keepalived + nginx輪詢方式 作高可用和負載均衡 訪問後端apache web 服務
keepalived+nginx+apache主備及雙活搭建測試php
keepalived+nginx高可用有主備和雙活兩種方式。主備方式下對外提供一個vip,同時只有一臺服務器工做,另外一臺做備機;雙活方式下對外提供兩個vip,兩臺機器互爲備份,下面詳細說明搭建測試步驟:html
配置:linux
主機 ip 操做系統 軟件 vip nginx01 192.168.2.185 Centos7 nginx 端口82 keepalived 192.168.2.189 nginx02 192.168.2.186 Centos7 nginx 端口82 keepalived 192.168.2.189 web01 192.168.2.187 Centos7 apache 端口80 / web02 192.168.2.188 Centos7 apache 端口80 / 1.nginx01安裝nginx [root@nginx01 ~]# cat /etc/redhat-release CentOS Linux release 7.3.1611 (Core) [root@nginx01 ~]# yum -y install gcc-c++ [root@nginx01 ~]# yum -y install pcre pcre-devel [root@nginx01 ~]# yum -y install zlib zlib-devel [root@nginx01 ~]# yum -y install openssl openssl-devel 下載https://nginx.org/en/download.html
https://nginx.org/download/nginx-1.12.2.tar.gz
[root@nginx01 ~]# mkdir software
[root@nginx01 ~]# cd software/
[root@nginx01 software]# wget https://nginx.org/download/nginx-1.12.2.tar.gz
[root@nginx01 software]# ls -ltr
total 960
-rw-r--r--. 1 root root 981687 Oct 17 21:20 nginx-1.12.2.tar.gz
[root@nginx01 software]# tar -zxvf nginx-1.12.2.tar.gz
[root@nginx01 software]# chown -R root.root nginx-1.12.2
[root@nginx01 software]# groupadd nginx
[root@nginx01 software]# useradd -g nginx -d /home/nginx -s /sbin/nologin nginx
[root@nginx01 software]# id nginx
uid=1000(nginx) gid=1000(nginx) groups=1000(nginx)
[root@nginx01 software]# grep nginx /etc/passwd
nginx:x:1000:1000::/home/nginx:/sbin/nologin
[root@nginx01 software]#
[root@nginx01 nginx-1.12.2]# ./configure --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-http_gzip_static_module | tee -a configure_nginx_20180417.log
.......
.......
.......
Configuration summary
+ using system PCRE library
+ using system OpenSSL library
+ using system zlib library
nginx path prefix: "/usr/local/nginx"
nginx binary file: "/usr/local/nginx/sbin/nginx"
nginx modules path: "/usr/local/nginx/modules"
nginx configuration prefix: "/usr/local/nginx/conf"
nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
nginx pid file: "/usr/local/nginx/logs/nginx.pid"
nginx error log file: "/usr/local/nginx/logs/error.log"
nginx http access log file: "/usr/local/nginx/logs/access.log"
nginx http client request body temporary files: "client_body_temp"
nginx http proxy temporary files: "proxy_temp"
nginx http fastcgi temporary files: "fastcgi_temp"
nginx http uwsgi temporary files: "uwsgi_temp"
nginx http scgi temporary files: "scgi_temp"
[root@nginx01 nginx-1.12.2]# make && make install | tee -a make_make_install_nginx_20180417.log
.........
.........
.........
objs/ngx_modules.o \
-ldl -lpthread -lcrypt -lpcre -lssl -lcrypto -ldl -lz \
-Wl,-E
sed -e "s|%%PREFIX%%|/usr/local/nginx|" \
-e "s|%%PID_PATH%%|/usr/local/nginx/logs/nginx.pid|" \
-e "s|%%CONF_PATH%%|/usr/local/nginx/conf/nginx.conf|" \
-e "s|%%ERROR_LOG_PATH%%|/usr/local/nginx/logs/error.log|" \
< man/nginx.8 > objs/nginx.8
make[1]: Leaving directory `/root/software/nginx-1.12.2'
make -f objs/Makefile install
make[1]: Entering directory `/root/software/nginx-1.12.2'
test -d '/usr/local/nginx' || mkdir -p '/usr/local/nginx'
test -d '/usr/local/nginx/sbin' \
|| mkdir -p '/usr/local/nginx/sbin'
test ! -f '/usr/local/nginx/sbin/nginx' \
|| mv '/usr/local/nginx/sbin/nginx' \
'/usr/local/nginx/sbin/nginx.old'
cp objs/nginx '/usr/local/nginx/sbin/nginx'
test -d '/usr/local/nginx/conf' \
|| mkdir -p '/usr/local/nginx/conf'
cp conf/koi-win '/usr/local/nginx/conf'
cp conf/koi-utf '/usr/local/nginx/conf'
cp conf/win-utf '/usr/local/nginx/conf'
test -f '/usr/local/nginx/conf/mime.types' \
|| cp conf/mime.types '/usr/local/nginx/conf'
cp conf/mime.types '/usr/local/nginx/conf/mime.types.default'
test -f '/usr/local/nginx/conf/fastcgi_params' \
|| cp conf/fastcgi_params '/usr/local/nginx/conf'
cp conf/fastcgi_params \
'/usr/local/nginx/conf/fastcgi_params.default'
test -f '/usr/local/nginx/conf/fastcgi.conf' \
|| cp conf/fastcgi.conf '/usr/local/nginx/conf'
cp conf/fastcgi.conf '/usr/local/nginx/conf/fastcgi.conf.default'
test -f '/usr/local/nginx/conf/uwsgi_params' \
|| cp conf/uwsgi_params '/usr/local/nginx/conf'
cp conf/uwsgi_params \
'/usr/local/nginx/conf/uwsgi_params.default'
test -f '/usr/local/nginx/conf/scgi_params' \
|| cp conf/scgi_params '/usr/local/nginx/conf'
cp conf/scgi_params \
'/usr/local/nginx/conf/scgi_params.default'
test -f '/usr/local/nginx/conf/nginx.conf' \
|| cp conf/nginx.conf '/usr/local/nginx/conf/nginx.conf'
cp conf/nginx.conf '/usr/local/nginx/conf/nginx.conf.default'
test -d '/usr/local/nginx/logs' \
|| mkdir -p '/usr/local/nginx/logs'
test -d '/usr/local/nginx/logs' \
|| mkdir -p '/usr/local/nginx/logs'
test -d '/usr/local/nginx/html' \
|| cp -R html '/usr/local/nginx'
test -d '/usr/local/nginx/logs' \
|| mkdir -p '/usr/local/nginx/logs'
make[1]: Leaving directory `/root/software/nginx-1.12.2'
[root@nginx01 nginx-1.12.2]# cd /usr/local/nginx/sbin/
[root@nginx01 sbin]# ln -s /usr/local/nginx/sbin/nginx /usr/local/bin/nginx
[root@nginx01 sbin]# nginx -v
nginx version: nginx/1.12.2
[root@nginx01 sbin]#
查看加載模塊nginx
[root@nginx01 sbin]# nginx -V nginx version: nginx/1.12.2 built by gcc 4.8.5 20150623 (Red Hat 4.8.5-16) (GCC) built with OpenSSL 1.0.2k-fips 26 Jan 2017 TLS SNI support enabled configure arguments: --user=nginx --group=nginx --prefix=/usr/local/nginx --with-http_stub_status_module --with-http_ssl_module --with-http_sub_module --with-http_gzip_static_module [root@nginx01 sbin]#
Nginx相關啓動任務c++
