# rpm -qa |grep nginx //查看是否存在nginx的rpm包 # sudo yum install epel-release //若是系統中找不到nginx的rpm包,則須要執行這兩行命令 # yum update # yum install -y nginx
# > /etc/keepalived/keepalived.conf
結果以下:html
[root@aminglinux ~]# > !$ > /etc/keepalived/keepalived.conf [root@aminglinux ~]# cat /etc/keepalived/keepalived.conf [root@aminglinux ~]#
在這裏咱們須要用另外一個份配置文件模板,將下面的內容寫入到/etc/keepalived/keepalived.conf中去mysql
global_defs { //這裏面會定義一些全局參數
notification_email { //若是出現問題,須要給下面郵箱發送郵件 aming@aminglinux.com }
notification_email_from root@aminglinux.com //定義由哪一個郵箱發出郵件
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx { //檢測服務是否正常
script "/usr/local/sbin/check_ng.sh" //使用這個腳原本檢測,檢測到若是不正常,須要啓動起來
interval 3 //檢測的間斷時間爲3秒
}
vrrp_instance VI_1 { //用於定義master相關的一些東西
state MASTER //定義這臺機器的角色爲master,若是爲從的話,值就爲backup
interface ens33 //定義經過vrrp發廣播的網卡
virtual_router_id 51 //定義路由器的id,與從上這個值同樣
priority 100 //權重,從上的值不同
advert_int 1
authentication { //認證相關的信息
auth_type PASS //定義認證類型爲密碼認證
auth_pass aminglinux>com //定義密碼認證的密碼
}
virtual_ipaddress { //定義一個公有的虛擬ip,做爲域名解析的ip,一旦主宕機,從當即綁定這個ip
192.168.75.100
}
track_script { //加載服務
chk_nginx
}
}linux
#!/bin/bash
#時間變量,用於記錄日誌
d=`date --date today +%Y%m%d_%H:%M:%S`
#計算nginx進程數量
n=`ps -C nginx --no-heading|wc -l`
#若是進程爲0,則啓動nginx,而且再次檢測nginx進程數量,
#若是還爲0,說明nginx沒法啓動,此時須要關閉keepalived
if [ $n -eq "0" ]; then
/etc/init.d/nginx start
n2=`ps -C nginx --no-heading|wc -l`
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
finginx
[root@aminglinux ~]# chmod 755 !$ chmod 755 /usr/local/sbin/check_ng.sh
[root@aminglinux ~]# systemctl start keepalived [root@aminglinux ~]# ps aux |grep keepalived root 1740 0.0 0.0 120740 1404 ? Ss 01:31 0:00 /usr/sbin/keepalived -D root 1741 0.0 0.1 127476 3272 ? S 01:31 0:00 /usr/sbin/keepalived -D root 1744 0.0 0.1 131780 3116 ? S 01:31 0:00 /usr/sbin/keepalived -D root 1878 0.0 0.0 112676 988 pts/0 S+ 01:32 0:00 grep --color=auto keepalived [root@aminglinux ~]# ps aux |grep nginx root 2365 0.0 0.0 20616 712 ? Ss 01:33 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 2366 0.2 0.1 23060 3292 ? S 01:33 0:00 nginx: worker process nobody 2367 0.2 0.1 23060 3296 ? S 01:33 0:00 nginx: worker process root 2381 0.0 0.0 112676 984 pts/0 S+ 01:33 0:00 grep --color=auto nginx
這時候若是咱們將nginx停掉,keepalived的腳本會自動重啓nginxsql
[root@aminglinux ~]# /etc/init.d/nginx stop Stopping nginx (via systemctl): [ 肯定 ] [root@aminglinux ~]# ps aux |grep nginx root 15301 0.0 0.0 20616 708 ? Ss 02:41 0:00 nginx: master process /usr/local/nginx/sbin/nginx -c /usr/local/nginx/conf/nginx.conf nobody 15302 0.0 0.1 23060 3292 ? S 02:41 0:00 nginx: worker process nobody 15303 0.0 0.1 23060 3280 ? S 02:41 0:00 nginx: worker process root 15308 0.0 0.0 112676 984 pts/0 S+ 02:41 0:00 grep --color=auto nginx [root@aminglinux ~]#
咱們也可使用ip addr命令來查看到ens33這個網卡上多綁定了一個IP 192.168.75.100,這個IP就是在keepalived.conf中定義的IP後端
[root@aminglinux ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:21:5e:c0 brd ff:ff:ff:ff:ff:ff inet 192.168.75.136/24 brd 192.168.75.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.75.100/32 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.75.150/24 brd 192.168.75.255 scope global secondary ens33:0 valid_lft forever preferred_lft forever inet6 fe80::d652:b567:6190:8f28/64 scope link valid_lft forever preferred_lft forever 3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:21:5e:ca brd ff:ff:ff:ff:ff:ff [root@aminglinux ~]#
下面咱們再來配置從,配置從以前須要先檢查下主和從上是否配置了防火牆或者selinux,須要讓他們關閉centos
global_defs {
notification_email {
aming@aminglinux.com
} notification_email_from root@aminglinux.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh"
interval 3
}
vrrp_instance VI_1 {
state BACKUP
interface ens33
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass aminglinux>com
}
virtual_ipaddress {
192.168.188.100
}
track_script {
chk_nginx
}
}瀏覽器
#時間變量,用於記錄日誌
d=`date --date today +%Y%m%d_%H:%M:%S`
#計算nginx進程數量
n=`ps -C nginx --no-heading|wc -l`
#若是進程爲0,則啓動nginx,而且再次檢測nginx進程數量,
#若是還爲0,說明nginx沒法啓動,此時須要關閉keepalived
if [ $n -eq "0" ]; then
systemctl start nginx
n2=`ps -C nginx --no-headig|wc -l`
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ ng.log
systemctl stop keepalived
fi
fibash
[root@localhost ~]# chmod 755 !$ chmod 755 /usr/local/sbin/check_ng.sh [root@localhost ~]#
