一、简介
1、用nginx做负载均衡,作为架构的最前端或中间层,随着日益增长的访问量,需要给负载均衡做高可用架构,利用keepalived解决单点风险,一旦 nginx宕机能快速切换到备份服务器
2、keepalived原理请参考如下链接
https://www.cnblogs.com/zhangxingeng/p/10595058.html
3、nginx+keepalived单主架构
4、nginx+keepalived双主架构案例
二、部署nginx+keepalived 集群
1、环境
注意:本次实验没有部署负载均衡和rs,只是部署keepalived+web,主要是为了实现效果,简化了很多配置
1.1、节点部署
| 节点 | 地址 | 服务 | 单主实例VI_1 | 双主实例VI_1 | 双主实例VI_2 |
| web1 | 192.168.216.51 | keepalived+web服务 | MASTER | MASTER | BAKCUP |
| web2 | 192.168.216.52 | keepalived+web服务 | BACKUP | BACKUP | MASTER |
| clent | 物理机 | 浏览器 |
1.2、部署前
1.2.1、各节点时间同步,可以是设置ntp或者手动同一时间,且不能超过1s的差距
1.2.2、关闭防火墙及selinux
1.2.3、节点名称对应ip地址写入hosts文件
1.2.4、节点间root可以基于密钥认证的ssh服务完成互相通信(非必需)
1.3、keepalived的目录机构
1 [root@web1 keepalived]# rpm -ql keepalived 2 /etc/keepalived 3 /etc/keepalived/keepalived.conf #主配置文件 4 /etc/sysconfig/keepalived 5 /usr/bin/genhash 6 /usr/lib/systemd/system/keepalived.service 7 /usr/libexec/keepalived 8 /usr/sbin/keepalived 9 /usr/share/doc/keepalived-1.3.5 10 /usr/share/doc/keepalived-1.3.5/AUTHOR 11 /usr/share/doc/keepalived-1.3.5/CONTRIBUTORS 12 /usr/share/doc/keepalived-1.3.5/COPYING 13 /usr/share/doc/keepalived-1.3.5/ChangeLog 14 /usr/share/doc/keepalived-1.3.5/NOTE_vrrp_vmac.txt 15 /usr/share/doc/keepalived-1.3.5/README 16 /usr/share/doc/keepalived-1.3.5/TODO 17 /usr/share/doc/keepalived-1.3.5/keepalived.conf.SYNOPSIS 18 /usr/share/doc/keepalived-1.3.5/samples 19 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.HTTP_GET.port 20 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.IPv6 21 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.SMTP_CHECK 22 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.SSL_GET 23 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.fwmark 24 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.inhibit 25 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.misc_check 26 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.misc_check_arg 27 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.quorum 28 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.sample 29 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.status_code 30 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.track_interface 31 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.virtual_server_group 32 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.virtualhost 33 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp 34 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.localcheck 35 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.lvs_syncd 36 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.routes 37 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.rules 38 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.scripts 39 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.static_ipaddress 40 /usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.sync 41 /usr/share/doc/keepalived-1.3.5/samples/sample.misccheck.smbcheck.sh 42 /usr/share/man/man1/genhash.1.gz 43 /usr/share/man/man5/keepalived.conf.5.gz 44 /usr/share/man/man8/keepalived.8.gz 45 /usr/share/snmp/mibs/KEEPALIVED-MIB.txt 46 /usr/share/snmp/mibs/VRRP-MIB.txt 47 /usr/share/snmp/mibs/VRRPv3-MIB.txt 48 [root@web1 keepalived]#
1.4、软件环境
1 [root@web1 keepalived]# rpm -qa nginx 2 nginx-1.12.2-2.el7.x86_64 3 [root@web1 keepalived]# rpm -qa keepalived 4 keepalived-1.3.5-8.el7_6.x86_64 5 [root@web1 keepalived]# cat /etc/redhat-release 6 CentOS Linux release 7.3.1611 (Core) 7 [root@web1 keepalived]#
