-
keepalived群集
keepalived介绍
Keepalived 是一个基于vrrp协议来实现LVS服务高可用方案,可以解决静态路由出现的单点故障问题
keepalived工作原理
在一个LWS服务集群中通常有主服务器STBR) 和备份服务器BACKUP) 两种角色的服务器,但是对外表现为一个虚拟IP(VIP),主服务器会发送VRRP通告信息给备份服务器,当备份服务器收不到VRRP消息的时候,即主服务器异常的时候,备份服务器就会接管虚拟IP,继续提供服务,从而保证了高可用性。
keepalived体系主要模块
keepalived体系架构中主要有三个模块:core check vrrp
core模块:为keepalived的核心,负责主进程的启动、维护及全局配置文件的加载和解析
check模块:负责健康检查,常见的方式有端口检查和URL检查 (节点服务器的检查)
vrrp模块: 来实现VRRP协议的(调度器之间的健康检查和主备切换)
keepalived+LVS高可用集群配置
官方网站:http://www.keepalived.org/ web服务器1 192.168.65.101 web服务器2 192.168.65.102 主DR 服务器:192.168.65.106 备DR 服务器:192.168.65.105 VIP 192.168.65.110 #在所有操作前要关闭所有机器的防火墙和selinux- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
配置web服务器
101 web服务器 [root@www ~]#yum -y install httpd [root@www ~]#cd /var/www/html [root@www html]#vim test.html this is web1 page [root@www html]#cd /etc/sysconfig/network-scripts/ [root@www network-scripts]#vim ifcfg-lo:0 [root@www network-scripts]#systemctl restart network [root@www network-scripts]#systemctl start httpd [root@www network-scripts]#ifconfig lo:0 lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 192.168.65.110 netmask 255.255.255.255 loop txqueuelen 1 (Local Loopback) [root@www network-scripts]#route add -host 192.168.65.110 dev lo:0 [root@www network-scripts]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.65.2 0.0.0.0 UG 100 0 0 ens33 192.168.65.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 192.168.65.110 0.0.0.0 255.255.255.255 UH 0 0 0 lo 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 [root@www network-scripts]#vim /etc/sysctl.conf [root@www network-scripts]#vim /etc/sysctl.conf [root@www network-scripts]#sysctl -p net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 [root@www network-scripts]#systemctl stop keepalived.service [root@www network-scripts]#vim ifcfg-lo:0 [root@www network-scripts]#vim /etc/sysctl.conf [root@www network-scripts]#sysctl -p net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2 [root@www network-scripts]# 102 web服务器 [root@localhost ~]#yum -y install httpd [root@localhost ~]#cd /var/www/html [root@localhost html]#ls [root@localhost html]#vim test.html this is web2 page [root@localhost html]# [root@localhost html]#cd /etc/sysconfig/network-scripts/ [root@localhost network-scripts]#ls ifcfg-ens33 ifdown-ipv6 ifdown-TeamPort ifup-ippp ifup-routes network-functions ifcfg-lo ifdown-isdn ifdown-tunnel ifup-ipv6 ifup-sit network-functions-ipv6 ifdown ifdown-post ifup ifup-isdn ifup-Team ifdown-bnep ifdown-ppp ifup-aliases ifup-plip ifup-TeamPort ifdown-eth ifdown-routes ifup-bnep ifup-plusb ifup-tunnel ifdown-ib ifdown-sit ifup-eth ifup-post ifup-wireless ifdown-ippp ifdown-Team ifup-ib ifup-ppp init.ipv6-global [root@localhost network-scripts]#vim ifcfg-lo:0 [root@localhost network-scripts]#systemctl restart network [root@localhost network-scripts]#systemctl start httpd [root@localhost network-scripts]#ifconfig lo:0 lo:0: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 192.168.65.110 netmask 255.255.255.255 loop txqueuelen 1 (Local Loopback) [root@localhost network-scripts]#route add -host 192.168.65.110 dev lo:0 [root@localhost network-scripts]#route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.65.2 0.0.0.0 UG 100 0 0 ens33 192.168.65.0 0.0.0.0 255.255.255.0 U 100 0 0 ens33 192.168.65.110 0.0.0.0 255.255.255.255 UH 0 0 0 lo 192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0 [root@localhost network-scripts]#vim /etc/sysctl.conf [root@localhost network-scripts]#sysctl -p net.ipv4.conf.lo.arp_ignore = 1 net.ipv4.conf.lo.arp_announce = 2 net.ipv4.conf.all.arp_ignore = 1 net.ipv4.conf.all.arp_announce = 2- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
