Centos7中KeepAlived&Nginx高可用

Centos7中KeepAlived&Nginx高可用

一.部署前规划

角色 操作系统 IP
master Centos7.8 192.168.56.101
backup Centos7.8 192.168.56.102

二.keepalived安装

在两台机器上执行安装

yum install -y keepalived

三.master角色配置(192.168.56.101)

/etc/keepalived/keepalived.conf

注意这里:interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。

cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {
   script "/etc/keepalived/scripts/nginx_check.sh"
   interval 2
   weight -20
}

vrrp_instance VI_1 {
    state MASTER
    interface enp0s3
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        192.168.56.140
    }
}
EOF

编写nginx进程检查的脚本
/etc/keepalived/scripts/nginx_check.sh

##
mkdir /etc/keepalived/scripts/

##
cat > /etc/keepalived/scripts/nginx_check.sh <<EOF
#!/bin/bash

result=\`pidof nginx\`
if [ ! -z "\${result}" ];
then
  exit 0
else
  exit 1
fi
EOF

##
chmod +x /etc/keepalived/scripts/nginx_check.sh

四.backup角色配置(192.168.56.102)

/etc/keepalived/keepalived.conf

注意这里:interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。

cat > /etc/keepalived/keepalived.conf <<EOF
global_defs {
   router_id LVS_DEVEL
}

vrrp_script chk_nginx {
   script "/etc/keepalived/scripts/nginx_check.sh"
   interval 2
   weight -20
}

vrrp_instance VI_1 {
    state BACKUP
    interface enp0s3
    virtual_router_id 51
    priority 90
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_nginx
    }
    virtual_ipaddress {
        192.168.56.140
    }
}
EOF

/etc/keepalived/scripts/nginx_check.sh

##
mkdir /etc/keepalived/scripts/

##
cat > /etc/keepalived/scripts/nginx_check.sh <<EOF
#!/bin/bash

result=\`pidof nginx\`
if [ ! -z "\${result}" ];
then
  exit 0
else
  exit 1
fi
EOF

##
chmod +x /etc/keepalived/scripts/nginx_check.sh

五.防火墙开放

注:如果你的防火墙是开放的,一定需要进行vrrp组播的开放,否则因为防火墙不通会两台机器都存在VIP导致keepalived分配vip失败

注意这里:–in-interface enp0s3是对应的网卡名称,如果你的网卡名称不一样,就修改下。

##开启nginx的端口
firewall-cmd --zone=public --add-port=8080/tcp --permanent
firewall-cmd --reload

##开启vrrp组播
firewall-cmd --direct --permanent --add-rule ipv4 filter INPUT 0 --in-interface enp0s3 --destination 224.0.0.18 --protocol vrrp -j ACCEPT
firewall-cmd --reload
# 查看规则是否生效
firewall-cmd --permanent --direct --get-all-rules

六.启动keepalived

##设置为系统服务
systemctl enable keepalived

##启动
systemctl start keepalived

##停止
systemctl stop keepalived

##重启
systemctl restart keepalived

七.测试

1.将master和backup的keepalived和nginx都启动,可看到master上存在vip

[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:f7:cc:0c brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.101/24 brd 192.168.56.255 scope global noprefixroute enp0s3
       valid_lft forever preferred_lft forever
    inet 192.168.56.140/32 scope global enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::2603:d512:e7f1:a498/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

2.而backup上没有,说明当前vip在master上

[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:6c:d4:90 brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::2603:d512:e7f1:a498/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::e801:dd62:96e3:cf2b/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

3.将master上的nginx停止后,vip飘移到backup(192.168.56.102)上,由backup进行服务提供

[root@localhost testuser]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
    link/ether 08:00:27:6c:d4:90 brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.102/24 brd 192.168.56.255 scope global noprefixroute enp0s3
       valid_lft forever preferred_lft forever
    inet 192.168.56.140/32 scope global enp0s3
       valid_lft forever preferred_lft forever
    inet6 fe80::2603:d512:e7f1:a498/64 scope link tentative noprefixroute dadfailed 
       valid_lft forever preferred_lft forever
    inet6 fe80::e801:dd62:96e3:cf2b/64 scope link noprefixroute 
       valid_lft forever preferred_lft forever

4.然后重新启动master上的nginx,此时Vip又会切换到master

从以上步骤演示看,说明keepalived和nginx高可用配置成功~

你可能感兴趣的:(【Linux】,nginx,网络,服务器,keepalived)