
24 Upgrade             ( 2 Dependent packages)

 

  3、配置keepalived高可用,修改主配置文件

    3.1、备份配置文件

      两台均备份

    cp /etc/keepalived/keepalived.conf keepalived.conf.bak

    3.2、配置keepalived-MASTER

      web1-51

  

 1 [root@web1 keepalived]# cat keepalived.conf 
 2 ! Configuration File for keepalived
 3 
 4 global_defs {
 5 #   notification_email {
 6 #     acassen@firewall.loc
 7 #     failover@firewall.loc
 8 #     sysadmin@firewall.loc
 9 #   }
10 #   notification_email_from Alexandre.Cassen@firewall.loc
11 #   smtp_server 192.168.200.1
12 #   smtp_connect_timeout 30
13 #   router_id LVS_DEVEL
14 #   vrrp_skip_check_adv_addr
15 #   vrrp_strict
16    vrrp_garp_interval 0
17    vrrp_gna_interval 0
18 }
19 
20 #VIP1
21 vrrp_instance VI_1 {    #实例名称保持一致
22     state MASTER      #主备配置为MASTER----BACKUP
23     interface ens33    #查看自己的网卡名称修改为它  
24     virtual_router_id 50  #vrid 路由标识符,主备保持一致 
25     priority 100      #优先级值越大越高
26     advert_int 1
27     authentication {    #认证,默认即可,主备保持一致
28         auth_type PASS
29         auth_pass 1111
30     }
31     virtual_ipaddress {  #vip,主备一致,可以为多vip
32         192.168.216.200
33     }
34 }

    把配置文件发送到52节点

    scp /etc/keepalived/keppalived.conf 192.168.216.52:/etc/keepalived/keepalived.conf

    

    web2-52

      只需要修改

1 state BACKUP 
2 priority 90

    

 

    

  4、配置nginx

    web1

1 [root@web1 keepalived]# cat /usr/share/nginx/html/index.html 
2 this is web1

    web2

1 [root@web2 keepalived]# cat /usr/share/nginx/html/index.html 
2 thsi web2

  5、启动服务并开机自启

    systemctl start nginx

    systemctl start keepalived

    systemctl enable nginx

    systemctl enable keepalived

 

  6、测试

    6.1、首先访问各站点

    没问题

    没问题

    6.2、VIP也没有问题,在备服务器抓包看看,每1s 宣告一次,状态正常

1 [root@web2 keepalived]# tcpdump -i ens33 host 192.168.216.51 
2 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
3 listening on ens33, link-type EN10MB (Ethernet), capture size 65535 bytes
4 23:58:22.470521 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
5 23:58:23.472862 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
6 23:58:24.473482 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
7 23:58:25.475482 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20

 

    6.3、现在可以开始stop keepalived,测试主备切换

      [root@web1 keepalived]# systemctl stop keepalived

      刷新页面如下:

      查看web2的ip信息,ifconfig看不到,可以使用ip addr list 命令查询

 1 [root@web2 keepalived]# ip ad
 2 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
 3     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
 4     inet 127.0.0.1/8 scope host lo
 5        valid_lft forever preferred_lft forever
 6     inet6 ::1/128 scope host 
 7        valid_lft forever preferred_lft forever
 8 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
 9     link/ether 00:0c:29:75:de:46 brd ff:ff:ff:ff:ff:ff
10     inet 192.168.216.52/24 brd 192.168.216.255 scope global ens33
11        valid_lft forever preferred_lft forever
12     inet 192.168.216.200/32 scope global ens33   #vip已经漂移过来了
13        valid_lft forever preferred_lft forever
14     inet6 fe80::9416:80e8:f210:1e24/64 scope link 
15        valid_lft forever preferred_lft forever
16     inet6 fe80::3409:e73d:1ef:2e1/64 scope link tentative dadfailed 
17        valid_lft forever preferred_lft forever
18 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000
19     link/ether 52:54:00:23:a5:7c brd ff:ff:ff:ff:ff:ff
20     inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
21        valid_lft forever preferred_lft forever
22 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000
23     link/ether 52:54:00:23:a5:7c brd ff:ff:ff:ff:ff:ff
24 [root@web2 keepalived]# 

    [root@web1 keepalived]# systemctl restart keepalived  刷新网页,发现切换回来了

 