[root@nginx01 sbin]# nginx [root@nginx01 sbin]# ps -ef | grep nginx root 5241 1 0 00:35 ? 00:00:00 nginx: master process nginx nginx 5242 5241 0 00:35 ? 00:00:00 nginx: worker process root 5244 2517 1 00:35 pts/0 00:00:00 grep --color=auto nginx [root@nginx01 sbin]# nginx -s stop [root@nginx01 sbin]# ps -ef | grep nginx root 5247 2517 0 00:35 pts/0 00:00:00 grep --color=auto nginx [root@nginx01 sbin]# nginx -s quit nginx: [error] open() "/usr/local/nginx/logs/nginx.pid" failed (2: No such file or directory) [root@nginx01 sbin]# nginx [root@nginx01 sbin]# nginx -s quit [root@nginx01 sbin]# ps -ef | grep nginx root 5254 2517 0 00:36 pts/0 00:00:00 grep --color=auto nginx [root@nginx01 sbin]# nginx [root@nginx01 sbin]# nginx -s reload [root@nginx01 sbin]# [root@nginx01 sbin]# ps -ef | grep nginx root 5257 1 0 00:36 ? 00:00:00 nginx: master process nginx nginx 5260 5257 0 00:36 ? 00:00:00 nginx: worker process root 5262 2517 0 00:36 pts/0 00:00:00 grep --color=auto nginx [root@nginx01 sbin]# nginx -t nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful [root@nginx01 sbin]# nginx -s quit:此方式中止步驟是待nginx進程處理任務完畢進行中止。 nginx -s stop:此方式至關於先查出nginx進程id再使用kill命令強制殺掉進程。 nginx -s reload:動態加載,當配置文件nginx.conf有變化時執行該命令動態加載。
Nginx開機自啓動web
[root@nginx01 sbin]# cd /etc/rc.d [root@nginx01 rc.d]# ls -ltr total 4 -rw-r--r--. 1 root root 473 Nov 7 2016 rc.local drwxr-xr-x. 2 root root 70 Mar 12 18:54 init.d drwxr-xr-x. 2 root root 45 Mar 12 18:54 rc6.d drwxr-xr-x. 2 root root 45 Mar 12 18:54 rc5.d drwxr-xr-x. 2 root root 45 Mar 12 18:54 rc4.d drwxr-xr-x. 2 root root 45 Mar 12 18:54 rc3.d drwxr-xr-x. 2 root root 45 Mar 12 18:54 rc2.d drwxr-xr-x. 2 root root 45 Mar 12 18:54 rc1.d drwxr-xr-x. 2 root root 45 Mar 12 18:54 rc0.d [root@nginx01 rc.d]# cat rc.local #!/bin/bash # THIS FILE IS ADDED FOR COMPATIBILITY PURPOSES # # It is highly advisable to create own systemd services or udev rules # to run scripts during boot instead of using this file. # # In contrast to previous versions due to parallel execution during boot # this script will NOT be run after all other services. # # Please note that you must run 'chmod +x /etc/rc.d/rc.local' to ensure # that this script will be executed during boot. touch /var/lock/subsys/local [root@nginx01 rc.d]# echo "/usr/local/nginx/sbin/nginx" > rc.local [root@nginx01 rc.d]# chmod u+x rc.local [root@nginx01 rc.d]# view rc.local [root@nginx01 rc.d]# cat rc.local /usr/local/nginx/sbin/nginx [root@nginx01 rc.d]# ls -ltr rc.local -rwxr--r--. 1 root root 28 Apr 18 00:39 rc.local [root@nginx01 rc.d]# ps -ef | grep nginx root 5257 1 0 00:36 ? 00:00:00 nginx: master process nginx nginx 5260 5257 0 00:36 ? 00:00:00 nginx: worker process root 5271 2517 0 00:39 pts/0 00:00:00 grep --color=auto nginx [root@nginx01 rc.d]# nginx -s quit [root@nginx01 rc.d]# ps -ef | grep nginx root 5274 2517 0 00:39 pts/0 00:00:00 grep --color=auto nginx [root@nginx01 rc.d]# ./rc.local [root@nginx01 rc.d]# ps -ef | grep nginx root 5277 1 0 00:39 ? 00:00:00 nginx: master process /usr/local/nginx/sbin/nginx nginx 5278 5277 0 00:39 ? 00:00:00 nginx: worker process root 5280 2517 0 00:39 pts/0 00:00:00 grep --color=auto nginx [root@nginx01 rc.d]#
至此nginx安裝成功,nginx02也按nginx01的上面的操做執行一遍apache
2.配置nginx後端
[root@nginx01 rc.d]# cp -p /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bk.2018
[root@nginx01 rc.d]# grep -v '#' /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
[root@nginx01 rc.d]# cp -p /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bk.2018
[root@nginx01 rc.d]# vi /usr/local/nginx/conf/nginx.conf
[root@nginx01 rc.d]# diff /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bk.2018
34,37d33
< upstream webser{
< server 192.168.2.187:80;
< server 192.168.2.188:80;
< }
48,50c44,45
< proxy_pass http://webser;
< #root html;
< #index index.html index.htm;
---
> root html;
> index index.html index.htm;
[root@nginx01 rc.d]# cat /usr/local/nginx/conf/nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream webser{
server 192.168.2.187:80;
server 192.168.2.188:80;
}
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
proxy_pass http://webser;
#root html;
#index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# location / {
# root html;
# index index.html index.htm;
# }
#}
# HTTPS server
#
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
[root@nginx01 rc.d]#
[root@nginx01 rc.d]# grep -v '#' /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream webser{
server 192.168.2.187:80;
server 192.168.2.188:80;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://webser;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
重啓nginx生效
[root@nginx01 rc.d]# nginx -s reload
[root@nginx01 rc.d]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@nginx01 rc.d]# nginx -s quit
[root@nginx01 rc.d]# ps -ef | grep nginx
root 5299 2517 0 00:52 pts/0 00:00:00 grep --color=auto nginx
[root@nginx01 rc.d]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@nginx01 rc.d]# nginx
[root@nginx01 rc.d]# ps -ef | grep nginx
root 5302 1 0 00:52 ? 00:00:00 nginx: master process nginx
nginx 5303 5302 0 00:52 ? 00:00:00 nginx: worker process
root 5305 2517 0 00:52 pts/0 00:00:00 grep --color=auto nginx
[root@nginx01 rc.d]#
nginx01 nginx配置完成
nginx02 也按照上面同樣的配置
[root@nginx02 rc.d]# cp -p /usr/local/nginx/conf/nginx.conf /usr/local/nginx/conf/nginx.conf.bk.20180417
[root@nginx01 rc.d]# scp -p /usr/local/nginx/conf/nginx.conf 192.168.2.186:/usr/local/nginx/conf/nginx.conf
The authenticity of host '192.168.2.186 (192.168.2.186)' can't be established.
