准备四台虚拟机,一台master主服务器(安装nginx、keepalived),一台backup从服务器(安装nginx、keepalived),两台Web测试机(安装apache)
对所有虚拟机关闭防火墙和安全机制
[root@localhost ~]# systemctl stop firewalld [root@localhost ~]# iptables -F [root@localhost ~]# setenforce 0
一、master主机
1、安装keepalived
[root@localhost ~]# yum -y install keepalived
2、安装nginx
[root@localhost ~]# yum -y install pcre-devel zlib-devel openssl-devel [root@localhost ~]# yum -y install gcc gcc-c++ make [root@localhost ~]# useradd -M -s /sbin/nologin nginx [root@localhost ~]# tar -xf nginx-1.15.9.tar.gz -C /usr/src/ [root@localhost ~]# cd /usr/src/nginx-1.15.9/ [root@localhost ~]# ./configure --prefix=/usr/local/nginx --user=nginx --group=nginx && make && make install [root@localhost ~]# ln -s /usr/local/nginx/sbin/nginx /usr/local/sbin/ [root@localhost ~]# nginx [root@localhost ~]# netstat -lnpt | grep :80 tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 13144/nginx: master
3、修改nginx的配置文件(实现轮询效果)
[root@localhost ~]# vim /usr/local/nginx/conf/nginx.conf 。。。。。。。。。
upstream httpd1 { server 192.168.200.113:80 weight=1; server 192.168.200.114:80 weight=1; } server { listen 80; server_name localhost; charset utf-8; location / { root html; index index.html index.htm; proxy_pass http://httpd1; proxy_set_header Host $host; } 。。。。。。。。。。
4、修改keepalived配置文件(实现VIP的转让功能)
[root@localhost ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL }
//引入脚本文件 vrrp_script check_nginx { script "/shell/nginx_check.sh" interval 2 //等待时间 weight -20 //权重 ,如果机器出现故障,那么主服务器的优先级会低于从服务器20,那么VIP会自动跳转到副机上 } vrrp_instance VI_1 { state MASTER //主 interface eno16777728 //心跳网卡 virtual_router_id 51 priority 100 //优先级 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.201 } track_script { check_nginx //引用脚本 } }
[root@localhost ~]# systemctl restart keepalived
5、编写脚本(配置周期性任务)
[root@localhost ~]# mkdir /shell [root@localhost ~]# vim /shell/nginx_check.sh #!/bin/bash count="$(ps -C nginx --no-header | wc -l)" //查看nginx运行的进程,去除头部并统计行数 if [ $count -eq 0 ] then /usr/local/nginx/sbin/nginx //开启nginx if [ $count -eq 0] then systemctl stop keepalived fi fi
6、查看VIP
[root@localhost ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eno16777728: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:9b:5c:f0 brd ff:ff:ff:ff:ff:ff inet 192.168.200.111/24 brd 192.168.200.255 scope global eno16777728 valid_lft forever preferred_lft forever inet 192.168.200.201/32 scope global eno16777728 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe9b:5cf0/64 scope link valid_lft forever preferred_lft forever
二、backup主机
1、2、3、5省略,与master的配置相同
4、修改keepalived配置文件
[root@localhost ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc smtp_server 192.168.200.1 smtp_connect_timeout 30 router_id LVS_DEVEL } vrrp_script check_nginx { script "/shell/nginx_check.sh" interval 2 weight -20 } vrrp_instance VI_1 { state BACKUP interface eno16777728 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.200.201 } track_script { check_nginx } } [root@localhost ~]# systemctl restart keepalived
三、两台测试机安装apache,并编写测试文件
[root@localhost ~]# yum -y install httpd [root@localhost ~]# systemctl start httpd [root@localhost ~]# echo "111111" > /var/www/html/index.html
第二台服务器上编写22222222
四、测试
如果主服务器的keepalived服务出现故障,VIP会自动跳转到从服务器,如下所示:
####主服务器上###### [root@localhost ~]# systemctl stop keepalived [root@localhost ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eno16777728: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:9b:5c:f0 brd ff:ff:ff:ff:ff:ff inet 192.168.200.111/24 brd 192.168.200.255 scope global eno16777728 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe9b:5cf0/64 scope link valid_lft forever preferred_lft forever #####从服务器####### [root@localhost ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eno16777728: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:ec:88:30 brd ff:ff:ff:ff:ff:ff inet 192.168.200.112/24 brd 192.168.200.255 scope global eno16777728 valid_lft forever preferred_lft forever inet 192.168.200.201/32 scope global eno16777728 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:feec:8830/64 scope link valid_lft forever preferred_lft forever
将主服务器的keepalived重新打开之后,VIP回到主服务器上
#####主服务器##### [root@localhost ~]# systemctl start keepalived [root@localhost ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eno16777728: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:9b:5c:f0 brd ff:ff:ff:ff:ff:ff inet 192.168.200.111/24 brd 192.168.200.255 scope global eno16777728 valid_lft forever preferred_lft forever inet 192.168.200.201/32 scope global eno16777728 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe9b:5cf0/64 scope link valid_lft forever preferred_lft forever #####从服务器####### [root@localhost ~]# ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eno16777728: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:ec:88:30 brd ff:ff:ff:ff:ff:ff inet 192.168.200.112/24 brd 192.168.200.255 scope global eno16777728 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:feec:8830/64 scope link valid_lft forever preferred_lft forever