LVS+Keepalived+nginx

LVS+Keepalived+nginx
1 安装依赖

sudo yum install ipvsadm keepalived -y

查询是否安装成功

rpm -q -a keepalived

2 配置虚拟IP并安装ipvsadm

/etc/sysconfig/network-scripts

cp ifcfg-ens33 ifcfg-ens33:1

修改里面配置文件

TYPE="Ethernet"

PROXY_METHOD="none"

BROWSER_ONLY="no"

BOOTPROTO="static"

DEFROUTE="yes"

IPADDR=172.16.15.201

NETMASK=255.255.255.0

GATEWAY=172.16.15.2

IPV4_FAILURE_FATAL="no"

IIPV6INIT="no"

IPV6_AUTOCONF="yes"

IPV6_DEFROUTE="yes"

IPV6_FAILURE_FATAL="no"

IPV6_ADDR_GEN_MODE="stable-privacy"

NAME="ens33"

UUID="eb60d6d6-4ec8-4dbf-bb41-f548ffbd378c"

DEVICE="ens33"

ONBOOT="yes"

HWADDR=00:0C:29:B0:3A:79

DNS1=8.8.8.8

DNS2=8.8.4.4

~

3 配置 LVS Director 节点（主/备）

vi /etc/keepalived/keepalived.conf

bal_defs {

notification_email {

acassen@firewall.loc

failover@firewall.loc

sysadmin@firewall.loc

}

notification_email_from Alexandre.Cassen@firewall.loc

smtp_server 192.168.200.1

smtp_connect_timeout 30

router_id had1（不能重复）

vrrp_skip_check_adv_addr

vrrp_strict

vrrp_garp_interval 0

vrrp_gna_interval 0

}

vrrp_instance VI_1 {

state MASTER

interface ens33

virtual_router_id 51

priority 100

advert_int 1

authentication {

auth_type ad

auth_pass 123123

}

virtual_ipaddress {

172.16.15.201

}

}

virtual_server 172.16.15.201 80 {

delay_loop 6

lb_algo rr

lb_kind DR

protocol TCP

real_server 172.16.15.130 80 {

weight 1

TCP_CHECK {

connect_timeout 3

}

}

real_server 172.16.15.131 80 {

weight 1

TCP_CHECK {

connect_timeout 3

}

}

}

4 给个权限

chmod 777 /etc/keepalived/nginx_check.sh

nginx+keepalived实现高可用： 主从服务器新增nginx_check.sh脚本 （通过判断Nginx服务是否还存活来判断，如果没有nginx服务，重启机器）

vi /etc/keepalived/nginx_check.sh

内容：

#!/bin/bash

A=`ps -C nginx --no-header |wc -l`

if [ $A -eq 0 ];then

/usr/local/nginx/sbin/nginx

sleep 2

if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then

killall keepalived

fi

fi

5 启动服务

sudo systemctl enable keepalived

sudo systemctl start keepalived

systemctl stop keepalived

查看是否存在

ps aux | grep keepalived

6 安装 Nginx

sudo yum install nginx -y

7 VIP与路由配置Nginx服务器

在 172.16.15.130和 172.16.15.131构建虚拟网络接口子接口

进入到/etc/sysconfig/network-scripts

cd /etc/sysconfig/network-scripts

拷贝一份ifcfg-lo命名为ifcfg-lo:1

cp ifcfg-lo ifcfg-lo:1

修改里面配置文件

DEVICE=lo.1

IPADDR=172.16.15.201

NETMASK=255.255.255.255

NETWORK=172.0.0.0

If you're having problems with gated making 127.0.0.0/8 a martian,

you can change this to something else (255.255.255.255, for example)

BROADCAST=127.255.255.255

ONBOOT=yes

NAME=loopback2

重起

service network restart

8 realserver的配置

两台web服务器都要执行下面脚本:

#!/bin/bash

SNS_VIP=172.16.15.201

#/etc/rc.d/init.d/functions

case "$1" in

start)

ifconfig lo:0 SNS_VIP netmask 255.255.255.255 broadcast SNS_VIP

/sbin/route add -host $SNS_VIP dev lo:0

echo "1" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "1" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "2" >/proc/sys/net/ipv4/conf/all/arp_announce

sysctl -p >/dev/null 2>&1

echo "RealServer Start OK"

;;

stop)

ifconfig lo:0 down

route del $SNS_VIP >/dev/null 2>&1

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_ignore

echo "0" >/proc/sys/net/ipv4/conf/lo/arp_announce

echo "0" >/proc/sys/net/ipv4/conf/all/arp_ignore

echo "0" >/proc/sys/net/ipv4/conf/all/arp_announce

echo "RealServer Stoped"

;;

*)

echo "Usage: $0 {start|stop}"

exit 1

esac

exit 0

执行：

chmod u+x /etc/rc.d/init.d/realserver.sh

启动

./realserver.sh start （注意目录 cd # pwd

/etc/rc.d/init.d）
9 起动Nginx

systemctl start nginx