配置主备服务器
主服务器 [root@localhost yum.repos.d]# yum -y install ipvsadm keepalived [root@localhost yum.repos.d]# cd /etc/keepalived/ [root@localhost keepalived]# cp keepalived.conf keepalived.conf.bak [root@localhost keepalived]# ls keepalived.conf keepalived.conf.bak [root@localhost keepalived]# vim keepalived.conf global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 #修改为本机邮件地址 smtp_connect_timeout 30 router_id LVS_01 #指定服务器(路由器)的名称,主备服务器名称须不同 主为LVS_01,备为LVS_02 vrrp_skip_check_adv_addr #vrrp_strict #要注释掉 vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state MASTER #指定热备状态,主为MASTER,备为BACKUP interface ens33 #指定虚拟路由器的ID号,每个热备组保持一致 virtual_router_id 51 priority 100 #优先级,主的优先级大于备 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.65.110#指定群集vip地址 } } virtual_server 192.168.65.110 80 {#指定虚拟服务器地址(VIP)、端口,定义虚拟服务器和Web服务器池参数 delay_loop 6 lb_algo rr lb_kind DR #改为DR模式 persistence_timeout 50 protocol TCP real_server 192.168.65.101 80 { #指定第一个Web节点的地址、端口 weight 1 #节点的权重 TCP_CHECK { #添加健康检查方式 connetc_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } real_server 192.168.65.102 80 {#指定第二个Web节点的地址、端口 weight 1 TCP_CHECK { connetc_port 80 connect_timeout 3 nb_get_retry 3 delay_before_retry 3 } } } [root@localhost keepalived]# systemctl start keepalived.service [root@localhost keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:f6:41:44 brd ff:ff:ff:ff:ff:ff inet 192.168.65.106/24 brd 192.168.65.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.65.110/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::6e6:5516:e3a5:1df5/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:62:7b:1b brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000 link/ether 52:54:00:62:7b:1b brd ff:ff:ff:ff:ff:ff [root@localhost keepalived]# vim /etc/sysctl.conf [root@localhost keepalived]# sysctl -p net.ipv4.ip_forward = 1 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.ens33.send_redirects = 0 [root@localhost keepalived]# ipvsadm-save > /etc/sysconfig/ipvsadm [root@localhost keepalived]# systemctl start ipvsadm [root@localhost keepalived]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 127.0.0.1:80 rr persistent 50 -> 192.168.65.101:80 Route 1 0 0 -> 192.168.65.102:80 Route 1 0 0 [root@localhost keepalived]# ls keepalived.conf keepalived.conf.bak [root@localhost keepalived]# scp keepalived.conf 192.168.65.105:`pwd` #在备服务器安装了keepalived服务之后 The authenticity of host '192.168.65.105 (192.168.65.105)' can't be established. ECDSA key fingerprint is SHA256:0uVzxvjz78kvP/DW7x6yuiceb5ddmohQ+q+Rkw0Yci8. ECDSA key fingerprint is MD5:cf:e7:ab:d9:0d:c0:56:dc:e8:22:96:cd:54:c3:3d:5b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.65.105' (ECDSA) to the list of known hosts. root@192.168.65.105's password: keepalived.conf 100% 1174 1.6MB/s 00:00 [root@localhost keepalived]# vim /etc/sysctl.conf [root@localhost keepalived]# [root@localhost keepalived]# [root@localhost keepalived]# ipvsadm -A -t 192.168.65.110:80 -s rr [root@localhost keepalived]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP localhost:http rr persistent 50 -> 192.168.65.101:http