一:安装环境
准备2台虚拟机,都安装好环境 centos 7
keepalived:
vip: 192.168.1.112
192.168.1.110
nginx
ip 192.168.1.109 master nginx:88
ip 192.168.1.110 backup nginx:88
二:下载nginx keepalived
wget http://nginx.org/download/nginx-1.7.10.tar.gz
wget http://www.keepalived.org/software/keepalived-1.2.21.tar.gz
三:编译安装 nginx
安装nginx的依赖包
# yum install gcc gcc-c++ make automake autoconf libtool pcre pcre-devel zlib zlib-devel openssl openssl-devel
编译安装 nginx
tar -zxvf nginx-1.7.10.tar.gz cd ./nginx-1.7.10 ./configure --prefix=/usr/local/nginx make && make install
四:配置nginx
vi /usr/local/nginx/conf/nginx.conf
修改2处:
user nobody; -> user root;
listen 80; -> listen 88;
修改index.html
vi /usr/local/nginx/html/index.html
在192.168.1.110这台机子加上 192.168.1.110-s
在192.168.1.109这台机子加上 192.168.1.109-m
五:打开系统防火墙 88 端口
因为我是centos7啊
它防火墙是 firewall
命令如下,永久打开tcp 88 端口
firewall-cmd --zone=public --add-port=88/tcp --permanent
重启: firewall-cmd --reload
如果是 centos 7 以下,可以用如下方法来打开 88 端口:
# vi /etc/sysconfig/iptables
## Nginx
-A INPUT -m state --state NEW -m tcp -p tcp --dport 88 -j ACCEPT
# service iptables restart
六:测试nginx是否安装成功
/usr/local/nginx/sbin/nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
七: 启动nginx
/usr/local/nginx/sbin/nginx
重启nginx
/usr/local/nginx/sbin/nginx -s reload
安装keepalived
八:keepalived解压安装
# cd /software # tar -zxvf keepalived-1.2.21.tar.gz # cd keepalived-1.2.21 # ./configure --prefix=/usr/local/keepalived
编译成功最后出现下面的信息
Keepalived configuration ------------------------ Keepalived version : 1.2.21 Compiler : gcc Compiler flags : -g -O2 Extra Lib : -lssl -lcrypto -lcrypt Use IPVS Framework : Yes IPVS sync daemon support : Yes IPVS use libnl : No fwmark socket support : Yes Use VRRP Framework : Yes Use VRRP VMAC : Yes Use VRRP authentication : Yes SNMP keepalived support : No SNMP checker support : No SNMP RFCv2 support : No SNMP RFCv3 support : No SHA1 support : No Use Debug flags : No libnl version : None Use IPv4 devconf : No Use libiptc : No Use libipset : No
九:keepalived安装
# make && make install
十:将 keepalived安装成 linux 系统服务
因为没有使用 keepalived 的默认路径安装(默认是/usr/local) ,安装完成之后,需要做一些工作复制默认配置文件到默认路径
# mkdir /etc/keepalived
# cp /usr/local/keepalived/etc/keepalived/keepalived.conf /etc/keepalived/
复制 keepalived 服务脚本到默认的地址
cp /usr/local/keepalived/etc/rc.d/init.d/keepalived /etc/init.d/
cp /usr/local/keepalived/etc/sysconfig/keepalived /etc/sysconfig/
ln -s /usr/local/keepalived/sbin/keepalived /usr/sbin/
设置 keepalived 服务开机启动
# chkconfig keepalived on
十一:修改 keepalived 配置
(1) MASTER 节点配置文件(192.168.1.109)
