目录
1、环境说明
master :192.168.10.178
backup :192.168.10.177
vip :192.168.10.180
OS:CentOS Linux release 7.4.1708 (Core)
2、获取nginx安装yum源
rpm -ivh http://nginx.org/packages/centos/7/noarch/RPMS/nginx-release-centos-7-0.el7.ngx.noarch.rpm
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
3、安装nginx
yum -y install nginx
这边有下载好的,可以直接rpm包安装
链接:https://pan.baidu.com/s/1eJPuzXps-pCJ3gMAr79tkA
提取码:n7ic
[root@mysql5 soft]# rpm -ivh nginx-1.16.1-1.el7.ngx.x86_64.rpm
warning: nginx-1.16.1-1.el7.ngx.x86_64.rpm: Header V4 RSA/SHA1 Signature, key ID 7bd9bf62: NOKEY
Preparing... ################################# [100%]
Updating / installing...
1:nginx-1:1.16.1-1.el7.ngx ################################# [100%]
----------------------------------------------------------------------
Thanks for using nginx!
Please find the official documentation for nginx here:
* http://nginx.org/en/docs/
Please subscribe to nginx-announce mailing list to get
the most important news about nginx:
* http://nginx.org/en/support.html
Commercial subscriptions for nginx are available on:
* http://nginx.com/products/
----------------------------------------------------------------------
[root@mysql5 soft]#
3、keepalive配置文件
4.1、master节点192.168.10.178
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id MASTER-HA.177
}
#for check mysql scripts
vrrp_script chk_mysql_port {
script "/opt/chk_mysql.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state MASTER
interface ens33
mcast_src_ip 192.168.10.177
virtual_router_id 51
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.179
}
track_script {
chk_mysql_port
}
}
#for check nginx scripts
vrrp_script chk_nginx_port {
script "/opt/chk_nginx.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
mcast_src_ip 192.168.10.177
virtual_router_id 52
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.180
}
track_script {
chk_nginx_port
}
}
主要看飘红的,上面的VI_1是之前做mysql的双主高可用的配置,可以不用看。
4.2、backup节点192.168.10.177
! Configuration File for keepalived
global_defs {
notification_email {
}
notification_email_from [email protected]
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id MASTER-HA.178
}
vrrp_script chk_mysql_port {
script "/opt/chk_mysql.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
mcast_src_ip 192.168.10.178
virtual_router_id 51
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.179
}
track_script {
chk_mysql_port
}
}
#for check nginx scripts
vrrp_script chk_nginx_port {
script "/opt/chk_nginx.sh"
interval 2
weight -5
fall 2
rise 1
}
vrrp_instance VI_2 {
state MASTER
interface ens33
mcast_src_ip 192.168.10.178
virtual_router_id 52
priority 101
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.10.180
}
track_script {
chk_nginx_port
}
}
主要看飘红的,上面的VI_1是之前做mysql的双主高可用的配置,可以不用看。
5、nginx检查脚本
vi /opt/chk_nginx.sh
#!/bin/bash
#检测nginx是否启动了
A=`ps -C nginx --no-header |wc -l`
#如果nginx没有启动就启动nginx
if [ $A -eq 0 ];then
#重启nginx
systemctl start nginx
#nginx重启失败,则停掉keepalived服务,进行VIP转移
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
赋权:
chmod 775 /opt/chk_nginx.sh
6、测试高可用
6.1、修改检查脚本
让测试看到效果,需要把chk_nginx.sh检查脚本改一下,注释掉自启动nginx的命令systemctl start nginx:
[root@mysql5 yum.repos.d]# cat /opt/chk_nginx.sh
#!/bin/bash
#检测nginx是否启动了
A=`ps -C nginx --no-header |wc -l`
#如果nginx没有启动就启动nginx
if [ $A -eq 0 ];then
#重启nginx
# systemctl start nginx
#nginx重启失败,则停掉keepalived服务,进行VIP转移
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
6.2、确认当前nginx状态
现在nginx的vip 192.168.10.180在keepalive的master上192.168.10.178上
[root@mysql5 yum.repos.d]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:27:e2:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.178/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.180/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::736/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:367b:f0fa:c290:8367/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::8d0:5ce9:59e6:cbb8/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 yum.repos.d]#