ECDSA key fingerprint is eb:04:83:e8:3d:6e:e6:95:f0:c6:9c:6c:ba:78:34:66.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.2.186' (ECDSA) to the list of known hosts.
root@192.168.2.186's password:
nginx.conf 100% 2800 2.7KB/s 00:00
[root@nginx01 rc.d]#
[root@nginx02 rc.d]# grep -v '#' /usr/local/nginx/conf/nginx.conf
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
upstream webser{
server 192.168.2.187:80;
server 192.168.2.188:80;
}
server {
listen 80;
server_name localhost;
location / {
proxy_pass http://webser;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
[root@nginx02 rc.d]# nginx -t
nginx: the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx: configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@nginx02 rc.d]# nginx
[root@nginx02 rc.d]# ps -ef | grep nginx
root 5306 1 0 00:57 ? 00:00:00 nginx: master process nginx
nginx 5307 5306 0 00:57 ? 00:00:00 nginx: worker process
root 5309 2524 0 00:57 pts/0 00:00:00 grep --color=auto nginx
[root@nginx02 rc.d]#
至此2臺nginx配置成功centos
3.keepalived 的安裝bash
[root@nginx01 softare]# pwd
/root/softare
[root@nginx01 software]# yum -y install keepalived | tee -a install_keepalived_20180417.log
[root@nginx02 softare]# yum -y install keepalived | tee -a install_keepalived_20180417.log
Keepalived 配置
查看keepalived 安裝了那些文件
[root@nginx01 softare]# rpm -qa keepalived
keepalived-1.3.5-1.el7.x86_64
[root@nginx02 softare]# rpm -ql keepalived
/etc/keepalived
/etc/keepalived/keepalived.conf
/etc/sysconfig/keepalived
/usr/bin/genhash
/usr/lib/systemd/system/keepalived.service
/usr/libexec/keepalived
/usr/sbin/keepalived
/usr/share/doc/keepalived-1.3.5
/usr/share/doc/keepalived-1.3.5/AUTHOR
/usr/share/doc/keepalived-1.3.5/CONTRIBUTORS
/usr/share/doc/keepalived-1.3.5/COPYING
/usr/share/doc/keepalived-1.3.5/ChangeLog
/usr/share/doc/keepalived-1.3.5/NOTE_vrrp_vmac.txt
/usr/share/doc/keepalived-1.3.5/README
/usr/share/doc/keepalived-1.3.5/TODO
/usr/share/doc/keepalived-1.3.5/keepalived.conf.SYNOPSIS
/usr/share/doc/keepalived-1.3.5/samples
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.HTTP_GET.port
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.IPv6
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.SMTP_CHECK
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.SSL_GET
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.fwmark
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.inhibit
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.misc_check
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.misc_check_arg
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.quorum
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.sample
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.status_code
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.track_interface
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.virtual_server_group
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.virtualhost
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.localcheck
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.lvs_syncd
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.routes
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.rules
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.scripts
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.static_ipaddress
/usr/share/doc/keepalived-1.3.5/samples/keepalived.conf.vrrp.sync
/usr/share/doc/keepalived-1.3.5/samples/sample.misccheck.smbcheck.sh
/usr/share/man/man1/genhash.1.gz
/usr/share/man/man5/keepalived.conf.5.gz
/usr/share/man/man8/keepalived.8.gz
/usr/share/snmp/mibs/KEEPALIVED-MIB.txt
/usr/share/snmp/mibs/VRRP-MIB.txt
/usr/share/snmp/mibs/VRRPv3-MIB.txt
[root@nginx02 softare]#
[root@nginx01 software]# cat /etc/keepalived/keepalived.conf ! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL1
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 2
weight 20
fall 1
rise 10
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.189
}
track_script {
chk_nginx
}
}
[root@nginx01 software]#
[root@nginx01 software]# vi /etc/keepalived/check_nginx.sh
[root@nginx01 software]# chmod u+x /etc/keepalived/check_nginx.sh
[root@nginx01 software]# cat /etc/keepalived/check_nginx.sh
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
pkill keep
fi
fi
[root@nginx01 software]#
[root@nginx01 ~]# systemctl start keepalived
[root@nginx01 ~]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
[root@nginx01 ~]#
nginx01上的keepalived 配置完成
配置nginx02上的keepalived
[root@nginx02 softare]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id LVS_DEVEL2
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 2
weight 20
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.189
}
track_script {
chk_nginx
}
}
該腳本用戶檢測nginx進程是否存在,若不存在則重啓,若重啓失敗則直接殺掉keepalived進程,觸發切換。(若沒有pkill命令請先安裝)
[root@nginx02 softare]# vi "/etc/keepalived/check_nginx.sh"
[root@nginx02 softare]# cat "/etc/keepalived/check_nginx.sh"
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
pkill keep
fi
fi
[root@nginx02 ~]# chmod u+x "/etc/keepalived/check_nginx.sh"
[root@nginx02 softare]#
[root@nginx02 ~]# systemctl start keepalived
[root@nginx02 ~]# systemctl enable keepalived
Created symlink from /etc/systemd/system/multi-user.target.wants/keepalived.service to /usr/lib/systemd/system/keepalived.service.
