用keepalived配置高可用集群-1
背景需求:用keepalived配置高可用,监控NGINX服务,现在企业用NGINX做负载均衡。
准备工作:
•设置hostname ,分别为 master 和backup
主上设置 hostname
#hostnamectl set-hostname master
从上设置 hostname
#hostnamectl set-hostname backup
•两台机器, 都是 centos7.3,设置网卡 ens33 如下:
master 192.168.71.100
backup 192.168.71.166
•关闭防火墙
主和从上都操作
# iptables -F 清除规则
# service iptables save 保存规则
主和从都关闭 selinux
# setenforce 0 临时关闭
# sed -i 's/SELINUX=enforcing/SELINUX=disabled/' /etc/selinux/config 重启后永久生效
• 两台机器都安装keepalived,执行yum install -y keepalived
• 两台机器都安装nginx, 执行yum install -y nginx
• 编辑master上keepalived配置文件
• 设定vip为192.168.71.110
# > /etc/keepalived/keepalived.conf //清空原配置文件内容
# vim /etc/keepalived/keepalived.conf //加入如下:
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh"
interval 3
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass aminglinux>com
}
virtual_ipaddress {
192.168.71.110
}
track_script {
chk_nginx
}
}
• 编辑master监控脚本
# vim /usr/local/sbin/check_ng.sh //加入如下:
#!/bin/bash
#时间变量,用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading|wc -l`
#如果进程为0,则启动nginx,并且再次检测nginx进程数量,
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
systemctl start nginx
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
• 给脚本755权限
#chmod 755 /usr/local/sbin/check_ng.sh
启动master服务
#systemctl start keepalived
[root@wjh-01 selinux]# ps aux|grep keepalived //keepalived服务已启动
root 4307 0.0 0.1 126340 1856 pts/0 S+ 14:39 0:00 vi /etc/keepalived/keepalived.conf
root 25588 1.7 0.1 120212 1464 ? Ss 15:19 0:29 /usr/sbin/keepalived -D
root 25589 0.0 0.3 126824 3300 ? S 15:19 0:00 /usr/sbin/keepalived -D
root 50572 0.1 0.3 131148 3008 ? S 15:43 0:00 /usr/sbin/keepalived -D
root 51002 0.0 0.0 112664 972 pts/1 R+ 15:47 0:00 grep --color=auto kee
[root@wjh-01 selinux]# ps aux|grep nginx //nginx服务已启动
root 48392 0.0 0.2 122284 2072 ? Ss 15:41 0:00 nginx: master process nginx
nginx 48394 0.0 0.3 122712 3104 ? S 15:41 0:00 nginx: worker process
root 51064 0.0 0.0 112664 972 pts/1 R+ 15:47 0:00 grep --color=auto nginx
• 查看定义的VIP也启动
用keepalived配置高可用集群-2
• 编辑backup上keepalived配置文件
# > /etc/keepalived/keepalived.conf //清空原配置文件内容
# vim /etc/keepalived/keepalived.conf //加入如下:
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
#全局配置,定义出现故障,给那个邮箱发邮件
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh"
#定义检测nginx的启动脚本
interval 3
#3秒检查一次服务
}
#keepalived的CHK模块,检测NGINX服务是否启用
vrrp_instance VI_1 {
state BACKUP
#定义角色是主,还是从
interface ens33
#定义那块网卡,发送VRRP协议
virtual_router_id 51
#定义路由ID,主从保持一致
priority 90
#定义权重
advert_int 1
authentication {
auth_type PASS
auth_pass aminglinux>com
}
#定义认证机制是PASS
virtual_ipaddress {
192.168.71.110
}
#定义VIP(对外提供服务的IP)
track_script {
chk_nginx
}
}
• 编辑backup监控脚本
# vim /usr/local/sbin/check_ng.sh //加入如下:
#!/bin/bash
#时间变量,用于记录日志
d=`date --date today +%Y%m%d_%H:%M:%S`
#计算nginx进程数量
n=`ps -C nginx --no-heading|wc -l`
#如果进程为0,则启动nginx,并且再次检测nginx进程数量,
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
systemctl start nginx
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
• 给脚本755权限
#chmod 755 /usr/local/sbin/check_ng.sh
• 启动backup服务
#systemctl start keepalived
用keepalived配置高可用集群-3
测试
通过浏览器测试两台机器上的 web 内容 http://192.168.71.110。为了区分开,我们可以
把 nginx 的默认页修改一下:
在master 上执行
# echo "master" >/usr/share/nginx/html/index.html
在 backup上执行
# echo "backup" >/usr/share/nginx/html/index.html
• 先确定好两台机器上nginx差异,比如可以通过curl -I 来查看nginx版本
• 测试1:关闭master上的nginx服务
• 测试2:关闭master上的keepalived服务
[root@wjh-01 ~]# curl 192.168.71.110
master
[root@wjh-01 ~]# systemctl stop keepalived
[root@wjh-01 ~]# curl 192.168.71.110
backup
• 测试3:启动master上的keepalived服务
[root@wjh-01 ~]# systemctl start keepalived
[root@wjh-01 ~]# curl 192.168.71.110
master