Route 1 0 0 -> 192.168.65.102:http Route 1 0 0 TCP localhost.localdomain:http rr [root@localhost keepalived]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 127.0.0.1:80 rr persistent 50 -> 192.168.65.101:80 Route 1 0 0 -> 192.168.65.102:80 Route 1 0 0 TCP 192.168.65.110:80 rr [root@localhost keepalived]# 备服务器 [root@localhost yum.repos.d]# yum -y install ipvsadm keepalived [root@localhost yum.repos.d]# cd /etc/keepalived/ [root@localhost keepalived]# ls keepalived.conf [root@localhost keepalived]# ls keepalived.conf [root@localhost keepalived]# vim keepalived.conf notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id LVS_02 #指定服务器(路由器)的名称,主备服务器名称须不同 主为LVS_01,备为LVS_02 vrrp_skip_check_adv_addr #vrrp_strict vrrp_garp_interval 0 vrrp_gna_interval 0 } vrrp_instance VI_1 { state BACKUP #指定热备状态,主为MASTER,备为BACKUP interface ens33 virtual_router_id 51 priority 90 #优先级,主的优先级大于备 advert_int 1 authentication { auth_type PASS auth_pass 1111 } [root@localhost keepalived]# systemctl start keepalived.service [root@localhost keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:38:f8:2e brd ff:ff:ff:ff:ff:ff inet 192.168.65.105/24 brd 192.168.65.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.65.110/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::fbdd:bf23:9285:4611/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:46:82:bb brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000 link/ether 52:54:00:46:82:bb brd ff:ff:ff:ff:ff:ff [root@localhost keepalived]# vim /etc/sysctl.conf [root@localhost keepalived]# [root@localhost keepalived]# sysctl -p net.ipv4.ip_forward = 1 net.ipv4.conf.all.send_redirects = 0 net.ipv4.conf.default.send_redirects = 0 net.ipv4.conf.ens33.send_redirects = 0 [root@localhost keepalived]# ipvsadm-save > /etc/sysconfig/ipvsadm [root@localhost keepalived]# systemctl start ipvsadm [root@localhost keepalived]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 127.0.0.1:80 rr persistent 50 -> 192.168.65.101:80 Route 1 0 0 -> 192.168.65.102:80 Route 1 0 0 [root@localhost keepalived]# ipvsadm -A -t 192.168.65.110:80 -s rr [root@localhost keepalived]# ipvsadm IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP localhost:http rr persistent 50 -> 192.168.65.101:http Route 1 0 0 -> 192.168.65.102:http Route 1 0 0 TCP localhost.localdomain:http rr [root@localhost keepalived]# ipvsadm -ln IP Virtual Server version 1.2.1 (size=4096) Prot LocalAddress:Port Scheduler Flags -> RemoteAddress:Port Forward Weight ActiveConn InActConn TCP 127.0.0.1:80 rr persistent 50 -> 192.168.65.101:80 Route 1 0 0 -> 192.168.65.102:80 Route 1 0 0 TCP 192.168.65.110:80 rr- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
- 219
- 220
- 221
- 222
测试
关闭主服务器后,依旧可以访问web服务器,证明实验成功
脑裂问题
脑裂现象
主服务器和备服务器同时拥有VIP
脑裂原因
主服务器好玩备服务器之间的通信链路中断,导致备服务器无法正常收到主服务器发送的VRRP心跳报文
解决方法
关闭主服务器或者备服务器其中一个的keepalived服务
预防措施
1、主服务器与备服务器之间添加双联通链路
2、在主服务器上定义运行脚本判断备服务器通信链路是否中断,如果中断则自行滚逼keepalived服务
3、利用第三方监控软件检测是否发生脑裂故障,如果发生则通过监控软件关闭主或备服务器上的keepalived服务
keepalived+ nginx实现高可用
