CentOS7使用keepalive实现nginx的高可用
目录
1、环境说明... 1
2、获取nginx安装yum源... 1
3、安装nginx. 1
3、keepalive配置文件... 2
4.1、master节点192.168.10.178. 2
4.2、backup节点192.168.10.177. 4
5、nginx检查脚本... 5
6、测试高可用... 6
6.1、修改检查脚本... 6
6.2、确认当前nginx状态... 7
6.3、修改两节点的nginx欢迎页面... 8
6.4、未切换之前浏览器访问nginx. 9
6.5、测试切换nginx的vip. 9
6.6、master节点的故障恢复... 11
6.7、再次前台页面登陆nginx. 12
1、环境说明
master :192.168.10.178
backup :192.168.10.177
vip :192.168.10.180
OS:CentOS Linux release 7.4.1708 (Core)
2、获取nginx安装yum源
rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
3、安装nginx
yum -y install nginx
这边有下载好的,可以直接rpm包安装
链接:https://pan.baidu.com/s/1eJPuzXps-pCJ3gMAr79tkA
提取码:n7ic
[root@mysql5 soft]# rpm -ivh nginx-1.16.1-1.el7.ngx.x86_64.rpm
warning: nginx-1.16.1-1.el7.ngx.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:nginx-1:1.16.1-1.el7.ngx ################################# [100%]
----------------------------------------------------------------------
Thanks for using nginx!
Please find the official documentation for nginx here:
* http://nginx.org/en/docs/
Please subscribe to nginx-announce mailing list to get
the most important news about nginx:
* http://nginx.org/en/support.html
Commercial subscriptions for nginx are available on:
* http://nginx.com/products/
----------------------------------------------------------------------
[root@mysql5 soft]#
3、keepalive配置文件
4.1、master节点192.168.10.178
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id MASTER-HA.177
}
#for check mysql scripts
vrrp_script chk_mysql_port {
script "/opt/chk_mysql.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
mcast_src_ip 192.168.10.177
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.179
}
track_script {
chk_mysql_port
}
}
#for check nginx scripts
vrrp_script chk_nginx_port {
script "/opt/chk_nginx.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
mcast_src_ip 192.168.10.177
virtual_router_id 52
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.180
}
track_script {
chk_nginx_port
}
}
主要看飘红的,上面的VI_1是之前做mysql的双主高可用的配置,可以不用看。
4.2、backup节点192.168.10.177
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id MASTER-HA.178
}
vrrp_script chk_mysql_port {
script "/opt/chk_mysql.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
mcast_src_ip 192.168.10.178
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.179
}
track_script {
chk_mysql_port
}
}
#for check nginx scripts
vrrp_script chk_nginx_port {
script "/opt/chk_nginx.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_2 {
state MASTER
interface ens33
mcast_src_ip 192.168.10.178
virtual_router_id 52
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.180
}
track_script {
chk_nginx_port
}
}
主要看飘红的,上面的VI_1是之前做mysql的双主高可用的配置,可以不用看。
5、nginx检查脚本
vi /opt/chk_nginx.sh
#!/bin/bash
#检测nginx是否启动了
A=`ps -C nginx --no-header |wc -l`
#如果nginx没有启动就启动nginx
if [ $A -eq 0 ];then
#重启nginx
systemctl start nginx
#nginx重启失败,则停掉keepalived服务,进行VIP转移
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
赋权:
chmod 775 /opt/chk_nginx.sh
6、测试高可用
6.1、修改检查脚本
让测试看到效果,需要把chk_nginx.sh检查脚本改一下,注释掉自启动nginx的命令systemctl start nginx:
[root@mysql5 yum.repos.d]# cat /opt/chk_nginx.sh
#!/bin/bash
#检测nginx是否启动了
A=`ps -C nginx --no-header |wc -l`
#如果nginx没有启动就启动nginx
if [ $A -eq 0 ];then
#重启nginx
# systemctl start nginx
#nginx重启失败,则停掉keepalived服务,进行VIP转移
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
6.2、确认当前nginx状态
现在nginx的vip 192.168.10.180在keepalive的master上192.168.10.178上
[root@mysql5 yum.repos.d]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:27:e2:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.178/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.180/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::736/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:367b:f0fa:c290:8367/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::8d0:5ce9:59e6:cbb8/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 yum.repos.d]#
