|
一、环境介绍
系统:centos6.5
主nginx服务器:192.168.227.130
备nginx服务器:192.168.227.128
VIP:192.168.227.135
架构图如下:
二、keepalived安装配置
1.主备服务器安装keepalived
[root@localhost ~]# yum install keepalived
2.主备keepalived配置文件
主nginx配置:
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from luwenju@live.cn
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id nginx-ha
}
vrrp_instance VI_1 {
state MASTER #配置为主服务器
interface eth0
virtual_router_id 51 #两边相同
priority 100 #优先级,另一台改为90
advert_int 1
nopreempt #不抢占,只在优先级高的机器上设置即可,优先级低的机器不设置
authentication {
auth_type PASS
auth_pass asion123
}
virtual_ipaddress {
192.168.227.135/24
}
}
virtual_server 192.168.227.135 80 {
delay_loop 2 #每个2秒检查一次real_server状态
lb_algo wrr #LVS算法
lb_kind DR #LVS模式
persistence_timeout 60 #会话保持时间
protocol TCP #协议类型
real_server 192.168.227.130 80 {
weight 3
notify_down /root/keepalive/nginx.sh #检测到服务down后执行的脚本
TCP_CHECK {
connect_timeout 10 #连接超时时间
nb_get_retry 3 #重连次数
delay_before_retry 3 #重连间隔时间
connect_port 80 #健康检查端口
}
}
>编写检测服务down后所要执行的脚本
[root@localhost ~]# vim /root/keepalive/nginx.sh
#!/bin/sh
pkill keepalived
[root@localhost ~]# chmod +x /root/keepalive/nginx.sh
#vim /root/keepalive/nginx.sh
#chmod +x /root/keepalive/nginx.sh
备用:
[root@localhost ~]# vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
root@localhost
}
notification_email_from luwenju@live.cn
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id nginx-ha
}
vrrp_instance VI_1 {
state BACKUP #配置为备服务器
interface eth0
virtual_router_id 51 #两边相同
priority 90 #优先级
advert_int 1
nopreempt #不抢占,只在优先级高的机器上设置即可,优先级低的机器不设置
authentication {
auth_type PASS
auth_pass asion123
}
virtual_ipaddress {
192.168.227.135/24
}
}
virtual_server 192.168.227.135 80 {
delay_loop 2 #每个2秒检查一次real_server状态
lb_algo wrr #LVS算法
lb_kind DR #LVS模式
persistence_timeout 60 #会话保持时间
protocol TCP #协议类型
real_server 192.168.227.128 80 {
weight 3
notify_down /root/keepalive/nginx.sh #检测到服务down后执行的脚本
TCP_CHECK {
connect_timeout 10 #连接超时时间
nb_get_retry 3 #重连次数
delay_before_retry 3 #重连间隔时间
connect_port 80 #健康检查端口
}
}
>编写检测服务down后所要执行的脚本
[root@localhost ~]# vim /root/keepalive/nginx.sh
#!/bin/sh
pkill keepalived
3.启动keepalived
[root@localhost ~]# service keepalived start
[root@localhost ~]# chmod +x /root/keepalive/nginx.sh
4.主备切换测试
主keepalived日志:
[root@localhost ~]# tail /var/log/messages
Feb 14 16:11:56 localhost Keepalived_vrrp[24664]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.227.135
Feb 14 16:11:56 localhost Keepalived_healthcheckers[24663]: Using LinkWatch kernel netlink reflector...
Feb 14 16:11:56 localhost Keepalived_healthcheckers[24663]: Activating healthchecker for service [192.168.227.130]:80
Feb 14 16:11:56 localhost Keepalived_healthcheckers[24663]: Netlink reflector reports IP 192.168.227.135 added
Feb 14 16:11:56 localhost kernel: IPVS: [wrr] scheduler registered.
