Keepalived如何实现Nginx高可用
作者:z.haoui
这篇文章主要介绍了Keepalived如何实现Nginx高可用,具有很好的参考价值,希望对大家有所帮助。如有错误或未考虑完全的地方,望不吝赐教
Keepalived实现Nginx高可用
Keepalived安装可参考Mysql+Keepalived实现双主热备
Master上的keepalived.conf
global_defs { router_id LVS_LEVEL1 #主服务器名称 } vrrp_script check_run { script "/usr/local/src/check_nginx.sh" interval 5 #5秒执行一次脚本 } vrrp_instance VI_1 { state MASTER #主服务器 interface eth0 #承载VIP地址到物理接口 virtual_router_id 51 #虚拟路由器ID号,每个热播组保持一致 priority 100 #优先级,数值越大优先级越高 advert_int 1 #检查间隔,默认为1s authentication { #认证信息,每个热播组保持一致 auth_type PASS #认证类型 auth_pass 1111 #密码字串 } virtual_ipaddress { 192.168.0.200 #VIP地址(内网地址) } track_script { check_run } }
Backup上的keepalived.conf
global_defs { router_id LVS_LEVEL2 #备份服务器名称 } vrrp_script check_run { script "/usr/local/src/check_nginx.sh" interval 5 #5秒执行一次脚本 } vrrp_instance VI_1 { state BACKUP #备份服务器 interface eth0 #承载VIP地址到物理接口 virtual_router_id 51 #虚拟路由器ID号,每个热播组保持一致 priority 50 #优先级,数值越大优先级越高 advert_int 1 #检查间隔,默认为1s authentication { #认证信息,每个热播组保持一致 auth_type PASS #认证类型 auth_pass 1111 #密码字串 } virtual_ipaddress { 192.168.0.200 #VIP地址(和主服务器设置一样) } track_script { check_run } }
Nginx检测脚本check_nginx.sh
#!/bin/bash A=`ps -C nginx --no-header |wc -l` #判断nginx是否宕机,如果宕机,尝试重启 if [ $A -eq 0 ];then /usr/local/nginx/sbin/nginx #等待一会再次检查nginx,如果没有启动成功,则停止keepalived,使其启动备用机 sleep 5 if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi
chmod +x /etc/keepalived/nginx_check.sh
Keepalived+Nginx高可用集群
实验环境
准备2台设备
设备1 192.168.217.11 nginx +keepalived
设备2 192.168.217.12 nginx +keepalived
虚拟ip 192.168.217.3
设备1、2 安装nginx keepalived
(此处设备已安装nginx)
我们在此基础上直接利用yum安装keepalived
更新网络yum源
[root@localhost ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo [root@localhost ~]# wget -O /etc/yum.repos.d/epel-7.repo http://mirrors.aliyun.com/repo/epel-7.repo --2022-06-11 17:56:31-- http://mirrors.aliyun.com/repo/epel-7.repo
安装keepalived
[root@localhost ~]# yum -y install keepalived.x86_64
启动nginx
[root@localhost ~]# cd /usr/src/nginx-1.12.2/ [root@localhost nginx-1.12.2]# killall -9 nginx [root@localhost nginx-1.12.2]# nginx
修改keepalived配置文件
[root@localhost nginx-1.12.2]# vim /etc/keepalived/keepalived.conf vrrp_instance VI_1 { state BACKUP #主调度器的初始角色(本实验主备MASTER 从BACKUP) interface ens33 #修改网卡名称 virtual_router_id 52 #主id 与从id 不要重复 priority 90 #主调度器的选举优先级 (本实验 主备100 从90 数据越大 优先级越高) advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.217.3 #虚拟ip (本实验需设置 同网段 主从一样) } }
查看ip
[root@localhost ~]# ip a 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:c2:15:cf brd ff:ff:ff:ff:ff:ff inet 192.168.217.11/24 brd 192.168.217.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.217.3/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::1e6f:d3ee:5554:1f34/64 scope link tentative noprefixroute dadfailed valid_lft forever preferred_lft forever inet6 fe80::ac8:77ad:9154:7983/64 scope link noprefixroute valid_lft forever preferred_lft forever
重启keepalived
[root@localhost ~]# systemctl start keepalived.service [root@localhost ~]# systemctl restart keepalived.service
关闭防火墙 内核
[root@localhost ~]# systemctl stop firewalld [root@localhost ~]# setenforce 0
验证
[root@localhost ~]# curl 192.168.217.11 ‘nginx1' [root@localhost ~]# curl 192.168.217.12 ‘nginx2' [root@localhost ~]# curl 192.168.217.3 ‘nginx1' [root@localhost ~]# curl 192.168.217.3 ‘nginx1'
实验环境
准备2台设备 双主keepalived
设备1 192.168.217.11 nginx +keepalived
设备2 192.168.217.12 nginx +keepalived
虚拟ip 192.168.217.3
虚拟ip 192.168.217.6
在以上实验基础上
设备1
[root@localhost ~]# vim /etc/keepalived/keepalived.conf vrrp_instance VI_1 { #修改模块名字 state MASTER #主调度器的初始角色(本实验主备MASTER 从BACKUP) interface ens33 #修改网卡名称 virtual_router_id 51 #主id 与从id 不要重复 priority 100 #主调度器的选举优先级 (本实验 主备100 从90 数据越大 优先级越高) advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.217.3 #虚拟ip } } vrrp_instance VI_2 { state BACKUP interface ens33 virtual_router_id 53 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.217.6 } I}
设备2
[root@localhost ~]# vim /etc/keepalived/keepalived.conf vrrp_instance VI_1 { state BACKUP interface ens33 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.217.3 } } vrrp_instance VI_2 { state MASTER interface ens33 virtual_router_id 53 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.217.6 } }
xshell同时开启 命令模式 重启keepalived
[root@localhost ~]# systemctl start keepalived.service [root@localhost ~]# systemctl restart keepalived.service
查看ip
设备1 飘逸Ip正常
[root@localhost ~]# ip a 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:c2:15:cf brd ff:ff:ff:ff:ff:ff inet 192.168.217.11/24 brd 192.168.217.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.217.3/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::1e6f:d3ee:5554:1f34/64 scope link tentative noprefixroute dadfailed valid_lft forever preferred_lft forever inet6 fe80::ac8:77ad:9154:7983/64 scope link noprefixroute valid_lft forever preferred_lft forever
设备2
[root@localhost ~]# ip a 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:49:b3:a1 brd ff:ff:ff:ff:ff:ff inet 192.168.217.12/24 brd 192.168.217.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet 192.168.217.6/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::1e6f:d3ee:5554:1f34/64 scope link noprefixroute valid_lft forever preferred_lft forever
设备1、设备2验证 (此问题暂未解决)
[root@localhost ~]# curl 192.168.217.11 curl: (7) Failed connect to 192.168.217.11:80; 拒绝连接 [root@localhost ~]# curl 192.168.217.12 ‘nginx2' [root@localhost ~]# curl 192.168.217.3 curl: (7) Failed connect to 192.168.217.3:80; 连接超时 [root@localhost ~]# curl 192.168.217.6 curl: (7) Failed connect to 192.168.217.6:80; 连接超时
以上为个人经验,希望能给大家一个参考,也希望大家多多支持脚本之家。