nginx+keepalived高可用

1.环境两台Centos服务器

IP1:192.168.1.78

IP2:192.168.1.79

VIP:192.168.1.88

2.安装keeplived软件和nginx

每台服务器上都要安装keeplived和nginx

  • nginx安装省略
  • keepalived安装

tar -xvf keepalived-1.3.5.tar.gz

cd keepalived-1.3.5

./configure

make && make install

cp /usr/local/etc/rc.d/init.d/keepalived /etc/rc.d/init.d

cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig

mkdir /etc/keepalived

cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/

cp /usr/local/sbin/keepalived /usr/sbin

  • 配置keepalived

主节点,修改keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
     #acassen@firewall.loc
     #failover@firewall.loc
     #sysadmin@firewall.loc
   }
   #notification_email_from Alexandre.Cassen@firewall.loc
   #smtp_server 192.168.200.1
   #smtp_connect_timeout 30
   router_id master-node
   #vrrp_skip_check_adv_addr
   #vrrp_strict
   #vrrp_garp_interval 0
   #vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    mcast_src_ip 192.168.1.78
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.88

    }
}

从节点,修改keepalived.conf

! Configuration File for keepalived

global_defs {
   notification_email {
     #acassen@firewall.loc
     #failover@firewall.loc
     #sysadmin@firewall.loc
   }
   #notification_email_from Alexandre.Cassen@firewall.loc
   #smtp_server 192.168.200.1
   #smtp_connect_timeout 30
   router_id master-node
   #vrrp_skip_check_adv_addr
   #vrrp_strict
   #vrrp_garp_interval 0
   #vrrp_gna_interval 0
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
     mcast_src_ip 192.168.1.79
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.1.88

    }
}

2.测试

一、测试vip绑定、漂移

启动两个节点上的keepalived服务,使用ip a命令查看vip在哪个节点上。

Master:

~
[root@hrsw etc]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:6c:b0:3a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.78/24 brd 192.168.1.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.1.88/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::5b7e:1a3d:618d:1e93/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:6c:b0:44 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.40/24 brd 192.168.1.255 scope global dynamic ens37
       valid_lft 540sec preferred_lft 540sec
    inet6 fe80::9f21:50a8:7aa9:759b/64 scope link 
       valid_lft forever preferred_lft forever

Backup:

[root@hrsw sysconfig]# ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:b0:0f:fd brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.79/24 brd 192.168.1.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::5e88:7cdb:644:41e/64 scope link 
       valid_lft forever preferred_lft forever
    inet6 fe80::5b7e:1a3d:618d:1e93/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:b0:0f:07 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.41/24 brd 192.168.1.255 scope global dynamic ens37
       valid_lft 539sec preferred_lft 539sec
    inet6 fe80::2b81:1f13:5102:80ef/64 scope link 
       valid_lft forever preferred_lft forever

可以看出VIP在master节点,现在将Master节点的keepalived服务停掉,或直接把Master节点服务器关机,再次查看

Master:

[root@hrsw etc]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:6c:b0:3a brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.78/24 brd 192.168.1.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.1.88/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::5b7e:1a3d:618d:1e93/64 scope link 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:6c:b0:44 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.40/24 brd 192.168.1.255 scope global dynamic ens37
       valid_lft 366sec preferred_lft 366sec
    inet6 fe80::9f21:50a8:7aa9:759b/64 scope link 
       valid_lft forever preferred_lft forever

Backup:

[root@hrsw sysconfig]# ip a 
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:b0:0f:fd brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.79/24 brd 192.168.1.255 scope global ens33
       valid_lft forever preferred_lft forever
    inet 192.168.1.88/32 scope global ens33
       valid_lft forever preferred_lft forever
    inet6 fe80::5e88:7cdb:644:41e/64 scope link 
       valid_lft forever preferred_lft forever
    inet6 fe80::5b7e:1a3d:618d:1e93/64 scope link tentative dadfailed 
       valid_lft forever preferred_lft forever
3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 00:0c:29:b0:0f:07 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.41/24 brd 192.168.1.255 scope global dynamic ens37
       valid_lft 380sec preferred_lft 380sec
    inet6 fe80::2b81:1f13:5102:80ef/64 scope link 
       valid_lft forever preferred_lft forever

可以看出VIP已经漂移到Backup节点上。查看Backup日志,显示切换到了MASTER STATE

Jun  8 09:56:24 hrsw Keepalived_vrrp[2427]: VRRP_Instance(VI_1) Transition to MASTER STATE
Jun  8 09:56:25 hrsw Keepalived_vrrp[2427]: VRRP_Instance(VI_1) Entering MASTER STATE
Jun  8 09:56:25 hrsw Keepalived_vrrp[2427]: VRRP_Instance(VI_1) setting protocol VIPs.

再次启动Master节点上的keepalived服务,查看Backup日志,显示切换回了BACKUP STATE

Jun  8 09:54:56 hrsw dhclient[680]: bound to 192.168.1.41 -- renewal in 249 seconds.
Jun  8 09:54:56 hrsw dbus[615]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jun  8 09:54:56 hrsw dbus-daemon: dbus[615]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
Jun  8 09:54:56 hrsw systemd: Started Network Manager Script Dispatcher Service.
Jun  8 09:54:56 hrsw nm-dispatcher: req:1 'dhcp4-change' [ens37]: new request (3 scripts)
Jun  8 09:54:56 hrsw nm-dispatcher: req:1 'dhcp4-change' [ens37]: start running ordered scripts...
Jun  8 09:55:44 hrsw Keepalived_vrrp[2427]: VRRP_Instance(VI_1) Received advert with higher priority 100, ours 99
Jun  8 09:55:44 hrsw Keepalived_vrrp[2427]: VRRP_Instance(VI_1) Entering BACKUP STATE
Jun  8 09:55:44 hrsw Keepalived_vrrp[2427]: VRRP_Instance(VI_1) removing protocol VIPs.

二、测试访问

两个节点keepalived和nginx都正常情况下:

关闭Masterkeepalived服务

开启Masterkeepalived服务,关闭nginx服务

发现这个时候就访问不到了,原因是Master keepalived服务是正常的,所以访问1.88的时候还是去访问了Master上的nginx,但是现在nginx已经停止了,所以访问不到了。

我们要达到的效果是nginx停了,VIP也要随之切换。怎么办呢?让keepalived监控nginx的健康状况,如果nginx异常,就停止该keepalived服务。

修改keepalived.conf,增加如下代码

vrrp_script chk_nginx {
    script "/etc/keepalived/check_nginx.sh"
    interval 2
    weight 2
}

track_script {
    chk_nginx
}
#!/bin/bash
counter=`ps -ef|grep nginx|grep -v "grep"|wc -l`
if [ $counter -eq 0 ]; then
    /mnt/Disk/nginx2/sbin/nginx
    sleep 2
    counter=`ps -ef|grep nginx|grep -v "grep"|wc -l`
    if [ $counter -eq 0 ]; then
        pkill -9 keepalived
    fi
fi

 

posted @ 2017-06-07 15:46  杯中红茶  阅读(340)  评论(0编辑  收藏  举报