上个文档是麒麟系统源码安装NGINX,两台机器做同样操作安装NGINX即可

04-[信创]-麒麟系统NGINX+Keppalivwed高可用_IP

一、Keepalived的介绍

Keepalived 核心功能

1.VRRP协议支持

通过虚拟路由器冗余协议(VRRP),实现主备节点间的虚拟 IP 漂移。主节点(Master)持有 VIP 并提供服务,备用节点(Backup)监听主节点状态。若主节点故障,备用节点接管 VIP

2.健康检查

支持对后端服务(如 Nginx)的主动检测:
Layer3:通过 ICMP 检测服务器 IP 可达性。
Layer4:检测 TCP/UDP 端口状态(如 Nginx 的 80 端口)。
Layer5:通过 HTTP/HTTPS 请求及 MD5 校验结果判断服务健康性。

3.自动故障转移

当检测到主节点服务异常时,自动将流量切换至备用节点,故障恢复后重新接管。

Keepalived 与 Nginx 结合的高可用架构

1.典型架构

主备模式:一主一备,主节点故障时备节点接管。

虚拟 IP(VIP):客户端通过 VIP 访问服务,而非直接访问物理 IP

1.配置步骤

(1)环境准备

两台服务器:主节点(10.1.19.62)、备节点(10.1.19.63)。

虚拟 IP(VIP):10.1.19.64

确保 Nginx 在两台服务器上已安装并运行

(2)安装 Keepalived

[root@nginx01 data]# yum -y install keepalived

(3)配置 Keepalived

#(1)备份配置文件
cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf-$(date +%F)

#(2)"ha01"节点创建配置文件
cat > /etc/keepalived/keepalived.conf <<'EOF'
! Configuration File for keepalived
global_defs {
    router_id LVS_DEVEL
script_user root
    enable_script_security
}
vrrp_script chk_apiserver {
    script "/etc/keepalived/check_nginx.sh"
    interval 5
    weight -5
    fall 2  
    rise 1
}
vrrp_instance VI_1 {
    state MASTER
    interface eth0
    mcast_src_ip 10.1.19.62
    virtual_router_id 80
    priority 101
    advert_int 2
    authentication {
        auth_type PASS
        auth_pass NGINX_HA
    }
    virtual_ipaddress {
        10.1.19.64
    }
    track_script {
       chk_apiserver
    }
}
EOF


#(3)"ha02"节点创建配置文件
cat > /etc/keepalived/keepalived.conf <<'EOF'
! Configuration File for keepalived
global_defs {
    router_id LVS_DEVEL
script_user root
    enable_script_security
}
vrrp_script chk_apiserver {
    script "/etc/keepalived/check_nginx.sh"
    interval 5
    weight -5
    fall 2  
    rise 1
}
vrrp_instance VI_1 {
    state BACKUP
    interface eth0
    mcast_src_ip 10.1.19.63
    virtual_router_id 80
    priority 100
    advert_int 2
    authentication {
        auth_type PASS
        auth_pass NGINX_HA
    }
    virtual_ipaddress {
        10.1.19.64
    }
    track_script {
       chk_apiserver
    }
}
EOF

4.所有节点(ha0[1-2])配置KeepAlived健康检查文件

#(1)创建检查脚本
cat > /etc/keepalived/check_nginx.sh <<'EOF'
#!/bin/bash

err=0
for k in $(seq 1 3)
do
    check_code=$(pgrep nginx)
    if [[ $check_code == "" ]]; then
        err=$(expr $err + 1)
        sleep 1
        continue
    else
        err=0
        break
    fi
done

if [[ $err != "0" ]]; then
    echo "systemctl stop keepalived"
    /usr/bin/systemctl stop keepalived
    exit 1
else
    exit 0
fi
EOF


#(2)添加执行权限
chmod +x /etc/keepalived/check_nginx.sh

5.启动服务

[root@nginx02 keepalived]# systemctl start keepalived.service