keepalived实现nginx高可用
1、环境准备
| IP | 主机名 | 服务 |
| 10.0.0.101 | keepalive1 | keepalived+nginx |
| 10.0.0.102 | keepalive2 | keepalived+nginx |
| 10.0.0.18 | web01 | nginx作为后端web服务 |
| 10.0.0.28 | web02 | nginx作为后端web服务 |
| 10.0.0.100 | rocky8 | 客户端用来测试连接 |
2、后端服务器准备
#使用脚本安装nginx(略),并写一个测试页面 [root@web2 ~]#echo "Welcome to `hostname -I` test page" > /apps/nginx/html/index.html
#验证测试
[root@keepalive1 ~]#curl 10.0.0.18
Welcome to 10.0.0.18 test page
[root@keepalive1 ~]#curl 10.0.0.28
Welcome to 10.0.0.28 test page
3、实现keepalived高可用
两台keepalived服务器都需要安装nginx和keepalived服务,keepalived集群实现高可用的时候是有两种模式的,可以采用主从架构和主主架构这两种默认。在这里我们就分别演示一下。
3.1、主从架构
3.1.1、安装nginx服务并配置
[root@keepalive1 ~]#vim /apps/nginx/conf/conf.d/ka_web.conf #写入下面配置信息 upstream ka_web { server 10.0.0.18:80 weight=2 max_fails=3 fail_timeout=30s; server 10.0.0.28:80 weight=1 max_fails=3 fail_timeout=30s; } server { listen 80; server_name www.katext.com; root /apps/nginx/html; location / { proxy_pass http://ka_web; } } [root@keepalive1 ~]#nginx -t nginx: [warn] conflicting server name "localhost" on 0.0.0.0:80, ignored nginx: the configuration file /apps/nginx/conf/nginx.conf syntax is ok nginx: configuration file /apps/nginx/conf/nginx.conf test is successful [root@keepalive1 ~]#nginx -s reload
#keepalive2节点同样操作
#访问测试
[root@keepalive1 nginx]#curl 10.0.0.101
Welcome to 10.0.0.18 test page
[root@keepalive1 nginx]#curl 10.0.0.101
Welcome to 10.0.0.28 test page
[root@keepalive1 nginx]#curl 10.0.0.101
Welcome to 10.0.0.18 test page
[root@keepalive1 nginx]#curl 10.0.0.101
Welcome to 10.0.0.18 test page
[root@keepalive1 nginx]#curl 10.0.0.101
Welcome to 10.0.0.28 test page
[root@keepalive1 nginx]#curl 10.0.0.102
Welcome to 10.0.0.28 test page
[root@keepalive1 nginx]#curl 10.0.0.102
Welcome to 10.0.0.18 test page
[root@keepalive1 nginx]#curl 10.0.0.102
Welcome to 10.0.0.18 test page
[root@keepalive1 nginx]#curl 10.0.0.102
Welcome to 10.0.0.28 test page
[root@keepalive1 nginx]#curl 10.0.0.102
Welcome to 10.0.0.18 test page
3.1.2、安装keepalived并配置服务
安装过程上篇文章已经说过了,这里不再复述,接下来是keepalived的配置信息
#对keepalived1配置 [root@keepalive1 ~]#vim /etc/keepalived/keepalived.conf global_defs { router_id LVS_DEVEL } [root@keepalive1 ~]#systemctl restart keepalived.service vrrp_instance VI_1 { state MASTER #主机器 interface eth0 virtual_router_id 51 priority 100 #权重要比从机器高 advert_int 1 authentication { auth_type PASS auth_pass 123456 } virtual_ipaddress { 10.0.0.200 dev eth0 label eth0:1 } } #对keepalived2配置 [root@keepalive2 ~]#vim /etc/keepalived/keepalived.conf global_defs { router_id LVS_DEVEL } vrrp_instance VI_1 { state BACKUP#从机器 interface eth0 virtual_router_id 51 #虚拟路由号要和主机相同 priority 80 #权重要比主机器低 advert_int 1 authentication { auth_type PASS auth_pass 123456 #验证密码要和主机一致 } virtual_ipaddress { 10.0.0.200 dev eth0 label eth0:1 } }
#重启服务
[root@keepalive2 ~]#systemctl restart keepalived.service
#在客户端配置一下hosts解析
[root@ubuntu2004 ~]#echo "10.0.0.200 www.katest,com" >> /etc/hosts
#测试访问
[root@keepalive1 ~]#curl www.katest.com
Welcome to 10.0.0.18 test page
[root@keepalive1 ~]#curl www.katest.com
Welcome to 10.0.0.28 test page
[root@keepalive1 ~]#curl www.katest.com
Welcome to 10.0.0.18 test page
[root@keepalive1 ~]#curl www.katest.com
Welcome to 10.0.0.18 test page
[root@keepalive1 ~]#curl www.katest.com
Welcome to 10.0.0.28 test page
3.2.2、模拟某一个主节点出现故障
#这里我停掉了主节点的keepalived服务以及nginx服务来模拟主节点损坏 [root@keepalive1 ~]#systemctl stop keepalived [root@keepalive1 ~]#systemctl stop nginx #切换到可以发现10.0.0.200的vip已经飘到了从节点 [root@keepalive2 ~]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:6a:6e:55 brd ff:ff:ff:ff:ff:ff inet 10.0.0.102/24 brd 10.0.0.255 scope global eth0 valid_lft forever preferred_lft forever inet 10.0.0.200/32 scope global eth0:1 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe6a:6e55/64 scope link valid_lft forever preferred_lft forever #访问测试 [root@ubuntu2004 ~]#curl www.katest.com Welcome to 10.0.0.18 test page [root@ubuntu2004 ~]#curl www.katest.com Welcome to 10.0.0.28 test page [root@ubuntu2004 ~]#curl www.katest.com Welcome to 10.0.0.18 test page [root@ubuntu2004 ~]#curl www.katest.com Welcome to 10.0.0.18 test page [root@ubuntu2004 ~]#curl www.katest.com Welcome to 10.0.0.28 test page #访问成功
3.1.4、恢复MASTER节点重回集群
当ka1主机恢复后重回集群时,由于当时设置的ka1的优先级是100,而ka2主机设置的优先级是80,当现在在查看ip是,VIP就立即飘回ka1节点上,这里使用的是抢占式模式,也是默认的模式,这里也可以设置延迟一会在把VIP抢过去。
#启动ka1节点 [root@keepalive1 ~]#systemctl start nginx.service [root@keepalive1 ~]#systemctl start keepalived [root@keepalive1 ~]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:c5:32:4d brd ff:ff:ff:ff:ff:ff inet 10.0.0.101/24 brd 10.0.0.255 scope global eth0 valid_lft forever preferred_lft forever inet 10.0.0.200/32 scope global eth0:1 valid_lft forever preferred_lft forever #查看ka节点IP地址 [root@keepalive2 ~]#ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 00:0c:29:6a:6e:55 brd ff:ff:ff:ff:ff:ff inet 10.0.0.102/24 brd 10.0.0.255 scope global eth0 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe6a:6e55/64 scope link valid_lft forever preferred_lft forever #访问测试 [root@keepalive1 ~]#curl www.katest.com Welcome to 10.0.0.18 test page [root@keepalive1 ~]#curl www.katest.com Welcome to 10.0.0.28 test page [root@keepalive1 ~]#curl www.katest.com Welcome to 10.0.0.18 test page [root@keepalive1 ~]#curl www.katest.com Welcome to 10.0.0.18 test page [root@keepalive1 ~]#curl www.katest.com Welcome to 10.0.0.28 test page
