专栏目录

服务器分布介绍

ip：192.168.1.180
keepalived-master
nginx

ip：192.168.1.181
keepalived-backup
nginx

虚拟vip ：192.168.1.190

master节点

! Configuration File for keepalived

global_defs {
   notification_email {
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server smtp.sina.com
   smtp_connect_timeout 30
   router_id nginx_master #路由节点 标记为master
}
vrrp_script chk_http_port {
   script "/usr/local/src/check_nginx_pid.sh" #脚本需要授权才能执行
   interval 2
   weight 2
}

vrrp_instance VI_1 {
    state MASTER  #这里需要标记正确
    interface enp0s9 # 需要和局域网下使用相同网段的网卡
    virtual_router_id 51
    priority 100 #优先级 master需要大于backup
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
   track_script {
        chk_http_port
   }
    virtual_ipaddress {
        192.168.1.190 #这里主备需要保持一致，浮动的虚拟ip，访问此ip来访问nginx
    }
}

backup节点配置

! Configuration File for keepalived

global_defs {
   notification_email {
     [email protected]
   }
   notification_email_from [email protected]
   smtp_server smtp.sina.com
   smtp_connect_timeout 30
   router_id nginx_backup #路由节点 标记为backup
}
vrrp_script chk_http_port {
   script "/usr/local/src/check_nginx_pid.sh" #脚本需要提前授权
   interval 2
   weight 2
}

vrrp_instance VI_1 {
    state BACKUP #初始化为备份节点
    interface enp0s3
    virtual_router_id 51
    priority 30 #优先级
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass 1111
    }
   track_script {
        chk_http_port
   }
    virtual_ipaddress {
        192.168.1.190 #需要与master保持一致，对外的ip
    }
}

测试流程

启动master节点

随之的nginx也自动启动

log如下

Mar 21 11:16:43 localhost Keepalived[9172]: Starting Keepalived v1.4.4 (05/08,2018)
Mar 21 11:16:43 localhost Keepalived[9172]: Running on Linux 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 (built for Linux 3.10.0)
Mar 21 11:16:43 localhost Keepalived[9172]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:16:43 localhost Keepalived[9173]: Starting Healthcheck child process, pid=9174
Mar 21 11:16:43 localhost Keepalived[9173]: Starting VRRP child process, pid=9175
Mar 21 11:16:43 localhost Keepalived_healthcheckers[9174]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Registering Kernel netlink reflector
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Registering Kernel netlink command channel
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Registering gratuitous ARP shared channel
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: WARNING - default user 'keepalived_script' for script execution does not exist - please create.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Unsafe permissions found for script '/etc/keepalived/mail_notify.sh'.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: SECURITY VIOLATION - scripts are being executed but script_security not enabled. There are insecure scripts.
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: Using LinkWatch kernel netlink reflector...
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: VRRP_Script(chk_http_port) succeeded
Mar 21 11:16:43 localhost Keepalived_vrrp[9175]: VRRP_Instance(VI_1) Transition to MASTER STATE
Mar 21 11:16:44 localhost Keepalived_vrrp[9175]: VRRP_Instance(VI_1) Changing effective priority from 100 to 102
Mar 21 11:16:44 localhost Keepalived_vrrp[9175]: VRRP_Instance(VI_1) Entering MASTER STATE

启动backup节点

本机的nginx也自动启动

Mar 21 11:17:54 localhost Keepalived[13965]: Starting Keepalived v1.4.4 (05/08,2018)
Mar 21 11:17:54 localhost Keepalived[13965]: Running on Linux 3.10.0-327.el7.x86_64 #1 SMP Thu Nov 19 22:10:57 UTC 2015 (built for Linux 3.10.0)
Mar 21 11:17:54 localhost Keepalived[13965]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:17:54 localhost Keepalived[13966]: Starting Healthcheck child process, pid=13967
Mar 21 11:17:54 localhost Keepalived[13966]: Starting VRRP child process, pid=13968
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Registering Kernel netlink reflector
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Registering Kernel netlink command channel
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Registering gratuitous ARP shared channel
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:17:54 localhost Keepalived_healthcheckers[13967]: Opening file '/etc/keepalived/keepalived.conf'.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: WARNING - default user 'keepalived_script' for script execution does not exist - please create.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Unsafe permissions found for script '/etc/keepalived/mail_notify.sh'.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Unsafe permissions found for script '/etc/keepalived/mail_notify.sh'.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: SECURITY VIOLATION - scripts are being executed but script_security not enabled. There are insecure scripts.
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Using LinkWatch kernel netlink reflector...
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Entering BACKUP STATE
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: VRRP_Script(chk_http_port) succeeded
Mar 21 11:17:55 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Changing effective priority from 30 to 32

查看master节点的网卡信息

[root@localhost keepalived]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:3a:15:0a brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
       valid_lft 78742sec preferred_lft 78742sec
    inet6 fe80::a00:27ff:fe3a:150a/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:b7:50:6e brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.180/24 brd 192.168.56.255 scope global enp0s8
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:feb7:506e/64 scope link 
       valid_lft forever preferred_lft forever
4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:ba:68:38 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.180/24 brd 192.168.1.255 scope global enp0s9
       valid_lft forever preferred_lft forever
    inet 192.168.1.190/32 scope global enp0s9
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:feba:6838/64 scope link 
       valid_lft forever preferred_lft forever

网卡enp0s9中有虚拟ip：192.168.1.190

此时访问http://192.168.1.190,会访问到192.168.1.180的nginx上

查看backup节点网卡信息

[root@localhost src]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN 
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:9b:ec:6a brd ff:ff:ff:ff:ff:ff
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
       valid_lft 78616sec preferred_lft 78616sec
    inet6 fe80::a00:27ff:fe9b:ec6a/64 scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:46:ab:9b brd ff:ff:ff:ff:ff:ff
    inet 192.168.56.181/24 brd 192.168.56.255 scope global enp0s8
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fe46:ab9b/64 scope link 
       valid_lft forever preferred_lft forever
4: enp0s9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 08:00:27:e2:c9:d0 brd ff:ff:ff:ff:ff:ff
    inet 192.168.1.181/24 brd 192.168.1.255 scope global enp0s9
       valid_lft forever preferred_lft forever
    inet6 fe80::a00:27ff:fee2:c9d0/64 scope link 
       valid_lft forever preferred_lft forever

这里enp0s9没有虚拟ip

模拟master节点的宕机

[root@localhost keepalived]# killall keepalived

此时master上的虚拟ip已经移除

backup节点变成master

Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: Using LinkWatch kernel netlink reflector...
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Entering BACKUP STATE
Mar 21 11:17:54 localhost Keepalived_vrrp[13968]: VRRP_Script(chk_http_port) succeeded
Mar 21 11:17:55 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Changing effective priority from 30 to 32
Mar 21 11:22:48 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Transition to MASTER STATE
Mar 21 11:22:49 localhost Keepalived_vrrp[13968]: VRRP_Instance(VI_1) Entering MASTER STATE

backup节点接管了vip 192.168.1.190

此时访问http://192.168.1.190,会访问到192.168.1.181的nginx上

6.keepalived主备配置[使用keepalived搭建nginx主备]

专栏目录

服务器分布介绍

master节点

backup节点配置

测试流程

启动master节点

猜你喜欢