Keepalived搭建双机热备监控Nginx实战
一、Keepalived、Nginx服务安装搭建
Keepalived高可用集群、安装
运维之道 | 企业级Nginx环境搭建
主机 | IP |
---|---|
Master | 192.168.182.130 |
Backup | 192.168.182.131 |
Vserver | 192.168.182.111 |
二、双机热备监控Nginx
配置Keepalived
- 配置Keepalived-Master服务器文件
! Configuration File for keepalived
global_defs {
router_id NodeA
}
vrrp_instance VI_1 {
state Master
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.182.111/24
}
}
- 配置Keepalived-BACKUP服务器文件
! Configuration File for keepalived
global_defs {
router_id NodeB
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.182.111/24
}
}
Keepalived服务
- 启动Master节点和BACKUP节点Keepalived服务
[root@localhost ~]# systemctl start keepalived
- 通过ip a 命令可以看到192.168.182.111/24绑定到了Master 节点ens33上
[root@localhost sh]# ip a | grep ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.182.131/24 brd 192.168.182.255 scope global noprefixroute ens33
inet 192.168.182.111/24 scope global secondary ens33
- 查看Master节点日志(会广播ARRP消息)
[root@localhost ~]# tail -fn 10 /var/log/messages
Jan 5 16:06:54 localhost Keepalived_vrrp[16718]: Sending gratuitous ARP on ens33 for 192.168.182.111
Jan 5 16:06:54 localhost Keepalived_vrrp[16718]: Sending gratuitous ARP on ens33 for 192.168.182.111
Jan 5 16:06:54 localhost Keepalived_vrrp[16718]: Sending gratuitous ARP on ens33 for 192.168.182.111
Jan 5 16:06:54 localhost Keepalived_vrrp[16718]: Sending gratuitous ARP on ens33 for 192.168.182.111
- 查看BACKUP节点日志(会广播ARRP消息)
Jan 5 16:02:19 localhost Keepalived_vrrp[15610]: Sending gratuitous ARP on ens33 for 192.168.182.111
Jan 5 16:02:19 localhost Keepalived_vrrp[15610]: Sending gratuitous ARP on ens33 for 192.168.182.111
Jan 5 16:02:19 localhost Keepalived_vrrp[15610]: Sending gratuitous ARP on ens33 for 192.168.182.111
Jan 5 16:10:01 localhost systemd: Started Session 45 of user root.
监控Nginx服务
- 编写Master节点测试页面
[root@localhost ~]# echo "I am RealServer1 192.168.182.130" > /var/www/html/index.html
- 编写BACKUP节点测试页面
[root@localhost ~]# echo "I am RealServer2 192.168.182.131" > /var/www/html/index.html
- 重启Master、BACKUP节点Nginx服务
[root@localhost ~]# systemctl restart nginx
测试1:开启Master节点Keepalived服务,此时外界访问测试界面则为Master节点测试页面
[root@Master ~]# systemctl start keepalived
[root@Master ~]# ip a |grep ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.182.130/24 brd 192.168.182.255 scope global noprefixroute ens33
inet 192.168.182.111/24 scope global secondary ens33
测试2:开启BACKUP节点Keepalived服务,关闭Master节点,此时外界访问测试界面则为BACKUP节点测试页面
[root@BACKUP ~]# systemctl start keepalived
[root@BACKUP ~]# ip a |grep ens33
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
inet 192.168.182.131/24 brd 192.168.182.255 scope global noprefixroute ens33
inet 192.168.182.111/24 scope global secondary ens33
三、WEB池(脚本故障自动转移服务器)
- Master节点服务器配置WEB池
在原有的命令配置下继续添加以下内容:
virtual_server 192.168.182.111 80 { #虚拟服务器VIP地址和端口
delay_loop 6 #健康检查的间隔时间(秒)
lb_algo rr #轮询调度算法
lb_kind DR #直接路由群集工作模式
persistence_timeout 50 #连接保持时间(秒)不启动在前面加(!)即可
protocol TCP #采用TCP协议
real_server 192.168.182.130 80 { #第一个WEB节点地址和端口
weight 1 #节点权重
TCP_CHECK { #健康检查方式
connect_port 80 #检查的目录端口
connect_timeout 3 #连接超时(秒)
nb_get_retry 3 #重试次数
delay_before_retry 3 #重试间隔(秒)
}
}
real_server 192.168.182.132 80 { #第二个web节点的地址、端口和部分信息
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
- BACKUP节点服务器配置WEB池
在原有的命令配置下继续添加以下内容:
virtual_server 192.168.182.111 80 {
delay_loop 6
lb_algo rr
lb_kind DR
persistence_timeout 50
protocol TCP
real_server 192.168.182.133 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.182.134 80 {
weight 1
TCP_CHECK {
connect_port 80
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}
- 主服务上编写脚本,实现全自动化主从故障切换
[root@localhost ~]#vim /etc/keepalived/keepalived.sh
#!/bin/bash
counter=$(ps -C Nginx --no-heading | wc -l )
if [ "${counter}"="0" ];then
systemctl start Nginx
sleep 5
counter=$(ps -C Nginx --no-heading | wc -l )
if [ "${counter}"="0" ];then
systemctl stop keepalived
fi
fi
#脚本意思是检测Nginx服务,如果等于0,那么就直接把keepalived停止掉
[root@localhost ~]#chmod +x /etc/keepalived/keepalived.sh
- 把脚本应用到主服务器的keepalived配置文件里
.............
global_defs {
router_id LVS_DEVEL_R1
}
vrrp_script chk_port { #应用脚本
script "/etc/keepalived/keepalived.sh"
interval 2
weight 2
}
.............
authentication {
auth_type PASS
auth_pass 1111
}
track_script { #跟踪脚本
chk_port
}
.............