Nginx02上的keepalived配置完成
Apache安裝 在web01和web02上分別安裝apache [root@web01 software]# yum -y install httpd httpd-devel | tee -a yum_install_apache_20180417.log Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.aliyun.com * extras: mirrors.aliyun.com * updates: mirrors.aliyun.com Resolving Dependencies --> Running transaction check ---> Package httpd.x86_64 0:2.4.6-67.el7.centos.6 will be installed --> Processing Dependency: httpd-tools = 2.4.6-67.el7.centos.6 for package: httpd-2.4.6-67.el7.centos.6.x86_64 --> Processing Dependency: /etc/mime.types for package: httpd-2.4.6-67.el7.centos.6.x86_64 --> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.4.6-67.el7.centos.6.x86_64 --> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.4.6-67.el7.centos.6.x86_64 ---> Package httpd-devel.x86_64 0:2.4.6-67.el7.centos.6 will be installed --> Processing Dependency: perl >= 5.004 for package: httpd-devel-2.4.6-67.el7.centos.6.x86_64 --> Processing Dependency: perl(strict) for package: httpd-devel-2.4.6-67.el7.centos.6.x86_64 --> Processing Dependency: apr-util-devel for package: httpd-devel-2.4.6-67.el7.centos.6.x86_64 --> Processing Dependency: apr-devel for package: httpd-devel-2.4.6-67.el7.centos.6.x86_64 --> Processing Dependency: /usr/bin/perl for package: httpd-devel-2.4.6-67.el7.centos.6.x86_64 --> Running transaction check ---> Package apr.x86_64 0:1.4.8-3.el7_4.1 will be installed ---> Package apr-devel.x86_64 0:1.4.8-3.el7_4.1 will be installed ---> Package apr-util.x86_64 0:1.5.2-6.el7 will be installed ---> Package apr-util-devel.x86_64 0:1.5.2-6.el7 will be installed --> Processing Dependency: openldap-devel(x86-64) for package: apr-util-devel-1.5.2-6.el7.x86_64 --> Processing Dependency: libdb-devel(x86-64) for package: apr-util-devel-1.5.2-6.el7.x86_64 --> Processing Dependency: expat-devel(x86-64) for package: apr-util-devel-1.5.2-6.el7.x86_64 ---> Package httpd-tools.x86_64 0:2.4.6-67.el7.centos.6 will be installed ---> Package mailcap.noarch 0:2.1.41-2.el7 will be installed ---> Package perl.x86_64 4:5.16.3-292.el7 will be installed --> Processing Dependency: perl-libs = 4:5.16.3-292.el7 for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Socket) >= 1.3 for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Scalar::Util) >= 1.10 for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl-macros for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl-libs for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(threads::shared) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(threads) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(constant) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Time::Local) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Time::HiRes) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Storable) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Socket) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Scalar::Util) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Pod::Simple::XHTML) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Pod::Simple::Search) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Getopt::Long) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Filter::Util::Call) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(File::Temp) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(File::Spec::Unix) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(File::Spec::Functions) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(File::Spec) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(File::Path) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Exporter) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Cwd) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: perl(Carp) for package: 4:perl-5.16.3-292.el7.x86_64 --> Processing Dependency: libperl.so()(64bit) for package: 4:perl-5.16.3-292.el7.x86_64 --> Running transaction check ---> Package expat-devel.x86_64 0:2.1.0-10.el7_3 will be installed --> Processing Dependency: expat = 2.1.0-10.el7_3 for package: expat-devel-2.1.0-10.el7_3.x86_64 ---> Package libdb-devel.x86_64 0:5.3.21-21.el7_4 will be installed --> Processing Dependency: libdb(x86-64) = 5.3.21-21.el7_4 for package: libdb-devel-5.3.21-21.el7_4.x86_64 ---> Package openldap-devel.x86_64 0:2.4.44-5.el7 will be installed --> Processing Dependency: openldap(x86-64) = 2.4.44-5.el7 for package: openldap-devel-2.4.44-5.el7.x86_64 --> Processing Dependency: cyrus-sasl-devel(x86-64) for package: openldap-devel-2.4.44-5.el7.x86_64 ---> Package perl-Carp.noarch 0:1.26-244.el7 will be installed ---> Package perl-Exporter.noarch 0:5.68-3.el7 will be installed ---> Package perl-File-Path.noarch 0:2.09-2.el7 will be installed ---> Package perl-File-Temp.noarch 0:0.23.01-3.el7 will be installed ---> Package perl-Filter.x86_64 0:1.49-3.el7 will be installed ---> Package perl-Getopt-Long.noarch 0:2.40-2.el7 will be installed --> Processing Dependency: perl(Pod::Usage) >= 1.14 for package: perl-Getopt-Long-2.40-2.el7.noarch --> Processing Dependency: perl(Text::ParseWords) for package: perl-Getopt-Long-2.40-2.el7.noarch ---> Package perl-PathTools.x86_64 0:3.40-5.el7 will be installed ---> Package perl-Pod-Simple.noarch 1:3.28-4.el7 will be installed --> Processing Dependency: perl(Pod::Escapes) >= 1.04 for package: 1:perl-Pod-Simple-3.28-4.el7.noarch --> Processing Dependency: perl(Encode) for package: 1:perl-Pod-Simple-3.28-4.el7.noarch ---> Package perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 will be installed ---> Package perl-Socket.x86_64 0:2.010-4.el7 will be installed ---> Package perl-Storable.x86_64 0:2.45-3.el7 will be installed ---> Package perl-Time-HiRes.x86_64 4:1.9725-3.el7 will be installed ---> Package perl-Time-Local.noarch 0:1.2300-2.el7 will be installed ---> Package perl-constant.noarch 0:1.27-2.el7 will be installed ---> Package perl-libs.x86_64 4:5.16.3-292.el7 will be installed ---> Package perl-macros.x86_64 4:5.16.3-292.el7 will be installed ---> Package perl-threads.x86_64 0:1.87-4.el7 will be installed ---> Package perl-threads-shared.x86_64 0:1.43-6.el7 will be installed --> Running transaction check ---> Package cyrus-sasl-devel.x86_64 0:2.1.26-21.el7 will be installed --> Processing Dependency: cyrus-sasl-lib(x86-64) = 2.1.26-21.el7 for package: cyrus-sasl-devel-2.1.26-21.el7.x86_64 --> Processing Dependency: cyrus-sasl(x86-64) = 2.1.26-21.el7 for package: cyrus-sasl-devel-2.1.26-21.el7.x86_64 ---> Package expat.x86_64 0:2.1.0-8.el7 will be updated ---> Package expat.x86_64 0:2.1.0-10.el7_3 will be an update ---> Package libdb.x86_64 0:5.3.21-19.el7 will be updated --> Processing Dependency: libdb(x86-64) = 5.3.21-19.el7 for package: libdb-utils-5.3.21-19.el7.x86_64 ---> Package libdb.x86_64 0:5.3.21-21.el7_4 will be an update ---> Package openldap.x86_64 0:2.4.40-13.el7 will be updated ---> Package openldap.x86_64 0:2.4.44-5.el7 will be an update ---> Package perl-Encode.x86_64 0:2.51-7.el7 will be installed ---> Package perl-Pod-Escapes.noarch 1:1.04-292.el7 will be installed ---> Package perl-Pod-Usage.noarch 0:1.63-3.el7 will be installed --> Processing Dependency: perl(Pod::Text) >= 3.15 for package: perl-Pod-Usage-1.63-3.el7.noarch --> Processing Dependency: perl-Pod-Perldoc for package: perl-Pod-Usage-1.63-3.el7.noarch ---> Package perl-Text-ParseWords.noarch 0:3.29-4.el7 will be installed --> Running transaction check ---> Package cyrus-sasl.x86_64 0:2.1.26-21.el7 will be installed ---> Package cyrus-sasl-lib.x86_64 0:2.1.26-20.el7_2 will be updated ---> Package cyrus-sasl-lib.x86_64 0:2.1.26-21.el7 will be an update ---> Package libdb-utils.x86_64 0:5.3.21-19.el7 will be updated ---> Package libdb-utils.x86_64 0:5.3.21-21.el7_4 will be an update ---> Package perl-Pod-Perldoc.noarch 0:3.20-4.el7 will be installed --> Processing Dependency: perl(parent) for package: perl-Pod-Perldoc-3.20-4.el7.noarch --> Processing Dependency: perl(HTTP::Tiny) for package: perl-Pod-Perldoc-3.20-4.el7.noarch ---> Package perl-podlators.noarch 0:2.5.1-3.el7 will be installed --> Running transaction check ---> Package perl-HTTP-Tiny.noarch 0:0.033-3.el7 will be installed ---> Package perl-parent.noarch 1:0.225-244.el7 will be installed --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Installing: httpd x86_64 2.4.6-67.el7.centos.6 updates 2.7 M httpd-devel x86_64 2.4.6-67.el7.centos.6 updates 194 k Installing for dependencies: apr x86_64 1.4.8-3.el7_4.1 updates 103 k apr-devel x86_64 1.4.8-3.el7_4.1 updates 188 k apr-util x86_64 1.5.2-6.el7 base 92 k apr-util-devel x86_64 1.5.2-6.el7 base 76 k cyrus-sasl x86_64 2.1.26-21.el7 base 88 k cyrus-sasl-devel x86_64 2.1.26-21.el7 base 310 k expat-devel x86_64 2.1.0-10.el7_3 base 57 k httpd-tools x86_64 2.4.6-67.el7.centos.6 updates 88 k libdb-devel x86_64 5.3.21-21.el7_4 updates 38 k mailcap noarch 2.1.41-2.el7 base 31 k openldap-devel x86_64 2.4.44-5.el7 base 801 k perl x86_64 4:5.16.3-292.el7 base 8.0 M perl-Carp noarch 1.26-244.el7 base 19 k perl-Encode x86_64 2.51-7.el7 base 1.5 M perl-Exporter noarch 5.68-3.el7 base 28 k perl-File-Path noarch 2.09-2.el7 base 26 k perl-File-Temp noarch 0.23.01-3.el7 base 56 k perl-Filter x86_64 1.49-3.el7 base 76 k perl-Getopt-Long noarch 2.40-2.el7 base 56 k perl-HTTP-Tiny noarch 0.033-3.el7 base 38 k perl-PathTools x86_64 3.40-5.el7 base 82 k perl-Pod-Escapes noarch 1:1.04-292.el7 base 51 k perl-Pod-Perldoc noarch 3.20-4.el7 base 87 k perl-Pod-Simple noarch 1:3.28-4.el7 base 216 k perl-Pod-Usage noarch 1.63-3.el7 base 27 k perl-Scalar-List-Utils x86_64 1.27-248.el7 base 36 k perl-Socket x86_64 2.010-4.el7 base 49 k perl-Storable x86_64 2.45-3.el7 base 77 k perl-Text-ParseWords noarch 3.29-4.el7 base 14 k perl-Time-HiRes x86_64 4:1.9725-3.el7 base 45 k perl-Time-Local noarch 1.2300-2.el7 base 24 k perl-constant noarch 1.27-2.el7 base 19 k perl-libs x86_64 4:5.16.3-292.el7 base 688 k perl-macros x86_64 4:5.16.3-292.el7 base 43 k perl-parent noarch 1:0.225-244.el7 base 12 k perl-podlators noarch 2.5.1-3.el7 base 112 k perl-threads x86_64 1.87-4.el7 base 49 k perl-threads-shared x86_64 1.43-6.el7 base 39 k Updating for dependencies: cyrus-sasl-lib x86_64 2.1.26-21.el7 base 155 k expat x86_64 2.1.0-10.el7_3 base 81 k libdb x86_64 5.3.21-21.el7_4 updates 719 k libdb-utils x86_64 5.3.21-21.el7_4 updates 132 k openldap x86_64 2.4.44-5.el7 base 