keepalived+nginx实现web高可用

IP

主机名

节点

192.168.77.130

Master

主节点

192.168.77.132

Backup

从节点

192.168.77.100

Vip地址

Hostnamectl set-hostname master

bash

Hostnamectl set-hostname backup

bash

Systemctl stop firewalld

Systemctl disable firewalld

Setenforce 0

#安装c语言和编译安装的环境

Yum -y install gcc gcc-c++ make automake autoconf libtool zlib zlib-devel pcre pcre-devel openssl openssl-devel

Wget http://nginx.org/download/nginx-1.13.7.tar.gz

没有wget的话需要先安装wget

Yum -y install wget

Tar -zxvf nginx-1.13.7.tar.gz

Cd nginx-1.13.7

#./configure是运行nginx安装脚本 --prefix是配置安装路径

./configure --prefix=/usr/local/nginx

#make && make install开始编译安装

Make && make install

Yum -y install nginx

Vi /usr/local/nginx/html/index.html

<body>

<h1>192.168.77.130</h1>

Vi /usr/share/nginx/html/index.html

<div id="content">

       <h1>192.168.77.132</h1>

Cd /usr/local/nginx/sbin/

./nginx

Netstat -ntpl

#如果出现未找到命令,需要下载net-tools

Yum -y install net-tools

Systemctl start nginx

Systemctl status nginx

Netstat -ntpl

http://192.168.77.130

http://192.168.77.132

Yum -y install keepalived

vi /etc/keepalived/keepalived.conf

! Configuration File for keepalived

global_defs {                                                          #全局配置标识

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id 192.168.77.130                                   #路由id,不能重复,通常为hostname

   vrrp_skip_check_adv_addr

   vrrp_strict

   vrrp_garp_interval 0

   vrrp_gna_interval 0

}

vrrp_script chk_nginx {                                         

    script "/etc/keepalived/nginx_check.sh"              #检测nginx状态的脚本路径

    interval 2                                                        #每2秒运行一次上面的脚本      

}

vrrp_instance VI_1 {

    state MASTER

    interface ens33                                                #网卡名称,与本机ip地址所在网卡名

    virtual_router_id 51                                         称相同.

    priority 100

    advert_int 1

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {                                          #设置虚拟ip

        192.168.77.100                                        #设置vip为100

    }

    track_script {                                                 #执行脚本

        chk_nginx                                               #对应vrrp_script配置的脚本

    }

}

! Configuration File for keepalived

global_defs {

   notification_email {

     acassen@firewall.loc

     failover@firewall.loc

     sysadmin@firewall.loc

   }

   notification_email_from Alexandre.Cassen@firewall.loc

   smtp_server 192.168.200.1

   smtp_connect_timeout 30

   router_id 192.168.77.132

   vrrp_skip_check_adv_addr

   vrrp_strict

   vrrp_garp_interval 0

   vrrp_gna_interval 0

}

vrrp_script chk_nginx {

    script "/etc/keepalived/nginx_check.sh"

    interval 2

}

vrrp_instance VI_1 {

    state BACKUP                                                #可选值为master或者backup

    interface ens33

    virtual_router_id 51

    priority 90                                                      #定义优先级,数字越大优先级越高,ma

    advert_int 1                                                    ster优先级必须要大于backup优先级

    authentication {

        auth_type PASS

        auth_pass 1111

    }

    virtual_ipaddress {

        192.168.77.100

    }

    track_script {

        chk_nginx

    }

}

Vi /etc/keepalived/nginx_check.sh

#!/bin/bash

#时间变量，用于记录日志

d=`date --date today +%Y%m%d_%H:%M:%S`

#计算nginx进程数量

n=`ps -C nginx --no-heading|wc -l`

#如果进程为0，则启动nginx，并且再次检测nginx进程数量，

#如果还为0，说明nginx无法启动，此时需要关闭keepalived

if [ $n -eq "0" ]; then

        /usr/local/nginx/sbin/nginx

        n2=`ps -C nginx --no-heading|wc -l`

        if [ $n2 -eq "0"  ]; then

                echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log

#杀掉keepalived，是为了防止脑裂。脑裂指的是高可用集群中，当主从切换时，主上的keepalived还在启动，会和从争抢VIP，导致后台链接服务器时，不知道连接哪台服务器好，导致出错。

                systemctl stop keepalived

        fi

fi

#!/bin/bash

#时间变量，用于记录日志

d=`date --date today +%Y%m%d_%H:%M:%S`

#计算nginx进程数量

n=`ps -C nginx --no-heading|wc -l`

#如果进程为0，则启动nginx，并且再次检测nginx进程数量，

#如果还为0，说明nginx无法启动，此时需要关闭keepalived

if [ $n -eq "0" ]; then

        systemctl start nginx    ##因为是yum安装，启动有点不一样

        n2=`ps -C nginx --no-heading|wc -l`

        if [ $n2 -eq "0"  ]; then

                echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log

                systemctl stop keepalived

        fi

fi

Chmod 755 /etc/keepalived/nginx_check.sh

Systemctl start keepalived         #启动

Systemctl status keepalived               #查看运行状态

Cd /usr/local/nginx/sbin/

./nginx -s stop 

Ps -aux | grep nginx

Iptables -I OUTPUT -p vrrp -j DROP

Iptables -F

Systemctl stop keepalived

Systemctl start keepalived

Vi /usr/local/nginx/conf/nginx.conf