2、安装软件
yum install nginx keepalived pcre-devel -y
我这里已经安装了pcre所以具体依赖如下:
1 Dependencies Resolved 2 3 ==================================================================================================================== 4 Package Arch Version Repository Size 5 ==================================================================================================================== 6 Installing: 7 keepalived x86_64 1.3.5-8.el7_6 updates 329 k 8 Installing for dependencies: 9 net-snmp-agent-libs x86_64 1:5.7.2-37.el7 base 705 k 10 Updating for dependencies: 11 net-snmp-libs x86_64 1:5.7.2-37.el7 base 749 k 12 13 Transaction Summary 14 ==================================================================================================================== 15 Install 1 Package (+1 Dependent package) 16 Upgrade ( 1 Dependent package)
1 Dependencies Resolved 2 3 ============================================================================================================================================================================================================================================= 4 Package Arch Version Repository Size 5 ============================================================================================================================================================================================================================================= 6 Installing: 7 nginx x86_64 1:1.12.2-2.el7 epel 530 k 8 Installing for dependencies: 9 nginx-all-modules noarch 1:1.12.2-2.el7 epel 16 k 10 nginx-filesystem noarch 1:1.12.2-2.el7 epel 17 k 11 nginx-mod-http-geoip x86_64 1:1.12.2-2.el7 epel 23 k 12 nginx-mod-http-image-filter x86_64 1:1.12.2-2.el7 epel 26 k 13 nginx-mod-http-perl x86_64 1:1.12.2-2.el7 epel 36 k 14 nginx-mod-http-xslt-filter x86_64 1:1.12.2-2.el7 epel 26 k 15 nginx-mod-mail x86_64 1:1.12.2-2.el7 epel 54 k 16 nginx-mod-stream x86_64 1:1.12.2-2.el7 epel 76 k 17 Updating for dependencies: 18 openssl x86_64 1:1.0.2k-16.el7_6.1 updates 493 k 19 openssl-libs x86_64 1:1.0.2k-16.el7_6.1 updates 1.2 M 20 21 Transaction Summary 22 ============================================================================================================================================================================================================================================= 23 Install 1 Package (+8 Dependent packages) 24 Upgrade ( 2 Dependent packages)
3、配置keepalived高可用,修改主配置文件
3.1、备份配置文件
两台均备份
cp /etc/keepalived/keepalived.conf keepalived.conf.bak
3.2、配置keepalived-MASTER
web1-51
1 [root@web1 keepalived]# cat keepalived.conf 2 ! Configuration File for keepalived 3 4 global_defs { 5 # notification_email { 6 # acassen@firewall.loc 7 # failover@firewall.loc 8 # sysadmin@firewall.loc 9 # } 10 # notification_email_from Alexandre.Cassen@firewall.loc 11 # smtp_server 192.168.200.1 12 # smtp_connect_timeout 30 13 # router_id LVS_DEVEL 14 # vrrp_skip_check_adv_addr 15 # vrrp_strict 16 vrrp_garp_interval 0 17 vrrp_gna_interval 0 18 } 19 20 #VIP1 21 vrrp_instance VI_1 { #实例名称保持一致 22 state MASTER #主备配置为MASTER----BACKUP 23 interface ens33 #查看自己的网卡名称修改为它 24 virtual_router_id 50 #vrid 路由标识符,主备保持一致 25 priority 100 #优先级值越大越高 26 advert_int 1 27 authentication { #认证,默认即可,主备保持一致 28 auth_type PASS 29 auth_pass 1111 30 } 31 virtual_ipaddress { #vip,主备一致,可以为多vip 32 192.168.216.200 33 } 34 }
