Centos7編譯安裝Nginx+keepalived

時間 2019-11-08

標籤 centos7 centos 編譯安裝 nginx+keepalived nginx keepalived 欄目 Tomcat 简体版

原文原文鏈接

1、安裝環境、主機信息及軟件版本

Nginx：1.12.2
keepalived:2.0.12
時間同步(同步後確認各服務器時間是否一致，不一致須要修改一下時區)
關閉防火牆

2、編譯安裝Nginx

1.編譯安裝Nginx

[root@k8s-node-207 ~]# wget http://nginx.org/download/nginx-1.12.2.tar.gz
[root@k8s-node-207 ~]# yum -y install gcc gcc-c++ automake pcre pcre-devel zlib zlib-devel open openssl-devel #安裝相關依賴包 [root@k8s-node-207 ~]# tar xf nginx-1.12.2.tar.gz [root@k8s-node-207 ~]# cd nginx-1.12.2/ [root@k8s-node-207 nginx-1.12.2]# ./configure  --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-threads  --with-pcre  --with-http_gzip_static_module #設置編譯參數，特別是--prefix [root@k8s-node-207 nginx-1.12.2]# make && make install [root@k8s-node-207 nginx-1.12.2]# scp -r /usr/local/nginx  172.16.155.208:/usr/local/  #拷貝到另一臺Nginx服務器

2.配置Nginx爲系統服務

[root@k8s-node-207 nginx-1.12.2]# vim /lib/systemd/system/nginx.service  #建立Nginx服務系統啓動文件 [Unit] Description=nginx After=network.target [Service] Type=forking ExecStart=/usr/local/nginx/sbin/nginx  #注意要替換爲本身編譯安裝的路徑 ExecReload=/usr/local/nginx/sbin/nginx -s reload ExecStop=/usr/local/nginx/sbin/nginx -s quit PrivateTmp=true [Install] WantedBy=multi-user.target
 [root@k8s-node-207 nginx-1.12.2]# systemctl start nginx #測試腳本，啓動 [root@k8s-node-207 nginx-1.12.2]# netstat -tnlp|grep :80 #檢查端口 tcp 0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      7834/nginx: master [root@k8s-node-207 nginx-1.12.2]# ps aux|grep nginx #檢查進程 root 7834  0.0  0.0  45956  1124 ?        Ss   16:24   0:00 nginx: master process /usr/local/nginx/sbin/nginx nobody 7835  0.0  0.0  48484  1976 ?        S    16:24   0:00 nginx: worker process root 7944  0.0  0.0 112720   968 pts/0    S+   16:25   0:00 grep -E --color=auto nginx [root@k8s-node-207 nginx-1.12.2]# systemctl enable nginx  #設置開機自啓 [root@k8s-node-207 nginx-1.12.2]# scp /lib/systemd/system/nginx.service 172.16.155.208:/lib/systemd/system/nginx.service  #拷貝到另外一臺機器
#在另外一臺機器上啓動Nginx [root@k8s-node-208 ~]# systemctl start nginx [root@k8s-node-208 ~]# systemctl status nginx [root@k8s-node-208 ~]# systemctl enable nginx

3、編譯安裝配置keepalived

1.編譯安裝keepalived

[root@k8s-node-207 ~]# wget https://www.keepalived.org/software/keepalived-2.0.12.tar.gz #下載源碼
[root@k8s-node-207 ~]# yum install -y openssl openssl-devel libnl libnl-devel  #安裝依賴文件 [root@k8s-node-207 ~]# tar xf keepalived-2.0.12.tar.gz [root@k8s-node-207 ~]# cd keepalived-2.0.12/ [root@k8s-node-207 keepalived-2.0.12]# ./configure --prefix=/usr/local/keepalived #只有編譯安裝的目錄 [root@k8s-node-207 keepalived-2.0.12]# make && make install

