【 Linux 】Keepalived实现双主模型高可用集群

要求：
    1. 两台web服务器安装wordpress，数据库通过nfs共享
    2. 使用keepalived实现双主模型

环境：
    主机：
        系统：CentOS6.7 x64
        1. node1: 192.168.2.11  node2: 192.168.2.12 vip: 192.168.2.200
        service iptables stop
        selinux: disabled

一、两台主机分别配置lamp架构，并使用nfs实现数据库共享

[root@node1 ~]# yum install nfs-utils httpd php php-mysql mysql-server -y     # yum安装软件包
[root@node1 ~]# mkdir -pv /mydata/{web,data}     # 创建共享web程序和数据库目录
mkdir: 已创建目录 "/mydata"
mkdir: 已创建目录 "/mydata/web"
mkdir: 已创建目录 "/mydata/data"
[root@node1 ~]# chown -R mysql:mysql /mydata/data/
[root@node1 ~]# chown -R apache:apache /mydata/web/
[root@node1 ~]# vim /etc/exports
/mydata *(rw,no_root_squash)
[root@node1 ~]# service nfs start
启动 NFS 服务：                                            [确定]
关掉 NFS 配额：                                            [确定]
启动 NFS mountd：                                          [确定]
正在启动 RPC idmapd：                                      [确定]
正在启动 RPC idmapd：                                      [确定]
启动 NFS 守护进程：                                        [确定]
[root@node1 ~]# showmount -e 192.168.2.11
Export list for 192.168.2.11:
/mydata *

[root@node2 ~]# mkdir /mydata
[root@node2 ~]# mount -t nfs 192.168.2.11:/mydata/ /mydata/
[root@node2 ~]# vim /etc/fstab 
# 插入如下规则
192.168.2.11:/mydata    /mydata                 nfs     defaults        0 0

[root@node1 ~]# vim /etc/my.cnf
datadir=/mydata/data     # 修改mysql数据存放目录

[root@node2 ~]# vim /etc/my.cnf 
datadir=/mydata/data     # 修改mysql数据存放目录

[root@node1 ~]# service mysqld start    # 启动数据库
[root@node1 ~]# ls /mydata/data/     # 确认是否生成数据
ibdata1  ib_logfile0  ib_logfile1  mysql  test
[root@node2 ~]# service mysqld start     # 第一次读取共享可能会慢点

[root@node1 ~]# wget http://download.comsenz.com/DiscuzX/3.2/Discuz_X3.2_SC_UTF8.zip     # 下载discuz web程序
[root@node1 ~]# unzip Discuz_X3.2_SC_UTF8.zip 
[root@node1 ~]# cp -a upload/* /mydata/web/     # 将web程序复制到nfs共享目录
[root@node1 ~]# chown -R apache:apache /mydata/web/     # 给与apache的执行权限
[root@node1 ~]# vim /etc/httpd/conf/httpd.conf     # 修改apache配置文件
# 修改如下参数
行号
 276 ServerName localhost:80

 292 DocumentRoot "/mydata/web/"
 317 <Directory "/mydata/web">
 [root@node1 ~]# service httpd start
[root@node1 ~]# scp /etc/httpd/conf/httpd.conf node2:/etc/httpd/conf/     # 将配置文件拷贝至node2服务器
[root@node2 ~]# service httpd start
[root@node1 ~]# mysql     # 创建web程序的数据库
mysql> CREATE DATABASE ultrax;
mysql> GRANT ALL ON ultrax.* TO 'ultrax'@127.0.0.1 IDENTIFIED BY '123456';
mysql> FLUSH PRIVILEGES;
mysql> Bye

# node1 创建了库，node2最好重启下mysql

[root@node2 ~]# service mysqld restart

通过浏览器安装web程序

node1: 192.168.2.11

node2: 192.168.2.12

二、通过keepalived实现主备模式

[root@node1 ~]# yum install keepalived -y
[root@node1 ~]# vim /etc/keepalived/keepalived.conf 
# 全部内容如下
! Configuration File for keepalived

global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from root@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id nodeA
}
vrrp_script chk_httpd {
   script "/etc/keepalived/bash/chk_httpd.sh"
   interval 5
   weight -10
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 100
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_httpd
    }
    virtual_ipaddress {
        192.168.2.200/24
    }
}

