keepalived介绍
keepalived通过VRRP协议来实现高可用
在这个协议里面会将多台功能相同的路由器组成一个组,其中一个Master,N个backup角色; master会通过组播的形式向各个backup发送VRRP协议的数据包,当backup收不到master发来的VRRP数据包时,就会认为master宕机了。此时就需要根据各个backup的优先级来决定谁成为新的master。
keepalived三个模块
- core:核心模块,主要负责主进程的启动、维护以及全局配置文件的加载与解析;
- check:负责健康体检;
- vrrp:实现VRRP协议;
keepalived配置
master机器:192.168.186.140 backup机器:192.168.186.141 vip公共ip:192.168.186.144 组id:001
主备都需要提前安装好nginx
安装keepalived
yum install -y keepalived
master机器设置
可以把原配置清空,然后重新配置
> /etc/keepalived/keepalived.conf
编辑配置文件
vim /etc/keepalived/keepalived.conf
global_defs {
//定义错误发送到指定邮件
notification_email {
jinkai@linux.com
}
notification_email_from jinkai@linux.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh" //定义脚本监控nginx服务
interval 3
}
vrrp_instance VI_1 {
state MASTER //设置为master
interface ens33
//指定网卡,这里试ens33,有的是eth0(根据自身情况改变)
virtual_router_id 001 //定义组id,必须一致
priority 100 //优先级100,优先级越大越优先
advert_int 1
authentication {
//定义认证形式
auth_type PASS //认证形式为pass密码认证
auth_pass admin123 //定义密码为testlinux123
}
virtual_ipaddress {
192.168.186.144 //定义vip的ip,也就是所有服务器共用的一个ip
}
track_script {
//加载健康检查脚本
chk_nginx
}
}
编写监控nginx的脚本
vim /usr/local/sbin/check_ng.sh
#!/bin/bash
#时间变量,用于记录日志
d=date --date today +%Y%m%d_%H:%M:%S
#计算nginx进程数量
n=ps -C nginx --no-heading|wc -l
#如果进程为0,则启动nginx,并且再次检测nginx进程数量,
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
systemctl start nginx
n2=ps -C nginx --no-heading|wc -l
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
设置启动脚本的权限
chmod 755 /usr/local/sbin/check_ng.sh
启动keepalived服务
systemctl start keepalived
backup设置
vim /etc/keepalived/keepalived.conf
global_defs {
notification_email {
jinkai@linux.com
}
notification_email_from jinkai@linux.com
smtp_server 127.0.0.1
smtp_connect_timeout 30
router_id LVS_DEVEL
}
vrrp_script chk_nginx {
script "/usr/local/sbin/check_ng.sh"
interval 3
}
vrrp_instance VI_1 {
state BACKUP //定义backup
interface ens33 //定义网卡
virtual_router_id 001 //和master一样的id
Priority 90 //定义优先级,要比master的小,越小越不优先
advert_int 1
authentication {
auth_type PASS
auth_pass admin123
}
virtual_ipaddress {
192.168.186.144
}
track_script {
chk_nginx
}
}
编写监控nginx的脚本
vim /usr/local/sbin/check_ng.sh
#时间变量,用于记录日志
d=date --date today +%Y%m%d_%H:%M:%S
#计算nginx进程数量
n=ps -C nginx --no-heading|wc -l
#如果进程为0,则启动nginx,并且再次检测nginx进程数量
#如果还为0,说明nginx无法启动,此时需要关闭keepalived
if [ $n -eq "0" ]; then
systemctl start nginx
n2=ps -C nginx --no-heading|wc -l
if [ $n2 -eq "0" ]; then
echo "$d nginx down,keepalived will stop" >> /var/log/check_ng.log
systemctl stop keepalived
fi
fi
给启动脚本设置权限
chmod 755 /usr/local/sbin/check_ng.sh
启动keepalived服务
systemctl start keepalived
注意:启动keepalived
检查防火墙, 要保证VRRP协议放行,SElinux要关闭,有的默认启动可以firewalld可以关闭
iptables -A INPUT -p vrrp -j ACCEPT
setenforce 0
日志查看:tail /var/log/messages
vip 地址查看:无法使用ifconfig看到,需要使用ip add查看
测试高可用:
我这边两台都是使用的是yum安装的nginx,可以在配置文件修改区分
master:echo “master master” > /usr/share/nginx/html/index.html
backup:echo “backup backup” > /usr/share/nginx/html/index.html
网页访问vip ip:192.168.186.144 显示master master
关闭master上的keepalived服务,刷新网页后显示为backup backup
启动master上的keepalived服务,刷新网页后又变回 master master