主备（keepalived+nginx）

实验环境

系统: centos 6.9 mini

机器名   ip                                   虚拟ip

kn1     192.168.126.10

kn2     192.168.126.20                192.168.126.100

web1    192.168.126.30

web2    192.168.126.40

1、在kn1和kn2上分别安装keepalived

[root@kn1 ~]# yum install -y keepalived

[root@kn2 ~]# yum install -y keepalived

2、在web1和web2上分别部署web服务，并且启动服务

[root@web1 yum.repos.d]# yum install -y httpd

[root@web1 yum.repos.d]# echo "web1" >/var/www/html/index.html

[root@web1 yum.repos.d]# service httpd restart

停止 httpd：                                               [确定]

正在启动 httpd：

[root@web2 ~]# yum install -y httpd

[root@web2 ~]# echo "web2">/var/www/html/index.html

[root@web2 ~]# service httpd restart

停止 httpd：                                               [确定]

正在启动 httpd：                                           [确定]

3、配置keepalived,编写nginx进程检测脚本nginx.sh

(keepalived是通过检测keepalived进程是否存在判断服务器是否宕机，如果keepalived进程在但是nginx进程不在了那么keepalived是不会做主备切换，所以我们需要写个脚本来监控nginx进程是否存在，如果nginx不存在，则试着启动它，如果启动不成功，就将keepalived进程杀掉。)

3.1 在kn1上

[root@kn1 keepalived]# cat nginx.sh

#!/bin/bash

N=`ps -C nginx --no-header |wc -l`

if [ $N -eq 0 ];then

/usr/local/nginx/sbin/nginx

sleep 10

if [ `ps -C nginx --no-header |wc -l`  -eq 0 ]; then

killall keepalived

fi

fi

[root@kn1 keepalived]# chmod 755 /etc/keepalived/nginx.sh

[root@kn1 ~]# crontab -l

*/2 * * * * /etc/keepalived/nginx.sh

[root@kn1 ~]# vi /etc/keepalived/keepalived.conf

#全局配置

global_defs {

router_id kn1               #运行keepalived机器的一个标识，用hostname

}

vrrp_script nginx {

script "/etc/keepalived/nginx.sh"         ##监控脚本

interval 10                                ##时间间隔，10秒

weight 2                                        ##权重

}

vrrp_instance VI_1 {

state MASTER               #标示状态为MASTER 备份机为BACKUP

interface eth0             #设置实例绑定的网卡

virtual_router_id 51       #同一实例下virtual_router_id必须相同

priority 100               #MASTER权重要高于BACKUP

advert_int 1     #MASTER与BACKUP负载均衡器之间同步检查的时间间隔，单位是秒

authentication {

auth_type PASS         #设置认证

auth_pass 1111         #主从服务器验证方式

}

track_script {

nginx                  #监控脚本

}

virtual_ipaddress {        #设置vip

192.168.126.100          #可以多个虚拟IP，换行即可

}

}

[root@kn1 ~]# /etc/init.d/keepalived restart

停止 keepalived：                                          [失败]

正在启动 keepalived：                                      [确定]

3.2 在kn2上

[root@kn1 keepalived]# cat nginx.sh

#!/bin/bash

N=`ps -C nginx --no-header |wc -l`

if [ $N -eq 0 ];then

/usr/local/nginx/sbin/nginx

sleep 10

if [ `ps -C nginx --no-header |wc -l`  -eq 0 ]; then

killall keepalived

fi

fi

[root@kn1 keepalived]# chmod 755 /etc/keepalived/nginx.sh

[root@kn1 ~]# crontab -l

*/2 * * * * /etc/keepalived/nginx.sh

[root@kn2 ~]# cat /etc/keepalived/keepalived.conf

global_defs {

router_id kn2

}

vrrp_script nginx {

script "/etc/keepalived/nginx.sh"

interval 2

weight 2

}

vrrp_instance VI_1 {

state BACKUP

interface eth0

virtual_router_id 51

priority 98

advert_int 1

authentication {

auth_type PASS

auth_pass 1111

}

track_script {

nginx

}

virtual_ipaddress {

192.168.126.100

}

}

[root@kn2 ~]# /etc/init.d/keepalived restart

停止 keepalived：                                          [确定]

正在启动 keepalived：                                      [确定]