354 k Transaction Summary ================================================================================ Install 2 Packages (+38 Dependent packages) Upgrade ( 5 Dependent packages) Total download size: 17 M Downloading packages: Delta RPMs disabled because /usr/bin/applydeltarpm not installed. -------------------------------------------------------------------------------- Total 667 kB/s | 17 MB 00:26 Running transaction check Running transaction test Transaction test succeeded Running transaction Updating : libdb-5.3.21-21.el7_4.x86_64 1/50 Updating : expat-2.1.0-10.el7_3.x86_64 2/50 Installing : apr-1.4.8-3.el7_4.1.x86_64 3/50 Installing : apr-util-1.5.2-6.el7.x86_64 4/50 Updating : cyrus-sasl-lib-2.1.26-21.el7.x86_64 5/50 Updating : openldap-2.4.44-5.el7.x86_64 6/50 Installing : apr-devel-1.4.8-3.el7_4.1.x86_64 7/50 Installing : cyrus-sasl-2.1.26-21.el7.x86_64 8/50 Installing : cyrus-sasl-devel-2.1.26-21.el7.x86_64 9/50 Installing : openldap-devel-2.4.44-5.el7.x86_64 10/50 Installing : httpd-tools-2.4.6-67.el7.centos.6.x86_64 11/50 Installing : expat-devel-2.1.0-10.el7_3.x86_64 12/50 Installing : libdb-devel-5.3.21-21.el7_4.x86_64 13/50 Installing : apr-util-devel-1.5.2-6.el7.x86_64 14/50 Installing : 1:perl-parent-0.225-244.el7.noarch 15/50 Installing : perl-HTTP-Tiny-0.033-3.el7.noarch 16/50 Installing : perl-podlators-2.5.1-3.el7.noarch 17/50 Installing : perl-Pod-Perldoc-3.20-4.el7.noarch 18/50 Installing : 1:perl-Pod-Escapes-1.04-292.el7.noarch 19/50 Installing : perl-Text-ParseWords-3.29-4.el7.noarch 20/50 Installing : perl-Encode-2.51-7.el7.x86_64 21/50 Installing : perl-Pod-Usage-1.63-3.el7.noarch 22/50 Installing : 4:perl-macros-5.16.3-292.el7.x86_64 23/50 Installing : 4:perl-libs-5.16.3-292.el7.x86_64 24/50 Installing : perl-Storable-2.45-3.el7.x86_64 25/50 Installing : perl-Exporter-5.68-3.el7.noarch 26/50 Installing : perl-constant-1.27-2.el7.noarch 27/50 Installing : perl-Time-Local-1.2300-2.el7.noarch 28/50 Installing : perl-Socket-2.010-4.el7.x86_64 29/50 Installing : perl-Carp-1.26-244.el7.noarch 30/50 Installing : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 31/50 Installing : perl-PathTools-3.40-5.el7.x86_64 32/50 Installing : perl-Scalar-List-Utils-1.27-248.el7.x86_64 33/50 Installing : perl-File-Temp-0.23.01-3.el7.noarch 34/50 Installing : perl-File-Path-2.09-2.el7.noarch 35/50 Installing : perl-threads-shared-1.43-6.el7.x86_64 36/50 Installing : perl-threads-1.87-4.el7.x86_64 37/50 Installing : perl-Filter-1.49-3.el7.x86_64 38/50 Installing : 1:perl-Pod-Simple-3.28-4.el7.noarch 39/50 Installing : perl-Getopt-Long-2.40-2.el7.noarch 40/50 Installing : 4:perl-5.16.3-292.el7.x86_64 41/50 Installing : mailcap-2.1.41-2.el7.noarch 42/50 Installing : httpd-2.4.6-67.el7.centos.6.x86_64 43/50 Installing : httpd-devel-2.4.6-67.el7.centos.6.x86_64 44/50 Updating : libdb-utils-5.3.21-21.el7_4.x86_64 45/50 Cleanup : libdb-utils-5.3.21-19.el7.x86_64 46/50 Cleanup : openldap-2.4.40-13.el7.x86_64 47/50 Cleanup : cyrus-sasl-lib-2.1.26-20.el7_2.x86_64 48/50 Cleanup : libdb-5.3.21-19.el7.x86_64 49/50 Cleanup : expat-2.1.0-8.el7.x86_64 50/50 Verifying : perl-HTTP-Tiny-0.033-3.el7.noarch 1/50 Verifying : mailcap-2.1.41-2.el7.noarch 2/50 Verifying : perl-threads-shared-1.43-6.el7.x86_64 3/50 Verifying : perl-Storable-2.45-3.el7.x86_64 4/50 Verifying : apr-1.4.8-3.el7_4.1.x86_64 5/50 Verifying : perl-Exporter-5.68-3.el7.noarch 6/50 Verifying : perl-constant-1.27-2.el7.noarch 7/50 Verifying : perl-PathTools-3.40-5.el7.x86_64 8/50 Verifying : 4:perl-macros-5.16.3-292.el7.x86_64 9/50 Verifying : perl-File-Temp-0.23.01-3.el7.noarch 10/50 Verifying : httpd-devel-2.4.6-67.el7.centos.6.x86_64 11/50 Verifying : expat-devel-2.1.0-10.el7_3.x86_64 12/50 Verifying : 1:perl-parent-0.225-244.el7.noarch 13/50 Verifying : 4:perl-5.16.3-292.el7.x86_64 14/50 Verifying : cyrus-sasl-lib-2.1.26-21.el7.x86_64 15/50 Verifying : httpd-tools-2.4.6-67.el7.centos.6.x86_64 16/50 Verifying : cyrus-sasl-devel-2.1.26-21.el7.x86_64 17/50 Verifying : 1:perl-Pod-Simple-3.28-4.el7.noarch 18/50 Verifying : perl-Time-Local-1.2300-2.el7.noarch 19/50 Verifying : 4:perl-libs-5.16.3-292.el7.x86_64 20/50 Verifying : perl-Pod-Perldoc-3.20-4.el7.noarch 21/50 Verifying : perl-Socket-2.010-4.el7.x86_64 22/50 Verifying : perl-Carp-1.26-244.el7.noarch 23/50 Verifying : perl-podlators-2.5.1-3.el7.noarch 24/50 Verifying : apr-util-1.5.2-6.el7.x86_64 25/50 Verifying : 4:perl-Time-HiRes-1.9725-3.el7.x86_64 26/50 Verifying : openldap-2.4.44-5.el7.x86_64 27/50 Verifying : perl-Scalar-List-Utils-1.27-248.el7.x86_64 28/50 Verifying : 1:perl-Pod-Escapes-1.04-292.el7.noarch 29/50 Verifying : libdb-5.3.21-21.el7_4.x86_64 30/50 Verifying : perl-Pod-Usage-1.63-3.el7.noarch 31/50 Verifying : libdb-devel-5.3.21-21.el7_4.x86_64 32/50 Verifying : perl-Encode-2.51-7.el7.x86_64 33/50 Verifying : libdb-utils-5.3.21-21.el7_4.x86_64 34/50 Verifying : perl-Getopt-Long-2.40-2.el7.noarch 35/50 Verifying : apr-devel-1.4.8-3.el7_4.1.x86_64 36/50 Verifying : perl-File-Path-2.09-2.el7.noarch 37/50 Verifying : apr-util-devel-1.5.2-6.el7.x86_64 38/50 Verifying : httpd-2.4.6-67.el7.centos.6.x86_64 39/50 Verifying : perl-threads-1.87-4.el7.x86_64 