把配置文件发送到52节点
scp /etc/keepalived/keppalived.conf 192.168.216.52:/etc/keepalived/keepalived.conf
web2-52
只需要修改
1 state BACKUP 2 priority 90
4、配置nginx
web1
1 [root@web1 keepalived]# cat /usr/share/nginx/html/index.html 2 this is web1
web2
1 [root@web2 keepalived]# cat /usr/share/nginx/html/index.html
2 thsi web2
5、启动服务并开机自启
systemctl start nginx
systemctl start keepalived
systemctl enable nginx
systemctl enable keepalived
6、测试
6.1、首先访问各站点
没问题
没问题
6.2、VIP也没有问题,在备服务器抓包看看,每1s 宣告一次,状态正常
1 [root@web2 keepalived]# tcpdump -i ens33 host 192.168.216.51 2 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode 3 listening on ens33, link-type EN10MB (Ethernet), capture size 65535 bytes 4 23:58:22.470521 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20 5 23:58:23.472862 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20 6 23:58:24.473482 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20 7 23:58:25.475482 IP web1 > vrrp.mcast.net: VRRPv2, Advertisement, vrid 50, prio 100, authtype simple, intvl 1s, length 20
6.3、现在可以开始stop keepalived,测试主备切换
[root@web1 keepalived]# systemctl stop keepalived
刷新页面如下:
查看web2的ip信息,ifconfig看不到,可以使用ip addr list 命令查询
1 [root@web2 keepalived]# ip ad 2 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 3 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 4 inet 127.0.0.1/8 scope host lo 5 valid_lft forever preferred_lft forever 6 inet6 ::1/128 scope host 7 valid_lft forever preferred_lft forever 8 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 9 link/ether 00:0c:29:75:de:46 brd ff:ff:ff:ff:ff:ff 10 inet 192.168.216.52/24 brd 192.168.216.255 scope global ens33 11 valid_lft forever preferred_lft forever 12 inet 192.168.216.200/32 scope global ens33 #vip已经漂移过来了 13 valid_lft forever preferred_lft forever 14 inet6 fe80::9416:80e8:f210:1e24/64 scope link 15 valid_lft forever preferred_lft forever 16 inet6 fe80::3409:e73d:1ef:2e1/64 scope link tentative dadfailed 17 valid_lft forever preferred_lft forever 18 3: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN qlen 1000 19 link/ether 52:54:00:23:a5:7c brd ff:ff:ff:ff:ff:ff 20 inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0 21 valid_lft forever preferred_lft forever 22 4: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast master virbr0 state DOWN qlen 1000 23 link/ether 52:54:00:23:a5:7c brd ff:ff:ff:ff:ff:ff 24 [root@web2 keepalived]#
[root@web1 keepalived]# systemctl restart keepalived 刷新网页,发现切换回来了
6.4、实验环境为虚拟机,演示实验过程中一个问题
注意:如果是禁用网卡的方式,最好是在虚拟机上断开连接的方式测试。
因为在测试过程中,systemctl stop network 测试切换的时候出现不能切换,网络没有完全断开backup还能收到master的心跳,但是其他服务已经停用了下面演示:
访问vip就变成如下状态,没有进行故障切换
应该这样测试如下:断开网络连接的方式比较彻底了
三、部署nginx+keepalived双主架构
1、环境
和上面一个实验一样的环境就是改成双主
2、安装软件
同上
3、配置keepalived
web1配置
1 [root@web1 keepalived]# cat /etc/keepalived/keepalived.conf 2 ! Configuration File for keepalived 3 4 global_defs { 5 # notification_email { 6 # acassen@firewall.loc 7 # failover@firewall.loc 8 # sysadmin@firewall.loc 9 # } 10 # notification_email_from Alexandre.Cassen@firewall.loc 11 # smtp_server 192.168.200.1 12 # smtp_connect_timeout 30 13 # router_id LVS_DEVEL 14 # vrrp_skip_check_adv_addr 15 # vrrp_strict 16 vrrp_garp_interval 0 17 vrrp_gna_interval 0 18 } 19 #vrrp_script chk_nginx{ 20 # script "/data/sh/check_nginx.sh" 21 # interval 