需要注意的是,要判断本机nginx是否正常,如果发现nginx不正常,重启之后,等待三秒在校验,任然失败则不尝试,关闭keepalived,发送邮件,其他主机此时接管VIP;
[root@centos-4~]# cat /opt/check_nginx.sh
#!/bin/bash
check=$(ps-C nginx --no-heading | wc -l)
IP=`ipadd | grep eth0 | awk 'NR==2{print $2}'| awk -F '/' '{print $1}'`
if ["${check}" = "0" ]; then
/usr/local/nginx/sbin/nginx
sleep 2
counter=$(ps -C nginx --no-heading|wc -l)
if [ "${check}" = "0"]; then
/etc/init.d/keepalived stop
echo "check $IP nginx is down"| mail -s "check keepalived nginx" *********@qq.com
fi
fi
(KA1一样的监控脚本)
2、在后端两台web服务器上配置vip默认路由和配置两台服务器的nginx(这就不演示怎样配置nginx了。):
(考虑到方便执行就编写了一个脚本:在web1和web2服务器上配置。)
[root@centos-2 ~]# cat lvs.sh
#!/bin/bash
#realserver config vip config route arp
#legehappy
Vip1=192.168.5.200
Vip2=192.168.5.210
source /etc/rc.d/init.d/functions
case $1 in
start)
echo"config vip route arp" > /tmp/lvs1.txt
/sbin/ifconfiglo:0 $Vip1 broadcast $Vip1 netmask 255.255.255.255 up
/sbin/ifconfiglo:1 $Vip2 broadcast $Vip2 netmask 255.255.255.255 up
echo"1" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo"2" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo"1" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo"2" > /proc/sys/net/ipv4/conf/all/arp_announce
routeadd -host $Vip1 dev lo:0
routeadd -host $Vip2 dev lo:1
;;
stop)
echo "deletevip route arp" > /tmp/lvs2.txt
/sbin/ifconfig lo:0 down
echo"0" > /proc/sys/net/ipv4/conf/lo/arp_ignore
echo"0" > /proc/sys/net/ipv4/conf/lo/arp_announce
echo"0" > /proc/sys/net/ipv4/conf/all/arp_ignore
echo"0" > /proc/sys/net/ipv4/conf/all/arp_announce
routedel -host $Vip1 dev lo:0
routedel -host $Vip2 dev lo:1
;;
*)
echo"Usage: $0 (start | stop)"
exit 1
esac
(两台后端配置web服务nginx的页面信息)
[root@centos-2 ~]# curl 192.168.5.131
10.2
[root@centos-3 ~]# curl 192.168.5.132
10.3
3、在两台前端服务器上启动keepalived服务,对于192.168.5.200的vip centos-1是master/192.168.5.210的vip centos-1是backup。
[root@centos-1 ~]#service keepalived start
[root@centos-4 ~]# service keepalived start
查看日志文件:
[root@centos-1 ~]# cat /var/log/messages
Oct 19 22:00:22 centos-1 Keepalived_vrrp[46184]: VRRP_Instance(VI_2)Sending gratuitous ARPs on eth0 for 192.168.5.210
Oct 19 22:00:22 centos-1 Keepalived_healthcheckers[46183]: Netlinkreflector reports IP 192.168.5.210 added
Oct 19 22:00:24 centos-1 Keepalived_vrrp[46184]: VRRP_Instance(VI_1)Sending gratuitous ARPs on eth0 for 192.168.5.200
Oct 19 22:00:27 centos-1 Keepalived_vrrp[46184]: VRRP_Instance(VI_2)Sending gratuitous ARPs on eth0 for 192.168.5.210
(因为KA1先启动keepalived服务所以两个vip都会在KA1上,但第二台keepaliver服务起来后vip2就会被KA2抢占回来。)
[root@centos-4 ~]# cat /var/log/messages
Oct 19 22:01:38 centos-4 Keepalived_healthcheckers[15009]: Netlinkreflector reports IP 192.168.5.210 added
Oct 19 22:01:38 centos-4 avahi-daemon[1513]: Registering new addressrecord for 192.168.5.210 on eth0.IPv4.