2.配置keepalived master節點

[root@k8s-node-207 keepalived-2.0.12]# cd /usr/local/keepalived/etc/keepalived/  #進入keepalived配置目錄 [root@k8s-node-207 keepalived]# cp keepalived.conf keepalived.conf-$(date +%F-%H:%M:%S)  #拷貝默認的配置 ! Configuration File for keepalived global_defs { #默認該字段是配置發送郵件通知，因爲我使用微信進行通知因此忽略 } vrrp_script chk_http_port { #配置服務的健康檢查   script "/mnt/chk_nginx.sh" #檢查是使用的腳本路徑 interval 2 #監控間隔   weight -5 #每檢測失敗一次，若是weight大於0則當前節點的priority增長該配置的值，不然減小 fall 2 #執行幾回纔會認爲是失敗 rise 1 #執行多少次纔會認爲是成功   } vrrp_instance VI_1 { state MASTER  #指定當前節點的初始狀態 interface eth0 #vrrp實例綁定的網卡接口 用於發送vrrp包  
 nopreempt #設置爲非搶佔模式，優先級高的設置 解決優先級高的恢復後再次搶斷 測試時能夠先不配置 virtual_router_id 51 #指定vrrp實例的ID 範圍是0-255 主備節點必須一致  priority 101 #指定當前節點的優先級 優先級高的爲MASTER  advert_int 1 #指定發送vrrp間隔時間 主備必須一致  authentication {  #主備必須一致   auth_type PASS #指定認證方式 這裏使用簡單密碼認證   auth_pass 1111 #指定認證使用的密碼 最大爲8位 } virtual_ipaddress { 172.16.155.209 #指定VIP地址 } notify_master "/root/script_dir/wechat.py master test keepalived狀態發送改變,master切換至172.16.155.207" #設置通知腳本路徑及通知信息 此處根據本身實際狀況自定義，此處配置不影響啓動，若是沒有告警通知能夠稍後建立 notify_backup "/root/script_dir/wechat.py backup test keepalived狀態發送改變,backup切換至172.16.168.207"  notify_fault "/root/script_dir/wechat.py fault test keepalived發送故障,故障主機爲：172.16.168.207" #以上配置爲：當節點成爲master時執行的操做 成爲backup是執行的操做 當發生故障時執行的操做 track_script { #監控腳本執行的狀態  chk_http_port } } [root@k8s-node-207 keepalived]# cd /usr/local/keepalived/etc/sysconfig/  #因爲啓動命令默認會去/etc/keepalived/下讀取keepalived.conf，而且默認日誌會寫入/var/log/messages文件中，因此咱們須要修改相關配置 [root@k8s-node-207 sysconfig]# cat keepalived KEEPALIVED_OPTIONS="-f /usr/local/keepalived/etc/keepalived/keepalived.conf -S 0 -D" #-f 指定配置文件路徑 -S 指定日誌路徑 0 表示local0.*  [root@k8s-node-207 sysconfig]# cat /etc/rsyslog.conf #修改rsyslog配置文件 #Save keepalived log local0.*                                                /var/log/keepalived.log  #指定日誌文件路徑
#暫時不拷貝至另外一臺服務器

3.配置keepalived backup節點

#207上拷貝相關文件到208上
[root@k8s-node-207 sysconfig]# scp -r /usr/local/keepalived/ 172.16.155.208:/usr/local/   [root@k8s-node-207 sysconfig]# scp /etc/rsyslog.conf 172.16.155.208:/etc/rsyslog.conf 
[root@k8s-node-207 sysconfig]# scp /lib/systemd/system/keepalived.service 172.16.155.208:/lib/systemd/system/keepalived.service #默認編譯keepalived時會自動生成系統服務配置文件
[root@k8s-node-207 sysconfig]# systemctl restart rsyslog.service

#208上修改配置文件爲backup [root@k8s-node-208 ~]# cd /usr/local/keepalived/etc/keepalived/ [root@k8s-node-208 keepalived]# vim keepalived.conf ! Configuration File for keepalived global_defs { #可自定義 } vrrp_script chk_http_port {  #可自定義 script "/mnt/chk_nginx.sh" interval 2 weight -5 fall 2 rise 1 } vrrp_instance VI_1 { state backup  #指定當前節點狀態 interface eth0 nopreempt virtual_router_id 51 #確保與master保持一致 priority 100 #確保小於master設置的值 advert_int 1 #確保與master保持一致 authentication { #確保與master保持一致 auth_type PASS auth_pass 1111 } virtual_ipaddress { #確保與master保持一致 172.16.155.209 } notify_master "/root/script_dir/wechat.py master test keepalived狀態發送改變,master切換至172.16.155.208"  #可自定義 notify_backup "/root/script_dir/wechat.py backup test keepalived狀態發送改變,backup切換至172.16.168.208" notify_fault "/root/script_dir/wechat.py fault test keepalived發送故障,故障主機爲：172.16.168.208" track_script { #可自定義 chk_http_port } }

默認編譯後會自動生成系統服務配置文件，若是沒有參考如下配置建立html

[root@k8s-node-207 sysconfig]# vim /lib/systemd/system/keepalived.service [Unit] Description=LVS and VRRP High Availability Monitor After= network-online.target syslog.target Wants=network-online.target [Service] Type=forking PIDFile=/var/run/keepalived.pid KillMode=process EnvironmentFile=-/usr/local/keepalived/etc/sysconfig/keepalived ExecStart=/usr/local/keepalived/sbin/keepalived $KEEPALIVED_OPTIONS ExecReload=/bin/kill -HUP $MAINPID [Install] WantedBy=multi-user.target

