LVS+Keepalived+nginx
1 安装依赖
sudo yum install ipvsadm keepalived -y
查询是否安装成功
rpm -q -a keepalived
2 配置虚拟IP并安装ipvsadm
/etc/sysconfig/network-scripts
cp ifcfg-ens33 ifcfg-ens33:1
修改里面配置文件
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="static"
DEFROUTE="yes"
IPADDR=172.16.15.201
NETMASK=255.255.255.0
GATEWAY=172.16.15.2
IPV4_FAILURE_FATAL="no"
IIPV6INIT="no"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="eb60d6d6-4ec8-4dbf-bb41-f548ffbd378c"
DEVICE="ens33"
ONBOOT="yes"
HWADDR=00:0C:29:B0:3A:79
DNS1=8.8.8.8
DNS2=8.8.4.4
~
3 配置 LVS Director 节点(主/备)
vi /etc/keepalived/keepalived.conf
bal_defs {
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 192.168.200.1
smtp_connect_timeout 30
router_id had1(不能重复)
vrrp_skip_check_adv_addr
vrrp_strict
vrrp_garp_interval 0
vrrp_gna_interval 0
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type ad
auth_pass 123123
}
virtual_ipaddress {
172.16.15.201
}
}
virtual_server 172.16.15.201 80 {
delay_loop 6
lb_algo rr
lb_kind DR
protocol TCP
real_server 172.16.15.130 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
real_server 172.16.15.131 80 {
weight 1
TCP_CHECK {
connect_timeout 3
}
}
}
4 给个权限
chmod 777 /etc/keepalived/nginx_check.sh
nginx+keepalived实现高可用: 主从服务器新增nginx_check.sh脚本 (通过判断Nginx服务是否还存活来判断,如果没有nginx服务,重启机器)
vi /etc/keepalived/nginx_check.sh
内容:
#!/bin/bash
A=`ps -C nginx --no-header |wc -l`
if [ $A -eq 0 ];then
/usr/local/nginx/sbin/nginx
sleep 2
if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then
killall keepalived
fi
fi
5 启动服务
sudo systemctl enable keepalived
sudo systemctl start keepalived
systemctl stop keepalived
查看是否存在
ps aux | grep keepalived
6 安装 Nginx
sudo yum install nginx -y
7 VIP与路由配置Nginx服务器
在 172.16.15.130和 172.16.15.131构建虚拟网络接口子接口
进入到/etc/sysconfig/network-scripts
cd /etc/sysconfig/network-scripts
拷贝一份ifcfg-lo命名为ifcfg-lo:1
cp ifcfg-lo ifcfg-lo:1
修改里面配置文件
DEVICE=lo.1
IPADDR=172.16.15.201
NETMASK=255.255.255.255
NETWORK=172.0.0.0
If you're having problems with gated making 127.0.0.0/8 a martian,
you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback2
重起
service network restart
8 realserver的配置
两台web服务器都要执行下面脚本:
#!/bin/bash
SNS_VIP=172.16.15.201
#/etc/rc.d/init.d/functions
case "$1" in
start)
ifconfig lo:0 SNS_VIP netmask 255.255.255.255 broadcast SNS_VIP
/sbin/route add -host $SNS_VIP dev lo:0
echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce
sysctl -p >/dev/null 2>&1
echo "RealServer Start OK"
;;
stop)
ifconfig lo:0 down
route del $SNS_VIP >/dev/null 2>&1
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce
echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore
echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce
echo "RealServer Stoped"
;;
*)
echo "Usage: $0 {start|stop}"
exit 1
esac
exit 0
执行:
chmod u+x /etc/rc.d/init.d/realserver.sh
启动
./realserver.sh start (注意目录 cd # pwd
/etc/rc.d/init.d)
9 起动Nginx
systemctl start nginx