40/50 Verifying : expat-2.1.0-10.el7_3.x86_64 41/50 Verifying : perl-Filter-1.49-3.el7.x86_64 42/50 Verifying : perl-Text-ParseWords-3.29-4.el7.noarch 43/50 Verifying : openldap-devel-2.4.44-5.el7.x86_64 44/50 Verifying : cyrus-sasl-2.1.26-21.el7.x86_64 45/50 Verifying : cyrus-sasl-lib-2.1.26-20.el7_2.x86_64 46/50 Verifying : libdb-5.3.21-19.el7.x86_64 47/50 Verifying : expat-2.1.0-8.el7.x86_64 48/50 Verifying : libdb-utils-5.3.21-19.el7.x86_64 49/50 Verifying : openldap-2.4.40-13.el7.x86_64 50/50 Installed: httpd.x86_64 0:2.4.6-67.el7.centos.6 httpd-devel.x86_64 0:2.4.6-67.el7.centos.6 Dependency Installed: apr.x86_64 0:1.4.8-3.el7_4.1 apr-devel.x86_64 0:1.4.8-3.el7_4.1 apr-util.x86_64 0:1.5.2-6.el7 apr-util-devel.x86_64 0:1.5.2-6.el7 cyrus-sasl.x86_64 0:2.1.26-21.el7 cyrus-sasl-devel.x86_64 0:2.1.26-21.el7 expat-devel.x86_64 0:2.1.0-10.el7_3 httpd-tools.x86_64 0:2.4.6-67.el7.centos.6 libdb-devel.x86_64 0:5.3.21-21.el7_4 mailcap.noarch 0:2.1.41-2.el7 openldap-devel.x86_64 0:2.4.44-5.el7 perl.x86_64 4:5.16.3-292.el7 perl-Carp.noarch 0:1.26-244.el7 perl-Encode.x86_64 0:2.51-7.el7 perl-Exporter.noarch 0:5.68-3.el7 perl-File-Path.noarch 0:2.09-2.el7 perl-File-Temp.noarch 0:0.23.01-3.el7 perl-Filter.x86_64 0:1.49-3.el7 perl-Getopt-Long.noarch 0:2.40-2.el7 perl-HTTP-Tiny.noarch 0:0.033-3.el7 perl-PathTools.x86_64 0:3.40-5.el7 perl-Pod-Escapes.noarch 1:1.04-292.el7 perl-Pod-Perldoc.noarch 0:3.20-4.el7 perl-Pod-Simple.noarch 1:3.28-4.el7 perl-Pod-Usage.noarch 0:1.63-3.el7 perl-Scalar-List-Utils.x86_64 0:1.27-248.el7 perl-Socket.x86_64 0:2.010-4.el7 perl-Storable.x86_64 0:2.45-3.el7 perl-Text-ParseWords.noarch 0:3.29-4.el7 perl-Time-HiRes.x86_64 4:1.9725-3.el7 perl-Time-Local.noarch 0:1.2300-2.el7 perl-constant.noarch 0:1.27-2.el7 perl-libs.x86_64 4:5.16.3-292.el7 perl-macros.x86_64 4:5.16.3-292.el7 perl-parent.noarch 1:0.225-244.el7 perl-podlators.noarch 0:2.5.1-3.el7 perl-threads.x86_64 0:1.87-4.el7 perl-threads-shared.x86_64 0:1.43-6.el7 Dependency Updated: cyrus-sasl-lib.x86_64 0:2.1.26-21.el7 expat.x86_64 0:2.1.0-10.el7_3 libdb.x86_64 0:5.3.21-21.el7_4 libdb-utils.x86_64 0:5.3.21-21.el7_4 openldap.x86_64 0:2.4.44-5.el7 Complete! [root@web01 software]# [root@web02 software]# yum -y install httpd httpd-devel | tee -a yum_install_apache_20180417.log [root@web01 software]# systemctl start httpd [root@web01 software]# systemctl enable httpd Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. [root@web01 software]# echo web01-192.168.2.187 > /var/www/html/index.html [root@web01 software]# [root@web02 software]# systemctl start httpd [root@web02 software]# systemctl enable httpd Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. [root@web02 software]# echo web02-192.168.2.188 > /var/www/html/index.html [root@web02 software]#
關閉全部服務器的防火牆和selinux
[root@nginx01 ~]# systemctl stop firewalld.service [root@nginx01 ~]# systemctl disable firewalld.service Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service. Removed symlink /etc/systemd/system/basic.target.wants/firewalld.service. [root@nginx01 ~]# firewall-cmd --state not running [root@nginx01 ~]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: enforcing Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28 [root@nginx01 ~]# setenforce 0 [root@nginx01 ~]# sestatus SELinux status: enabled SELinuxfs mount: /sys/fs/selinux SELinux root directory: /etc/selinux Loaded policy name: targeted Current mode: permissive Mode from config file: enforcing Policy MLS status: enabled Policy deny_unknown status: allowed Max kernel policy version: 28 [root@nginx01 ~]# vi /etc/selinux/config [root@nginx01 ~]# grep -v '#' /etc/selinux/config SELINUX=disabled SELINUXTYPE=targeted [root@nginx01 ~]#
重啓全部服務
[root@nginx01 ~]# nginx -s reload [root@nginx01 ~]# systemctl restart keepalived [root@nginx02 ~]# nginx -s reload [root@nginx02 ~]# systemctl restart keepalived [root@nginx02 ~]# [root@web01 software]# systemctl restart httpd [root@web01 software]# [root@web02 software]# systemctl restart httpd [root@web02 software]#
高可用測試
[root@nginx01 ~]# ip ad
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:6f:aa:40 brd ff:ff:ff:ff:ff:ff
inet 192.168.2.185/24 brd 192.168.2.255 scope global ens33
valid_lft forever preferred_lft forever
inet 192.168.2.189/32 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::6ceb:c635:2a8e:56b1/64 scope link
valid_lft forever preferred_lft forever
inet6 fe80::acee:8487:9f9d:5909/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
inet6 fe80::1766:5ed5:664c:7324/64 scope link tentative dadfailed
valid_lft forever preferred_lft forever
[root@nginx01 ~]#
沒法經過訪問192.168.2.189
修改keepalived 配置
[root@nginx01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id proxy1
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 2
weight 20
fall 1
rise 10
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.189
}
track_script {
chk_nginx
}
}
[root@nginx01 ~]#
[root@nginx02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id proxy2
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 2
weight 20
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.189
}
track_script {
chk_nginx
}
}
[root@nginx02 ~]#
重啓上面2個keepalived.