 

    6.4、实验环境为虚拟机,演示实验过程中一个问题

      注意:如果是禁用网卡的方式,最好是在虚拟机上断开连接的方式测试。

      因为在测试过程中,systemctl stop network 测试切换的时候出现不能切换,网络没有完全断开backup还能收到master的心跳,但是其他服务已经停用了下面演示:

    访问vip就变成如下状态,没有进行故障切换

    应该这样测试如下:断开网络连接的方式比较彻底了

 

三、部署nginx+keepalived双主架构

  1、环境

  和上面一个实验一样的环境就是改成双主

  2、安装软件

  同上

  3、配置keepalived

   web1配置

 1 [root@web1 keepalived]# cat /etc/keepalived/keepalived.conf 
 2 ! Configuration File for keepalived
 3 
 4 global_defs {
 5 #   notification_email {
 6 #     acassen@firewall.loc
 7 #     failover@firewall.loc
 8 #     sysadmin@firewall.loc
 9 #   }
10 #   notification_email_from Alexandre.Cassen@firewall.loc
11 #   smtp_server 192.168.200.1
12 #   smtp_connect_timeout 30
13 #   router_id LVS_DEVEL
14 #   vrrp_skip_check_adv_addr
15 #   vrrp_strict
16    vrrp_garp_interval 0
17    vrrp_gna_interval 0
18 }
19 #vrrp_script chk_nginx{
20 #       script "/data/sh/check_nginx.sh"
21 #       interval 2
22 #       weight 2
23 #}
24 #VIP1
25 vrrp_instance VI_1 {
26     state MASTER
27     interface ens33
28     virtual_router_id 50
29     priority 100
30     advert_int 1
31     authentication {
32         auth_type PASS
33         auth_pass 1111
34     }
35     virtual_ipaddress {
36         192.168.216.200
37     }
38 }
39 #track_script {
40 #       chk_nignx
41 #}
42 
43 
44 #VIP2,新增配置,新增一个实例VI_2
45 vrrp_instance VI_2 {
46     state BAKCUP
47     interface ens33
48     virtual_router_id 51
49     priority 90
50     advert_int 1
51     authentication {
52         auth_type PASS
53         auth_pass 1111
54     }
55     virtual_ipaddress {
56         192.168.216.210
57     }
58 }

 

   web2配置

 1  [root@web2 keepalived]# cat /etc/keepalived/keepalived.conf 
 2 ! Configuration File for keepalived
 3 
 4 global_defs {
 5 #   notification_email {
 6 #     acassen@firewall.loc
 7 #     failover@firewall.loc
 8 #     sysadmin@firewall.loc
 9 #   }
10 #   notification_email_from Alexandre.Cassen@firewall.loc
11 #   smtp_server 192.168.200.1
12 #   smtp_connect_timeout 30
13 #   router_id LVS_DEVEL
14 #   vrrp_skip_check_adv_addr
15 #   vrrp_strict
16    vrrp_garp_interval 0
17    vrrp_gna_interval 0
18 }
19 #vrrp_script chk_nginx{
20 #       script "/data/sh/check_nginx.sh"
21 #       interval 2
22 #       weight 2
23 #}
24 #VIP1
25 vrrp_instance VI_1 {
26     state BACKUP
27     interface ens33
28     virtual_router_id 50
29     priority 90
30     advert_int 1
31     authentication {
32         auth_type PASS
33         auth_pass 1111
34     }
35     virtual_ipaddress {
36         192.168.216.200
37     }
38 }
39 #track_script {
40 #       chk_nignx
41 #}
42 #VIP2,新增的实例,VI_2
43 vrrp_instance VI_2 {
44     state MASTER
45     interface ens33
46     virtual_router_id 51
47     priority 100
48     advert_int 1
49     authentication {
50         auth_type PASS
51         auth_pass 1111
52     }
53     virtual_ipaddress {
54         192.168.216.210
55     }
56 }

 

    这里附上两台节点的实例比较,请见下图:

 

  4、配置nginx,同上

  5、重启服务

    systemctl restart keepalived

  6、测试验证

   6.1、首先看一下抓包情况

 

    6.2、测试切换是否正常,这里测试就是以stop keepalived测试效果了

      [root@web1 keepalived]# systemctl stop keepalived   

      效果

      [root@web1 keepalived]# systemctl restart  keepalived

      切换回来

 

