nginx+keepalived实现主从高可用
设备:
主:192.168.200.122
从:192.168.200.124
安装:两台都分别安装nginx以及keepalived
两台机步骤一致一主一从
安装nginx的依赖包
[root@localhost ~]#yum install gcc gcc-c++ make pcre-devel zlib-devel -y
[root@localhost ~]#useradd -M -s /sbin/nologin nginx
[root@localhost ~]#tail -l /etc/passwd;tail -l /etc/group
[root@localhost ~]#rz #导入nginx源码包
[root@localhost ~]# ls
anaconda-ks.cfg nginx-1.15.9.tar.gz original-ks.cfg 模板 图片 下载 桌面
initial-setup-ks.cfg 公共 视频 文档 音乐
[root@localhost ~]# tar xf nginx-1.15.9.tar.gz -C /usr/src
[root@localhost ~]# cd /usr/src/nginx-1.15.9
[root@localhost ~]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx --with-http_stub_status_module && make && make install
[root@localhost ~]# ls /usr/local/sbin
做软连接方便查找nginx位置
[root@localhost ~]# ln -s /usr/local/bin/nginx /usr/local/sbin
[root@localhost ~]# ll /usr/local/sbin
lrwxrwxrwx. 1 root root 27 10月 21 10:50 /usr/local/sbin/nginx -> /usr/local/nginx/sbin/nginx
[root@localhost ~]# cd /usr/local/nginx/conf
[root@localhost conf]# vim nginx.conf
user nginx nginx; worker_processes 2; #error_log logs/error.log; #error_log logs/error.log notice; error_log logs/error.log info; pid logs/nginx.pid; events { use epoll; worker_connections 10240; } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; server { listen 80; server_name localhost; charset utf-8; access_log logs/host.access.log main; location / { root html; index index.html index.htm; } #error_page 404 /404.html; # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } } }
[root@localhost conf]#cd ../
[root@localhost nginx]#cd html
<p><em>Thank you for using nginx 192.168.200.122</em></p> #从写192.168.200.124
[root@localhost conf]#nginx -t
[root@localhost conf]#nginx
[root@localhost conf]#killall -HUP nginx
安装keepalived
[root@localhost ~]#yum install keepalived -y
编写nginx脚本用以承载keepalived的依赖
[root@localhost ~]# vim nginx.sh
#!/bin/bash
counter=$(ps -C nginx --no-heading | wc -l) if [ '${counter}' = '0' ];then /usr/local/nginx/sbin/nginx sleep 2 counter=$(ps -C nginx --no-heading | wc -l) if [ '${counter}' = '0' ];then systemctl stop keepalived fi fi
[root@localhost ~]#cd /etc/keepalived
[root@localhost ~]#cp keepalived.conf keepalived.conf.bak
[root@localhost ~]#vim keepalived.conf
! Configuration File for keepalived global_defs { notification_email { route_id 192.168.200.122 #主写122、从写124 } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL vrrp_skip_check_adv_addr vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_script chk_http_port { script '/root/nginx.sh' #启用nginx.sh脚本 insterval 2 weight -5 fall 2 rise 1 } vrrp_instance VI_1 { state MASTER #主写MASTER、从写SLAVE interface ens33 virtual_router_id 51 priority 100 #主写100、从写99 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { check_nginx } virtual_ipaddress { 192.168.200.254 } }
[root@localhost ~]#service keepalived start
关闭防火墙
[root@localhost ~]# systemctl stop firewalld
[root@localhost ~]# iptables -F
[root@localhost ~]# setenforce 0
[root@localhost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:f8:6e:73 brd ff:ff:ff:ff:ff:ff inet 192.168.200.122/24 brd 192.168.200.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.200.254/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fef8:6e73/64 scope link valid_lft forever preferred_lft forever
测试1:
条件一:当两台机的nginx、keepalived都开启时
主:192.168.200.122
[root@locahost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:3e:05:0e brd ff:ff:ff:ff:ff:ff inet 192.168.200.122/24 brd 192.168.200.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.200.254/32 scope global ens33 valid_lft forever preferred_lft forever
从:192.168.200.124
[root@locathost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:f8:6e:73 brd ff:ff:ff:ff:ff:ff
inet 192.168.200.122/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fef8:6e73/64 scope link
valid_lft forever preferred_lft forever
测试2:
条件1:当关闭主的keepalived以及nginx服务时,IP192.168.200.254会不会漂移到从机上
先关闭keepalived再关闭nginx服务
[root@localhost ~]# service keepalived stop
[root@localhost ~]# nginx -s quit
主:192.168.200.122
[root@locahost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:3e:05:0e brd ff:ff:ff:ff:ff:ff
inet 192.168.200.122/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
从:192.168.200.124
[root@locathost ~]#ip a
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:3e:05:0e brd ff:ff:ff:ff:ff:ff
inet 192.168.200.124/24 brd 192.168.200.255 scope global noprefixroute ens33
valid_lft forever preferred_lft forever
inet 192.168.200.254/32 scope global ens33
valid_lft forever preferred_lft forever