接上一文章<<CentOS 6.5高可用集群LVS+Keepalived>>
本文主要是配置Nginx、Keeplive,至于Nginx的配置就省略了
1、服务器规划
服务器IP 服务
192.168.80.77 VIP
192.168.80.188 Keepalived(Master)、Nginx(Backup)
192.168.80.189 Keepalived(Slave)、Nginx(Backup)
2、目标
所有的请求都通过1.77虚拟服务转发给1.188服务器,而189作为188的备份,当188服务挂掉了,自动切换到189
3、Nginx配置
安装省略......,Nginx 安装目录:/usr/local/nginx
1) 188、189配置index.html来区分是哪台nginx工作:
在188上配置:
echo "192.168.80.188" > /usr/local/nginx/html/index.html在189上配置
echo "192.168.80.189" > /usr/local/nginx/html/index.html验证方法:
1)、首先用IP访问各自的nginx,看index.html页面内容是否为当前服务器的IP地址
2、 配置keepalived
按照上面的安装方法,keepalived的配置文件在/etc/keepalived/keepalived.conf。主、从服务器的配置相关联但有所不同。如下:
Master:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_MASTER
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.80.77
}
}
virtual_server 192.168.80.77 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.80.188 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.80.189 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}Backup:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_BACKUP
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.80.77
}
}
virtual_server 192.168.80.77 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.80.188 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.80.189 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}验证:
- 先后在主、从服务器上启动keepalived: /etc/init.d/keepalived start
- 在主服务器上查看是否已经绑定了虚拟IP: ip addr
- 停止主服务器上的keepalived: /etc/init.d/keepalived stop 然后在从服务器上查看是否已经绑定了虚拟IP:
- 启动主服务器上的keepalived,看看主服务器能否重新接管虚拟IP
让keepalived监控NginX的状态
经过前面的配置,如果主服务器的keepalived停止服务,从服务器会自动接管VIP对外服务;一旦主服务器的keepalived恢复,会重新接管VIP。 但这并不是我们需要的,我们需要的是当NginX停止服务的时候能够自动切换。
keepalived支持配置监控脚本,我们可以通过脚本监控NginX的状态,如果状态不正常则进行一系列的操作,最终仍不能恢复NginX则杀掉keepalived,使得从服务器能够接管服务。
- 如何监控NginX的状态
最简单的做法是监控NginX进程,更靠谱的做法是检查NginX端口,最靠谱的做法是检查多个url能否获取到页面。
- 如何尝试恢复服务
如果发现NginX不正常,重启之。等待3秒再次校验,仍然失败则不再尝试。
根据上述策略很容易写出监控脚本。这里使用nmap检查nginx端口来判断nginx的状态,记得要首先安装nmap。监控脚本如下:
#!/bin/sh
# check nginx server status
NGINX=/usr/local/nginx/sbin/nginx
PORT=80
nmap 127.0.0.1 -p $PORT | grep "$PORT/tcp open"
#echo $?
if [ $? -ne 0 ];then
#$NGINX -s stop
$NGINX
sleep 3
nmap 127.0.0.1 -p $PORT | grep "$PORT/tcp open"
#[ $? -ne 0 ] && /etc/init.d/keepalived stop
[ $? -ne 0 ] && killall keepalived
fi不要忘了设置脚本的执行权限,否则不起作用。
假设上述脚本放在/usr/local/nginx/chk_nginx.sh,则keepalived.conf中增加如下配置:
vrrp_script chk_http_port {
script "/usr/local/nginx/chk_nginx.sh"
interval 2
weight 2
}
track_script {
chk_http_port
}增加完成后的配置如下:
Master:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_MASTER
}
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.80.77
}
track_script {
chk_http_port
}
}
vrrp_script chk_http_port {
script "/usr/local/nginx/chk_nginx.sh"
interval 2
weight 2
}
virtual_server 192.168.80.77 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.80.188 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.80.189 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}Backup:
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id LVS_BACKUP
}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 51
priority 90
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.80.77
}
track_script {
chk_http_port
}
}
vrrp_script chk_http_port {
script "/usr/local/nginx/chk_nginx.sh"
interval 2
weight 2
}
virtual_server 192.168.80.77 80 {
delay_loop 6
lb_algo rr
lb_kind DR
nat_mask 255.255.255.0
persistence_timeout 50
protocol TCP
real_server 192.168.80.188 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
real_server 192.168.80.189 80 {
weight 1
TCP_CHECK {
connect_timeout 3
nb_get_retry 3
delay_before_retry 3
}
}
}更进一步,为了避免启动keepalived之前没有启动nginx , 可以在/etc/init.d/keepalived的start中首先启动nginx:
start() {
/usr/local/nginx/sbin/nginx
sleep 3
echo -n $"Starting $prog: "
daemon keepalived ${KEEPALIVED_OPTIONS}
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
}
参考:http://www.cnblogs.com/holbrook/archive/2012/10/25/2738475.html#sec-5
来源:oschina
链接:https://my.oschina.net/u/92865/blog/716866