nginx使用keepalived做高可用

环境说明

VIP: 10.1.xxx.73

IP服务
10.1.xx.68keepalived(master),nginx-01
10.1.xx.69keepalived(backup),nginx-02

1. 安装

 yum install keepalived -y

2. 安装 MASTER节点

2.1 配置文件

修改配置文件 /etc/keepalived/keepalived.conf

# ConfigurationFile for keepalived
vrrp_script chk_http_nginx {
        script "/etc/keepalived/check_nginx_status.sh"
        interval 2
}

vrrp_instance nginx {
    state MASTER
    interface ens192
    virtual_router_id 51
    priority 100
    advert_int 1
    nopreempt
    authentication {
        auth_type PASS
        auth_pass liubei
    }
    track_script {
       chk_http_nginx
    }
    virtual_ipaddress {
        10.1.xxx.73 dev ens192 scope global
    }
}
  • 上文注释如下
# ConfigurationFile for keepalived
#健康检查模块,将被vrrp_instance引用
vrrp_script chk_http_nginx {
        script "/etc/keepalived/check_nginx_status.sh" ## 检查nginx存活脚本(后边会配置)
        interval 2  # 健康检查间隔
}

vrrp_instance nginx {
    state MASTER #主机是master
    interface ens192 #绑定虚拟Ip的网卡
    virtual_router_id 51 #虚拟路由ID,集群中所有节点一致即可
    priority 100 #权重,主节点设置大一些
    advert_int 1  #主从通信间隔
    nopreempt  #非竞争(允许低权重从节点做主,避免从节点持续竞争)。master上不生效,可不写。
    authentication {
        auth_type PASS  # 节点间认证方式
        auth_pass liubei #所有节点一致即可
    }
    track_script {
       chk_http_nginx #引用上边健康检查模块
    }
    virtual_ipaddress {
        10.1.xxx.73 dev ens192 scope global #global表示允许所有地址连接;site 仅允许ipv6 和本机连接;link 仅允许本机连接;host 仅允许内部连接
    }
}

2.2 创建检查脚本

创建配置文件中引用的健康检查脚本/etc/keepalived/check_nginx_status.sh

说明:curl 本机nginx 80端口,如果报错关闭keepalive。该脚本根据实际情况更改。

#!/bin/bash
/usr/bin/curl http://localhost &>/dev/null
if [ $? -ne 0 ]
then
 systemctl stop keepalived
fi

测试时如果不能调用,添加执行权限。

2.3 启动

systemctl start keepalived

查看结果

10.1.xxx.73/32 已绑定到 ens192网卡

[root@web-01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
    link/ether 00:50:xx:a7:92:15 brd ff:ff:ff:ff:ff:ff
    inet 10.1.xxx.68/24 brd 10.1.30.255 scope global noprefixroute ens192
       valid_lft forever preferred_lft forever
    inet 10.1.xxx.73/32 scope global ens192
       valid_lft forever preferred_lft forever
    inet6 fe80::a7bc:8df1:4b85:3f3/64 scope link tentative noprefixroute dadfailed
       valid_lft forever preferred_lft forever
    inet6 fe80::39a2:fd70:b54a:7e5c/64 scope link tentative noprefixroute dadfailed
       valid_lft forever preferred_lft forever
    inet6 fe80::aff7:274:2d01:8423/64 scope link noprefixroute
       valid_lft forever preferred_lft forever

3. 安装BACKUP节点

3.1 配置文件

修改配置文件 /etc/keepalived/keepalived.conf

# ConfigurationFile for keepalived
vrrp_script chk_http_nginx {
        script "/etc/keepalived/check_nginx_status.sh"
        interval 2
        weight 2
}

vrrp_instance nginx {
    state BACKUP
    interface ens192
    virtual_router_id 51
    priority 80
    advert_int 1
    nopreempt
    authentication {
        auth_type PASS
        auth_pass liubei
    }
    track_script {
       chk_http_nginx
    }
    virtual_ipaddress {
        10.1.xxx.73 dev ens192 scope global
    }
}

说明见master节点配置的注释。区别:

  • priority 80,权重调低一些。
  • state BACKUP,状态改为备节点。

3.2 创建检查脚本

创建配置文件中引用的健康检查脚本/etc/keepalived/check_nginx_status.sh

说明:curl 本机nginx 80端口,如果报错关闭keepalive。该脚本根据实际情况更改。

#!/bin/bash
/usr/bin/curl http://localhost &>/dev/null
if [ $? -ne 0 ]
then
/etc/init.d/keepalived stop
fi

测试时如果不能调用,添加执行权限

3.3 启动

systemctl start keepalived

4. 测试

关闭keepalived测试

1)关闭master上keepalived

  • 主节点失去 VIP
  • 备节点获得 VIP

2)启动master上keepalived

  • 备节点失去VIP
  • 主节点重新获得VIP

nginx宕机测试

1)关闭master上nginx服务

  • 主节点keepalived被健康检查脚本关闭,主节点失去 VIP
  • 备节点获得 VIP

2)启动master上nginx服务,重启keepalived

  • 备节点失去VIP
  • 主节点重新获得VIP

在这里插入图片描述

posted on 2022-07-20 23:38  运维开发玄德公  阅读(10)  评论(0编辑  收藏  举报  来源

导航