2 22 # weight 2 23 #} 24 #VIP1 25 vrrp_instance VI_1 { 26 state MASTER 27 interface ens33 28 virtual_router_id 50 29 priority 100 30 advert_int 1 31 authentication { 32 auth_type PASS 33 auth_pass 1111 34 } 35 virtual_ipaddress { 36 192.168.216.200 37 } 38 } 39 #track_script { 40 # chk_nignx 41 #} 42 43 44 #VIP2,新增配置,新增一个实例VI_2 45 vrrp_instance VI_2 { 46 state BAKCUP 47 interface ens33 48 virtual_router_id 51 49 priority 90 50 advert_int 1 51 authentication { 52 auth_type PASS 53 auth_pass 1111 54 } 55 virtual_ipaddress { 56 192.168.216.210 57 } 58 }
web2配置
1 [root@web2 keepalived]# cat /etc/keepalived/keepalived.conf 2 ! Configuration File for keepalived 3 4 global_defs { 5 # notification_email { 6 # acassen@firewall.loc 7 # failover@firewall.loc 8 # sysadmin@firewall.loc 9 # } 10 # notification_email_from Alexandre.Cassen@firewall.loc 11 # smtp_server 192.168.200.1 12 # smtp_connect_timeout 30 13 # router_id LVS_DEVEL 14 # vrrp_skip_check_adv_addr 15 # vrrp_strict 16 vrrp_garp_interval 0 17 vrrp_gna_interval 0 18 } 19 #vrrp_script chk_nginx{ 20 # script "/data/sh/check_nginx.sh" 21 # interval 2 22 # weight 2 23 #} 24 #VIP1 25 vrrp_instance VI_1 { 26 state BACKUP 27 interface ens33 28 virtual_router_id 50 29 priority 90 30 advert_int 1 31 authentication { 32 auth_type PASS 33 auth_pass 1111 34 } 35 virtual_ipaddress { 36 192.168.216.200 37 } 38 } 39 #track_script { 40 # chk_nignx 41 #} 42 #VIP2,新增的实例,VI_2 43 vrrp_instance VI_2 { 44 state MASTER 45 interface ens33 46 virtual_router_id 51 47 priority 100 48 advert_int 1 49 authentication { 50 auth_type PASS 51 auth_pass 1111 52 } 53 virtual_ipaddress { 54 192.168.216.210 55 } 56 }
这里附上两台节点的实例比较,请见下图:
4、配置nginx,同上
5、重启服务
systemctl restart keepalived
6、测试验证
6.1、首先看一下抓包情况
6.2、测试切换是否正常,这里测试就是以stop keepalived测试效果了
[root@web1 keepalived]# systemctl stop keepalived
效果
[root@web1 keepalived]# systemctl restart keepalived
切换回来
在来测试web2
[root@web2 keepalived]# systemctl stop keepalived
[root@web2 keepalived]# systemctl restart keepalived
四、高可用之调用辅助脚本进行资源监控,并根据监控的结果状态实现动态调整
1、动态调整keepalived
检测keepalived主要是用在维护过程中,比如升级,停掉服务是非常不理想的,可以用vrrp脚本,实现不停服务地址来回转换的方法
注意:其中定义脚本有两种方法:
第一种:脚本放在目录里,配置文件指定脚本路径
这种模式生效了
1 [root@web1 keepalived]# vim keepalived.conf 2 3 ! Configuration File for keepalived 4 5 global_defs { 6 # notification_email { 7 # acassen@firewall.loc 8 # failover@firewall.loc 9 # sysadmin@firewall.loc 10 # } 11 # notification_email_from Alexandre.Cassen@firewall.loc 12 # smtp_server 192.168.200.1 13 # smtp_connect_timeout 30 14 router_id LVS_DEVEL 15 # vrrp_skip_check_adv_addr 16 # vrrp_strict 17 # vrrp_garp_interval 0 18 # vrrp_gna_interval 0 19 } 20 vrrp_script chk_maintanance { 21 22 script "/etc/keepalived/chkdown.sh" #脚本路径 23 interval 1 #间隔1s执行一次 24 weight -20 #失败的权重减20 25 } 26 27 #VIP1 28 vrrp_instance VI_1 { 29 state MASTER 30 interface ens33 31 virtual_router_id 50 32 priority 100 33 advert_int 1 34 authentication { 35 auth_type PASS 36 auth_pass 1111 37 } 38 virtual_ipaddress { 39 192.168.216.200 40 } 41 track_script { 42 chk_maintanance 43 } 44 } 45 #VIP2 46 vrrp_instance VI_2 { 47 state BAKCUP 48 interface ens33 49 virtual_router_id 51 50 priority 90 51 advert_int 1 52 authentication { 53 auth_type PASS 54 auth_pass 1111 55 } 56 virtual_ipaddress { 57 192.168.216.210 58 } 59 track_script { 60 chk_maintanance 61 } 62 }
脚本如下:
