主备模式
架构图:
配置:
| 主机 | ip | 操作系统 | 软件 | 备注 |
| nginx01 | 172.27.9.91 | Centos7 | nginx 端口82 keepalived | 关闭防火墙和selinu |
| nginx02 | 172.27.9.92 | Centos7 | nginx 端口82 keepalived | 关闭防火墙和selinu |
| web01 | 172.27.9.125 | Centos7 | apache 端口1180 | 关闭防火墙和selinu |
| web02 | 172.27.9.126 | Centos7 | apache 端口1180 | 关闭防火墙和selinu |
1.nginx安装
nginx01和nginx02安装nginx参见Centos7安装nginx
2.nginx配置
两台nginx服务器配置相同,如下:
[root@nginx01 ~]# more /usr/local/nginx/conf/nginx.conf#user nobody;worker_processes 1;#error_log logs/error.log;#error_log logs/error.log notice;#error_log logs/error.log info;#pid logs/nginx.pid;events { worker_connections 1024;}http { include mime.types; default_type application/octet-stream; #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' # '$status $body_bytes_sent "$http_referer" ' # '"$http_user_agent" "$http_x_forwarded_for"'; #access_log logs/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; upstream webser{ server 172.27.9.125:1180; server 172.27.9.126:1180; } server { listen 82; server_name localhost; #charset koi8-r; #access_log logs/host.access.log main; location / { proxy_pass http://webser; #root html; #index index.html index.htm; } error_page 500 502 503 504 /50x.html; location = /50x.html { root html; } }}[root@nginx01 ~]#
3.keepalived安装
分别在nginx01和nginx02上安装keepalived:
[root@nginx01 ~]# yum -y install keepalived
4.keepalived配置
nginx01上keepalived配置:
[root@nginx01 keepalived]# more keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id proxy1 }vrrp_script chk_nginx { script "/etc/keepalived/check_nginx.sh" interval 2 weight 20 fall 1 rise 10}vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.27.9.200 } track_script { chk_nginx }}nginx02上的keepalived配置:
[root@nginx02 keepalived]# more keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id proxy2}vrrp_script chk_nginx { script "/etc/keepalived/check_nginx.sh" interval 2 weight 20 fall 2 rise 1}vrrp_instance VI_1 { state BACKUP interface ens33 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.27.9.200 } track_script { chk_nginx }}check_nginx.sh脚本:
[root@nginx02 keepalived]# more check_nginx.sh #!/bin/bashA=`ps -C nginx --no-header |wc -l`if [ $A -eq 0 ];then /usr/local/nginx/sbin/nginx if [ `ps -C nginx --no-header |wc -l` -eq 0 ];then pkill keep fifi
该脚本用户检测nginx进程是否存在,若不存在则重启,若重启失败则直接杀掉keepalived进程,触发切换。(若没有pkill命令请先安装)
5.apache安装
在web01和web02上分别安装配置apache:
[root@web01 ~]# yum -y install http[root@web01 ~]# systemctl start httpd[root@web01 ~]# systemctl enable httpd[root@web01 /]# echo web01-172.27.9.125 >/var/www/html/index.html[root@web02 /]# echo web02-172.27.9.126 >/var/www/html/index.html
分别修改apache默认端口,有80更改为1180:
[root@web01 /]# view /etc/httpd/conf/httpd.confListen 1180
6.启动服务
启动两台服务器nginx和keepalived服务。
[root@nginx01 ~]# nginx[root@nginx01 ~]# service keepalived startRedirecting to /bin/systemctl start keepalived.service
7.高可用测试
页面访问http://172.27.9.200:82/
vip查看:
发现vip在nginx01上,此时对外提供服务的为nginx01,nginx02用作备份。停止nginx01上的keepalived服务,触发切换。
[root@nginx01 ~]# pkill keep[root@nginx01 ~]# ps -ef|grep keeproot 11389 2172 0 16:56 pts/0 00:00:00 grep --color=auto keep
此时vip切换至nginx02,刷新页面访问http://172.27.9.200:82/
发现访问vip还是以轮询方式访问后端web服务器,此时对外提供服务器的为nginx02,nginx01相当于宕机状态。
双活模式
架构图:
配置:
| 主机 | ip | 操作系统 | 软件 | vip |
| nginx01 | 172.27.9.91 | Centos7 | nginx 端口82 keepalived | 172.27.9.200 |
| nginx02 | 172.27.9.92 | Centos7 | nginx 端口82 keepalived | 172.27.9.210 |
| web01 | 172.27.9.125 | Centos7 | apache 端口1180 | / |
| web02 | 172.27.9.126 | Centos7 | apache 端口1180 | / |
1.keepalived配置
nginx01上keepalived配置:
[root@nginx01 ~]# more /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id proxy1 }vrrp_script chk_nginx { script "/etc/keepalived/check_nginx.sh" interval 2 weight 20 fall 1 rise 10}vrrp_instance VI_1 { state MASTER interface ens33 virtual_router_id 51 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.27.9.200 } track_script { chk_nginx }}vrrp_instance VI_2 { state BACKUP interface ens33 virtual_router_id 52 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.27.9.210 } track_script { chk_nginx }}nginx02上keepalived配置:
[root@nginx02 ~]# more /etc/keepalived/keepalived.conf! Configuration File for keepalivedglobal_defs { notification_email { acassen@firewall.loc failover@firewall.loc sysadmin@firewall.loc } notification_email_from Alexandre.Cassen@firewall.loc #smtp_server 192.168.200.1 #smtp_connect_timeout 30 router_id proxy2}vrrp_script chk_nginx { script "/etc/keepalived/check_nginx.sh" interval 2 weight 20 fall 2 rise 1}vrrp_instance VI_1 { state BACKUP interface ens33 virtual_router_id 51 priority 90 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.27.9.200 } track_script { chk_nginx }}vrrp_instance VI_2 { state MASTER interface ens33 virtual_router_id 52 priority 100 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 172.27.9.210 } track_script { chk_nginx }}修改keepalived配置后分别重启keepalived服务:
[root@nginx01 ~]# service keepalived restart
2.vip查看
nginx01:
nginx02:
3.页面访问:
vip1:http://172.27.9.200:82/
vip2:http://172.27.9.210:82/
发现vip1和vip2分别以轮询方式访问web服务器
4.高可用测试
此时vip1在nginx01上,vip2在nginx02上,两台服务器互为主备一期对外提供服务。现在停止nginx01上的keepalived服务,模拟宕机,触发切换。
[root@nginx01 ~]# pkill keep[root@nginx01 ~]# ps -ef|grep keeproot 13688 2172 0 17:22 pts/0 00:00:00 grep --color=auto keep
页面访问:
vip1:http://172.27.9.200:82/
vip2:http://172.27.9.210:82/
发现vip1和vip2访问web服务正常。vip查看:
nginx01:
nginx02:
发现vip1漂移至vip2,nginx02接管nginx01的vip1,此时nginx02单独对外提供服务。
总结:
1.主备模式对外只提供一个vip,访问便捷,但同时只有一台服务器对外提供服务;
2.双活模式对外提供两个vip,访问比较麻烦,但同时又两台服务器对外提供服务;
3.不管主备模式还是双活模式都能高可用运行。
keepalived+nginx+apache主备及双活搭建测试
原文地址:http://blog.51cto.com/3241766/2103154