我们确定一下keepalive的backup节点192.168.10.177上没有,防止防火墙等原因导致的集群脑裂:
[root@mysql5 html]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:8b:41:06 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.177/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.179/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::8ec/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:9f26:83d:6510:a6dd/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::58:dc06:f8c4:84b3/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 html]#
确实没有vip为192.168.10.180的ip,上面的192.168.10.179是mysql双主集群高可用的vip。
6.3、修改两节点的nginx欢迎页面
然后我们为了看到更好区分的效果,将两台主机的nginx欢迎页面改成带各自不同表示的样子
cat /etc/nginx/nginx.conf
找到:
include /etc/nginx/conf.d/*.conf;
然后找到:
[root@mysql5 html]# cd /etc/nginx/conf.d/
[root@mysql5 conf.d]# ls
default.conf
[root@mysql5 conf.d]# cat default.conf
找到:
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
然后修改对应的index.html,这个就是nginx默认的页面欢迎文件:
[root@mysql5 conf.d]# cd /usr/share/nginx/html
[root@mysql5 html]# ls
50x.html index.html
[root@mysql5 html]#
我这里在
Welcome to nginx!10.177
这一行后面加个本机的ip标示,可以随意,能区分就行:[root@mysql5 html]# cat index.html
Welcome to nginx!10.177
If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.
For online documentation and support please refer to
Commercial support is available at
Thank you for using nginx.
另外一台nginx同理一样修改。
6.4、未切换之前浏览器访问nginx
此时我们通过浏览器访问nginx的vip192.168.10.180,出来的页面会显示的是10.178的地址:
http://192.168.10.180/
6.5、测试切换nginx的vip
在master192.168.10.178上停nginx
[root@mysql5 html]# systemctl stop nginx
停完根据我们的配置文件,最多等1秒,就会执行检查脚本,检查到nginx停掉后,就立马发生vip切换
[root@mysql5 html]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:27:e2:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.178/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::736/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:367b:f0fa:c290:8367/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::8d0:5ce9:59e6:cbb8/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 html]#
此时发现vip192.168.10.180已经不在master192.168.10.178上了。
我们去backup192.168.10.177上看一下,已经飘过来了
[root@mysql5 html]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:8b:41:06 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.177/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.179/32 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.180/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::8ec/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:9f26:83d:6510:a6dd/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::58:dc06:f8c4:84b3/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 html]#
5.6、再次浏览器访问nginx
此时我们在用浏览器登陆nginx的vip192.168.10.180地址,发现页面已经变成backup的地址了。
6.6、master节点的故障恢复
此时我们在master192.168.10.178上将nginx在起起来:
systemctl start nginx
发现ip又会被master节点192.168.10.177抢占回来,因为我们配置了主备节点的优先级,主节点优先级要高,所以当主节点故障恢复后,将会重新抢占vip。
[root@mysql5 html]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:27:e2:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.178/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.180/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::736/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:367b:f0fa:c290:8367/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::8d0:5ce9:59e6:cbb8/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 html]#
保险起见,我们还是检查一下backup节点192.168.10.177:
[root@mysql5 html]# ip a
1: lo:
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33:
link/ether 00:0c:29:8b:41:06 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.177/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.179/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::8ec/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:9f26:83d:6510:a6dd/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::58:dc06:f8c4:84b3/64 scope link
valid_lft forever preferred_lft forever
发现没有nginx的vip192.168.10.180了。
6.7、再次前台页面登陆nginx
前台登陆nginx的页面,发现又回到了192.168.10.178的master节点上了。