1 [root@web1 keepalived]# cat chkdown.sh 2 #!/bin/bash 3 4 [[ -f /etc/keepalived/down ]]&&exit 1 || exit 0 5 6 [root@web1 keepalived]# pwd 7 /etc/keepalived 8 [root@web1 keepalived]#
验证:
23 [root@web1 keepalived]# touch down 24 [root@web1 keepalived]# systemctl status keepalived 25 ● keepalived.service - LVS and VRRP High Availability Monitor 26 Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) 27 Active: active (running) since Mon 2019-04-22 12:43:34 CST; 1h 25min ago 28 Process: 40897 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) 29 Main PID: 40898 (keepalived) 30 CGroup: /system.slice/keepalived.service 31 ├─40898 /usr/sbin/keepalived -D 32 ├─40899 /usr/sbin/keepalived -D 33 └─40900 /usr/sbin/keepalived -D 34 35 Apr 22 14:07:44 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 36 Apr 22 14:07:44 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 37 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 38 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 f...6.200 39 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 40 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 41 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 42 Apr 22 14:07:49 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 43 Apr 22 14:08:43 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 #改变状态为1,然后降低优先级,这里-l应该可以看到,下面又重新-l看了一下 44 Apr 22 14:08:43 web1 Keepalived_vrrp[40900]: VRRP_Script(chk_maintanance) failed
45 Hint: Some lines were ellipsized, use -l to show in full.
#之后重新收一下测试的状态[root@web1 keepalived]# systemctl status keepalived -l ● keepalived.service - LVS and VRRP High Availability Monitor Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) Active: active (running) since Mon 2019-04-22 12:43:34 CST; 1h 33min ago Process: 40897 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) Main PID: 40898 (keepalived) CGroup: /system.slice/keepalived.service ├─40898 /usr/sbin/keepalived -D ├─40899 /usr/sbin/keepalived -D └─40900 /usr/sbin/keepalived -D Apr 22 14:16:29 web1 Keepalived_vrrp[40900]: Sending gratuitous ARP on ens33 for 192.168.216.200 Apr 22 14:16:35 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 Apr 22 14:16:35 web1 Keepalived_vrrp[40900]: VRRP_Script(chk_maintanance) failed Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_2) Changing effective priority from 90 to 70 Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Changing effective priority from 100 to 80 Apr 22 14:16:36 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Received advert with higher priority 90, ours 80 Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Entering BACKUP STATE Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) removing protocol VIPs. Apr 22 14:16:37 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1
46 [root@web1 keepalived]# rm -rf down # 删除down文件,重新切换回来 47 [root@web1 keepalived]# systemctl status keepalived 48 ● keepalived.service - LVS and VRRP High Availability Monitor 49 Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) 50 Active: active (running) since Mon 2019-04-22 12:43:34 CST; 1h 25min ago 51 Process: 40897 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) 52 Main PID: 40898 (keepalived) 53 CGroup: /system.slice/keepalived.service 54 ├─40898 /usr/sbin/keepalived -D 55 ├─40899 /usr/sbin/keepalived -D 56 └─40900 /usr/sbin/keepalived -D 57 58 Apr 22 14:09:15 