用keepalived高可用nginx

单主模型

环境四个虚拟机

upstream server:node1:172.16.100.6         CeotOS 6

upstream server:node3:172.16.100.69         CeotOS 7

节点1:172.16.100.67                        CeotOS 7

节点2:node2:172.16.100.68                       CeotOS 7

节1&2

# yum install nginx -y

# cd /etc/nginx

# vim nginx.conf

                      include /etc/nginx/conf.d/*.conf;
                      upstream webservers {
                                           server 172.16.100.6:80 weight=1;
                                           server 172.16.100.69:80 weight=1;
                       }

                     location   /   {

                                           proxy_pass   http://websrvers/;

                     }

# nginx   -t  

# systemctl start nginx.service
# netstat -tnlp
用浏览器访问172.16.100.67
# scp nginx.conf node2:/etc/nginx/

节2
# systemctl start nginx.service
# netstat -tnlp

用浏览器访问172.16.100.68看能否负载均衡

  • 用keepalived监控nginx服务
节1&节2
# vim keepalived.conf 
     vrrp_script chk_nginx {
             script "killall -0 nginx &> /dev/null"
             interval 1 
             weight -10
       }
       vrrp_instance VI_1 {
             track_script {
                   chk_nginx
             }
       }
节1

# systemctl status nginx.service

# systemctl start keepalived.service ssh node2:systemctl start keepalived.service

# systemctl status keepalived.service

# ip addr list

如果没启动起来,可能是组播地址和虚拟地址的问题,修改一下即可

宕掉nginx,肯是否会转到节点2上

# systemctl stop nginx.service

# systemctl status nginx

节2

# ip addr list

节1

# systemctl start nginx.service

浏览器访问172.16.100.88

节1(主节点)只要在线,节2(备节点)就抢不走,除非节1宕掉
# vim notify

 #!/bin/bash

 #


 vip=172.16.100.88

 contact='root@localhost' 


 notify() {

 mailsubject="`hostname` to be $1: $vip floating"    

 mailbody="`date '+%F %H:%M:%S'`: vrrp transition, `hostname` changed to be $1"   

echo $mailbody | mail -s "$mailsubject" $contact

 }


 case "$1" in

           master)

              notify master
              systemctl restart nginx.service

              exit 0

           ;;

           backup)

               notify backup
               systemctl restart nginx.service

               exit 0

           ;;

           fault)

               notify fault

                exit 0

           ;;

           *)

               echo 'Usage: `basename $0` {master|backup|fault}'

               exit 1

            ;;

  esac

# scp notify.sh node2:/etc/keepalived/

# systemctl status keepalived

# ip addr list

主停掉,备也停掉,会自动启动nginx

# systemctl stop httpd.server

节2

# systemctl stop nginx.service

# systemctl status keepalived

节1

# systemctl status nginx.service

# systemctl status keepalived

用keepalived高可用nginx 用keepalived高可用nginx

双主模型

节1
# vim keepalived.conf
            vrrp_instance VI_2 {

                        state BACKUP
                        interface ens33

                        virtual_router_id 61

                        priority 99

                        advert_int 1

                        authentication {

                                 auth_type PASS
                                 auth_pass 1111
                       }

                       virtual_ipaddress {

                                172.16.100.180/16 dev ens33 label ens33:2

                       }
                       track_script {

                                      chk_nginx

                       }

                        notify_master “/etc/keepalived/notify.sh master”   (不手动启动nginx,而让监控系统确保nginx在线)

                        notify_backup “/etc/keepalived/notify.sh backup”

                        notify_fault “/etc/keepalived/notify.sh fault”

             }
节1&节2
(不手动启动nginx,而让监控系统确保nginx在线)
# vim notify.sh
   注释掉systemctl restart nginx.service
节2
# vim keepalived.conf
        vrrp_instance VI_2 {

                        state MASTER
                        interface ens33

                        virtual_router_id 61

                        priority 100

                        advert_int 1
                        authentication {

                                 auth_type PASS
                                 auth_pass 1111
                       }

                       virtual_ipaddress {

                                172.16.100.180/16 dev ens33 label ens33:2

                       }
                       track_script {

                                      chk_nginx
                       }

                       notify_master “/etc/keepalived/notify.sh master” 

                       notify_backup “/etc/keepalived/notify.sh backup”

                       notify_fault “/etc/keepalived/notify.sh fault”

         }
节1

# sytemctl restart keepalived.service; ssh node2'sytemctl restart keepalived.service'
# systemctl status keepalived
# ifconfig ens33:1 down
# sytemctl restart keepalived.service; ssh node2'sytemctl restart keepalived.service'
# systemctl status keepalived
用keepalived高可用nginx
节2
# systemctl status keepalived.service
# ip addr list
用浏览器访问两个地址,看调度是否有问题
节1

# sytemctl restart keepalived.service; sytemctl start httpd.service
# systemctl status keepalived

用keepalived高可用nginx
节2
# ifconfig
节1
# sytemctl stop httpd.service; sytemctl restart nginx.service'
# systemctl status nginx.service
# systemctl status keepalived
用keepalived高可用nginx
# ifconfig     




原创文章,作者:nene,如若转载,请注明出处:http://www.178linux.com/88155

(0)
nenenene
上一篇 2017-10-15
下一篇 2017-10-15

相关推荐

  • 寻求别人帮助screen命令

    寻求别人帮助screen命令

    2017-11-20
  • 马哥教育网络班22期+第5周课程练习

    1、显示当前系统上root、fedora或user1用户的默认shell; [root@rhel677850 ~]# grep "^\(root\|fedora\|user1\)" /etc/passwd|awk -F: '{print $1,$7}&#039…

    Linux干货 2016-09-26
  • linux常见命令示例

    1、复制/etc/skel目录为/home/tuser1,要求/home/tuser1及其内部文件的属组和其它用户均没有任何访问权限。 ############################################################################# cp -ar /etc/skel/ /home/tuser1 [ro…

    Linux干货 2017-12-25
  • 老王的心路历程(二):下一站Web体验监控产品

    在上一篇文章中,和大家聊到了建立Web应用体验监控体系,经过了概念阶段,也完成了技术选型,就进入了把实质性的产品研发阶段。作为产品经理,时刻不敢忘记我们的产品目标:无限感知你的用户,建立完备的体验监控体系,驱动产品的设计、开发和运维! 一、一切皆操作 仔细分析终端用户和Web应用及网站的交互过程,无论是打开页面、点击链接或按钮,还是填写表单、提交查询,一切皆…

    2016-08-15
  • 马哥教育网络班21期+第4周课程练习

    1、复制/etc/skel目录为/home/tuser1,要求/home/tuser1及其内部文件的属组和其它用户均没有任何访问权限。 [root@itop ~]# cp -r /etc/skel /home/tuserl [root@itop ~]# chmod -R&nbsp…

    Linux干货 2016-08-01
  • Linux安全与加密基础(二)

    Linux安全与加密基础(二) 常见的加密算法 SSL: Openssl与CA认证 ssh服务 dropbear AIDE sudo gpg gpg亦可用于对称加密与文件检验。 文件完整性的两种实施方式 被安装的文件     MD5单向散列     rpm –veri…

    Linux干货 2016-10-06