keepalived+nginx实现主备高可用

1.keepalived+nginx实现主备过程图

2.高可用环境

两台nginx：
主：192.168.31.122
备：192.168.31.41

两台tomcat服务器：
tomcat01：192.168.31.221
tomcat02：192.168.31.48

3.安装keepalived

分别在主备nginx上安装keepalived

3.1 安装环境

[root@MiWiFi-R3-srv ~]# yum -y install gcc gcc-c++
[root@MiWiFi-R3-srv ~]# yum -y install kernel-devel*
[root@MiWiFi-R3-srv ~]# yum -y install openssl-*
[root@MiWiFi-R3-srv ~]# yum -y install popt-devel
[root@MiWiFi-R3-srv ~]# yum -y install lrzsz
[root@MiWiFi-R3-srv ~]# yum -y install openssh-clients
[root@MiWiFi-R3-srv ~]# yum -y install libnl libnl-devel popt

从上面的命令合成的一条安装命令:

[root@MiWiFi-R3-srv ~]# yum -y install gcc gcc-c++ && yum -y install kernel-devel* && yum -y install openssl-* && yum -y install popt-devel && yum -y install lrzsz && yum -y install openssh-clients && yum -y install libnl libnl-devel popt

3.2 下载keepalived

链接: https://pan.baidu.com/s/1kVSn1o7 密码: ddxp

3.3 解压

[root@MiWiFi-R3-srv ~]# tar -zxvf keepalived-1.2.15.tar.gz
[root@MiWiFi-R3-srv ~]# cd keepalived-1.2.15
[root@MiWiFi-R3-srv keepalived-1.2.15]# ./configure --prefix=/usr/local/keepalived

3.4 编译安装

[root@MiWiFi-R3-srv keepalived-1.2.15]# make && make install

至此安装成功!

3.5 拷贝执行文件

[root@MiWiFi-R3-srv ~]# cp /usr/local/keepalived/sbin/keepalived /usr/sbin/

3.6 将init.d文件拷贝到etc下,加入开机启动项

[root@MiWiFi-R3-srv ~]# cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/keepalived

3.7 将keepalived文件拷贝到etc下，加入网卡配置

[root@MiWiFi-R3-srv ~]# cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/

3.8 创建keepalived文件夹

[root@MiWiFi-R3-srv ~]# mkdir -p /etc/keepalived

3.9 将keepalived配置文件拷贝到etc下

[root@MiWiFi-R3-srv ~]# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf

3.10 添加可执行权限

[root@MiWiFi-R3-srv ~]# chmod +x /etc/init.d/keepalived

3.11 加入开机启动：

[root@MiWiFi-R3-srv ~]# chkconfig --add keepalived #添加时必须保证/etc/init.d/keepalived存在
[root@MiWiFi-R3-srv ~]# chkconfig keepalived on

添加完可查询系统服务是否存在：

[root@MiWiFi-R3-srv ~]# chkconfig --list

3.12 启动keepalived

启动：service keepalived start
停止：service keepalived stop
重启：service keepalived restart
状态：service keepalived status

3.13 配置日志文件

3.13.1 将keepalived日志输出到local0：

[root@MiWiFi-R3-srv ~]# vim /etc/sysconfig/keepalived

KEEPALIVED_OPTIONS="-D -d -S 0"

3.13.2 在/etc/rsyslog.conf里最后一行添加:

[root@MiWiFi-R3-srv ~]# vim /etc/rsyslog.conf

local0.*  /var/log/keepalived.log

3.13.3 重新启动keepalived和rsyslog服务：

[root@MiWiFi-R3-srv ~]# service rsyslog restart
[root@MiWiFi-R3-srv ~]# service keepalived restart

3.13.4 打开防火墙允许keepalived组播

[root@MiWiFi-R3-srv ~]# firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface enp4s0 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
[root@MiWiFi-R3-srv ~]# firewall-cmd --reload

4.配置keepalived

4.1 主nginx

修改主nginx下/etc/keepalived/keepalived.conf文件

! Configuration File for keepalived

#全局配置
global_defs {
   notification_email {  #指定keepalived在发生切换时需要发送email到的对象，一行一个
     XXX@XXX.com
   }
   notification_email_from XXX@XXX.com  #指定发件人
   #smtp_server XXX.smtp.com                             #指定smtp服务器地址
   #smtp_connect_timeout 30                               #指定smtp连接超时时间
   router_id LVS_DEVEL                                    #运行keepalived机器的一个标识
}
vrrp_instance VI_1 { 
    state MASTER           #标示状态为MASTER 备份机为BACKUP
    interface ens33         #设置实例绑定的网卡(ip addr查看)
    virtual_router_id 51   #同一实例下virtual_router_id必须相同
    priority 100           #MASTER权重要高于BACKUP 比如BACKUP为99  
    advert_int 1           #MASTER与BACKUP负载均衡器之间同步检查的时间间隔，单位是秒
    authentication {       #设置认证
        auth_type PASS     #主从服务器验证方式
        auth_pass 8888
    }
    virtual_ipaddress {    #设置vip
        192.168.31.100       #可以多个虚拟IP，换行即可
    }
}