建立Nginx狀態檢查腳本node

[root@k8s-node-207 sysconfig]# cat /mnt/chk_nginx.sh #!/bin/bash ngix_status=`ps -C nginx --no-header |wc -l` if [[ ${ngix_status} -eq 0 ]];then /usr/local/nginx/sbin/nginx sleep 2 new_nginx_status=$(ps -C nginx --no-header |wc -l) if [[ ${new_nginx_status} -eq 0 ]];then killall keepalived fi fi [root@k8s-node-207 sysconfig]# scp /mnt/chk_nginx.sh 172.16.155.208:/mnt/chk_nginx.sh [root@k8s-node-207 sysconfig]# chmod +x /mnt/chk_nginx.sh [root@k8s-node-207 sysconfig]# ssh 172.16.155.208 "chmod +x /mnt/chk_nginx.sh"

4.啓動服務並檢查當前狀態

[root@k8s-node-207 sysconfig]# systemctl restart rsyslog.service #重啓rsyslog服務，使keepalived的日誌配置生效 [root@k8s-node-207 sysconfig]# echo "k8s-node-207" > /usr/local/nginx/html/index.html  #修改Nginx index文件 稍後測試使用 [root@k8s-node-207 sysconfig]# systemctl start keepalived.service #啓動keepalived服務 #208上 同207操做 [root@k8s-node-208 keepalived]# systemctl restart rsyslog.service [root@k8s-node-208 keepalived]#  echo "k8s-node-208" > /usr/local/nginx/html/index.html [root@k8s-node-208 keepalived]# systemctl start keepalived.service 
 [root@k8s-node-207 sysconfig]# ip a|grep 172.16  #207上檢查當前的IP地址 inet 172.16.155.207/24 brd 172.16.155.255 scope global eth0 inet 172.16.155.209/32 scope global eth0  #VIP地址當前綁定在當前主機eth0網卡上 [root@k8s-node-208 keepalived]# ip a|grep 172.16  #208上檢查當前用有的IP地址 主要檢查是否發生腦裂問題 inet 172.16.155.208/24 brd 172.16.155.255 scope global eth0 [root@k8s-node-207 sysconfig]# curl http://172.16.155.209:80  #使用crul命令範圍VIP查看訪問到哪一個節點 顯示爲207節點
k8s-node-207

5.測試keepalived主從是否能夠切換

[root@k8s-node-207 sysconfig]# systemctl stop keepalived.service #在207上關閉keepalived服務 [root@k8s-node-207 sysconfig]# ip a|grep 172.16 #查看207上的擁有的IP地址 VIP已經沒有了 inet 172.16.155.207/24 brd 172.16.155.255 scope global eth0 [root@k8s-node-208 keepalived]# ip a|grep 172.16 #查看208上的擁有的IP地址 VIP已經漂移到208上了 inet 172.16.155.208/24 brd 172.16.155.255 scope global eth0 inet 172.16.155.209/32 scope global eth0 [root@k8s-node-207 sysconfig]# curl http://172.16.155.209:80 #訪問一下VIP 顯示爲208節點
k8s-node-208 [root@k8s-node-207 sysconfig]# systemctl start keepalived.service #207上從新啓動keepalived [root@k8s-node-207 sysconfig]# ip a|grep 172.16 #VIP沒有漂移回來，符合預期，若是想在master恢復後VIP漂移回來則能夠刪除nopreempt配置 inet 172.16.155.207/24 brd 172.16.155.255 scope global eth0

5.測試Nginx服務故障時keepalived是否能夠切換

[root@k8s-node-208 mnt]# ip a|grep 172.16  #當前VIP在208上 inet 172.16.155.208/24 brd 172.16.155.255 scope global eth0 inet 172.16.155.209/32 scope global eth0 [root@k8s-node-208 mnt]# systemctl stop nginx #關閉208上Nginx服務 稍等幾秒鐘 [root@k8s-node-208 mnt]# ip a|grep 172.16 #再次檢查208上的IP，VIP已經沒有了 inet 172.16.155.208/24 brd 172.16.155.255 scope global eth0
 [root@k8s-node-207 mnt]# ip a|grep 172.16  #207上查看，VIP已經漂移到207上了 inet 172.16.155.207/24 brd 172.16.155.255 scope global eth0 inet 172.16.155.209/32 scope global eth0

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。