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs { ## keepalived 自带的邮件提醒需要开启 sendmail 服务。 建议用独立的监控或第三方 SMTP router_id nginx_m_109 ## 标识本节点的字条串,通常为 hostname } ## keepalived 会定时执行脚本并对脚本执行的结果进行分析,动态调整 vrrp_instance 的优先级。如果脚本执行结果为 0,并且 weight 配置的值大于 0,则优先级相应的增加。如果脚本执行结果非 0,并且 weight配置的值小于 0,则优先级相应的减少。其他情况,维持原本配置的优先级,即配置文件中 priority 对应的值。 vrrp_script chk_nginx { script "/etc/keepalived/nginx_check.sh" ## 检测 nginx 状态的脚本路径 interval 2 ## 检测时间间隔 weight -20 ## 如果条件成立,权重-20 } ## 定义虚拟路由, VI_1 为虚拟路由的标示符,自己定义名称 vrrp_instance VI_1 { state MASTER ## 主节点为 MASTER, 对应的备份节点为 BACKUP interface eth0 ## 绑定虚拟 IP 的网络接口,与本机 IP 地址所在的网络接口相同, 我的是 eth0 virtual_router_id 33 ## 虚拟路由的 ID 号, 两个节点设置必须一样, 可选 IP 最后一段使用, 相同的 VRID 为一个组,他将决定多播的 MAC 地址 mcast_src_ip 192.168.1.109 ## 本机 IP 地址 priority 100 ## 节点优先级, 值范围 0-254, MASTER 要比 BACKUP 高 nopreempt ## 优先级高的设置 nopreempt 解决异常恢复后再次抢占的问题 advert_int 1 ## 组播信息发送间隔,两个节点设置必须一样, 默认 1s ## 设置验证信息,两个节点必须一致 authentication { auth_type PASS auth_pass 1111 ## 真实生产,按需求对应该过来 } ## 将 track_script 块加入 instance 配置块 track_script { chk_nginx ## 执行 Nginx 监控的服务 } # # 虚拟 IP 池, 两个节点设置必须一样 virtual_ipaddress { 192.168.1.112 ## 虚拟 ip,可以定义多个 } }
(2)BACKUP 节点配置文件(192.168.1.110)
# vi /etc/keepalived/keepalived.conf
! Configuration File for keepalived global_defs { router_id nginx_s_110 } vrrp_script chk_nginx { script "/etc/keepalived/nginx_check.sh" interval 2 weight -20 } vrrp_instance VI_1 { state BACKUP interface eth1 virtual_router_id 33 mcast_src_ip 192.168.1.110 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } track_script { chk_nginx } virtual_ipaddress { 192.168.1.112 } }
十二:编写检测nginx状态的脚本
编写 Nginx 状态检测脚本 /etc/keepalived/nginx_check.sh (已在 keepalived.conf 中配置)脚本要求:如果 nginx 停止运行,尝试启动,如果无法启动则杀死本机的 keepalived 进程, keepalied将虚拟 ip 绑定到 BACKUP 机器上。 内容如下:
# vi /etc/keepalived/nginx_check.sh
#!/bin/bash A=`ps -C nginx –no-header |wc -l` if [ $A -eq 0 ];then /usr/local/nginx/sbin/nginx sleep 2 if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then killall keepalived fi fi
保存后,给脚本赋执行权限:
# chmod +x /etc/keepalived/nginx_check.sh
十三:启动 keepalived
# service keepalived start
Starting keepalived: [ OK ]
十四: Keepalived+Nginx 的高可用测试
1:
同时启动192.168.1.109和192.168.1.110上的Nginx和Keepalived,我们通过VIP(192.168.1.112)来访问Nginx,如下,都能正确访问
http://192.168.1.112:88/
2:
我们关闭192.168.1.109上的Keepalived和Nginx
在192.168.1.109执行如下命令:
service keepalived stop
/usr/local/nginx/sbin/nginx -s stop
此时,再通过VIP(192.168.1.112)来访问Nginx,如下
3:
我们再开启192.168.1.109上的Keepalived和Nginx
在192.168.1.109执行如下命令:
/usr/local/nginx/sbin/nginx
service keepalived start
或者只执行
service keepalived start
因为我们写了脚本nginx_check.sh,这个脚本会为我们自动自动Nginx
此时,我们再通过VIP(192.168.1.112)来访问Nginx,如下
参考:https://blog.csdn.net/l1028386804/article/details/72801492