4.2 备nginx

修改备nginx下/etc/keepalived/keepalived.conf文件

配置备nginx时需要注意：需要修改state为BACKUP , priority比MASTER低，virtual_router_id和master的值一致

! Configuration File for keepalived

#全局配置
global_defs {
   notification_email {  #指定keepalived在发生切换时需要发送email到的对象，一行一个
    XXX@XXX.com
   }
   notification_email_from XXX@XXX.com                  #指定发件人
   #smtp_server XXX.smtp.com                                #指定smtp服务器地址
   #smtp_connect_timeout 30                               #指定smtp连接超时时间
   router_id LVS_DEVEL                                    #运行keepalived机器的一个标识
}

vrrp_instance VI_1 { 
    state BACKUP           #标示状态为MASTER 备份机为BACKUP
    interface ens33         #设置实例绑定的网卡(ip addr查看)
    virtual_router_id 51   #同一实例下virtual_router_id必须相同
    priority 99            #MASTER权重要高于BACKUP 比如BACKUP为99  
    advert_int 1           #MASTER与BACKUP负载均衡器之间同步检查的时间间隔，单位是秒
    authentication {       #设置认证
        auth_type PASS     #主从服务器验证方式
        auth_pass 8888
    }
    virtual_ipaddress {    #设置vip
        192.168.31.100       #可以多个虚拟IP，换行即可
    }
}

4.3 测试

主备nginx都启动keepalived及nginx。

service keepalived start
./nginx 

4.4 nginx进程检测脚本

在主nginx上需要编写nginx进程检测脚本（check_nginx.sh），判断nginx进程是否存在，如果nginx不存在就将keepalived进程杀掉，check_nginx.sh内容如下：

[root@MiWiFi-R3-srv ~]# vim /etc/keepalived/check_nginx.sh

#!/bin/bash
# 如果进程中没有nginx则将keepalived进程kill掉
A=`ps -C nginx --no-header |wc -l`      ## 查看是否有 nginx进程 把值赋给变量A 
if [ $A -eq 0 ];then                    ## 如果没有进程值得为 零
       service keepalived stop          ## 则结束 keepalived 进程
fi

[root@MiWiFi-R3-srv ~]# chmod u+x /etc/keepalived/check_nginx.sh

脚本测试：
将nginx停止，将keepalived启动，执行脚本：

[root@MiWiFi-R3-srv ~]# sh /etc/keepalived/check_nginx.sh
Stopping keepalived (via systemctl):                       [  OK  ]

从执行可以看出nginx一旦关闭脚步就自动将keepalived进程kill掉了

4.5 修改keepalived.conf

修改主nginx的keepalived.conf，添加脚本定义检测：

! Configuration File for keepalived

#全局配置
global_defs {
   notification_email {  #指定keepalived在发生切换时需要发送email到的对象，一行一个
     XXX@XXX.com
   }
   notification_email_from XXX@XXX.com  #指定发件人
   #smtp_server XXX.smtp.com                             #指定smtp服务器地址
   #smtp_connect_timeout 30                               #指定smtp连接超时时间
   router_id LVS_DEVEL                                    #运行keepalived机器的一个标识
}
vrrp_script check_nginx {
    script "/etc/keepalived/check_nginx.sh"         ##监控脚本
    interval 2                                      ##时间间隔，2秒
    weight 2                                        ##权重
}
vrrp_instance VI_1 { 
    state MASTER           #标示状态为MASTER 备份机为BACKUP
    interface ens33         #设置实例绑定的网卡(ip addr查看)
    virtual_router_id 51   #同一实例下virtual_router_id必须相同
    priority 100           #MASTER权重要高于BACKUP 比如BACKUP为99  
    advert_int 1           #MASTER与BACKUP负载均衡器之间同步检查的时间间隔，单位是秒
    authentication {       #设置认证
        auth_type PASS     #主从服务器验证方式
        auth_pass 8888
    }
    track_script {
        check_nginx        #监控脚本
    }
    virtual_ipaddress {    #设置vip
        192.168.31.100       #可以多个虚拟IP，换行即可
    }
}

修改后重启keepalived

[root@MiWiFi-R3-srv ~]# service keepalived restart

4.6 测试

1.回到负载均衡高可用的初始状态，保证主、备上的keepalived、nginx全部启动。
2.停止主nginx服务
3.观察keepalived日志：

tail -f /var/log/keepalived.lo

4.查看keepalived进程已经不存在。

[root@MiWiFi-R3-srv keepalived]# ps aux|grep keepalived
root       5705  0.0  0.2 112660   968 pts/0    R+   18:18   0:00 grep --color=auto keepalived

查看主nginx的网卡ens33已经没有绑定vip。

查看备nginx的网卡ens33已经绑定vip。

---

至此! keepalived+nginx实现主备已完成啦！

---

如果您喜欢这篇文章就请关注我的博客和朋友一起分享吧！
关注我: ☛ http://blog.csdn.net/yougoule

转载于:https://www.cnblogs.com/pengtdy/p/8306197.html