构建keepalive+nginx集群

    xiaoxiao2022-09-22  6

    构建keepalive+nginx集群 1、软件安装 1.1、准备两台机器 A机器:192.168.232.132 B机器:192.168.232.131 A级器作为master,B机器作为backup 1.2、两台机器都安装keepalived A机器 [root@aaa-01 ~]# yum install -y keepalived B机器 [root@bbb-01 ~]# yum install -y keepalived 1.3、两台机器上都安装nginx 若是A、B机器没有装nginx服务,可以直接yum安装,安装完之后启动nginx [root@aaa-01 ~]# yum install -y nginx [root@aaa-01 ~]# service nginx start Redirecting to /bin/systemctl start nginx.service [root@aaa-01 ~]# ps aux|grep nginx root     16687  0.0  0.0  46364   964 ?        Ss   11:51   0:00 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf nginx    16688  0.0  0.1  46764  1924 ?        S    11:51   0:00 nginx: worker process root     16690  0.0  0.0 112676   980 pts/0    R+   11:51   0:00 grep --color=auto nginx 注意:有时直接yum安装不了,需要安装yum扩展源:yum install -y epel-release 2、配置A机器 2.1、更改keepalived配置文件 默认的配置文件路径在/etc/keepalived/keepalived.conf 清空文件内容 > /etc/keepalived/keepalived.conf 编辑配置文件 vim /etc/keepalived/keepalived.conf 添加加以下内容: global_defs {    notification_email {      aming@aminglinux.com    }    notification_email_from root@aminglinux.com    smtp_server 127.0.0.1    smtp_connect_timeout 30    router_id LVS_DEVEL } vrrp_script chk_nginx {     script "/usr/local/sbin/check_ng.sh"     interval 3 } vrrp_instance VI_1 {     state MASTER     interface ens33     virtual_router_id 51     priority 100     advert_int 1     authentication {         auth_type PASS         auth_pass aminglinux>com     }     virtual_ipaddress {         192.168.232.100     }     track_script {         chk_nginx     } } 注意:"virtual_ipaddress"也就是所谓的vip我们设置为192.168.232.100 2.2、定义监控脚本 脚本路径在keepalived配置文件中有定义,路径为/usr/local/sbin/check_ng.sh 编辑配置文件: vim /usr/local/sbin/check_ng.sh 增加以下内容: #!/bin/bash #时间变量,用于记录日志 d=`date --date today +%Y%m%d_%H:%M:%S` #计算nginx进程数量 n=`ps -C nginx --no-heading|wc -l` #如果进程为0,则启动nginx,并且再次检测nginx进程数量, #如果还为0,说明nginx无法启动,此时需要关闭keepalived if [ $n -eq "0" ]; then         /etc/init.d/nginx start         n2=`ps -C nginx --no-heading|wc -l`         if [ $n2 -eq "0"  ]; then                 echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log                 systemctl stop keepalived         fi fi 2.3、改变脚本的权限 脚本创建完之后,还需要改变脚本的权限(不更改权限,就无法自动加载脚本,那就无法启动keepalived服务) [root@aaa-01 ~]# chmod 755 /usr/local/sbin/check_ng.sh 2.4、启动keepalived服务,并查看是否启动成功 [root@aaa-01 ~]# systemctl start keepalived [root@aaa-01 ~]# ps aux |grep keepalived root     34653  0.0  0.1 118652  1400 ?        Ss   12:16   0:00 /usr/sbin/keepalived -D root     34654  0.0  0.2 122852  2392 ?        S    12:16   0:00 /usr/sbin/keepalived -D root     34655  0.0  0.2 122852  2448 ?        S    12:16   0:00 /usr/sbin/keepalived -D root     34661  0.0  0.0 112720   988 pts/1    S+   12:16   0:00 grep --color=auto keepalived 启动不成功,有可能是防火墙未关闭或者规则限制导致的 systemctl stop firewalld 关闭firewalld iptables -nvL查看防火墙 setenforce 0 临时关闭selinux getenforce命令查看是否为Permissiv 再来启动keepalived,就会看到keepalived进程服务了 2.5、停止nginx服务 /etc/init.d/nginx stop 查看nginx服务进程 [root@aaa-01 ~]# /etc/init.d/nginx stop Stopping nginx (via systemctl):                            [  确定  ] [root@aaa-01 ~]# ps aux |grep nginx root     34813  0.0  0.0  20548   628 ?        Ss   12:17   0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody   34817  0.0  0.3  22992  3216 ?        S    12:17   0:00 nginx: worker process nobody   34818  0.0  0.3  22992  3216 ?        