    在来测试web2

    [root@web2 keepalived]# systemctl stop keepalived

    [root@web2 keepalived]# systemctl restart keepalived

 

四、高可用之调用辅助脚本进行资源监控,并根据监控的结果状态实现动态调整

  1、动态调整keepalived

    检测keepalived主要是用在维护过程中,比如升级,停掉服务是非常不理想的,可以用vrrp脚本,实现不停服务地址来回转换的方法

    注意:其中定义脚本有两种方法:

    第一种:脚本放在目录里,配置文件指定脚本路径

      这种模式生效了

 1 [root@web1 keepalived]# vim keepalived.conf 
 2 
 3 ! Configuration File for keepalived
 4 
 5 global_defs {
 6 #   notification_email {
 7 #     acassen@firewall.loc
 8 #     failover@firewall.loc
 9 #     sysadmin@firewall.loc
10 #   }
11 #   notification_email_from Alexandre.Cassen@firewall.loc
12 #   smtp_server 192.168.200.1
13 #   smtp_connect_timeout 30
14    router_id LVS_DEVEL
15 #   vrrp_skip_check_adv_addr
16 #   vrrp_strict
17 #   vrrp_garp_interval 0
18 #   vrrp_gna_interval 0
19 }
20 vrrp_script chk_maintanance {
21 
22         script "/etc/keepalived/chkdown.sh"  #脚本路径
23         interval 1    #间隔1s执行一次
24         weight -20    #失败的权重减20
25 }
26 
27 #VIP1
28 vrrp_instance VI_1 {
29     state MASTER
30     interface ens33
31     virtual_router_id 50
32     priority 100
33     advert_int 1
34     authentication {
35         auth_type PASS
36         auth_pass 1111
37     }
38     virtual_ipaddress {
39         192.168.216.200
40     }
41     track_script {
42         chk_maintanance
43     }
44 }
45 #VIP2
46 vrrp_instance VI_2 {
47     state BAKCUP
48     interface ens33
49     virtual_router_id 51
50     priority 90
51     advert_int 1
52     authentication {
53         auth_type PASS
54         auth_pass 1111
55     }
56     virtual_ipaddress {
57         192.168.216.210
58     }
59     track_script {
60        chk_maintanance
61     }
62 }

 

    脚本如下:

1 [root@web1 keepalived]# cat chkdown.sh 
2 #!/bin/bash
3 
4 [[ -f /etc/keepalived/down ]]&&exit 1 || exit 0
5 
6 [root@web1 keepalived]# pwd
7 /etc/keepalived
8 [root@web1 keepalived]# 

    验证:

23 [root@web1 keepalived]# touch down
24 [root@web1 keepalived]# systemctl status keepalived
25 ● keepalived.service - LVS and VRRP High Availability Monitor
26    Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
27    Active: active (running) since Mon 2019-04-22 12:43:34 CST; 1h 25min ago
28   Process: 40897 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
29  Main PID: 40898 (keepalived)
30    CGroup: /system.slice/keepalived.service
31            ├─40898 /usr/sbin/keepalived -D
32            ├─40899 /usr/sbin/keepalived -D
33            └─40900 /usr/sbin/keepalived -D
34 
35 Apr 22 14:07:44 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200
36 Apr 22 14:07:44 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200
37 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200
38 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 f...6.200
39 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200
40 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200
41 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200
42 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200
43 Apr 22 14:08:43 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1      #改变状态为1,然后降低优先级,这里-l应该可以看到,下面又重新-l看了一下
44 Apr 22 14:08:43 web1 Keepalived_vrrp[40900]: VRRP_Script(chk_maintanance) failed 
45 Hint: Some lines were ellipsized, use -l to show in full.