我们确定一下keepalive的backup节点192.168.10.177上没有,防止防火墙等原因导致的集群脑裂:
[root@mysql5 html]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:8b:41:06 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.177/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.179/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::8ec/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:9f26:83d:6510:a6dd/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::58:dc06:f8c4:84b3/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 html]#
确实没有vip为192.168.10.180的ip,上面的192.168.10.179是mysql双主集群高可用的vip。
6.3、修改两节点的nginx欢迎页面
然后我们为了看到更好区分的效果,将两台主机的nginx欢迎页面改成带各自不同表示的样子
cat /etc/nginx/nginx.conf
找到:
include /etc/nginx/conf.d/*.conf;
然后找到:
[root@mysql5 html]# cd /etc/nginx/conf.d/
[root@mysql5 conf.d]# ls
default.conf
[root@mysql5 conf.d]# cat default.conf
找到:
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
然后修改对应的index.html,这个就是nginx默认的页面欢迎文件:
[root@mysql5 conf.d]# cd /usr/share/nginx/html
[root@mysql5 html]# ls
50x.html index.html
[root@mysql5 html]#
我这里在<h1>Welcome to nginx!10.177</h1>这一行后面加个本机的ip标示,可以随意,能区分就行:
[root@mysql5 html]# cat index.html
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!10.177</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!10.177</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
另外一台nginx同理一样修改。
6.4、未切换之前浏览器访问nginx
此时我们通过浏览器访问nginx的vip192.168.10.180,出来的页面会显示的是10.178的地址:
6.5、测试切换nginx的vip
在master192.168.10.178上停nginx
[root@mysql5 html]# systemctl stop nginx
停完根据我们的配置文件,最多等1秒,就会执行检查脚本,检查到nginx停掉后,就立马发生vip切换
[root@mysql5 html]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:27:e2:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.178/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::736/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:367b:f0fa:c290:8367/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::8d0:5ce9:59e6:cbb8/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 html]#
此时发现vip192.168.10.180已经不在master192.168.10.178上了。
我们去backup192.168.10.177上看一下,已经飘过来了
[root@mysql5 html]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:8b:41:06 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.177/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.179/32 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.180/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::8ec/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:9f26:83d:6510:a6dd/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::58:dc06:f8c4:84b3/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 html]#
5.6、再次浏览器访问nginx
此时我们在用浏览器登陆nginx的vip192.168.10.180地址,发现页面已经变成backup的地址了。
6.6、master节点的故障恢复
此时我们在master192.168.10.178上将nginx在起起来:
systemctl start nginx
发现ip又会被master节点192.168.10.177抢占回来,因为我们配置了主备节点的优先级,主节点优先级要高,所以当主节点故障恢复后,将会重新抢占vip。
[root@mysql5 html]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:27:e2:10 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.178/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.180/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::736/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:367b:f0fa:c290:8367/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::8d0:5ce9:59e6:cbb8/64 scope link
valid_lft forever preferred_lft forever
[root@mysql5 html]#
保险起见,我们还是检查一下backup节点192.168.10.177:
[root@mysql5 html]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:8b:41:06 brd ff:ff:ff:ff:ff:ff
inet 192.168.10.177/24 brd 192.168.10.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.10.179/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63::8ec/128 scope global
valid_lft forever preferred_lft forever
inet6 fda7:4ac0:63:0:9f26:83d:6510:a6dd/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::58:dc06:f8c4:84b3/64 scope link
valid_lft forever preferred_lft forever
发现没有nginx的vip192.168.10.180了。
6.7、再次前台页面登陆nginx
前台登陆nginx的页面,发现又回到了192.168.10.178的master节点上了。