S    12:17   0:00 nginx: worker process root     34832  0.0  0.0 112720   984 pts/1    R+   12:17   0:00 grep --color=auto nginx 2.6、查看ip地址 使用 ip add 命令,可以查看到vip192.168.232.100 [root@aaa-01 ~]# ip add 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000  link/ether 00:0c:29:c2:05:5a brd ff:ff:ff:ff:ff:ff     inet 192.168.232.132/24 brd 192.168.232.255 scope global dynamic ens33        valid_lft 1559sec preferred_lft 1559sec     inet 192.168.232.100/32 scope global ens33        valid_lft forever preferred_lft forever     inet6 fe80::20c:29ff:fec2:55a/64 scope link         valid_lft forever preferred_lft forever 3、B机器配置 3.1、修改keepalived配置文件 配置文件路径:/etc/keepalived/keepalived.conf 清空:> /etc/keepalived/keepalived.conf 编辑配置文件: [root@bbb-01 ~]# vim /etc/keepalived/keepalived.conf 增加以下内容: global_defs {    notification_email {      aming@aminglinux.com    }    notification_email_from root@aminglinux.com    smtp_server 127.0.0.1    smtp_connect_timeout 30    router_id LVS_DEVEL } vrrp_script chk_nginx {     script "/usr/local/sbin/check_ng.sh"     interval 3 } vrrp_instance VI_1 {     state BACKUP        //这里 和master不一样的名字     interface eno16777736        //网卡和当前机器一致,否则无法启动keepalived服务     virtual_router_id 51        //和主机器 保持一致     priority 90            //权重,要比主机器小的数值     advert_int 1     authentication {         auth_type PASS         auth_pass aminglinux>com     }     virtual_ipaddress {         192.168.74.100        //这里更改为192.168.232.100     }     track_script {         chk_nginx     } } 3.2、定义监控脚本 [root@bbb-01 ~]# vim /usr/local/sbin/check_ng.sh 增加以下内容: #时间变量,用于记录日志 d=`date --date today +%Y%m%d_%H:%M:%S` #计算nginx进程数量 n=`ps -C nginx --no-heading|wc -l` #如果进程为0,则启动nginx,并且再次检测nginx进程数量, #如果还为0,说明nginx无法启动,此时需要关闭keepalived if [ $n -eq "0" ]; then         systemctl start nginx         n2=`ps -C nginx --no-heading|wc -l`         if [ $n2 -eq "0"  ]; then                 echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log                 systemctl stop keepalived         fi fi 3.3、改动脚本的权限 设置为755权限 [root@bbb-01 ~]# chmod 755 /usr/local/sbin/check_ng.sh 3.4、启动keepalived服务 [root@bbb-01 ~]# systemctl start keepalived [root@bbb-01 ~]# ps aux |grep keep root     19134  0.0  0.1 118608  1384 ?        Ss   12:33   0:00 /usr/sbin/keepalived -D root     19135  0.0  0.2 122804  2384 ?        S    12:33   0:00 /usr/sbin/keepalived -D root     19136  0.0  0.2 122804  2424 ?        S    12:33   0:00 /usr/sbin/keepalived -D root     19143  0.0  0.0 112676   984 pts/0    R+   12:33   0:00 grep --color=auto keep 4、区分主和从的nginx 4.1、A机器 4.1.1、查看虚拟主机内容 [root@aaa-01]# cat /usr/local/nginx/conf/vhost/aaa.com.conf server {     listen 80 default_server;      server_name aaa.com;     index index.html index.htm index.php;     root /data/wwwroot/default; } 4.1.2、索引页 [root@aaa-01~]# cat /data/wwwroot/default/index.html  This is the default sete. [root@aaa-01~]# vim /data/wwwroot/default/index.html   #增加内容  master This is the default sete. 4.1.3、用网页查看 http://192.168.232.132 This is the default sete. 4.2、B机器 4.2.1、索引页 默认的索引页在 /usr/share/nginx/html/index.html [root@bbb-01 ~]# vim /usr/share/nginx/html/index.html    #增加内容 backup backup. 4.2.2、用网页查看 http://192.168.232.131 backup backup. 4.3、用虚拟IP在网页测试 http://192.168.232.100 This is the default sete. 5、模拟线上生产环境 模拟主机宕机环境,可直接关闭keepalive服务, 5.1、关闭A机器keepalive并查看 [root@aaa-01 ~]# systemctl start keepalived [root@aaa-01 ~]# ip add 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000     link/ether 00:0c:29:c2:05:5a brd ff:ff:ff:ff:ff:ff     inet 192.168.232.132/24 brd 192.168.232.255 scope global dynamic ens33        valid_lft 1532sec preferred_lft 1532sec     inet6 fe80::20c:29ff:fec2:55a/64 scope link         valid_lft forever preferred_lft forever 5.2、查看B机器 [root@bbb-01 ~]# ip add 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00     inet 127.0.0.1/8 scope host lo        valid_lft forever preferred_lft forever     inet6 ::1/128 scope host         valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000     link/ether 00:0c:29:fb:fc:6f brd ff:ff:ff:ff:ff:ff     inet 192.168.232.131/24 brd 192.168.232.255 scope global dynamic ens33        valid_lft 1179sec preferred_lft 1179sec     inet 192.168.232.100/32 scope global ens33        valid_lft forever preferred_lft forever     inet6 fe80::20c:29ff:fefb:fc6f/64 scope link         valid_lft forever preferred_lft forever 3、浏览器访问vip,看到已经变成B机器 http://192.168.232.100 backup backup.

    最新回复(0)