Centos7中KeepAlived&Nginx高可用
一.部署前规划
| 角色 | 操作系统 | IP |
|---|---|---|
| master | Centos7.8 | 192.168.56.101 |
| backup | Centos7.8 | 192.168.56.102 |
二.keepalived安装
在两台机器上执行安装
yum install -y keepalived
三.master角色配置(192.168.56.101)
/etc/keepalived/keepalived.conf
注意这里:interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。
cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {router_id LVS_DEVEL
}vrrp_script chk_nginx {script "/etc/keepalived/scripts/nginx_check.sh"interval 2weight -20
}vrrp_instance VI_1 {state MASTERinterface enp0s3virtual_router_id 51priority 100advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {chk_nginx}virtual_ipaddress {192.168.56.140}
}
EOF编写nginx进程检查的脚本
/etc/keepalived/scripts/nginx_check.sh
##
mkdir /etc/keepalived/scripts/##
cat > /etc/keepalived/scripts/nginx_check.sh <<EOF
#!/bin/bashresult=\`pidof nginx\`
if [ ! -z "\${result}" ];
thenexit 0
elseexit 1
fi
EOF##
chmod +x /etc/keepalived/scripts/nginx_check.sh四.backup角色配置(192.168.56.102)
/etc/keepalived/keepalived.conf
注意这里:interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。
cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {router_id LVS_DEVEL
}vrrp_script chk_nginx {script "/etc/keepalived/scripts/nginx_check.sh"interval 2weight -20
}vrrp_instance VI_1 {state BACKUPinterface enp0s3virtual_router_id 51priority 90advert_int 1authentication {auth_type PASSauth_pass 1111}track_script {chk_nginx}virtual_ipaddress {192.168.56.140}
}
EOF/etc/keepalived/scripts/nginx_check.sh
##
mkdir /etc/keepalived/scripts/##
cat > /etc/keepalived/scripts/nginx_check.sh <<EOF
#!/bin/bashresult=\`pidof nginx\`
if [ ! -z "\${result}" ];
thenexit 0
elseexit 1
fi
EOF##
chmod +x /etc/keepalived/scripts/nginx_check.sh五.防火墙开放
注:如果你的防火墙是开放的,一定需要进行vrrp组播的开放,否则因为防火墙不通会两台机器都存在VIP导致keepalived分配vip失败
注意这里:–in-interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。
##开启nginx的端口
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --reload##开启vrrp组播
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface enp0s3 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --reload
# 查看规则是否生效
firewall-cmd --permanent --direct --get-all-rules
六.启动keepalived
##设置为系统服务
systemctl enable keepalived##启动
systemctl start keepalived##停止
systemctl stop keepalived##重启
systemctl restart keepalived七.测试
1.将master和backup的keepalived和nginx都启动,可看到master上存在vip
[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 08:00:27:f7:cc:0c brd ff:ff:ff:ff:ff:ffinet 192.168.56.101/24 brd 192.168.56.255 scope global noprefixroute enp0s3valid_lft forever preferred_lft foreverinet 192.168.56.140/32 scope global enp0s3valid_lft forever preferred_lft foreverinet6 fe80::2603:d512:e7f1:a498/64 scope link noprefixroute valid_lft forever preferred_lft forever
2.而backup上没有,说明当前vip在master上
[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 08:00:27:6c:d4:90 brd ff:ff:ff:ff:ff:ffinet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute enp0s3valid_lft forever preferred_lft foreverinet6 fe80::2603:d512:e7f1:a498/64 scope link tentative noprefixroute dadfailed valid_lft forever preferred_lft foreverinet6 fe80::e801:dd62:96e3:cf2b/64 scope link noprefixroute valid_lft forever preferred_lft forever3.将master上的nginx停止后,vip飘移到backup(192.168.56.102)上,由backup进行服务提供
[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000link/ether 08:00:27:6c:d4:90 brd ff:ff:ff:ff:ff:ffinet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute enp0s3valid_lft forever preferred_lft foreverinet 192.168.56.140/32 scope global enp0s3valid_lft forever preferred_lft foreverinet6 fe80::2603:d512:e7f1:a498/64 scope link tentative noprefixroute dadfailed valid_lft forever preferred_lft foreverinet6 fe80::e801:dd62:96e3:cf2b/64 scope link noprefixroute valid_lft forever preferred_lft forever
4.然后重新启动master上的nginx,此时Vip又会切换到master
从以上步骤演示看,说明keepalived和nginx高可用配置成功~
Poetry -- 项目管理的诗和远方之一)
)
】查找接口成功率最优时间段(深度优先搜索(DFS)实现JavaPythonC++JS))