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 59 Apr 22 14:09:16 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 60 Apr 22 14:09:17 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 61 Apr 22 14:09:18 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 62 Apr 22 14:09:19 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 63 Apr 22 14:09:20 web1 Keepalived_vrrp[40900]: /etc/keepalived/chkdown.sh exited with status 1 64 Apr 22 14:09:21 web1 Keepalived_vrrp[40900]: VRRP_Script(chk_maintanance) succeeded #检查成功,改变优先级,切换vi_1的实例为master 65 Apr 22 14:09:22 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) Changing effective priority from 80 to 100 66 Apr 22 14:09:22 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_2) Changing effective priority from 70 to 90 67 Apr 22 14:09:22 web1 Keepalived_vrrp[40900]: VRRP_Instance(VI_1) forcing a new MASTER election 68 [root@web1 keepalived]#
切换的时候可以观察前端切换的效果
第二种方法就是是直接写脚本,这里keepalived版本是keepalived-1.3.5-8.el7_6.x86_64,没有生效,具体不清楚为什么。
1 [root@web2 keepalived]# vim keepalived.conf 2 3 script " 4 ! Configuration File for keepalived 5 6 global_defs { 7 # notification_email { 8 # acassen@firewall.loc 9 # failover@firewall.loc 10 # sysadmin@firewall.loc 11 # } 12 # notification_email_from Alexandre.Cassen@firewall.loc 13 # smtp_server 192.168.200.1 14 # smtp_connect_timeout 30 15 router_id LVS_DEVEL1 16 # vrrp_skip_check_adv_addr 17 # vrrp_strict 18 # vrrp_garp_interval 0 19 # vrrp_gna_interval 0 20 } 21 vrrp_script chk_maintanance { 22 script "[[ -f /etc/keepalived/down ]]&&exit 1 || exit 0" 23 interval 1 24 weight -20 25 } 26 27 28 29 #VIP1 30 vrrp_instance VI_1 { 31 state BACKUP 32 interface ens33 33 virtual_router_id 50 34 priority 90 35 advert_int 1 36 authentication { 37 auth_type PASS 38 auth_pass 1111 39 } 40 virtual_ipaddress { 41 192.168.216.200 42 } 43 track_script { 44 chk_maintanance 45 } 46 } 47 #VIP2 48 vrrp_instance VI_2 { 49 state MASTER 50 interface ens33 51 virtual_router_id 51 52 priority 100 53 advert_int 1 54 authentication { 55 auth_type PASS 56 auth_pass 1111 57 } 58 virtual_ipaddress { 59 192.168.216.210 60 } 61 track_script { 62 chk_maintanance 63 } 64 }
2、检测nginx是否存活
配置web1/web2 都添加如下标红代码,并添加脚本
1 [root@web1 keepalived]# vim keepalived.conf 2 3 # acassen@firewall.loc 4 # failover@firewall.loc 5 # sysadmin@firewall.loc 6 # } 7 # notification_email_from Alexandre.Cassen@firewall.loc 8 # smtp_server 192.168.200.1 9 # smtp_connect_timeout 30 10 router_id LVS_DEVEL 11 # vrrp_skip_check_adv_addr 12 # vrrp_strict 13 # vrrp_garp_interval 0 14 # vrrp_gna_interval 0 15 } 16 vrrp_script chk_maintanance { 17 18 script "/etc/keepalived/chkdown.sh" 19 interval 1 20 weight -20 21 } 22 vrrp_script chk_nginx { 23 script "/etc/keepalived/chknginx.sh" 24 interval 1 25 weight -20 26 } 27 28 #VIP1 29 vrrp_instance VI_1 { 30 state MASTER 31 interface ens33 32 virtual_router_id 50 33 priority 100 34 advert_int 1 35 authentication { 36 auth_type PASS 37 auth_pass 1111 38 } 39 virtual_ipaddress { 40 192.168.216.200 41 } 42 track_script { 43 chk_maintanance 44 } 45 track_script { 46 chk_nginx 47 } 48 } 49 #VIP2 50 vrrp_instance VI_2 { 51 state BAKCUP 52 interface ens33 53 virtual_router_id 51 54 priority 90 55 advert_int 1 56 authentication { 57 auth_type PASS 58 auth_pass 1111 59 } 60 virtual_ipaddress { 61 192.168.216.210 62 } 63 track_script { 64 chk_maintanance 65 } 66 track_script { 67 chk_nginx 68 } 69 }