Feb 14 16:12:01 localhost Keepalived_vrrp[24664]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.227.135
Feb 14 16:12:07 localhost Keepalived_vrrp[24664]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election
Feb 14 16:12:07 localhost Keepalived_vrrp[24664]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.227.135
Feb 14 16:12:07 localhost Keepalived_vrrp[24664]: VRRP_Instance(VI_1) Received lower prio advert, forcing new election
Feb 14 16:12:07 localhost Keepalived_vrrp[24664]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.227.135
从日志中可以看出主服务器已添加:VIP192.168.227.135
备keepalived日志:
[root@localhost ~]# tail /var/log/messages
Feb 14 16:11:59 localhost Keepalived_healthcheckers[24680]: Registering Kernel netlink reflector
Feb 14 16:11:59 localhost Keepalived_healthcheckers[24680]: Registering Kernel netlink command channel
Feb 14 16:11:59 localhost Keepalived_healthcheckers[24680]: Opening file '/etc/keepalived/keepalived.conf'.
Feb 14 16:11:59 localhost Keepalived_healthcheckers[24680]: Configuration is using : 11871 Bytes
Feb 14 16:11:59 localhost kernel: IPVS: Registered protocols (TCP, UDP, SCTP, AH, ESP)
Feb 14 16:11:59 localhost kernel: IPVS: Connection hash table configured (size=4096, memory=64Kbytes)
Feb 14 16:11:59 localhost kernel: IPVS: ipvs loaded.
Feb 14 16:11:59 localhost Keepalived_healthcheckers[24680]: Using LinkWatch kernel netlink reflector...
Feb 14 16:11:59 localhost Keepalived_healthcheckers[24680]: Activating healthchecker for service [192.168.227.128]:80
Feb 14 16:11:59 localhost kernel: IPVS: [wrr] scheduler registered.
关闭主服务器nginx,查看备服务器日志。
备服务器升为主的日志:
Feb 14 16:32:19 localhost Keepalived_vrrp[24681]: VRRP_Instance(VI_1) Transition to MASTER STATE
Feb 14 16:32:20 localhost Keepalived_vrrp[24681]: VRRP_Instance(VI_1) Entering MASTER STATE
Feb 14 16:32:20 localhost Keepalived_vrrp[24681]: VRRP_Instance(VI_1) setting protocol VIPs.
Feb 14 16:32:20 localhost Keepalived_vrrp[24681]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.227.135
Feb 14 16:32:20 localhost Keepalived_healthcheckers[24680]: Netlink reflector reports IP 192.168.227.135 added
Feb 14 16:32:25 localhost Keepalived_vrrp[24681]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for 192.168.227.135
当主服务器的nginx故障,VIP会漂移到备服务器,实现了主备切换。
针对nginx状态进行检测的脚本可以自己自定义,如果第一次nginx服务死掉时,会重新启动,如果Nginx服务无法正常启动,则杀掉keepalived进程。
脚本:
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/sbin/service nginx start
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
/sbin/service keepalived stop
fi
fi
注意:要在脚本中使用service命令,要保证应用已添加到service,否则不能实现功能。
其他配置模板:
vrrp_sync_group VG_1 {
group {
inside_network # name of vrrp_instance (below)
outside_network # One for each moveable IP.
...
}
notify_master /path/to_master.sh
notify_backup /path/to_backup.sh
notify_fault "/path/fault.sh VG_1"
notify /path/notify.sh
smtp_alert
}
vrrp_instance VI_1 {
state MASTER
interface eth0
use_vmac <VMAC_INTERFACE>
dont_track_primary
track_interface {
eth0
eth1
}
mcast_src_ip <IPADDR>
lvs_sync_daemon_interface eth1
garp_master_delay 10
virtual_router_id 1
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 12345678
}
virtual_ipaddress {
10.210.214.253/24 brd 10.210.214.255 dev eth0
192.168.1.11/24 brd 192.168.1.255 dev eth1
}
virtual_routes {
172.16.0.0/12 via 10.210.214.1
192.168.1.0/24 via 192.168.1.1 dev eth1
default via 202.102.152.1
}
track_script {
chk_http_port
}
nopreempt
preempt_delay 300
debug
notify_master <STRING>|<QUOTED-STRING>
notify_backup <STRING>|<QUOTED-STRING>
notify_fault <STRING>|<QUOTED-STRING>
notify <STRING>|<QUOTED-STRING>
smtp_alert
}
注意: 同一网段中virtual_router_id的值不能重复,否则会出错。
|