如果对keepalived不了解,这有详细解释:keepalived与nginx与MySQL-CSDN博客https://blog.csdn.net/m0_59933574/article/details/134189200?spm=1001.2014.3001.5501
主机清单:
主机名 | IP | 系统 | 用途 |
---|---|---|---|
Proxy-master | 192.168.231.201 | centos7.5 | 主负载 |
Proxy-slave | 192.168.231.202 | centos7.5 | 主备 |
Real-server1 | 192.168.231.203 | Centos7.5 | web1 |
Real-server2 | 192.168.231.204 | centos7.5 | Web2 |
Vip for proxy | 192.168.231.225 |
所有机器都配置安装nginx,关闭防火墙与selinux
[root@proxy-master ~]# systemctl stop firewalld //关闭防火墙
[root@proxy-master ~]# sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/sysconfig/selinux //关闭selinux,重启生效
[root@proxy-master ~]# setenforce 0 //关闭selinux,临时生效
安装nginx, 全部4台
[root@proxy-master ~]# cd /etc/yum.repos.d/
[root@proxy-master yum.repos.d]# vim nginx.repo
[nginx-stable]
name=nginx stable repo
baseurl=http://nginx.org/packages/centos/$releasever/$basearch/
gpgcheck=0
enabled=1
[root@proxy-master yum.repos.d]# yum install yum-utils -y
[root@proxy-master yum.repos.d]# yum install nginx -y
1、选择两台nginx服务器作为代理服务器。
2、给两台代理服务器安装keepalived制作高可用生成VIP
3、配置nginx的负载均衡
选择201 202为代理服务器
201
# vim /etc/nginx/nginx.conf
#Nginx配置文件
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
upstream backend { ####管理服务器组,设置权重
server 192.168.231.204:80 weight=1 max_fails=3 fail_timeout=20s;
server 192.168.231.203:80 weight=1 max_fails=3 fail_timeout=20s;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://backend;
proxy_set_header Host $host:$proxy_port;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
}
202
# vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
upstream backend {
server 192.168.231.204:80 weight=1 max_fails=3 fail_timeout=20s;
server 192.168.231.203:80 weight=1 max_fails=3 fail_timeout=20s;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://backend;
proxy_set_header Host $host:$proxy_port;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
}
主备都安装keepalived
[root@zhu ~]# yum install -y keepalived
[root@bei ~]# yum install -y keepalived
#主备都进行的操作
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak
#主备都修改配置文件
vim /etc/keepalived/keepalived.conf
#这是主的配置文件
! Configuration File for keepalived
global_defs {
router_id directory1 #辅助改为directory2
}
vrrp_instance VI_1 {
state MASTER #定义主还是备
interface ens33 #VIP绑定接口
virtual_router_id 80 #整个集群的调度器一致
priority 100 #back改为50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.231.225/24 # vip
}
}
#这是备的配置文件
! Configuration File for keepalived
global_defs {
router_id directory2
}
vrrp_instance VI_1 {
state BACKUP #设置为backup
interface ens33
nopreempt #设置到back上面,不抢占资源
virtual_router_id 80
priority 50 #辅助改为50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.231.225/24
}
}
主备均启动keepalived
开机自启
# systemctl enable keepalived
启动
systemctl start keepalived
查看ip
[root@zhu ~]# ip a | grep 225
inet 192.168.231.225/24 scope global secondary ens33
对调度器Nginx健康检查(可选)两台都设置
思路:
让Keepalived以一定时间间隔执行一个外部脚本,脚本的功能是当Nginx失败,则关闭本机的Keepalived
主服务器
vim check_nginx_status.sh
#!/bin/bash
/usr/bin/curl -I http://localhost &>/dev/null
if [ $? -ne 0 ];then
# /etc/init.d/keepalived stop
systemctl stop keepalived
fi
备服务器
vim check_nginx_status.sh
#!/bin/bash
/usr/bin/curl -I http://localhost &>/dev/null
if [ $? -ne 0 ];then
# /etc/init.d/keepalived stop
systemctl stop keepalived
fi
给主备的脚本的执行权限!!!!
chmod +x check_nginx_status.sh
将脚本引用在keepalived的配置文件中
主服务器的keepalived的配置文件
! Configuration File for keepalived
global_defs {
router_id directory1
}
vrrp_script check_nginx { #引用脚本
script "/etc/keepalived/check_nginx_status.sh"
interval 5
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 80
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.231.225/24
}
track_script {
check_nginx
}
}
备服务器的keepalived的配置文件
[root@bei ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id directory2
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx_status.sh"
interval 5
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
nopreempt
virtual_router_id 80
priority 50
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.231.225/24
}
track_script {
check_nginx
}
}
现在我们就可以实现keepalived的高可用,实现IP漂移,如何以邮件的方式收到呢
我是自己给自己发,因此我的收件人与发件人 都写了自己的QQ
获取最重要的授权码,授权码拿到手以后
在主备服务器进行相同的操作
主备均下载
yum install -y mailx
编写配置文件
vim /etc/mail.rc
set bsdcompat
set [email protected] ###发送者
set smtp=smtp.qq.com
set [email protected]
set smtp-auth-password=jawypsdsdsddbeg ####前面获取到的授权码
set smtp-auth=login
set ssl-verify=ignore
主备均进行的操作
cd /etc/keepalived/
vim sendmail.sh
#!/bin/bash
to_email='[email protected]' #这是收件人,
ipaddress=`ip -4 a show dev ens33 | awk '/brd/{print $2}'`
notify() {
mailsubject="${ipaddress}to be $1, vip转移"
mailbody="$(date +'%F %T'): vrrp 飘移, $(hostname) 切换到 $1"
echo "$mailbody" | mail -s "$mailsubject" $to_email
}
case $1 in
master)
notify master
;;
backup)
notify backup
;;
fault)
notify fault
;;
*)
echo "Usage: $(basename $0) {master|backup|fault}"
exit 1
;;
esac
记得给脚本执行权限 chmod +x sendmail.sh
! Configuration File for keepalived
global_defs {
router_id directory1
}
vrrp_script check_nginx {
script "/etc/keepalived/check_nginx_status.sh"
interval 5
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 80
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.231.225/24
}
track_script {
check_nginx
}
#引用邮件脚本,主备都只需要加这三行即可
notify_master "/etc/keepalived/sendmail.sh master"
notify_backup "/etc/keepalived/sendmail.sh backup"
notify_fault "/etc/keepalived/sendmail.sh fault"
}
主备都进行
systemctl daemon-reload
此时我们的vip在备服务器上
[root@bei ~]# ip a | grep 225
inet 192.168.231.225/24 scope global secondary ens33
我们开启主服务器的nginx服务,以及keepalived
[root@zhu ~]# systemctl start nginx
[root@zhu ~]# systemctl start keepalived
按照脚本,vip也会从备漂移到主服务器
[root@bei ~]# ip a | grep 225
[root@bei ~]#
root@zhu ~]# ip a | grep 225
inet 192.168.231.225/24 scope global secondary ens33
收到邮件
1.写完脚本记得给执行权限
2.每次修改完配置文件记得要重启服务
3.获取qq授权码比较繁琐