[root@localhost ~]# systemctl start keepalived [root@localhost ~]# ps aux |grep keep root 10928 0.2 0.0 120740 1404 ? Ss 02:20 0:00 /usr/sbin/keepalived -D root 10929 0.2 0.1 120740 2756 ? S 02:20 0:00 /usr/sbin/keepalived -D root 10930 0.2 0.1 125104 2840 ? S 02:20 0:00 /usr/sbin/keepalived -D root 10945 0.0 0.0 112676 984 pts/1 S+ 02:20 0:00 grep --color=auto keep [root@localhost ~]#
配置完畢,咱們來經過瀏覽器輸入IP 192.168.75.136地址訪問下主服務器,此時訪問到的是/data/wwwroot/default/index.html文件,再來192.168.75.130訪問從服務器,訪問到的默認頁面是/usr/share/nginx/html/index.html;咱們再來使用vip 192.168.75.100訪問,結果訪問到的是主服務器的頁面服務器
[root@aminglinux ~]# iptables -I OUTPUT -p vrrp -j DROP [root@aminglinux ~]# iptables -nvL Chain INPUT (policy ACCEPT 165 packets, 12440 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 105 packets, 11068 bytes) pkts bytes target prot opt in out source destination 81 3240 DROP 112 -- * * 0.0.0.0/0 0.0.0.0/0
這裏咱們將主上經過vrrp協議出去的包丟棄,結果是不能達到切換主從的目的
[root@aminglinux ~]# iptables -F [root@aminglinux ~]# iptables -nvL Chain INPUT (policy ACCEPT 12 packets, 840 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 11 packets, 948 bytes) pkts bytes target prot opt in out source destination [root@aminglinux ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:21:5e:c0 brd ff:ff:ff:ff:ff:ff inet 192.168.75.136/24 brd 192.168.75.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.75.100/32 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.75.150/24 brd 192.168.75.255 scope global secondary ens33:0 valid_lft forever preferred_lft forever inet6 fe80::d652:b567:6190:8f28/64 scope link valid_lft forever preferred_lft forever 3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:21:5e:ca brd ff:ff:ff:ff:ff:ff [root@aminglinux ~]# systemctl stop keepalived [root@aminglinux ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:21:5e:c0 brd ff:ff:ff:ff:ff:ff inet 192.168.75.136/24 brd 192.168.75.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.75.150/24 brd 192.168.75.255 scope global secondary ens33:0 valid_lft forever preferred_lft forever inet6 fe80::d652:b567:6190:8f28/64 scope link valid_lft forever preferred_lft forever 3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:21:5e:ca brd ff:ff:ff:ff:ff:ff [root@aminglinux ~]#
咱們能夠看到,關閉主上的keepalived服務,相似主機宕機,主機上綁定的192.168.75.100這個IP被解綁,而下面咱們到從上查看ip addr,能夠看到從上已經綁定了192.168.75.100這個IP,用瀏覽器訪問這個IP,訪問到的頁面爲從機頁面,說明主從已經切換
[root@localhost ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:0c:20:c9 brd ff:ff:ff:ff:ff:ff inet 192.168.75.130/24 brd 192.168.75.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.75.100/32 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::b44e:aca4:f738:7833/64 scope link valid_lft forever preferred_lft forever [root@localhost ~]# tail /var/log/messages Apr 10 03:04:15 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 Apr 10 03:04:15 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 Apr 10 03:04:15 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 Apr 10 03:04:15 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 Apr 10 03:04:20 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 Apr 10 03:04:20 localhost Keepalived_vrrp[12554]: VRRP_Instance(VI_1) Sending/queueing gratuitous ARPs on ens33 for 192.168.75.100 Apr 10 03:04:20 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 Apr 10 03:04:20 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 Apr 10 03:04:20 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 Apr 10 03:04:20 localhost Keepalived_vrrp[12554]: Sending gratuitous ARP on ens33 for 192.168.75.100 [root@localhost ~]#
[root@aminglinux ~]# systemctl start keepalived [root@aminglinux ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:21:5e:c0 brd ff:ff:ff:ff:ff:ff inet 192.168.75.136/24 brd 192.168.75.255 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.75.100/32 scope global ens33 valid_lft forever preferred_lft forever inet 192.168.75.150/24 brd 192.168.75.255 scope global secondary ens33:0 valid_lft forever preferred_lft forever inet6 fe80::d652:b567:6190:8f28/64 scope link valid_lft forever preferred_lft forever 3: ens37: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:21:5e:ca brd ff:ff:ff:ff:ff:ff [root@aminglinux ~]#
而後咱們再到從機上查看綁定IP
[root@localhost ~]# ip addr 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:0c:20:c9 brd ff:ff:ff:ff:ff:ff inet 192.168.75.130/24 brd 192.168.75.255 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::b44e:aca4:f738:7833/64 scope link valid_lft forever preferred_lft forever [root@localhost ~]#
在實際生產環境中,可能會一主多從,這時咱們能夠在keepalived.conf中給每一個從配置不一樣的權重priority,權值越高,則優先級越高 除了nginx的高可用,咱們還能夠作mysql的高可用,若是要作mysql高可用的話,必定要保證主從數據一致