版权声明:本文章以开启版权保护,转载或复制请注明出处https://blog.csdn.net/xianghanscce https://blog.csdn.net/xianghanscce/article/details/88794379
专栏目录
- keepalived简介[使用keepalived搭建nginx主备]
- centos7安装keepalived[使用keepalived搭建nginx主备]
- keepalived配置详解[使用keepalived搭建nginx主备]
- keepalived守护nginx[使用keepalived搭建nginx主备]
- keepalived邮件通知[使用keepalived搭建nginx主备]
- keepalived主备配置[使用keepalived搭建nginx主备]
服务器分布介绍
ip:192.168.1.180
keepalived-master
nginx
ip:192.168.1.181
keepalived-backup
nginx
虚拟vip :192.168.1.190
master节点
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server smtp.sina.com
smtp_connect_timeout 30
router_id nginx_master #路由节点 标记为master
}
vrrp_script chk_http_port {
script "/usr/local/src/check_nginx_pid.sh" #脚本需要授权才能执行
interval 2
weight 2
}
vrrp_instance VI_1 {
state MASTER #这里需要标记正确
interface enp0s9 # 需要和局域网下使用相同网段的网卡
virtual_router_id 51
priority 100 #优先级 master需要大于backup
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
192.168.1.190 #这里主备需要保持一致,浮动的虚拟ip,访问此ip来访问nginx
}
}
backup节点配置
! Configuration File for keepalived
global_defs {
notification_email {
[email protected]
}
notification_email_from [email protected]
smtp_server smtp.sina.com
smtp_connect_timeout 30
router_id nginx_backup #路由节点 标记为backup
}
vrrp_script chk_http_port {
script "/usr/local/src/check_nginx_pid.sh" #脚本需要提前授权
interval 2
weight 2
}
vrrp_instance VI_1 {
state BACKUP #初始化为备份节点
interface enp0s3
virtual_router_id 51
priority 30 #优先级
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
track_script {
chk_http_port
}
virtual_ipaddress {
192.168.1.190 #需要与master保持一致,对外的ip
}
}
测试流程
随之的nginx也自动启动
log如下
Mar 21 11:16:43 localhost Keepalived[9172]: Starting Keepalived v1.4.4 (05/08,2018)
Mar 21 11:16:43 localhost Keepalived[9172]: Running on Linux 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 (built for Linux 3.10.0)
Mar 21 11:16:43 localhost Keepalived[9172]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:16:43 localhost Keepalived[9173]: Starting Healthcheck child process, pid=9174
Mar 21 11:16:43 localhost Keepalived[9173]: Starting VRRP child process, pid=9175
Mar 21 11:16:43 localhost Keepalived_healthcheckers[9174]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Registering Kernel netlink reflector
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Registering Kernel netlink command channel
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Registering gratuitous ARP shared channel
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: WARNING - default user 'keepalived_script' for script execution does not exist - please create.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Unsafe permissions found for script '/etc/keepalived/mail_notify.sh'.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: SECURITY VIOLATION - scripts are being executed but script_security not enabled. There are insecure scripts.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Using LinkWatch kernel netlink reflector...
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: VRRP_Script(chk_http_port) succeeded
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: VRRP_Instance(VI_1) Transition to MASTER STATE
Mar 21 11:16:44 localhost Keepalived_vrrp[9175]: VRRP_Instance(VI_1) Changing effective priority from 100 to 102
Mar 21 11:16:44 localhost Keepalived_vrrp[9175]: VRRP_Instance(VI_1) Entering MASTER STATE
- 启动backup节点
本机的nginx也自动启动
Mar 21 11:17:54 localhost Keepalived[13965]: Starting Keepalived v1.4.4 (05/08,2018)
Mar 21 11:17:54 localhost Keepalived[13965]: Running on Linux 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 (built for Linux 3.10.0)
Mar 21 11:17:54 localhost Keepalived[13965]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:17:54 localhost Keepalived[13966]: Starting Healthcheck child process, pid=13967
Mar 21 11:17:54 localhost Keepalived[13966]: Starting VRRP child process, pid=13968
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Registering Kernel netlink reflector
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Registering Kernel netlink command channel
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Registering gratuitous ARP shared channel
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:17:54 localhost Keepalived_healthcheckers[13967]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: WARNING - default user 'keepalived_script' for script execution does not exist - please create.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Unsafe permissions found for script '/etc/keepalived/mail_notify.sh'.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Unsafe permissions found for script '/etc/keepalived/mail_notify.sh'.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: SECURITY VIOLATION - scripts are being executed but script_security not enabled. There are insecure scripts.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Using LinkWatch kernel netlink reflector...
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Entering BACKUP STATE
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: VRRP_Script(chk_http_port) succeeded
Mar 21 11:17:55 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Changing effective priority from 30 to 32
- 查看master节点的网卡信息
[root@localhost keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:3a:15:0a brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
valid_lft 78742sec preferred_lft 78742sec
inet6 fe80::a00:27ff:fe3a:150a/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:b7:50:6e brd ff:ff:ff:ff:ff:ff
inet 192.168.56.180/24 brd 192.168.56.255 scope global enp0s8
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:feb7:506e/64 scope link
valid_lft forever preferred_lft forever
4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:ba:68:38 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.180/24 brd 192.168.1.255 scope global enp0s9
valid_lft forever preferred_lft forever
inet 192.168.1.190/32 scope global enp0s9
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:feba:6838/64 scope link
valid_lft forever preferred_lft forever
网卡enp0s9中有虚拟ip:192.168.1.190
此时访问http://192.168.1.190,会访问到192.168.1.180的nginx上
- 查看backup节点网卡信息
[root@localhost src]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:9b:ec:6a brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
valid_lft 78616sec preferred_lft 78616sec
inet6 fe80::a00:27ff:fe9b:ec6a/64 scope link
valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:46:ab:9b brd ff:ff:ff:ff:ff:ff
inet 192.168.56.181/24 brd 192.168.56.255 scope global enp0s8
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fe46:ab9b/64 scope link
valid_lft forever preferred_lft forever
4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 08:00:27:e2:c9:d0 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.181/24 brd 192.168.1.255 scope global enp0s9
valid_lft forever preferred_lft forever
inet6 fe80::a00:27ff:fee2:c9d0/64 scope link
valid_lft forever preferred_lft forever
这里enp0s9没有虚拟ip
- 模拟master节点的宕机
[root@localhost keepalived]# killall keepalived
此时master上的虚拟ip已经移除
- backup节点变成master
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Using LinkWatch kernel netlink reflector...
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Entering BACKUP STATE
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: VRRP_Script(chk_http_port) succeeded
Mar 21 11:17:55 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Changing effective priority from 30 to 32
Mar 21 11:22:48 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Transition to MASTER STATE
Mar 21 11:22:49 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Entering MASTER STATE
backup节点接管了vip 192.168.1.190
此时访问http://192.168.1.190,会访问到192.168.1.181的nginx上