keepalived+Nginx高可用配置【vrrp_script状态检测】

keepalived-学习目录

1、Nginx与keepalived之间是什么关系?

没关系。为什么?( Nginx仅仅是借助了keepalived的VIP地址漂移技术,从而实现的高可用。)

2、keepalived如果实现nginx高可用

如果Nginx宕机,会导致用户请求失败, 但Keepalived并不会进行切换, 所以需要编写一个脚本检测Nginx的存活状态,如果不存活则 kill nginx和keepalived

 

3、keepalived+nginx配置

3.1、准务nginx健康检查shell脚本

mkdir /usr/local/keepalived/scripts
cat << 'CAT_END' > /usr/local/keepalived/scripts/check_web.sh
#!/bin/sh
nginxpid=$(pidof nginx | wc -l)
#1、判断Nginx是否存活,如果不存活则尝试启动Nginx
if [ $nginxpid -eq 0 ];then
    systemctl start nginx
    sleep 2
    # 2、等待2秒后再次获取一次Nginx状态
    nginxpid=$(pidof nginx | wc -l)
    # 3、再次进行判断, 如Nginx还不存活则停止Keepalived,让地址进行漂移,并退出脚
    if [ $nginxpid -eq 0 ];then
        systemctl stop keepalived
        pkill keepalived
    fi
fi
CAT_END
chmod +x /usr/local/keepalived/scripts/check_web.sh

3.2、keepalived配置【非抢占式】

3.2.1、keepalived-01配置

cat << 'CAT_END' >/usr/local/keepalived/etc/keepalived/keepalived.conf 
global_defs {
   router_id kp01
}

vrrp_script check_web {
   script "/usr/local/keepalived/scripts/check_web.sh"
   interval 5
}

vrrp_instance VI_1 {
    state BACKUP
    nopreempt
    interface ens33
    virtual_router_id 50
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.10.200
    }
    track_script {
        check_web
    }
}
CAT_END

3.2.2、keepalived-02配置

cat << 'CAT_END' >/usr/local/keepalived/etc/keepalived/keepalived.conf 
global_defs {
   router_id kp02
}

vrrp_script check_web {
   script "/usr/local/keepalived/scripts/check_web.sh"
   interval 5
}

vrrp_instance VI_1 {
    state BACKUP
    nopreempt
    interface ens33
    virtual_router_id 50
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.10.200
    }

    track_script {
        check_web
    }
}
CAT_END

3.3.3、重启keepalived并且测试

systemctl restart keepalived

# 此时VIP在keepalived-01中
]# curl 192.168.10.200
keepalived-01

3.3.4、关闭keepalived-01的nginx,检查vip是否漂移

# 准备测试页面
keepalived-01 ~]# echo "keepalived-01" >/usr/share/nginx/html/index.html
keepalived-02 ~]# echo "keepalived-02" >/usr/share/nginx/html/index.html

# 当前vip在192.168.10.200
~]# curl  192.168.10.200
keepalived-01


# 故意让nginx启动不起来,然后关闭nginx服务
echo "test">>/etc/nginx/nginx.conf
systemctl stop nginx

# 发现vip切至keepalived-02
~]# curl  192.168.10.200
keepalived-02

3.3、keepalived配置【抢占式】

3.3.1、keepalived-01配置

cat << 'CAT_END' >/usr/local/keepalived/etc/keepalived/keepalived.conf
global_defs {
   router_id kp01
}

vrrp_script check_web {
   script "/usr/local/keepalived/scripts/check_web.sh"
   interval 5
}

vrrp_instance VI_1 {
    state MASTER
    interface ens33
    virtual_router_id 50
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.10.200
    }
    track_script {
        check_web
    }
}
CAT_END

3.3.2、keepalived-02配置

cat << 'CAT_END' >/usr/local/keepalived/etc/keepalived/keepalived.conf
global_defs {
   router_id kp02
}

vrrp_script check_web {
   script "/usr/local/keepalived/scripts/check_web.sh"
   interval 5
}

vrrp_instance VI_1 {
    state BACKUP
    interface ens33
    virtual_router_id 50
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    virtual_ipaddress {
        192.168.10.200
    }
    track_script {
        check_web
    }
}
CAT_END

