nginx使用keepalived做高可用
文章目录
环境说明
VIP: 10.1.xxx.73
IP | 服务 |
---|---|
10.1.xx.68 | keepalived(master),nginx-01 |
10.1.xx.69 | keepalived(backup),nginx-02 |
1. 安装
yum install keepalived -y
2. 安装 MASTER节点
2.1 配置文件
修改配置文件 /etc/keepalived/keepalived.conf
# ConfigurationFile for keepalived
vrrp_script chk_http_nginx {
script "/etc/keepalived/check_nginx_status.sh"
interval 2
}
vrrp_instance nginx {
state MASTER
interface ens192
virtual_router_id 51
priority 100
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass liubei
}
track_script {
chk_http_nginx
}
virtual_ipaddress {
10.1.xxx.73 dev ens192 scope global
}
}
- 上文注释如下
# ConfigurationFile for keepalived
#健康检查模块,将被vrrp_instance引用
vrrp_script chk_http_nginx {
script "/etc/keepalived/check_nginx_status.sh" ## 检查nginx存活脚本(后边会配置)
interval 2 # 健康检查间隔
}
vrrp_instance nginx {
state MASTER #主机是master
interface ens192 #绑定虚拟Ip的网卡
virtual_router_id 51 #虚拟路由ID,集群中所有节点一致即可
priority 100 #权重,主节点设置大一些
advert_int 1 #主从通信间隔
nopreempt #非竞争(允许低权重从节点做主,避免从节点持续竞争)。master上不生效,可不写。
authentication {
auth_type PASS # 节点间认证方式
auth_pass liubei #所有节点一致即可
}
track_script {
chk_http_nginx #引用上边健康检查模块
}
virtual_ipaddress {
10.1.xxx.73 dev ens192 scope global #global表示允许所有地址连接;site 仅允许ipv6 和本机连接;link 仅允许本机连接;host 仅允许内部连接
}
}
2.2 创建检查脚本
创建配置文件中引用的健康检查脚本/etc/keepalived/check_nginx_status.sh
。
说明:curl 本机nginx 80端口,如果报错关闭keepalive。该脚本根据实际情况更改。
#!/bin/bash
/usr/bin/curl http://localhost &>/dev/null
if [ $? -ne 0 ]
then
systemctl stop keepalived
fi
测试时如果不能调用,添加执行权限。
2.3 启动
systemctl start keepalived
查看结果
10.1.xxx.73/32 已绑定到 ens192网卡
[root@web-01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens192: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:50:xx:a7:92:15 brd ff:ff:ff:ff:ff:ff
inet 10.1.xxx.68/24 brd 10.1.30.255 scope global noprefixroute ens192
valid_lft forever preferred_lft forever
inet 10.1.xxx.73/32 scope global ens192
valid_lft forever preferred_lft forever
inet6 fe80::a7bc:8df1:4b85:3f3/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::39a2:fd70:b54a:7e5c/64 scope link tentative noprefixroute dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::aff7:274:2d01:8423/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3. 安装BACKUP节点
3.1 配置文件
修改配置文件 /etc/keepalived/keepalived.conf
# ConfigurationFile for keepalived
vrrp_script chk_http_nginx {
script "/etc/keepalived/check_nginx_status.sh"
interval 2
weight 2
}
vrrp_instance nginx {
state BACKUP
interface ens192
virtual_router_id 51
priority 80
advert_int 1
nopreempt
authentication {
auth_type PASS
auth_pass liubei
}
track_script {
chk_http_nginx
}
virtual_ipaddress {
10.1.xxx.73 dev ens192 scope global
}
}
说明见master节点配置的注释。区别:
- priority 80,权重调低一些。
- state BACKUP,状态改为备节点。
3.2 创建检查脚本
创建配置文件中引用的健康检查脚本/etc/keepalived/check_nginx_status.sh
。
说明:curl 本机nginx 80端口,如果报错关闭keepalive。该脚本根据实际情况更改。
#!/bin/bash
/usr/bin/curl http://localhost &>/dev/null
if [ $? -ne 0 ]
then
/etc/init.d/keepalived stop
fi
测试时如果不能调用,添加执行权限
3.3 启动
systemctl start keepalived
4. 测试
关闭keepalived测试
1)关闭master上keepalived
- 主节点失去 VIP
- 备节点获得 VIP
2)启动master上keepalived
- 备节点失去VIP
- 主节点重新获得VIP
nginx宕机测试
1)关闭master上nginx服务
- 主节点keepalived被健康检查脚本关闭,主节点失去 VIP
- 备节点获得 VIP
2)启动master上nginx服务,重启keepalived
- 备节点失去VIP
- 主节点重新获得VIP