实验环境
| IP | |
|---|---|
| 172.16.0.10 | keepalived+Nginx备负载均衡 |
| 172.16.0.8 | keepalived+Nginx主负载均衡 |
| 172.16.0.4 | 后端服务器WEB节点1(Nginx站点) |
| 172.16.0.5 | 后端服务器WEB节点2(Nginx站点) |
--在所有服务器上面进行配置
systemctl stop firewalld #关闭防火墙
setenforce 0 #关闭selinux,临时生效配置后端web服务器
--两台web服务器配置一样
--编辑配置文件
vim /usr/local/nginx/conf/nginx.conf
worker_processes auto;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
server {
listen 80;
server_name www.www.www;
location / {
root /usr/local/nginx/html;
index index.html index.php;
}
}
}启动Nginx
/usr/local/nginx/sbin/nginx配置负载均衡服务器
--两台负载均衡服务器配置一样
--编辑配置文件
vim /usr/local/nginx/conf/nginx.conf
worker_processes auto;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
server {
listen 80;
server_name www.www.www;
location / {
proxy_pass http://backend;
proxy_set_header Host $host:$proxy_port;
proxy_set_header X-Forwarded-For $remote_addr;
}
}
upstream backend {
server 172.16.0.4:80 weight=1 fail_timeout=10s max_fails=1 ;
server 172.16.0.5:80 weight=1 fail_timeout=10s max_fails=1 ;
}
}启动Nginx
/usr/local/nginx/sbin/nginx测试
部署keepalived
--安装keeplived(两台负载均衡节点安装)
yum install keepalived -y编辑配置文件
--在master和backup编辑keeplived 配置文件
master:
[root@master /]# cp /etc/keepalived/keepalived.conf{,.bak}
[root@master /]# vim /etc/keepalived/keepalived.conf
global_defs {
router_id directory1 #调度器的名称,备调度器改为directory2(两个名字一定不能一样)
}
vrrp_instance VI_1 {
state MASTER #定义主(MASTER)还是备(BACKER)
interface ens33 #指定实例绑定的网卡
virtual_router_id 80 #设置VRID标记,整个集群的调度器一致(在同一个集群)
priority 100 #主调度器优先级,备调度器改为50
advert_int 1 #检查的时间间隔,默认1s
authentication {
auth_type PASS #主备节点认证信息
auth_pass 1111
}
virtual_ipaddress {
172.16.0.100/24 #设置虚拟IP地址
}
}backup:
[root@backup /]# cp /etc/keepalived/keepalived.conf{,.bak}
[root@backup /]# vim /etc/keepalived/keepalived.conf
global_defs {
router_id directory2 #调度器的名称,备调度器改为directory2(两个名字一定不能一样)
}
vrrp_instance VI_1 {
state backup #定义主(MASTER)还是备(BACKER)
interface ens33 #指定实例绑定的网卡
nopreempt #设置到backup上面,不抢占资源
virtual_router_id 80 #设置VRID标记,整个集群的调度器一致(在同一个集群)
priority 50 #主调度器优先级,备调度器改为50
advert_int 1 #检查的时间间隔,默认1s
authentication {
auth_type PASS #主备节点认证信息
auth_pass 1111
}
virtual_ipaddress {
172.16.0.100/24 #设置虚拟IP地址
}
}启动keepalived
--查看VIP IP绑定成功了没
[root@master /]# systemct start keeplived
[root@backup /]# systemct start keeplived
Nginx检测脚本
如果有突发情况使得nginx服务不能启动,但是我们的keepalived服务是正常,这个时候用户是访问不到的,VIP也不会自动漂移到备用的节点服务器上。所以我们需要写一些代码来判断一下Nginx服务是不是正常,如果不正常的话我们就将Nginx服务重新启动,如果Nginx启动不了就将keepalived服务关掉,然后实现VIP的漂移,这个时候用户就不会出现无法访问的情况了vim /etc/keepalived/chk_nginx.sh
#!/bin/sh
# check nginx server status
NGINX=/usr/local/nginx/sbin/nginx
PORT=80
nmap localhost -p $PORT | grep "$PORT/tcp open"
#echo $?
if [ $? -ne 0 ];then
$NGINX -s stop
$NGINX
sleep 2
nmap localhost -p $PORT | grep "$PORT/tcp open"
[ $? -ne 0 ] && systemctl stop keepalived
fi
--说明
该脚本的意义就是先检测Nginx是否已经开启默认的80端口,如果存在80端口,一切正常,如果不存在80端口,就执行if段中的语句,先关一下Nginx,在启动Nginx,等待3秒,再次检测80端口,如果还不存在,则杀死keepalived配置keepalived文件
vim /etc/keepalived/keepalived.conf
global_defs {
router_id directory1
}
vrrp_script chk_nginx {
script "/etc/keepalived/chk_nginx.sh" #Nginx检测脚本路径
interval 3
weight 2
}
vrrp_instance VI_1 {
state MASTER
interface ens33
virtual_router_id 80
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass 1111
}
virtual_ipaddress {
172.16.0.100/24
}
track_script {
chk_nginx
}
}测试
把Nginx文件故意配置错误然后关闭Nginx服务,查看keepalived服务器是否会关闭,然后实现VIP的漂移