本文所需环境 tomcat + nginx + keepalived 。关于tomcat和nginx请自行学习。
一.主节点:修改keepalived.conf 的内容(keepalived的配置文件默认放在/etc/keeplived下,安装的时候启动不了,后来手动创建了keeplived和keepalived.conf文件,才启动成功。)内容如下:
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server smtp.hysec.com
smtp_connection_timeout 30
router_id nginx_master # 设置nginx master的id,在一个网络应该是唯一的
}
vrrp_script chk_http_port {
script "/usr/local/src/check_nginx_pid.sh" #最后手动执行下此脚本,以确保此脚本能够正常执行
interval 2 #(检测脚本执行的间隔,单位是秒)
weight 2
}
vrrp_instance VI_1 {
state MASTER # 指定keepalived的角色,MASTER为主,BACKUP为备
interface eth0 # 当前进行vrrp通讯的网络接口卡(当前centos的网卡)
virtual_router_id 66 # 虚拟路由编号,主从要一直
priority 100 # 优先级,数值越大,获取处理请求的优先级越高
advert_int 1 # 检查间隔,默认为1s(vrrp组播周期秒数)
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port #(调用检测脚本)
}
virtual_ipaddress {
192.168.30.200 # 定义虚拟ip(VIP),可多设,每行一个,且需要和nginx在同一个网段
}
}nginx检测脚本check_nginx_pid.sh内容如下:
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx #重启nginx
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then #nginx重启失败,则停掉keepalived服务,进行VIP转移
killall keepalived
fi
fi此时完成了keepalived对nginx的监控。keepalived会每两秒(通过interval 2配置时间间隔) 发送心跳检查nginx端口是否能正常访问。如果不能则执行脚本重启nginx(见check_nginx_pid.sh)。
验证步骤:
启动nginx,启动keepalived。
1.访问http://192.168.30.130/architecture1web/ (nginx路径)能打开页面。
2.访问http://192.168.30.200/architecture1web/(keepavlived虚拟ip路径)能打开页面。
3,将 interval (检测脚本执行的间隔,单位是秒)设置为10秒,停止nginx(./nginx -s stop)
此时http://192.168.30.130/architecture1web/ 会短暂无法访问。10秒后keepalived发现nginx端口不通执行脚本重启nginx,然后访问正常。
4.停止keepalived(pkill keepalived),停止nginx 。此时http://192.168.30.130/architecture1web/ 永远无法访问。
5.启动keepalived,此时keepalived发送心跳发现nginx端口不通,执行脚本启动nginx 此时http://192.168.30.130/architecture1web/访问正常
以上测试说明keepalived会监控nginx的端口状态。如果nginx挂了会自动执行脚本启动nginx。
上面的操作只是单台keeplived对nginx的监控。下面的是对keeplived做主从,当主节点挂了之后,从节点自动接管虚拟ip。
二.从节点:修改keepalived.conf 的内容如下:注意interface eth1 必须是真是的网卡地址通过ip addr查询
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server smtp.hysec.com
smtp_connection_timeout 30
router_id nginx_backup # 设置nginx backup的id,在一个网络应该是唯一的
}
vrrp_script chk_http_port {
script "/usr/local/keepalived/sh/check_nginx_pid.sh"
interval 2 #(检测脚本执行的间隔)
weight 2
}
vrrp_instance VI_1 {
state BACKUP # 指定keepalived的角色,MASTER为主,BACKUP为备
interface eth1 # 当前进行vrrp通讯的网络接口卡(当前centos的网卡)
virtual_router_id 66 # 虚拟路由编号,主从要一直
priority 99 # 优先级,数值越大,获取处理请求的优先级越高
advert_int 1 # 检查间隔,默认为1s(vrrp组播周期秒数)
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port #(调用检测脚本)
}
virtual_ipaddress {
192.168.30.200 # 定义虚拟ip(VIP),可多设,每行一个
}
}
启动主节点的 keepalived (./keepalived),查看启动日志如下:
Oct 7 02:26:16 yuyivie Keepalived_vrrp[9930]: Unknown keyword 'smtp_connection_timeout'
Oct 7 02:26:17 yuyivie Keepalived_vrrp[9930]: Using LinkWatch kernel netlink reflector...