#之后重新收一下测试的状态
[root@web1 keepalived]# systemctl status keepalived -l ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2019-04-22 12:43:34 CST; 1h 33min ago Process: 40897 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 40898 (keepalived) CGroup: /system.slice/keepalived.service ├─40898 /usr/sbin/keepalived -D ├─40899 /usr/sbin/keepalived -D └─40900 /usr/sbin/keepalived -D Apr 22 14:16:29 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 Apr 22 14:16:35 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 Apr 22 14:16:35 web1 Keepalived_vrrp[40900]: VRRP_Script(chk_maintanance) failed Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_2) Changing effective priority from 90 to 70 Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Changing effective priority from 100 to 80 Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Received advert with higher priority 90, ours 80 Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Entering BACKUP STATE Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) removing protocol VIPs. Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1

46 [root@web1 keepalived]# rm -rf down                                    # 删除down文件,重新切换回来 47 [root@web1 keepalived]# systemctl status keepalived 48 ● keepalived.service - LVS and VRRP High Availability Monitor 49 Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) 50 Active: active (running) since Mon 2019-04-22 12:43:34 CST; 1h 25min ago 51 Process: 40897 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) 52 Main PID: 40898 (keepalived) 53 CGroup: /system.slice/keepalived.service 54 ├─40898 /usr/sbin/keepalived -D 55 ├─40899 /usr/sbin/keepalived -D 56 └─40900 /usr/sbin/keepalived -D 57 58 Apr 22 14:09:15 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 59 Apr 22 14:09:16 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 60 Apr 22 14:09:17 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 61 Apr 22 14:09:18 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 62 Apr 22 14:09:19 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 63 Apr 22 14:09:20 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 64 Apr 22 14:09:21 web1 Keepalived_vrrp[40900]: VRRP_Script(chk_maintanance) succeeded          #检查成功,改变优先级,切换vi_1的实例为master 65 Apr 22 14:09:22 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Changing effective priority from 80 to 100 66 Apr 22 14:09:22 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_2) Changing effective priority from 70 to 90 67 Apr 22 14:09:22 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) forcing a new MASTER election 68 [root@web1 keepalived]#

      

    

    切换的时候可以观察前端切换的效果

 

 

    第二种方法就是是直接写脚本,这里keepalived版本是keepalived-1.3.5-8.el7_6.x86_64,没有生效,具体不清楚为什么。

 1 [root@web2 keepalived]# vim keepalived.conf 
 2 
 3         script "
 4 ! Configuration File for keepalived
 5 
 6 global_defs {
 7 #   notification_email {
 8 #     acassen@firewall.loc
 9 #     failover@firewall.loc
10 #     sysadmin@firewall.loc
11 #   }
12 #   notification_email_from Alexandre.Cassen@firewall.loc
13 #   smtp_server 192.168.200.1
14 #   smtp_connect_timeout 30
15    router_id LVS_DEVEL1
16 #   vrrp_skip_check_adv_addr
17 #   vrrp_strict
18  #  vrrp_garp_interval 0
19   # vrrp_gna_interval 0
20 }
21 vrrp_script chk_maintanance {
22         script "[[ -f /etc/keepalived/down ]]&&exit 1 || exit 0"
23         interval 1
24         weight -20
25 }
26 
27 
28 
29 #VIP1
30 vrrp_instance VI_1 {
31     state BACKUP
32     interface ens33
33     virtual_router_id 50
34     priority 90
35     advert_int 1
36     authentication {
37         auth_type PASS
38         auth_pass 1111
39     }
40     virtual_ipaddress {
41         192.168.216.200
42     }
43     track_script {
44         chk_maintanance
45     }
46 }
47 #VIP2
48 vrrp_instance VI_2 {
49     state MASTER
50     interface ens33
51     virtual_router_id 51
52     priority 100
53     advert_int 1
54     authentication {
55         auth_type PASS
56         auth_pass 1111
57     }
58     virtual_ipaddress {
59         192.168.216.210
60     }
61     track_script {
62         chk_maintanance
63    }
64 }

 

  2、检测nginx是否存活

     配置web1/web2 都添加如下标红代码,并添加脚本

    

