keepalived+lvs+nginx高可用集群搭建

ip	主机名	备注
192.168.174.128	master	关闭防火墙、安全规则
192.168.174.129	backup	关闭防火墙、安全规则
192.168.174.130	ecshop	搭建好ecshop
192.168.174.131	ecshop1	搭建好ecshop1

keepalived主备搭建参考
keepalived邮件告警参考

四台虚拟机，两台搭建keepalived主备切换，两台搭建ecshop商城

修改keepalived的配置文件（主备都要）

[root@master ~]# vi /etc/keepalived/keepalived.conf
global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from [email protected]
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {
    script "/usr/local/sbin/check_ng.sh"
    interval 3
}

vrrp_instance VI_1 {
    state MASTER
    interface eno16777736
    virtual_router_id 79
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass admin
    }
    virtual_ipaddress {
        192.168.174.100
    }

    track_script {
        chk_nginx
    }
notify_master "/etc/keepalived/notify.sh master"
notify_backup "/etc/keepalived/notify.sh backup"
notify_fault "/etc/keepalived/notify.sh fault"

}
##########添加以下，主备参数一样就行
virtual_server 192.168.174.100 80 {		//配置一个VIP 工作在TCP的80端口上
    delay_loop 6			//刷新页面的间隔单位s
    lb_algo rr				//负载均衡的调度算法
    lb_kind DR				//工作在DR模型上
    nat_mask 255.255.255.0
    #persistence_timeout 50		//是否启用IPVS持久连接,这项要注销，否则连接50S才会切换
    protocol TCP			//采用的是TCP协议

    real_server 192.168.174.130 80 {		//rip地址
        weight 1							//权重
        TCP_CHECK {
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }

    real_server 192.168.174.131 80 {		//rip地址
        weight 1							//权重
        TCP_CHECK {
            connect_timeout 3
            nb_get_retry 3
            delay_before_retry 3
        }
    }
}

在两台ecshop上执行脚本

#/bin/bash
vip=192.168.174.100
ifconfig lo:1 $vip broadcast $vip netmask 255.255.255.255 up
route add -host $vip lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

之后重启主备keepalived

[root@master ~]# systemctl restart keepalived

配置主备tcp/tcpfin/udp超时时间

[root@master ~]# ipvsadm --set 1 2 1 

测试访问

关闭主节点keepalived，vip跑到从节点上，再次测试访问

[root@master ~]# systemctl stop keepalived

测试成功