繼續測試
1.先確保web01和web02能夠直接訪問
Web01:
Web02:
查看nginx01和nginx02 IP
[root@nginx01 ~]# ip ad | grep 192.168
inet 192.168.2.185/24 brd 192.168.2.255 scope global ens33
inet 192.168.2.189/32 scope global ens33
[root@nginx02 ~]# ip ad | grep 192.168
inet 192.168.2.186/24 brd 192.168.2.255 scope global ens33
[root@nginx02 ~]#
可見當前是nginx01提供keepalived 服務
訪問vritual IP 192.168.2.189
可見keepalived 是基於nginx已IP輪詢方式提供服務
停掉nginx01上的keepalived 至關於nginx01宕機
[root@nginx01 ~]# systemctl stop keepalived
[root@nginx01 ~]# ip ad | grep 192.168
inet 192.168.2.185/24 brd 192.168.2.255 scope global ens33
[root@nginx01 ~]#
[root@nginx02 ~]# ip ad | grep 192.168
inet 192.168.2.186/24 brd 192.168.2.255 scope global ens33
inet 192.168.2.189/32 scope global ens33
此時nginx02上的keepalived從backup提高爲master
刷新訪問virtual IP 192.168.2.189 ,keepalived 會以nginx 輪詢方式接受訪問web服務器。
測試經過。
雙活架構模式:
配置
主機 ip 操做系統 軟件 vip
nginx01 192.168.2.185 Centos7 nginx 端口82
keepalived 192.168.2.189
nginx02 192.168.2.186 Centos7 nginx 端口82
keepalived 192.168.2.190
web01 192.168.2.187 Centos7 apache 端口80 /
web02 192.168.2.188 Centos7 apache 端口80 /
Nginx01配置:
[root@nginx01 ~]# cp -p /etc/keepalived/keepalived.conf /etc/keepal ived/keepalived.conf.bk.20140418_master_backup_mode
[root@nginx01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id proxy1
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 2
weight 20
fall 1
rise 10
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.189
}
track_script {
chk_nginx
}
}
vrrp_instance VI_2 {
state BACKUP
interface ens33
virtual_router_id 52
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.190
}
track_script {
chk_nginx
}
}
[root@nginx01 ~]# systemctl restart keepalived
[root@nginx01 ~]# ip a | grep 192.168
inet 192.168.2.185/24 brd 192.168.2.255 scope global ens33
inet 192.168.2.189/32 scope global ens33
Nginx02的配置
[root@nginx02 ~]# cp -p /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bk.20140418_master_backup_mode
[root@nginx02 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
#smtp_server 192.168.200.1
#smtp_connect_timeout 30
router_id proxy2
#vrrp_skip_check_adv_addr
#vrrp_strict
#vrrp_garp_interval 0
#vrrp_gna_interval 0
}
vrrp_script chk_nginx {
script "/etc/keepalived/check_nginx.sh"
interval 2
weight 20
fall 2
rise 1
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.189
}
track_script {
chk_nginx
}
}
vrrp_instance VI_2 {
state MASTER
interface ens33
virtual_router_id 52
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.2.190
}
track_script {
chk_nginx
}
}
[root@nginx02 ~]# ip a | grep 192.168
inet 192.168.2.186/24 brd 192.168.2.255 scope global ens33
inet 192.168.2.190/32 scope global ens33
頁面訪問測試
VIP 1 192.168.2.189 
可知其以輪詢方式去訪問
VIP192.168.2.190 
高可用測試
Stop nginx上的 keepalived 模擬宕機
[root@nginx01 ~]# systemctl stop keepalived
[root@nginx01 ~]# ip a | grep 192.168
inet 192.168.2.185/24 brd 192.168.2.255 scope global ens33
[root@nginx01 ~]#
[root@nginx02 ~]# ip a | grep 192.168
inet 192.168.2.186/24 brd 192.168.2.255 scope global ens33
inet 192.168.2.190/32 scope global ens33
inet 192.168.2.189/32 scope global ens33
[root@nginx02 ~]#
頁面訪問:
VIP 1 192.168.2.189
VIP 1 192.168.2.190
發現vip1和vip2訪問web服務正常
現vip1漂移至vip2,nginx02接管nginx01的vip1,此時nginx02單獨對外提供服務。
總結:
1.主備模式對外只提供一個vip,訪問便捷,但同時只有一臺服務器對外提供服務; 2.雙活模式對外提供兩個vip,訪問比較麻煩,但同時又兩臺服務器對外提供服務; 3.無論主備模式仍是雙活模式都能高可用運行。
相關文章
- 1. Nginx+Keepalived雙主輪詢負載均衡
- 2. Centos7+Nginx+Keepalived實現Apache服務的高可用&負載均衡
- 3. LVS+Keepalived+Nginx高可用負載均衡
- 4. lvs+keepalived負載均衡及高可用
- 5. keepalived+nginx+tomcat高可用負載均衡
- 6. keepalived高可用+nginx負載均衡
- 7. keepalived+Nginx高可用負載均衡
- 8. centos7 nginx負載均衡+keepalived高可用
- 9. Keepalived之——Keepalived + Nginx 實現高可用 Web 負載均衡
- 10. keepalived+haproxy實現web服務的高可用和負載均衡
- 更多相關文章...
- • 服務端腳本 指南 - 網站建設指南
- • XSLT - 在服務器端 - XSLT 教程
- • Spring Cloud 微服務實戰(三) - 服務註冊與發現
- • 常用的分佈式事務解決方案
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
最新文章
- 1. 融合阿里雲,牛客助您找到心儀好工作
- 2. 解決jdbc(jdbctemplate)在測試類時不報錯在TomCatb部署後報錯
- 3. 解決PyCharm GoLand IntelliJ 等 JetBrains 系列 IDE無法輸入中文
- 4. vue+ant design中關於圖片請求不顯示的問題。
- 5. insufficient memory && Native memory allocation (malloc) failed
- 6. 解決IDEA用Maven創建的Web工程不能創建Java Class文件的問題
- 7. [已解決] Error: Cannot download ‘https://start.spring.io/starter.zip?
- 8. 在idea讓java文件夾正常使用
- 9. Eclipse啓動提示「subversive connector discovery」
- 10. 帥某-技巧-快速轉帖博主文章(article_content)
歡迎關注本站公眾號,獲取更多信息
相關文章
- 1. Nginx+Keepalived雙主輪詢負載均衡
- 2. Centos7+Nginx+Keepalived實現Apache服務的高可用&負載均衡
- 3. LVS+Keepalived+Nginx高可用負載均衡
- 4. lvs+keepalived負載均衡及高可用
- 5. keepalived+nginx+tomcat高可用負載均衡
- 6. keepalived高可用+nginx負載均衡
- 7. keepalived+Nginx高可用負載均衡
- 8. centos7 nginx負載均衡+keepalived高可用
- 9. Keepalived之——Keepalived + Nginx 實現高可用 Web 負載均衡
- 10. keepalived+haproxy實現web服務的高可用和負載均衡