Oct 7 02:26:17 yuyivie Keepalived_vrrp[9930]: VRRP_Script(chk_http_port) succeeded
Oct 7 02:26:18 yuyivie Keepalived_vrrp[9930]: VRRP_Instance(VI_1) Transition to MASTER STATE
Oct 7 02:26:18 yuyivie Keepalived_vrrp[9930]: VRRP_Instance(VI_1) Effective priority = 102
Oct 7 02:26:19 yuyivie Keepalived_vrrp[9930]: VRRP_Instance(VI_1) Entering MASTER STATE
Oct 7 02:26:21 yuyivie Keepalived_healthcheckers[9929]: Unknown keyword 'smtp_connection_timeout'
Oct 7 02:26:22 yuyivie Keepalived_healthcheckers[9929]: Using LinkWatch kernel netlink reflector启动从节点的keepalived,查看日志如下:
[root@yuyivie sbin]# tail -f /var/log/messages
Oct 7 02:26:41 yuyivie Keepalived_vrrp[8995]: Opening file '/etc/keepalived/keepalived.conf'.
Oct 7 02:26:41 yuyivie Keepalived_healthcheckers[8994]: Registering Kernel netlink command channel
Oct 7 02:26:41 yuyivie Keepalived_healthcheckers[8994]: Opening file '/etc/keepalived/keepalived.conf'.
Oct 7 02:26:41 yuyivie Keepalived_vrrp[8995]: Unknown keyword 'smtp_connection_timeout'
Oct 7 02:26:41 yuyivie Keepalived_healthcheckers[8994]: Unknown keyword 'smtp_connection_timeout'
Oct 7 02:26:42 yuyivie Keepalived_vrrp[8995]: Using LinkWatch kernel netlink reflector...
Oct 7 02:26:42 yuyivie Keepalived_vrrp[8995]: VRRP_Instance(VI_1) Entering BACKUP STATE
Oct 7 02:26:42 yuyivie Keepalived_healthcheckers[8994]: Using LinkWatch kernel netlink reflector...
关闭主节点的keepalived,(此时从节点会自动顶上来做主节点)查看下图从节点日志发现从节点自动变成主节点了。
Oct 7 02:43:18 yuyivie Keepalived_vrrp[8995]: pid 10034 exited with status 32256
Oct 7 02:43:20 yuyivie Keepalived_vrrp[8995]: pid 10036 exited with status 32256
Oct 7 02:43:21 yuyivie Keepalived_vrrp[8995]: VRRP_Instance(VI_1) Transition to MASTER STATE
Oct 7 02:43:22 yuyivie Keepalived_vrrp[8995]: VRRP_Instance(VI_1) Entering MASTER STATE
Oct 7 02:43:22 yuyivie Keepalived_vrrp[8995]: pid 10038 exited with status 32256
Oct 7 02:43:24 yuyivie Keepalived_vrrp[8995]: pid 10040 exited with status 32256
验证http://192.168.30.200/architecture1web/ 虚拟ip 任然能够访问。且访问的是备份机器的nginx
重新启动主节点的keepalived,此时主节点会将重新托管虚拟ip,此时查看从节点(因为主节点失效此时之前的从节点变成了主节点)日志如下:
Oct 7 02:47:25 yuyivie Keepalived_vrrp[8995]: VRRP_Instance(VI_1) Received higher prio advert 100
Oct 7 02:47:25 yuyivie Keepalived_vrrp[8995]: VRRP_Instance(VI_1) Entering BACKUP STATE
Oct 7 02:47:27 yuyivie Keepalived_vrrp[8995]: pid 10283 exited with status 32256
Oct 7 02:47:29 yuyivie Keepalived_vrrp[8995]: pid 10285 exited with status 32256
以上测试说明主节点失效后从节点会变成主节点来托管虚拟ip,当重启失效的主节点之后,主节点会重新重新托管虚拟ip,之前变为主节点的从节点,依旧为从节点。
总结:keepalived主备 + nginx 做服务高可用,。
托管一个虚拟ip:
a.主节点监控nginx,nginx挂了尝试重启。重启失败则自己pkill停止自己。
b.从节点监控主节点,主节点挂了,则自己顶上来做主节点。
c. 主节点重启后,从节点让出托管的主节点。。
参考文章:https://www.cnblogs.com/youzhibing/p/7327342.html#_label4