脚本
1 [root@web1 keepalived]# ll 2 total 16 3 -rwxr-xr-x 1 root root 62 Apr 19 12:45 chkdown.sh 4 -rwxr-xr-x 1 root root 127 Apr 22 14:50 chknginx.sh 5 -rw-r--r-- 1 root root 1251 Apr 22 14:59 keepalived.conf 6 -rw-r--r-- 1 root root 494 Apr 19 12:09 notify.sh 7 [root@web1 keepalived]# cat chknginx.sh 8 #!/bin/bash 9 10 #auto check nginx process 11 #20190422 by zxg 12 13 killall -0 nginx 14 if [[ $? -ne 0 ]];then 15 systemctl keepalived stop 16 fi 17 [root@web1 keepalived]#
监测,手动stop nginx
1 [root@web1 keepalived]# systemctl stop nginx 2 [root@web1 keepalived]# systemctl status keepalived -l 3 ● keepalived.service - LVS and VRRP High Availability Monitor 4 Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) 5 Active: active (running) since Mon 2019-04-22 14:59:46 CST; 27min ago 6 Process: 58761 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) 7 Main PID: 58762 (keepalived) 8 CGroup: /system.slice/keepalived.service 9 ├─58762 /usr/sbin/keepalived -D 10 ├─58763 /usr/sbin/keepalived -D 11 └─58764 /usr/sbin/keepalived -D 12 13 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.216.200 14 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 15 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 16 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 17 Apr 22 15:27:27 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 18 Apr 22 15:27:36 web1 Keepalived_vrrp[58764]: /etc/keepalived/chknginx.sh exited with status 1 19 Apr 22 15:27:36 web1 Keepalived_vrrp[58764]: VRRP_Script(chk_nginx) failed 20 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Changing effective priority from 100 to 80 21 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_2) Changing effective priority from 90 to 70 22 Apr 22 15:27:37 web1 Keepalived_vrrp[58764]: /etc/keepalived/chknginx.sh exited with status 1 23 [root@web1 keepalived]# systemctl start nginx 26 [root@web1 keepalived]# systemctl status keepalived -l 27 ● keepalived.service - LVS and VRRP High Availability Monitor 28 Loaded: loaded (/usr/lib/systemd/system/keepalived.service; disabled; vendor preset: disabled) 29 Active: active (running) since Mon 2019-04-22 14:59:46 CST; 28min ago 30 Process: 58761 ExecStart=/usr/sbin/keepalived $KEEPALIVED_OPTIONS (code=exited, status=0/SUCCESS) 31 Main PID: 58762 (keepalived) 32 CGroup: /system.slice/keepalived.service 33 ├─58762 /usr/sbin/keepalived -D 34 ├─58763 /usr/sbin/keepalived -D 35 └─58764 /usr/sbin/keepalived -D 36 37 Apr 22 15:28:12 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) forcing a new MASTER election 38 Apr 22 15:28:13 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Transition to MASTER STATE 39 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Entering MASTER STATE 40 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) setting protocol VIPs. 41 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 42 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.216.200 43 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 44 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 45 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 46 Apr 22 15:28:14 web1 Keepalived_vrrp[58764]: Sending gratuitous ARP on ens33 for 192.168.216.200 47 [root@web1 keepalived]#
网页效果同上,就是stop nginx时候观察是否切换到web2上