 1 [root@web1 keepalived]# vim keepalived.conf 
 2 
 3 #     acassen@firewall.loc
 4 #     failover@firewall.loc
 5 #     sysadmin@firewall.loc
 6 #   }
 7 #   notification_email_from Alexandre.Cassen@firewall.loc
 8 #   smtp_server 192.168.200.1
 9 #   smtp_connect_timeout 30
10    router_id LVS_DEVEL
11 #   vrrp_skip_check_adv_addr
12 #   vrrp_strict
13 #   vrrp_garp_interval 0
14 #   vrrp_gna_interval 0
15 }
16 vrrp_script chk_maintanance {
17 
18         script "/etc/keepalived/chkdown.sh"
19         interval 1
20         weight -20
21 }
22 vrrp_script chk_nginx {
23         script "/etc/keepalived/chknginx.sh"
24         interval 1
25         weight -20
26 }
27 
28 #VIP1
29 vrrp_instance VI_1 {
30     state MASTER
31     interface ens33
32     virtual_router_id 50
33     priority 100
34     advert_int 1
35     authentication {
36         auth_type PASS
37         auth_pass 1111
38     }
39     virtual_ipaddress {
40         192.168.216.200
41     }
42     track_script {
43         chk_maintanance
44     }
45     track_script {
46         chk_nginx
47     }
48 }
49 #VIP2
50 vrrp_instance VI_2 {
51     state BAKCUP
52     interface ens33
53     virtual_router_id 51
54     priority 90
55     advert_int 1
56     authentication {
57         auth_type PASS
58         auth_pass 1111
59     }
60     virtual_ipaddress {
61         192.168.216.210
62     }
63     track_script {
64         chk_maintanance
65     }
66     track_script {
67         chk_nginx
68     }
69 }

    脚本

 1 [root@web1 keepalived]# ll 
 2 total 16
 3 -rwxr-xr-x 1 root root   62 Apr 19 12:45 chkdown.sh
 4 -rwxr-xr-x 1 root root  127 Apr 22 14:50 chknginx.sh
 5 -rw-r--r-- 1 root root 1251 Apr 22 14:59 keepalived.conf
 6 -rw-r--r-- 1 root root  494 Apr 19 12:09 notify.sh
 7 [root@web1 keepalived]# cat chknginx.sh 
 8 #!/bin/bash
 9 
10 #auto check nginx process
11 #20190422 by zxg
12 
13 killall -0 nginx
14 if [[ $? -ne 0 ]];then
15         systemctl keepalived stop  
16 fi
17 [root@web1 keepalived]# 

 

    监测,手动stop nginx

 1 [root@web1 keepalived]# systemctl stop nginx
 2 [root@web1 keepalived]# systemctl status keepalived -l 
 3 ● keepalived.service - LVS and VRRP High Availability Monitor
 4    Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
 5    Active: active (running) since Mon 2019-04-22 14:59:46 CST; 27min ago
 6   Process: 58761 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
 7  Main PID: 58762 (keepalived)
 8    CGroup: /system.slice/keepalived.service
 9            ├─58762 /usr/sbin/keepalived -D
10            ├─58763 /usr/sbin/keepalived -D
11            └─58764 /usr/sbin/keepalived -D
12 
13 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.216.200
14 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
15 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
16 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
17 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
18 Apr 22 15:27:36 web1 Keepalived_vrrp[58764]: /etc/keepalived/chknginx.sh exited with status 1
19 Apr 22 15:27:36 web1 Keepalived_vrrp[58764]: VRRP_Script(chk_nginx) failed
20 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Changing effective priority from 100 to 80
21 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_2) Changing effective priority from 90 to 70
22 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: /etc/keepalived/chknginx.sh exited with status 1
23 [root@web1 keepalived]# systemctl start nginx          
26 [root@web1 keepalived]# systemctl status keepalived -l 
27 ● keepalived.service - LVS and VRRP High Availability Monitor
28    Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled)
29    Active: active (running) since Mon 2019-04-22 14:59:46 CST; 28min ago
30   Process: 58761 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS)
31  Main PID: 58762 (keepalived)
32    CGroup: /system.slice/keepalived.service
33            ├─58762 /usr/sbin/keepalived -D
34            ├─58763 /usr/sbin/keepalived -D
35            └─58764 /usr/sbin/keepalived -D
36 
37 Apr 22 15:28:12 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) forcing a new MASTER election
38 Apr 22 15:28:13 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Transition to MASTER STATE
39 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Entering MASTER STATE
40 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) setting protocol VIPs.
41 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
42 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.216.200
43 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
44 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
45 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
46 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200
47 [root@web1 keepalived]# 

    网页效果同上,就是stop nginx时候观察是否切换到web2上

 

 

 

转载请注明出处:https://www.cnblogs.com/zhangxingeng/p/10721083.html 

 

posted @ 2019-04-22 15:49  乐章  阅读(14064)  评论(1编辑  收藏  举报