Oct 19 22:01:38 centos-4 Keepalived_vrrp[15010]: VRRP_Instance(VI_2)Sending gratuitous ARPs on eth0 for 192.168.5.210
Oct 19 22:01:43 centos-4 Keepalived_vrrp[15010]: VRRP_Instance(VI_2)Sending gratuitous ARPs on eth0 for 192.168.5.210
查看ip addr:
[root@centos-1 keepalived]# ip add
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdiscpfifo_fast state UP qlen 1000
link/ether00:0c:29:0d:f3:5d brd ff:ff:ff:ff:ff:ff
inet 192.168.5.129/24 brd192.168.5.255 scope global eth0
inet 192.168.5.200/32scope global eth0
[root@centos-4 keepalived]#ip addr
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdiscpfifo_fast state UP qlen 1000
link/ether00:50:56:3a:84:30 brd ff:ff:ff:ff:ff:ff
inet 192.168.5.128/24 brd192.168.5.255 scope global eth0
inet 192.168.5.210/32 scope global eth0
(两台KA1和KA2服务器重启nginx、keepalived服务)
[root@centos-1~]# /usr/local/nginx/sbin/nginx -t
nginx:the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx:configuration file /usr/local/nginx/conf/nginx.conf test is successful ###检查配置文件没问题后再执行重启nginx。
[root@centos-1~]# /usr/local/nginx/sbin/nginx -s reload
[root@centos-4~]# /usr/local/nginx/sbin/nginx -t
nginx:the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
nginx:configuration file /usr/local/nginx/conf/nginx.conf test is successful
[root@centos-4~]# /usr/local/nginx/sbin/nginx -s reload
[root@centos-1~]# service keepalived restart
停止keepalived: [确定]
正在启动keepalived: [确定]
[root@centos-4~]# service keepalived restart
停止keepalived: [确定]
正在启动keepalived: [确定]
四、测试:验证方法(保证从负载均衡器本机到后端真实服务器之间能正常通信):
(1)、先测试完成后的效果访问vip1、vip2
Vip1:
[root@centos-5~]# curl 192.168.5.200
10.2
[root@centos-5~]# curl 192.168.5.200
10.3
[root@centos-5~]# curl 192.168.5.200
10.2
[root@centos-5~]# curl 192.168.5.200
10.3
Vip2:
[root@centos-5~]# curl 192.168.5.210
10.3
[root@centos-5~]# curl 192.168.5.210
10.2
[root@centos-5~]# curl 192.168.5.210
10.3
[root@centos-5~]# curl 192.168.5.210
10.2
(2)、把KA1keepalived stop掉(模拟KA1主机的keepalived故障)
[root@centos-1 ~]# service keepalived stop
停止 keepalived:
[root@centos-1 ~]# ip addr
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:0c:29:0d:f3:5d brd ff:ff:ff:ff:ff:ff
inet 192.168.5.129/24 brd 192.168.5.255 scope global eth0
inet6 fe80::20c:29ff:fe0d:f35d/64 scope link
valid_lft forever preferred_lft forever
(KA1主机上查看ip addr已经没有vip了。)
在KA2主机上查看日志文件:
[root@centos-4 ~]# cat /var/log/messages
Oct 19 23:20:46 centos-4Keepalived_vrrp[15412]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for192.168.5.200
Oct 19 23:20:46 centos-4avahi-daemon[1513]: Registering new address record for 192.168.5.200 oneth0.IPv4.
Oct 19 23:20:46 centos-4Keepalived_healthcheckers[15411]: Netlink reflector reports IP 192.168.5.200added
Oct 19 23:20:51 centos-4Keepalived_vrrp[15412]: VRRP_Instance(VI_1) Sending gratuitous ARPs on eth0 for192.168.5.200
(日志文件显示已经把vip:192.168.5.200接管了)
查看KA2主机的ip addr
[root@centos-4 ~]# ip addr
2: eth0:<BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen1000
link/ether 00:50:56:3a:84:30 brd ff:ff:ff:ff:ff:ff
inet 192.168.5.128/24 brd 192.168.5.255 scope global eth0
inet 192.168.5.210/32 scope global eth0
inet 192.168.5.200/32 scope global eth0
(可以看到已经有两个vip)
检查nginx服务是否被KA2接管且不中断
[root@centos-5~]# curl 192.168.5.200
10.3
[root@centos-5~]# curl 192.168.5.200
10.2
[root@centos-5~]# curl 192.168.5.210
10.3
[root@centos-5~]# curl 192.168.5.210
10.2
一些关于Keepalived相关教程集合:
CentOS 7下Keepalived + HAProxy 搭建配置详解