3.3.3、验证测试

请参考章节:3.3.4、关闭keepalived-01的nginx,检查vip是否漂移

4、vrrp_script、track_script属性解析

4.1、vrrp_script属性解析

4.1.1、属性解析

vrrp_script <SCRIPT_NAME> {
  script <STRING>|<QUOTED-STRING> # 设定执行脚本的路径,也可以是命令行的检测命令
  interval <INTEGER>              # 设定脚本执行的间隔时间,默认1s
  timeout <INTEGER>               # 设定脚本失败的超时时间
  weight <INTEGER:-254..254>      # 设定脚本的权重,默认是0
  rise <INTEGER>                  # 执行多少次,表示成功OK
  fall <INTEGER>                  # 执行多少次,表示失败KO
  user USERNAME [GROUPNAME]       # 设定脚本的用户/组属性信息
  init_fail                       # 假设脚本最初处于失败状态
}
注意:
 我们一般使用前面的两条属性
 检测命令的<SCRIPT_NAME>是VRRP专用的,一定要保证在VRRP场景下是唯一的
 script 属性要求尽量使用脚本格式,不包含特殊字符和表达式的简单命令也可以,如果命令里包含特殊字符 就不能执行,比如"[[ ]]"符号

4.1.2、vrrp_script-weight 重要性解析

配置示例:
vrrp_script chk_keepalived {
   script "/bin/bash/path/to/script.file"
   interval 1
   weight -10
}
注意:
 此处的weight很重要,它与vrrp_instance的priority属性共同决定了集群中MASTER和BACKUP角色切换动作,这个值一般有正数和负数之分,最终功能都是一样的,我们一般用负数。
 weight为负(-n):脚本执行失败,主节点的"priority-weight值",若差值小于BACKUP节点的priority,则切换备为主,否则不切换角色状态

4.2、track_script属性解析

4.2.1、作用

vrrp_script使用前的检测,确认script已经提前定义好

4.2.2、示例解析

我们可以在vrrp_instance配置段中,基于track_script属性来执行已设定好的vrrp_script。

track_script {
   <SCRIPT_NAME>
   <SCRIPT_NAME> weight <-254..254>
}
注意:
  我们一般使用第一条配置样式即可。
  必须保证<SCRIPT_NAME>在上面的vrrp_script中定义好了。
  
配置示例
track_script {  
   chk_keepalived
}

4.3、实践-示例

4.3.1、编写检测服务脚本

# 创建专用脚本目录
mkdir /data/scripts/ -p

# 创建脚本
]# vim /data/scripts/keepalived_check.sh
#!/bin/bash
if [ -f /tmp/keepalived.fail ];then
 weight -2
fi

注意:
脚本中的 "weight -2" 表示,当我们存在keepalived的fail文件的时候,表明该软件已经故障,
需要降低本主机的优先级,便于BACKUP主机提升为主角色 -2 的值,需要根据MASTER和BACKUP的优先级进行规划,保证 "MASTER优先级-2 < BACKUP优先级"

4.3.2、keepalived配置文件使用脚本

# 修改后的keepalived配置文件内容如下
global_defs {
  router_id kpmaster
}
vrrp_script chk_keepalived {
  script "/bin/bash /data/scripts/keepalived_check.sh"
  interval 1
}
vrrp_instance VI_1 {
  state MASTER
  interface ens33
  virtual_router_id 51
  priority 100
  virtual_ipaddress {
      192.168.8.100
  }
   track_script {
     chk_keepalived
  }
}

注意:
  track_script 中使用的名称,一定要在 vrrp_script 中定义
  vrrp_script中script属性的脚本使用,应该使用标准的"/bin/bash"格式
  避免因为权限问题导致脚本无法执行,从而影响keepalived的正常使用两台keepalived主机必须做同样的配置修改

4.3.3、模拟故障测试

# master主机创建fail文件
touch /tmp/keepalived.fail

4.3.4、模拟故障修复

# master主机移除fail文件
rm -f /tmp/keepalived.fail

 

posted @ 2023-05-05 21:56  小粉优化大师  阅读(365)  评论(0编辑  收藏  举报