[root@node1 ~]# mkdir /etc/keepalived/bash     # 创建检查脚本存放目录
[root@node1 ~]# vim /etc/keepalived/bash/chk_httpd.sh # 编写检查脚本
# 使用该脚本必须有wget命令，如没有请执行：yum install wget -y 
#!/bin/bash

pidfile=/var/lock/subsys/`basename $0`.pid
if [ -f $pidfile ] && [ -e /proc/`cat $pidfile` ] ; then
    exit 1
fi
trap "rm -rf $pidfile ; exit 0" 1 2 3 15
echo $$ > $pidfile
maxfails=3
fails=0
success=0

while [ 1 ]
do

    /usr/bin/wget --timeout=3 --tries=1 http://192.168.2.11/ -q -O /dev/null && ping -c1 192.168.2.1 &> /dev/null
    if [ $? -ne 0 ] ; then
        let fails=$[$fails+1]
        success=0
    else
        fails=0
        let success=$[$success+1]
    fi

    if [ $fails -ge $maxfails ] ; then
        fails=0
        success=0
        #check keepalived is running ? try to stop it
        /etc/init.d/keepalived status | grep 正在运行
        if [ $? -eq 0 ] ; then
            /usr/bin/logger -is "local service fails $maxfails times ... try to stop keepalived."
            /etc/init.d/keepalived stop 2>&1 | /usr/bin/logger
        fi

    fi

    if [ $success -gt $maxfails ] ; then
        #check keepalived is stopped ? try to start it
        /etc/init.d/keepalived status | grep 已停　　　　# 脚本中这里要注意，如果系统是英文安装的为 grep stopped 如果是中文为 grep 已停
        if [ $? -eq 0 ] ; then
            /usr/bin/logger -is "service changes normal, try to start keepalived ."
            /etc/init.d/keepalived start
        fi
        success=0
    fi
    sleep 3

done

[root@node1 ~]# chmod +x /etc/keepalived/bash/chk_httpd.sh 
[root@node1 ~]# cd /etc/keepalived/bash/
[root@node1 bash]# sh -x chk_httpd.sh     # 调试脚本，让脚本来启动keepalived 这样就做到了检查脚本的目的

[root@node1 bash]# ps uaxfww | grep keepalived | grep -v grep     
root      26552  0.0  0.1 109656  1112 ?        Ss   22:35   0:00 /usr/sbin/keepalived -D
root      26555  0.0  0.2 111760  2776 ?        S    22:35   0:00  \_ /usr/sbin/keepalived -D
root      26556  0.0  0.2 111760  2128 ?        S    22:35   0:00  \_ /usr/sbin/keepalived -D
root      26569  0.0  0.1 106092  1284 ?        S    22:35   0:00 /bin/bash /etc/keepalived/bash/chk_httpd.sh

node2 安装keepalived及配置

[root@node2 ~]# yum install keepalived -y 
[root@node1 ~]# scp /etc/keepalived/keepalived.conf node2:/etc/keepalived/    #直接使用node1的配置文件覆盖并修改
[root@node1 ~]# scp -r /etc/keepalived/bash node2:/etc/keepalived/     # 将检查脚本也直接复制过去，不过需要修改，切记！
[root@node2 ~]# vim /etc/keepalived/keepalived.conf 
! Configuration File for keepalived

global_defs {
   notification_email {
     root@localhost
   }
   notification_email_from root@localhost
   smtp_server 127.0.0.1
   smtp_connect_timeout 30
   router_id nodeB
}
vrrp_script chk_httpd {
   script "/etc/keepalived/bash/chk_httpd.sh"
   interval 5
   weight -10
}
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    virtual_router_id 51
    priority 99
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
    track_script {
        chk_httpd
    }
    virtual_ipaddress {
        192.168.2.200/24
    }
}

[root@node2 bash]# vim chk_httpd.sh
# 修改如下一行代码
16     /usr/bin/wget --timeout=3 --tries=1 http://192.168.2.12/ -q -O /dev/null && ping -c1 192.168.2.1 &> /dev/null


[root@node2 bash]# ps auxfww | grep keepalived | grep -v grep 
root       3442  0.0  0.2 110276  1380 ?        Ss   02:18   0:00 /usr/sbin/keepalived -D
root       3444  0.0  0.6 112380  2980 ?        S    02:18   0:00  \_ /usr/sbin/keepalived -D
root       3446  0.0  0.4 112380  2192 ?        S    02:18   0:00  \_ /usr/sbin/keepalived -D
root       3454  0.0  0.2 106064  1420 ?        S    02:18   0:00 /bin/bash /etc/keepalived/bash/chk_httpd.sh

三、测试

node1: 
[root@node1 ~]# ip a
    inet 192.168.2.11/24 brd 192.168.2.255 scope global eth0
    inet 192.168.2.200/24 scope global secondary eth0

[root@node1 ~]# service httpd stop     # 停止node1的web服务

node2：
[root@node2 bash]# ip a
    inet 192.168.2.12/24 brd 192.168.2.255 scope global eth0
    inet 192.168.2.200/24 scope global secondary eth0

测试成功。

四、练习小结：
    该服务器架构仅仅只是用来测试，这里存在很多问题：
        1. 如果node1节点down掉了，nfs共享也就断掉了
        2. keepalived也只是仅仅对http做了检测，如果mysql服务down掉，是无法进行主备切换的。

    经过调整，可以使用如下架构：