keepalive+nginx架构
![](https://img-blog.csdnimg.cn/direct/f0a585f5028c4c5da2cf892db94052ee.png)
一.配置真实服务器web1和web2
1.关闭防火墙,并在真实服务器下载http服务
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install httpd -y
2.分别在web1和web2上制作网页,并开启http服务
web1
[root@localhost ~]# cd /var/www/html
[root@localhost html]# ls
[root@localhost html]# echo zxy13 > /var/www/html/index.html
[root@localhost html]# systemctl start httpd
web2
[root@localhost ~]# cd /var/www/html
[root@localhost html]# ls
[root@localhost html]# echo zxy14 > /var/www/html/index.html
[root@localhost html]# systemctl start httpd
web1
![](https://img-blog.csdnimg.cn/direct/92154e1011e048c297de5eed771191b9.png)
web2
![](https://img-blog.csdnimg.cn/direct/4fa0bb65af554437bd4acd98e1be6d3c.png)
二.配置代理服务器
代理服务器:主192.168.240.11
备192.168.240.12
1.关闭防火墙,并安装epel源和nginx
[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0
[root@localhost ~]# yum install epel-release.noarch -y
[root@localhost ~]# yum install nginx -y
2.编辑nginx配置文件
在192.168.240.11上
配置文件http语句块下加入组和server语句块下加入location匹配实现负载均衡
![](https://img-blog.csdnimg.cn/direct/8c2810ae1d1647528f75d213ca840a23.png)
![](https://img-blog.csdnimg.cn/direct/1007cffd76a242bda8cb563016dd7feb.png)
3.将192.168.240.11代理服务器上/etc/nginx/nginx.conf文件远程拷贝到192.168.240.12的/etc/nginx/nginx.conf
![](https://img-blog.csdnimg.cn/direct/94f24710b0c0470085dbf655a442949c.png)
4.安装下载keepalive服务,编辑配置文件
在192.168.240.11上 vim /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1 # 修改邮箱地址
smtp_connect_timeout 30
router_id LVS01 # 修改名称
vrrp_skip_check_adv_addr
#vrrp_strict #关闭严格模式
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_down {
script "/etc/keepalived/ng.sh"
interval 1
weight -30
fall 3
rise 2
timeout 2
}
vrrp_script check_down {
script "/etc/keepalived/ng.sh" #指明脚本的位置
interval 1 #每隔1s 执行一次检测
weight -30 #如果 脚本执行失败自动减少优先级30
fall 3 # 3次不成功才标注为失败
rise 2 #nginx 重新起来后检测两次成功 才真的成功
timeout 2 #超时时间 2s
}
vrrp_instance VI_1 {
state MASTER
interface ens33 #修改网卡的名称
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.240.188 #修改ip
}
track_script {
check_down
}
}
![](https://img-blog.csdnimg.cn/direct/ca021ed7f77c4034910567d6bb8988f0.png)
![](https://img-blog.csdnimg.cn/direct/5281559b68d842f9b4c26e6b24ed78f6.png)
5.在192.168.240.13(由于12机上环境不干净换机做)上 vim /etc/keepalived/keepalived.conf
router_id LVS02 #修改为LVS02
vrrp_skip_check_adv_addr
#vrrp_strict #注释关闭严格模式
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_script check_down {
script "/etc/keepalived/ng.sh"
interval 1
weight -30
fall 3
rise 2
timeout 2
}
vrrp_instance VI_1 {
state BACKUP #修改为备
interface ens33 #网卡
virtual_router_id 51
priority 80 #优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
192.168.240.188 #地址
}
track_script {
check_down
}
}
![](https://img-blog.csdnimg.cn/direct/d3b5fbfec55945e4b13ac49c94722557.png)
6.在客户机上测试
(1)curl 虚拟地址192.168.240.188
![](https://img-blog.csdnimg.cn/direct/13781507f0f445768a47789d4b5132f2.png)
tcpdump客户机上抓包主服务器在发送报文
(2)关闭主服务器nginx使用ip a 查看 192.168.240.188 已经不在主服务器上
![](https://img-blog.csdnimg.cn/direct/d2f3ab43fd6b4f8ea97eb4a54f5b9b40.png)
tcpdump客户机上抓包备服务器在发送报文
![](https://img-blog.csdnimg.cn/direct/d30e9180aa4445f58357e877f9ec7bc7.png)
使用 ip a 命令查看备服务器192.168.240.13 ,192.168.240.188在备服务器上
![](https://img-blog.csdnimg.cn/direct/aaf023f0ea2a4221a976e344768291b5.png)
启动主服务器
ip a 查看主服务器,192.168.240.188 在主服务器上被主服务器抢占
![](https://img-blog.csdnimg.cn/direct/db9fda90f62c40fa888d83a78b5d5fec.png)
tcpdump -i ens33 host 224.0.0.18 -nn 在客户机查看
![](https://img-blog.csdnimg.cn/direct/1ad290fa8404455d95d562d089bff3da.png)