主服务器 192.168.65.104 备服务器 192.168.65.105 web1 192.168.65.104 web2 192.168.65.105 104 [root@localhost ~]# yum -y install nginx keepalived [root@localhost ~]#cd /usr/share/nginx/html/ [root@localhost html]# echo 'this is web1' test.html [root@localhost ~]# systemctl start nginx [root@localhost ~]# vim /etc/nginx/nginx.conf #在http同层添加以下内容 stream { upstream backends { server 192.168.64.104:80 weight=1 max_fails=2 fail_timeout=30s; server 192.168.65.104:80 weight=1 max_fails=2 fail_timeout=30s; #max_fails:允许请求失败的次数,默认为1 #fail_timeout:如果达到了max_fails的失败次数,将暂停后端服务的时间,默认为10s } server { listen 1226; proxy_pass backends; } } [root@localhost ~]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@localhost ~]# systemctl restart nginx [root@localhost ~]# netstat -lnap|grep nginx tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7590/nginx: master tcp 0 0 0.0.0.0:1226 0.0.0.0:* LISTEN 7590/nginx: master unix 3 [ ] STREAM CONNECTED 80999 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81002 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81001 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81003 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81004 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81005 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81006 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81000 7590/nginx: master [root@localhost ~]# cd /etc/keepalived/ [root@localhost keepalived]# vim check_nginx.sh #!/bin/bash #当nginx关闭后,keepalived服务就会停止 if ! killall -0 nginx & > /dev/null then systemctl stop keepalived fi [root@localhost keepalived]# chmod +x check_nginx.sh [root@localhost keepalived]# cp keepalived.conf{,.bak} [root@localhost keepalived]# ls check_nginx.sh keepalived.conf keepalived.conf.bak [root@localhost keepalived]# vim keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 #修改地址 smtp_connect_timeout 30 router_id NGINX_01 #修改为NGINX_01,删除后边四行 } #添加下边五行 vrrp_script check_nginx{ script "/etc/keepalived/check_nginx.sh" interval 2 weight 2 } vrrp_instance VI_1 { state MASTER #MASTER为主 interface ens33 #修改网卡 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.65.200 #修改VIP地址 } #添加检查方式 track_script{ check_nginx } } [root@localhost keepalived]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet 192.168.65.128/32 brd 192.168.65.128 scope global lo:0 valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:73:1c:5f brd ff:ff:ff:ff:ff:ff inet 192.168.65.104/24 brd 192.168.65.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.65.200/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::1468:e3ee:f1c7:7128/64 scope link valid_lft forever preferred_lft forever 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 link/ether 52:54:00:d2:63:f3 brd ff:ff:ff:ff:ff:ff inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 valid_lft forever preferred_lft forever 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000 link/ether 52:54:00:d2:63:f3 brd ff:ff:ff:ff:ff:ff [root@localhost keepalived]# scp check_nginx.sh 192.168.65.105:`pwd` The authenticity of host '192.168.65.105 (192.168.65.105)' can't be established. ECDSA key fingerprint is SHA256:0uVzxvjz78kvP/DW7x6yuiceb5ddmohQ+q+Rkw0Yci8. ECDSA key fingerprint is MD5:cf:e7:ab:d9:0d:c0:56:dc:e8:22:96:cd:54:c3:3d:5b. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.65.105' (ECDSA) to the list of known hosts. root@192.168.65.105's password: check_nginx.sh 100% 82 72.5KB/s 00:00 [root@localhost keepalived]# scp keepalived.conf 192.168.65.105:`pwd` root@192.168.65.105's password: keepalived.conf 100% 680 24.9KB/s 00:00 [root@localhost keepalived]# systemctl restart keepalived.service 105 [root@localhost ~]# yum -y install nginx keepalived [root@localhost ~]#cd /usr/share/nginx/html/ [root@localhost html]# echo 'this is web2' test.html [root@localhost ~]# systemctl start nginx [root@localhost ~]# vim /etc/nginx/nginx.conf #在http同层添加以下内容 stream { upstream backends { server 192.168.64.104:80 weight=1 max_fails=2 fail_timeout=30s; server 192.168.65.104:80 weight=1 max_fails=2 fail_timeout=30s; #max_fails:允许请求失败的次数,默认为1 #fail_timeout:如果达到了max_fails的失败次数,将暂停后端服务的时间,默认为10s } server { listen 1226; proxy_pass backends; } } [root@localhost ~]# nginx -t nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful [root@localhost ~]# systemctl restart nginx [root@localhost ~]# netstat -lnap|grep nginx tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 7590/nginx: master tcp 0 0 0.0.0.0:1226 0.0.0.0:* LISTEN 7590/nginx: master unix 3 [ ] STREAM CONNECTED 80999 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81002 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81001 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81003 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81004 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81005 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81006 7590/nginx: master unix 3 [ ] STREAM CONNECTED 81000 7590/nginx: master [root@localhost ~]# cd /etc/keepalived/ [root@localhost keepalived]# ls check_nginx.sh keepalived.conf [root@localhost keepalived]# vim keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 127.0.0.1 #修改地址 smtp_connect_timeout 30 router_id NGINX_02 #修改为NGINX_02,删除后边四行 } #添加下边五行 vrrp_script check_nginx{ script "/etc/keepalived/check_nginx.sh" interval 2 weight 2 } vrrp_instance VI_1 { state BACKUP #BACKUP为主 interface ens33 #修改网卡 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.65.200 #修改VIP地址 } #添加检查方式 track_script{ check_nginx } } [root@localhost keepalived]# systemctl restart keepalived.service 然后在浏览器中输入一下网址测试,实现了高可用 http://192.168.65.200:1226/test.html 当主服务器killall nginx 后 主的keepalived服务也会停掉,这是因为写的那个check_nginx脚本 ,这是VIP地址将会去到备服务器- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
- 56
- 57
- 58
- 59
- 60
- 61
- 62
- 63
- 64
- 65
- 66
- 67
- 68
- 69
- 70
- 71
- 72
- 73
- 74
- 75
- 76
- 77
- 78
- 79
- 80
- 81
- 82
- 83
- 84
- 85
- 86
- 87
- 88
- 89
- 90
- 91
- 92
- 93
- 94
- 95
- 96
- 97
- 98
- 99
- 100
- 101
- 102
- 103
- 104
- 105
- 106
- 107
- 108
- 109
- 110
- 111
- 112
- 113
- 114
- 115
- 116
- 117
- 118
- 119
- 120
- 121
- 122
- 123
- 124
- 125
- 126
- 127
- 128
- 129
- 130
- 131
- 132
- 133
- 134
- 135
- 136
- 137
- 138
- 139
- 140
- 141
- 142
- 143
- 144
- 145
- 146
- 147
- 148
- 149
- 150
- 151
- 152
- 153
- 154
- 155
- 156
- 157
- 158
- 159
- 160
- 161
- 162
- 163
- 164
- 165
- 166
- 167
- 168
- 169
- 170
- 171
- 172
- 173
- 174
- 175
- 176
- 177
- 178
- 179
- 180
- 181
- 182
- 183
- 184
- 185
- 186
- 187
- 188
- 189
- 190
- 191
- 192
- 193
- 194
- 195
- 196
- 197
- 198
- 199
- 200
- 201
- 202
- 203
- 204
- 205
- 206
- 207
- 208
- 209
- 210
- 211
- 212
- 213
- 214
- 215
- 216
- 217
- 218
-
相关阅读:
CubeMX+VSCode+Ozone的STM32开发工作流(一)背景知识介绍
输入学生成绩(最多不超过40),输入为负值时表示输入结束,统计成绩高于平均成绩的学生人数
还在手撸TCP/UDP/COM通信?一个仅16K的库搞定!
编写一个程序,统计并输出“要把新兴领域改革作为进一步全面深化改革的一个重点突出出来,构建自主自强、开放融合、充满活力的创新生态,更好推进新兴领域战略能力建设。”中的汉字和标点符号的个数
Python语言学习实战-内置函数sorted()的使用(附源码和实现效果)
GO常用命令记录
Java多并发(二)| cas & synchronized & volatile的内存语义
PMP_第6章章节试题
粒子群算法(PSO)优化长短期记忆神经网络的数据回归预测,PSO-LSTM回归预测,多输入单输出模型
竞赛trick-AWP对抗训练的即插即用实现
- 原文地址:https://blog.csdn.net/Meng2453508284/article/details/133520909