4、安装并且配置nginx（kn1和kn2的操作是一样的）

4.1 安装依赖包

[root@kn1 ~]#yum -y install gcc pcre-devel zlib-devel openssl-devel wget

4.2 安装nginx

[root@kn1 ~]#cd /usr/local/src/

[root@kn1 src]#wget http://nginx.org/download/nginx-1.9.5.tar.gz

[root@kn1 src]#tar zxvf nginx-1.9.5.tar.gz

[root@kn1 src]#cd nginx-1.9.5

[root@kn1 src]#./configure --with-http_stub_status_module

[root@kn1 src]#make && make install

4.3 配置nginx(红色的部分就是添加的)

[root@kn1 ~]# cat /usr/local/nginx/conf/nginx.conf

#user  nobody;

worker_processes  1;

#error_log  logs/error.log;

#error_log  logs/error.log  notice;

#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {

worker_connections  1024;

}

http {

include       mime.types;

default_type  application/octet-stream;

#log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '

#                  '$status $body_bytes_sent "$http_referer" '

#                  '"$http_user_agent" "$http_x_forwarded_for"';

upstream web_up {

server 192.168.126.30 max_fails=3 fail_timeout=60s weight=1;

server 192.168.126.40 max_fails=3 fail_timeout=60s weight=2;

}

#access_log  logs/access.log  main;

sendfile        on;

#tcp_nopush     on;

#keepalive_timeout  0;

keepalive_timeout  65;

#gzip  on;

server {

listen       80;

server_name  localhost;

#charset koi8-r;

#access_log  logs/host.access.log  main;

location / {

root   html;

index  index.html index.htm;

proxy_pass http://web_up;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwared-For $proxy_add_x_forwarded_for;

}

4.4 启动服务

[root@kn1 ~]#/usr/local/nginx/sbin/nginx

[root@kn1 ~]#/usr/local/nginx/sbin/nginx -s reload

[root@kn1 ~]#/etc/init,d/keepalive restart

5、测试

5.1 在kn1上查看虚拟ip

[root@kn1 ~]# ip addr list

2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:d1:9e:5c brd ff:ff:ff:ff:ff:ff

inet 192.168.126.20/24 brd 192.168.126.255 scope global eth0

inet 192.168.126.100/32 scope global eth0

inet6 fe80::20c:29ff:fed1:9e5c/64 scope link tentative dadfailed

valid_lft forever preferred_lft forever

5.2 通过虚拟ip（域名）访问nignx

[root@kn1 ~]# curl http://192.168.126.100

web2

[root@kn1 ~]# cat /etc/hosts

127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4

::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

192.168.126.100 test.ku.com

[root@kn19 ~]# curl http://test.ku.com

web2

5.3 当kn1 的nginx 服务不能启动了，检查脚本nginx.sh就会执行，stop掉keepalived,此时，vip切换到kn2上

在kn1上的操作

[root@kn1 ~]# /usr/local/nginx/sbin/nginx -s stop

[root@kn1 ~]# /etc/init.d/keepalived status

keepalived 已死，但是 subsys 被锁

You have new mail in /var/spool/mail/root

[root@kn1 ~]# tail -10 /var/log/messages

Feb  5 13:56:01 kn1 Keepalived_healthcheckers[2590]: Netlink reflector reports IP 192.168.126.100 removed

在kn2上的操作

[root@kn2 ~]# ip addr list

eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:35:6d:f2 brd ff:ff:ff:ff:ff:ff

inet 192.168.126.20/24 brd 192.168.126.255 scope global eth0

inet 192.168.126.100/32 scope global eth0

inet6 fe80::20c:29ff:fe35:6df2/64 scope link

valid_lft forever preferred_lft forever

5.4 在kn1和kn2 的keepalived.cof 中 配置多个虚拟ip，并且访问

[root@kn1 ~]# vi /etc/keepalived/keepalived.conf

virtual_ipaddress {

192.168.126.100

192.168.126.150

}

}

[root@kn2 ~]# vi /etc/keepalived/keepalived.conf

virtual_ipaddress {

192.168.126.100

192.168.126.150

}

}

[root@kn1 ~]# /etc/init.d/keepalived restart

[root@kn2 ~]# /etc/init.d/keepalived restart

[root@kn2 ~]# ip addr list

eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000

link/ether 00:0c:29:35:6d:f2 brd ff:ff:ff:ff:ff:ff

inet 192.168.126.20/24 brd 192.168.126.255 scope global eth0

inet 192.168.126.100/32 scope global eth0

inet 192.168.126.150/32 scope global eth0

[root@kn2 ~]# curl http://192.168.126.100

web2

[root@kn2 ~]# curl http://192.168.126.150

web2